zpomalila se odezva pocitace, detekovan Sinowal

Zpráva

#16 Příspěvek od **vyosek** » 29 srp 2012 17:36

dave5 píše:oba soubory mam na plose ratega

Chyba, pres tento PC je dejte primo na c:\

dave5 · #17 Příspěvek od **dave5** » 29 srp 2012 18:14

soubor cleanup.exe patrici zrejme avengeru byl ihned po restartu smazan antivirem, takze avenger po sobe zrejme neuklidil, jinak dle tdsskilleru je sinowal asi stale na svem miste...nyni logy:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Driver "xpsec" deleted successfully.
Driver "xcpip" deleted successfully.

Error: file "C:\DOCUME~1\David\LOCALS~1\Temp\pxldapod.sys" not found!
Deletion of file "C:\DOCUME~1\David\LOCALS~1\Temp\pxldapod.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: file "C:\WINDOWS\system32\drivers\xpsec.sys" not found!
Deletion of file "C:\WINDOWS\system32\drivers\xpsec.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: file "C:\WINDOWS\system32\drivers\xcpip.sys" not found!
Deletion of file "C:\WINDOWS\system32\drivers\xcpip.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Completed script processing.

*******************

Finished! Terminate.

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 15 Model 107 Stepping 2, AuthenticAMD
BOOT           : Normal Boot
DATE           : 2012/08/29 (ISO 8601) at 21:03:29
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __SAMSUNG HD502IJ (1AA01113)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR1 __ST3802110A (3.AAE)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	465.8 Go  [Fixed] ==> XP MBR Code

MBR_MD5   : 6E031A596155CBAB2BC280C8E50C591E
MBR_SHA1  : 25698EBB3314218BC2846C2B38F6110A5369B788

Device\Harddisk0\Partition1	97.65 Go  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	97.65 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition3	270.4 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR1	74.53 Go  [Fixed] ==> XP MBR Code

MBR_MD5   : BD4C3C3FC3C9E51BD8B99AF086547340
MBR_SHA1  : C44F5B6F0EA003A3A263201C08D06B6F6FBE351E

Device\Harddisk1\Partition1	34.18 Go  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk1\Partition2	40.34 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xAF548000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xB85EE000
SIZE    : 8.0 Ko

SystemStartOptions : FASTDETECT  NOEXECUTE=OPTIN  USEPMTIMER

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C   .w#r.9F.s.¸..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C   2ä.V.Í.ëÖaùÃNepl
0x00000130   61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64   atn. tabulka odd
0x00000140   A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61   ¡l..Chyba pýi na
0x00000150   9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68   .¡t.n¡ opera.n¡h
0x00000160   6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F   o syst.mu.Opera.
0x00000170   6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65   n¡ syst.m nenale
0x00000180   7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00   zen.............
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 6A 2C 0F 2D 0F 00 00 80 01   .....,Dj,.-.....
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 8D F2 34 0C 00 00   ...þ..?....ò4...
0x000001D0   C1 FF 0F FE FF FF CC F2 34 0C B4 1A 03 2E 00 00   Á..þ..Ìò4.´.....
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR1  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C   .w#r.9F.s.¸..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C   2ä.V.Í.ëÖaùÃNepl
0x00000130   61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64   atn. tabulka odd
0x00000140   A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61   ¡l..Chyba pýi na
0x00000150   9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68   .¡t.n¡ opera.n¡h
0x00000160   6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F   o syst.mu.Opera.
0x00000170   6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65   n¡ syst.m nenale
0x00000180   7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00   zen.............
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 6A 7F 84 7F 84 00 00 80 01   .....,Dj........
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 AF C7 45 04 00 00   ...þ..?...¯ÇE...
0x000001D0   C1 FF 0F FE FF FF EE C7 45 04 12 DE 0A 05 00 00   Á..þ..îÇE..Þ....
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

dave5 · #18 Příspěvek od **dave5** » 29 srp 2012 18:16

21:07:07.0937 2724 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:07:08.0031 2724 ============================================================
21:07:08.0031 2724 Current date / time: 2012/08/29 21:07:08.0031
21:07:08.0031 2724 SystemInfo:
21:07:08.0031 2724
21:07:08.0031 2724 OS Version: 5.1.2600 ServicePack: 3.0
21:07:08.0031 2724 Product type: Workstation
21:07:08.0031 2724 ComputerName: DAVIDOS
21:07:08.0031 2724 UserName: David
21:07:08.0031 2724 Windows directory: C:\WINDOWS
21:07:08.0031 2724 System windows directory: C:\WINDOWS
21:07:08.0031 2724 Processor architecture: Intel x86
21:07:08.0031 2724 Number of processors: 2
21:07:08.0031 2724 Page size: 0x1000
21:07:08.0031 2724 Boot type: Normal boot
21:07:08.0031 2724 ============================================================
21:07:10.0531 2724 BG loaded
21:07:36.0421 2724 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:07:36.0437 2724 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:07:36.0437 2724 ============================================================
21:07:36.0437 2724 \Device\Harddisk0\DR0:
21:07:36.0437 2724 MBR partitions:
21:07:36.0437 2724 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
21:07:36.0453 2724 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0xC34F28D
21:07:36.0468 2724 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1869E5D7, BlocksNum 0x21CE27A9
21:07:36.0468 2724 \Device\Harddisk1\DR1:
21:07:36.0468 2724 MBR partitions:
21:07:36.0468 2724 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x445C7AF
21:07:36.0468 2724 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x445C82D, BlocksNum 0x50ADDD3
21:07:36.0468 2724 ============================================================
21:07:36.0593 2724 C: <-> \Device\Harddisk0\DR0\Partition1
21:07:36.0625 2724 D: <-> \Device\Harddisk1\DR1\Partition1
21:07:42.0250 2724 E: <-> \Device\Harddisk0\DR0\Partition2
21:07:42.0796 2724 F: <-> \Device\Harddisk0\DR0\Partition3
21:07:42.0843 2724 G: <-> \Device\Harddisk1\DR1\Partition2
21:07:42.0843 2724 ============================================================
21:07:42.0843 2724 Initialize success
21:07:42.0843 2724 ============================================================
21:08:02.0859 3368 ============================================================
21:08:02.0859 3368 Scan started
21:08:02.0859 3368 Mode: Manual; SigCheck; TDLFS;
21:08:02.0859 3368 ============================================================
21:08:03.0500 3368 ================ Scan system memory ========================
21:08:03.0500 3368 System memory - ok
21:08:03.0500 3368 ================ Scan services =============================
21:08:03.0562 3368 Abiosdsk - ok
21:08:03.0578 3368 abp480n5 - ok
21:08:03.0593 3368 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:08:04.0593 3368 ACPI - ok
21:08:04.0625 3368 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:08:04.0781 3368 ACPIEC - ok
21:08:04.0781 3368 adpu160m - ok
21:08:04.0781 3368 ae3g.sys - ok
21:08:04.0812 3368 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:08:04.0906 3368 aec - ok
21:08:04.0921 3368 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:08:05.0046 3368 AFD - ok
21:08:05.0046 3368 Aha154x - ok
21:08:05.0046 3368 aic78u2 - ok
21:08:05.0046 3368 aic78xx - ok
21:08:05.0078 3368 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:08:05.0218 3368 Alerter - ok
21:08:05.0250 3368 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
21:08:05.0328 3368 ALG - ok
21:08:05.0328 3368 AliIde - ok
21:08:05.0359 3368 [ FCFFA85CFD4BF7A4711012847048DCA3 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
21:08:05.0390 3368 AmdK8 - ok
21:08:05.0390 3368 amsint - ok
21:08:05.0406 3368 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:08:05.0515 3368 AppMgmt - ok
21:08:05.0515 3368 asc - ok
21:08:05.0515 3368 asc3350p - ok
21:08:05.0515 3368 asc3550 - ok
21:08:05.0593 3368 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:08:05.0625 3368 aspnet_state - ok
21:08:05.0640 3368 [ 0C83FC56707BF68DB04947052A8188B1 ] astcc C:\WINDOWS\system32\astsrv.exe
21:08:05.0640 3368 astcc ( UnsignedFile.Multi.Generic ) - warning
21:08:05.0640 3368 astcc - detected UnsignedFile.Multi.Generic (1)
21:08:05.0656 3368 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:08:05.0765 3368 AsyncMac - ok
21:08:05.0781 3368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:08:05.0875 3368 atapi - ok
21:08:05.0875 3368 Atdisk - ok
21:08:05.0890 3368 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:08:05.0984 3368 Atmarpc - ok
21:08:06.0000 3368 [ 523CA82A8810F4354E6425406AFBC130 ] ATMsrvc C:\WINDOWS\System32\ATMsrvc.exe
21:08:06.0015 3368 ATMsrvc ( UnsignedFile.Multi.Generic ) - warning
21:08:06.0015 3368 ATMsrvc - detected UnsignedFile.Multi.Generic (1)
21:08:06.0046 3368 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:08:06.0140 3368 AudioSrv - ok
21:08:06.0156 3368 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:08:06.0265 3368 audstub - ok
21:08:06.0281 3368 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:08:06.0390 3368 Beep - ok
21:08:06.0421 3368 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\System32\qmgr.dll
21:08:06.0546 3368 BITS - ok
21:08:06.0640 3368 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:08:06.0656 3368 Bonjour Service - ok
21:08:06.0687 3368 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
21:08:06.0718 3368 Browser - ok
21:08:06.0734 3368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:08:06.0843 3368 cbidf2k - ok
21:08:06.0843 3368 cd20xrnt - ok
21:08:06.0859 3368 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:08:06.0968 3368 Cdaudio - ok
21:08:06.0984 3368 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:08:07.0093 3368 Cdfs - ok
21:08:07.0109 3368 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:08:07.0203 3368 Cdrom - ok
21:08:07.0218 3368 Changer - ok
21:08:07.0250 3368 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:08:07.0390 3368 CiSvc - ok
21:08:07.0406 3368 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:08:07.0562 3368 ClipSrv - ok
21:08:07.0593 3368 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:08:07.0625 3368 clr_optimization_v2.0.50727_32 - ok
21:08:07.0656 3368 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:08:07.0703 3368 clr_optimization_v4.0.30319_32 - ok
21:08:07.0703 3368 CmdIde - ok
21:08:07.0703 3368 COMSysApp - ok
21:08:07.0718 3368 Cpqarray - ok
21:08:07.0718 3368 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:08:07.0812 3368 CryptSvc - ok
21:08:07.0812 3368 dac2w2k - ok
21:08:07.0828 3368 dac960nt - ok
21:08:07.0843 3368 [ C512B618D0E19339572AD125E26B9CB5 ] danewFltr C:\WINDOWS\system32\drivers\danew.sys
21:08:07.0890 3368 danewFltr - ok
21:08:07.0921 3368 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:08:07.0984 3368 DcomLaunch - ok
21:08:08.0015 3368 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:08:08.0109 3368 Dhcp - ok
21:08:08.0140 3368 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:08:08.0250 3368 Disk - ok
21:08:08.0265 3368 dmadmin - ok
21:08:08.0296 3368 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:08:08.0562 3368 dmboot - ok
21:08:08.0578 3368 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:08:08.0796 3368 dmio - ok
21:08:08.0796 3368 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:08:08.0890 3368 dmload - ok
21:08:08.0906 3368 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:08:09.0000 3368 dmserver - ok
21:08:09.0015 3368 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:08:09.0109 3368 DMusic - ok
21:08:09.0140 3368 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:08:09.0171 3368 Dnscache - ok
21:08:09.0203 3368 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:08:09.0281 3368 Dot3svc - ok
21:08:09.0281 3368 dpti2o - ok
21:08:09.0281 3368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:08:09.0375 3368 drmkaud - ok
21:08:09.0390 3368 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:08:09.0531 3368 EapHost - ok
21:08:09.0546 3368 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:08:09.0625 3368 ERSvc - ok
21:08:09.0656 3368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
21:08:09.0671 3368 Eventlog - ok
21:08:09.0703 3368 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
21:08:09.0796 3368 EventSystem - ok
21:08:09.0828 3368 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:08:09.0921 3368 Fastfat - ok
21:08:09.0953 3368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:08:10.0000 3368 FastUserSwitchingCompatibility - ok
21:08:10.0000 3368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:08:10.0109 3368 Fdc - ok
21:08:10.0125 3368 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:08:10.0328 3368 Fips - ok
21:08:10.0359 3368 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:08:10.0468 3368 FLEXnet Licensing Service - ok
21:08:10.0484 3368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:08:10.0562 3368 Flpydisk - ok
21:08:10.0593 3368 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:08:10.0703 3368 FltMgr - ok
21:08:10.0734 3368 [ 993883524AA9CF1C90E1545411A9AC9C ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:08:10.0796 3368 FontCache3.0.0.0 - ok
21:08:10.0796 3368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:08:10.0890 3368 Fs_Rec - ok
21:08:10.0906 3368 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:08:11.0000 3368 Ftdisk - ok
21:08:11.0015 3368 [ BEAE63CA06345E0714A3CAE6232482EA ] fwdrv C:\WINDOWS\system32\drivers\fwdrv.sys
21:08:11.0109 3368 fwdrv ( UnsignedFile.Multi.Generic ) - warning
21:08:11.0109 3368 fwdrv - detected UnsignedFile.Multi.Generic (1)
21:08:11.0125 3368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:08:11.0218 3368 Gpc - ok
21:08:11.0234 3368 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:08:11.0328 3368 HDAudBus - ok
21:08:11.0359 3368 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:08:11.0437 3368 helpsvc - ok
21:08:11.0453 3368 [ 887F5CF01755D3087E4E9DEC22101567 ] hidkmdf C:\WINDOWS\system32\DRIVERS\hidkmdf.sys
21:08:11.0468 3368 hidkmdf - ok
21:08:11.0484 3368 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:08:11.0640 3368 HidServ - ok
21:08:11.0656 3368 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:08:11.0734 3368 hidusb - ok
21:08:11.0765 3368 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:08:11.0859 3368 hkmsvc - ok
21:08:11.0859 3368 hpn - ok
21:08:11.0875 3368 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:08:11.0921 3368 HTTP - ok
21:08:11.0921 3368 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:08:12.0015 3368 HTTPFilter - ok
21:08:12.0031 3368 i2omgmt - ok
21:08:12.0031 3368 i2omp - ok
21:08:12.0046 3368 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
21:08:12.0203 3368 i8042prt - ok
21:08:12.0234 3368 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:08:12.0250 3368 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:08:12.0250 3368 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:08:12.0296 3368 [ E7CC3AEAED9893A88876744CD439F76C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:08:12.0328 3368 idsvc ( UnsignedFile.Multi.Generic ) - warning
21:08:12.0328 3368 idsvc - detected UnsignedFile.Multi.Generic (1)
21:08:12.0359 3368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:08:12.0453 3368 Imapi - ok
21:08:12.0484 3368 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\System32\imapi.exe
21:08:12.0562 3368 ImapiService - ok
21:08:12.0578 3368 ini910u - ok
21:08:12.0578 3368 IntelIde - ok
21:08:12.0609 3368 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:08:12.0703 3368 ip6fw - ok
21:08:12.0718 3368 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:08:12.0812 3368 IpFilterDriver - ok
21:08:12.0828 3368 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:08:12.0906 3368 IpInIp - ok
21:08:12.0921 3368 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:08:13.0015 3368 IpNat - ok
21:08:13.0031 3368 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:08:13.0109 3368 IPSec - ok
21:08:13.0125 3368 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:08:13.0203 3368 IRENUM - ok
21:08:13.0218 3368 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:08:13.0312 3368 isapnp - ok
21:08:13.0328 3368 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:08:13.0421 3368 Kbdclass - ok
21:08:13.0421 3368 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:08:13.0578 3368 kbdhid - ok
21:08:13.0593 3368 [ F1B81D62EA598047D28DD12E1F417976 ] khips C:\WINDOWS\system32\drivers\khips.sys
21:08:13.0609 3368 khips ( UnsignedFile.Multi.Generic ) - warning
21:08:13.0609 3368 khips - detected UnsignedFile.Multi.Generic (1)
21:08:13.0625 3368 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:08:13.0718 3368 kmixer - ok
21:08:13.0765 3368 [ F3CA4A37CD2144DFF7E28A75B30B0FD0 ] KPF4 C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
21:08:13.0796 3368 KPF4 ( UnsignedFile.Multi.Generic ) - warning
21:08:13.0796 3368 KPF4 - detected UnsignedFile.Multi.Generic (1)
21:08:13.0812 3368 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:08:13.0859 3368 KSecDD - ok
21:08:13.0890 3368 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:08:13.0921 3368 lanmanserver - ok
21:08:13.0953 3368 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:08:13.0984 3368 lanmanworkstation - ok
21:08:13.0984 3368 lbrtfdc - ok
21:08:14.0015 3368 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:08:14.0109 3368 LmHosts - ok
21:08:14.0125 3368 [ E3BCE3C975BA95B0500E4B7F8D61E432 ] McAfeeEngineService C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
21:08:14.0140 3368 McAfeeEngineService - ok
21:08:14.0156 3368 [ 1B963D79740B187795407CD03E2F7B4D ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
21:08:14.0171 3368 McAfeeFramework - ok
21:08:14.0187 3368 [ 6F4D3480C42EC33BB56613DC7C787720 ] McShield C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
21:08:14.0203 3368 McShield - ok
21:08:14.0218 3368 [ 6C6AA104272198495D51CC606677DA39 ] McTaskManager C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
21:08:14.0234 3368 McTaskManager - ok
21:08:14.0250 3368 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:08:14.0343 3368 Messenger - ok
21:08:14.0375 3368 [ AF3BAF4CDED14D5FD7B8D94B78AE3F0A ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
21:08:14.0390 3368 mfeapfk - ok
21:08:14.0390 3368 [ 2EBF8D78F99E2F667FA5F65312A489AB ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
21:08:14.0406 3368 mfeavfk - ok
21:08:14.0421 3368 [ 188324D4412103ED3B086B69D5D210E2 ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
21:08:14.0437 3368 mfebopk - ok
21:08:14.0453 3368 [ 51897A0530EA0531898ABBE566A9DD8A ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
21:08:14.0484 3368 mfehidk - ok
21:08:14.0500 3368 [ 192C71EA9990426372E1B803DBAD2C59 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys
21:08:14.0531 3368 mferkdet - ok
21:08:14.0546 3368 [ 61FC4DBE4A3E95973509DA6B920E83AA ] mfetdik C:\WINDOWS\system32\drivers\mfetdik.sys
21:08:14.0656 3368 mfetdik - ok
21:08:14.0656 3368 [ 5C2C7AC2ABB73251D67F09182AE6B30F ] mfevtp C:\WINDOWS\system32\mfevtps.exe
21:08:14.0687 3368 mfevtp - ok
21:08:14.0703 3368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:08:14.0796 3368 mnmdd - ok
21:08:14.0812 3368 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
21:08:14.0906 3368 mnmsrvc - ok
21:08:14.0921 3368 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:08:15.0093 3368 Modem - ok
21:08:15.0140 3368 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] monfilt C:\WINDOWS\system32\drivers\monfilt.sys
21:08:15.0250 3368 monfilt - ok
21:08:15.0281 3368 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:08:15.0375 3368 Mouclass - ok
21:08:15.0390 3368 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:08:15.0500 3368 mouhid - ok
21:08:15.0500 3368 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:08:15.0593 3368 MountMgr - ok
21:08:15.0593 3368 mraid35x - ok
21:08:15.0593 3368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:08:15.0687 3368 MRxDAV - ok
21:08:15.0718 3368 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:08:15.0750 3368 MRxSmb - ok
21:08:15.0765 3368 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:08:15.0859 3368 MSDTC - ok
21:08:15.0875 3368 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:08:15.0968 3368 Msfs - ok
21:08:15.0968 3368 MSIServer - ok
21:08:15.0984 3368 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:08:16.0062 3368 MSKSSRV - ok
21:08:16.0078 3368 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:08:16.0156 3368 MSPCLOCK - ok
21:08:16.0171 3368 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:08:16.0250 3368 MSPQM - ok
21:08:16.0281 3368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:08:16.0359 3368 mssmbios - ok
21:08:16.0375 3368 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
21:08:16.0406 3368 MTsensor - ok
21:08:16.0406 3368 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:08:16.0515 3368 Mup - ok
21:08:16.0546 3368 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:08:16.0640 3368 napagent - ok
21:08:16.0656 3368 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:08:16.0750 3368 NDIS - ok
21:08:16.0765 3368 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:08:16.0796 3368 NdisTapi - ok
21:08:16.0796 3368 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:08:16.0890 3368 Ndisuio - ok
21:08:16.0890 3368 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:08:16.0984 3368 NdisWan - ok
21:08:17.0000 3368 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:08:17.0078 3368 NDProxy - ok
21:08:17.0078 3368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:08:17.0171 3368 NetBIOS - ok
21:08:17.0187 3368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:08:17.0265 3368 NetBT - ok
21:08:17.0296 3368 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
21:08:17.0375 3368 NetDDE - ok
21:08:17.0390 3368 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:08:17.0468 3368 NetDDEdsdm - ok
21:08:17.0484 3368 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\System32\lsass.exe
21:08:17.0578 3368 Netlogon - ok
21:08:17.0593 3368 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
21:08:17.0671 3368 Netman - ok
21:08:17.0687 3368 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:08:17.0718 3368 NetTcpPortSharing - ok
21:08:17.0750 3368 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
21:08:17.0765 3368 Nla - ok
21:08:17.0828 3368 [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:08:17.0843 3368 NMIndexingService - ok
21:08:17.0859 3368 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:08:17.0953 3368 Npfs - ok
21:08:17.0968 3368 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:08:18.0078 3368 Ntfs - ok
21:08:18.0078 3368 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
21:08:18.0171 3368 NtLmSsp - ok
21:08:18.0203 3368 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:08:18.0312 3368 NtmsSvc - ok
21:08:18.0312 3368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:08:18.0421 3368 Null - ok
21:08:18.0656 3368 [ 4B54DCD6ADEE535DF80F07C59DDD8F14 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:08:18.0953 3368 nv - ok
21:08:18.0984 3368 [ 0573C75A2895D973EA6EF2495620BA49 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
21:08:19.0015 3368 NVSvc - ok
21:08:19.0031 3368 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:08:19.0156 3368 NwlnkFlt - ok
21:08:19.0156 3368 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:08:19.0281 3368 NwlnkFwd - ok
21:08:19.0328 3368 [ 126A11FA2401AC42FE2D9C2705EC27BC ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
21:08:19.0328 3368 OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
21:08:19.0328 3368 OpenVPNService - detected UnsignedFile.Multi.Generic (1)
21:08:19.0343 3368 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:08:19.0375 3368 ose - ok
21:08:19.0390 3368 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:08:19.0484 3368 Parport - ok
21:08:19.0500 3368 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:08:19.0593 3368 PartMgr - ok
21:08:19.0609 3368 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:08:19.0765 3368 ParVdm - ok
21:08:19.0765 3368 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:08:19.0843 3368 PCI - ok
21:08:19.0843 3368 PCIDump - ok
21:08:19.0875 3368 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:08:19.0984 3368 PCIIde - ok
21:08:20.0000 3368 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:08:20.0140 3368 Pcmcia - ok
21:08:20.0140 3368 PDCOMP - ok
21:08:20.0156 3368 PDFRAME - ok
21:08:20.0156 3368 PDRELI - ok
21:08:20.0156 3368 PDRFRAME - ok
21:08:20.0156 3368 perc2 - ok
21:08:20.0171 3368 perc2hib - ok
21:08:20.0171 3368 [ 5903FA75200807AD739286BBF40C4904 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
21:08:20.0187 3368 pfc ( UnsignedFile.Multi.Generic ) - warning
21:08:20.0187 3368 pfc - detected UnsignedFile.Multi.Generic (1)
21:08:20.0203 3368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
21:08:20.0218 3368 PlugPlay - ok
21:08:20.0234 3368 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
21:08:20.0312 3368 PolicyAgent - ok
21:08:20.0328 3368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:08:20.0406 3368 PptpMiniport - ok
21:08:20.0421 3368 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
21:08:20.0640 3368 Processor - ok
21:08:20.0656 3368 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:08:20.0734 3368 ProtectedStorage - ok
21:08:20.0734 3368 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:08:20.0828 3368 PSched - ok
21:08:20.0828 3368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:08:20.0937 3368 Ptilink - ok
21:08:20.0937 3368 [ 0C8DA0A8B0D227319C285E0EAE65DEFD ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:08:20.0953 3368 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
21:08:20.0953 3368 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
21:08:20.0953 3368 ql1080 - ok
21:08:20.0953 3368 Ql10wnt - ok
21:08:20.0953 3368 ql12160 - ok
21:08:20.0968 3368 ql1240 - ok
21:08:20.0968 3368 ql1280 - ok
21:08:20.0984 3368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:08:21.0093 3368 RasAcd - ok
21:08:21.0109 3368 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:08:21.0187 3368 RasAuto - ok
21:08:21.0187 3368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:08:21.0281 3368 Rasl2tp - ok
21:08:21.0312 3368 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:08:21.0390 3368 RasMan - ok
21:08:21.0390 3368 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:08:21.0468 3368 RasPppoe - ok
21:08:21.0468 3368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:08:21.0593 3368 Raspti - ok
21:08:21.0609 3368 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:08:21.0687 3368 Rdbss - ok
21:08:21.0703 3368 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:08:21.0812 3368 RDPCDD - ok
21:08:21.0828 3368 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:08:21.0906 3368 rdpdr - ok
21:08:21.0921 3368 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:08:22.0109 3368 RDPWD - ok
21:08:22.0140 3368 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:08:22.0234 3368 RDSessMgr - ok
21:08:22.0250 3368 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:08:22.0328 3368 redbook - ok
21:08:22.0343 3368 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:08:22.0437 3368 RemoteAccess - ok
21:08:22.0453 3368 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:08:22.0546 3368 RemoteRegistry - ok
21:08:22.0546 3368 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
21:08:22.0640 3368 RpcLocator - ok
21:08:22.0656 3368 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:08:22.0687 3368 RpcSs - ok
21:08:22.0703 3368 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
21:08:22.0812 3368 RSVP - ok
21:08:22.0843 3368 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:08:22.0890 3368 RTLE8023xp - ok
21:08:22.0906 3368 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
21:08:22.0984 3368 SamSs - ok
21:08:23.0000 3368 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:08:23.0078 3368 SCardSvr - ok
21:08:23.0109 3368 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:08:23.0234 3368 Schedule - ok
21:08:23.0250 3368 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:08:23.0328 3368 Secdrv - ok
21:08:23.0343 3368 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:08:23.0468 3368 seclogon - ok
21:08:23.0484 3368 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
21:08:23.0578 3368 SENS - ok
21:08:23.0578 3368 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:08:23.0671 3368 serenum - ok
21:08:23.0687 3368 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:08:23.0765 3368 Serial - ok
21:08:23.0796 3368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:08:23.0890 3368 Sfloppy - ok
21:08:23.0906 3368 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:08:24.0000 3368 SharedAccess - ok
21:08:24.0015 3368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:08:24.0031 3368 ShellHWDetection - ok
21:08:24.0031 3368 Simbad - ok
21:08:24.0046 3368 Sparrow - ok
21:08:24.0062 3368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:08:24.0140 3368 splitter - ok
21:08:24.0156 3368 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:08:24.0187 3368 Spooler - ok
21:08:24.0218 3368 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\System32\DRIVERS\sr.sys
21:08:24.0453 3368 sr - ok
21:08:24.0468 3368 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\System32\srsvc.dll
21:08:24.0546 3368 srservice - ok
21:08:24.0578 3368 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:08:24.0609 3368 Srv - ok
21:08:24.0625 3368 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:08:24.0718 3368 SSDPSRV - ok
21:08:24.0750 3368 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:08:24.0843 3368 stisvc - ok
21:08:24.0859 3368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:08:24.0953 3368 swenum - ok
21:08:25.0000 3368 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:08:25.0031 3368 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
21:08:25.0031 3368 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
21:08:25.0046 3368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:08:25.0125 3368 swmidi - ok
21:08:25.0140 3368 SwPrv - ok
21:08:25.0140 3368 symc810 - ok
21:08:25.0140 3368 symc8xx - ok
21:08:25.0156 3368 sym_hi - ok
21:08:25.0156 3368 sym_u3 - ok
21:08:25.0171 3368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:08:25.0250 3368 sysaudio - ok
21:08:25.0281 3368 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:08:25.0375 3368 SysmonLog - ok
21:08:25.0406 3368 [ 846B7C0E3F6370CDCCE157A5B36E70CD ] tap0801 C:\WINDOWS\system32\DRIVERS\tap0801.sys
21:08:25.0406 3368 tap0801 ( UnsignedFile.Multi.Generic ) - warning
21:08:25.0406 3368 tap0801 - detected UnsignedFile.Multi.Generic (1)
21:08:25.0421 3368 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:08:25.0515 3368 TapiSrv - ok
21:08:25.0531 3368 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:08:25.0562 3368 Tcpip - ok
21:08:25.0593 3368 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:08:25.0687 3368 TDPIPE - ok
21:08:25.0703 3368 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:08:25.0796 3368 TDTCP - ok
21:08:25.0796 3368 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:08:25.0875 3368 TermDD - ok
21:08:25.0906 3368 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
21:08:26.0031 3368 TermService - ok
21:08:26.0046 3368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:08:26.0062 3368 Themes - ok
21:08:26.0093 3368 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
21:08:26.0171 3368 TlntSvr - ok
21:08:26.0171 3368 TosIde - ok
21:08:26.0203 3368 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:08:26.0281 3368 TrkWks - ok
21:08:26.0312 3368 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:08:26.0406 3368 Udfs - ok
21:08:26.0406 3368 ultra - ok
21:08:26.0406 3368 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
21:08:26.0453 3368 UMWdf - ok
21:08:26.0453 3368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:08:26.0546 3368 Update - ok
21:08:26.0578 3368 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
21:08:26.0671 3368 upnphost - ok
21:08:26.0687 3368 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
21:08:26.0765 3368 UPS - ok
21:08:26.0781 3368 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:08:26.0875 3368 usbccgp - ok
21:08:26.0875 3368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:08:26.0968 3368 usbehci - ok
21:08:26.0968 3368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:08:27.0046 3368 usbhub - ok
21:08:27.0062 3368 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:08:27.0140 3368 usbohci - ok
21:08:27.0156 3368 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:08:27.0250 3368 usbprint - ok
21:08:27.0265 3368 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:08:27.0343 3368 usbscan - ok
21:08:27.0375 3368 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:08:27.0453 3368 USBSTOR - ok
21:08:27.0453 3368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:08:27.0546 3368 VgaSave - ok
21:08:27.0562 3368 [ 80ED26C12AF05779A3F897B9BADF6F28 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
21:08:27.0578 3368 VIAHdAudAddService - ok
21:08:27.0593 3368 ViaIde - ok
21:08:27.0609 3368 [ 07C20E596A0838809BC5FF5DE5A65973 ] VKbms C:\WINDOWS\system32\DRIVERS\VKbms.sys
21:08:27.0640 3368 VKbms - ok
21:08:27.0640 3368 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:08:27.0796 3368 VolSnap - ok
21:08:27.0812 3368 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
21:08:27.0906 3368 VSS - ok
21:08:27.0921 3368 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\System32\w32time.dll
21:08:28.0000 3368 W32Time - ok
21:08:28.0015 3368 WacHidRouter - ok
21:08:28.0015 3368 wacomrouterfilter - ok
21:08:28.0015 3368 wacomvhid - ok
21:08:28.0046 3368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:08:28.0140 3368 Wanarp - ok
21:08:28.0156 3368 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
21:08:28.0187 3368 Wdf01000 - ok
21:08:28.0187 3368 WDICA - ok
21:08:28.0203 3368 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:08:28.0296 3368 wdmaud - ok
21:08:28.0312 3368 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:08:28.0406 3368 WebClient - ok
21:08:28.0453 3368 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:08:28.0578 3368 winmgmt - ok
21:08:28.0609 3368 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:08:28.0656 3368 WmdmPmSN - ok
21:08:28.0671 3368 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:08:28.0718 3368 Wmi - ok
21:08:28.0734 3368 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:08:28.0828 3368 WmiAcpi - ok
21:08:28.0843 3368 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:08:28.0937 3368 WmiApSrv - ok
21:08:29.0000 3368 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:08:29.0046 3368 WPFFontCache_v0400 - ok
21:08:29.0062 3368 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:08:29.0171 3368 wscsvc - ok
21:08:29.0187 3368 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:08:29.0265 3368 wuauserv - ok
21:08:29.0312 3368 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:08:29.0421 3368 WZCSVC - ok
21:08:29.0453 3368 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:08:29.0546 3368 xmlprov - ok
21:08:29.0562 3368 ================ Scan global ===============================
21:08:29.0593 3368 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
21:08:29.0656 3368 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
21:08:29.0718 3368 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
21:08:29.0718 3368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
21:08:29.0734 3368 [Global] - ok
21:08:29.0734 3368 ================ Scan MBR ==================================
21:08:29.0750 3368 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
21:08:29.0765 3368 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
21:08:29.0765 3368 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
21:08:29.0859 3368 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
21:08:29.0875 3368 \Device\Harddisk1\DR1 ( Rootkit.Boot.Sinowal.b ) - infected
21:08:29.0875 3368 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Sinowal.b (0)
21:08:29.0937 3368 ================ Scan VBR ==================================
21:08:29.0937 3368 [ AE331AF67184E5DD2B5FBB5A23D10390 ] \Device\Harddisk0\DR0\Partition1
21:08:29.0953 3368 \Device\Harddisk0\DR0\Partition1 - ok
21:08:29.0968 3368 [ 01AEB818E16400AD3C570C3D15E2791D ] \Device\Harddisk0\DR0\Partition2
21:08:29.0968 3368 \Device\Harddisk0\DR0\Partition2 - ok
21:08:29.0984 3368 [ 23B80275C549C090131D5AE936FBD907 ] \Device\Harddisk0\DR0\Partition3
21:08:29.0984 3368 \Device\Harddisk0\DR0\Partition3 - ok
21:08:29.0984 3368 [ 64A514648C21AAB3CCFAF7A5E6033056 ] \Device\Harddisk1\DR1\Partition1
21:08:29.0984 3368 \Device\Harddisk1\DR1\Partition1 - ok
21:08:30.0015 3368 [ 098BE6F2D22AB4004A840F7C76F4C4D5 ] \Device\Harddisk1\DR1\Partition2
21:08:30.0015 3368 \Device\Harddisk1\DR1\Partition2 - ok
21:08:30.0015 3368 ================ Scan active images ========================
21:08:30.0015 3368 [ FCFFA85CFD4BF7A4711012847048DCA3 ] C:\WINDOWS\system32\drivers\AmdK8.sys
21:08:30.0015 3368 C:\WINDOWS\system32\drivers\AmdK8.sys - ok
21:08:30.0015 3368 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
21:08:30.0015 3368 C:\WINDOWS\system32\drivers\videoprt.sys - ok
21:08:30.0015 3368 [ 4B54DCD6ADEE535DF80F07C59DDD8F14 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
21:08:30.0015 3368 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
21:08:30.0015 3368 [ 89619EF503F949FAE09252A8B883EE11 ] C:\WINDOWS\system32\drivers\Rtenicxp.sys
21:08:30.0015 3368 C:\WINDOWS\system32\drivers\Rtenicxp.sys - ok
21:08:30.0031 3368 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
21:08:30.0031 3368 C:\WINDOWS\system32\drivers\cdrom.sys - ok
21:08:30.0031 3368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
21:08:30.0031 3368 C:\WINDOWS\system32\drivers\imapi.sys - ok
21:08:30.0031 3368 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
21:08:30.0031 3368 C:\WINDOWS\system32\drivers\ks.sys - ok
21:08:30.0031 3368 [ 5903FA75200807AD739286BBF40C4904 ] C:\WINDOWS\system32\drivers\pfc.sys
21:08:30.0031 3368 C:\WINDOWS\system32\drivers\pfc.sys - ok
21:08:30.0046 3368 [ 611BFD220305BE3A85AE876EA47D4AA5 ] C:\WINDOWS\system32\drivers\redbook.sys
21:08:30.0046 3368 C:\WINDOWS\system32\drivers\redbook.sys - ok
21:08:30.0046 3368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
21:08:30.0046 3368 C:\WINDOWS\system32\drivers\usbehci.sys - ok
21:08:30.0046 3368 [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
21:08:30.0046 3368 C:\WINDOWS\system32\drivers\usbohci.sys - ok
21:08:30.0046 3368 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
21:08:30.0046 3368 C:\WINDOWS\system32\drivers\usbport.sys - ok
21:08:30.0046 3368 [ D48659BB24C48345D926ECB45C1EBDF5 ] C:\WINDOWS\system32\drivers\ASACPI.sys
21:08:30.0046 3368 C:\WINDOWS\system32\drivers\ASACPI.sys - ok
21:08:30.0062 3368 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
21:08:30.0062 3368 C:\WINDOWS\system32\drivers\audstub.sys - ok
21:08:30.0062 3368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
21:08:30.0062 3368 C:\WINDOWS\system32\drivers\fdc.sys - ok
21:08:30.0062 3368 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
21:08:30.0062 3368 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
21:08:30.0062 3368 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
21:08:30.0062 3368 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
21:08:30.0078 3368 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] C:\WINDOWS\system32\drivers\parport.sys
21:08:30.0078 3368 C:\WINDOWS\system32\drivers\parport.sys - ok
21:08:30.0078 3368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
21:08:30.0078 3368 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
21:08:30.0078 3368 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
21:08:30.0078 3368 C:\WINDOWS\system32\drivers\serenum.sys - ok
21:08:30.0078 3368 [ B842729337C9B921615C40D3C1A1AF96 ] C:\WINDOWS\system32\drivers\serial.sys
21:08:30.0078 3368 C:\WINDOWS\system32\drivers\serial.sys - ok
21:08:30.0093 3368 [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
21:08:30.0093 3368 C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
21:08:30.0093 3368 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
21:08:30.0093 3368 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
21:08:30.0093 3368 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
21:08:30.0093 3368 C:\WINDOWS\system32\drivers\psched.sys - ok
21:08:30.0093 3368 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
21:08:30.0093 3368 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
21:08:30.0093 3368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
21:08:30.0093 3368 C:\WINDOWS\system32\drivers\raspptp.sys - ok
21:08:30.0109 3368 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
21:08:30.0109 3368 C:\WINDOWS\system32\drivers\tdi.sys - ok
21:08:30.0109 3368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
21:08:30.0109 3368 C:\WINDOWS\system32\drivers\msgpc.sys - ok
21:08:30.0109 3368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
21:08:30.0109 3368 C:\WINDOWS\system32\drivers\ptilink.sys - ok
21:08:30.0109 3368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
21:08:30.0109 3368 C:\WINDOWS\system32\drivers\raspti.sys - ok
21:08:30.0109 3368 [ 846B7C0E3F6370CDCCE157A5B36E70CD ] C:\WINDOWS\system32\drivers\tap0801.sys
21:08:30.0109 3368 C:\WINDOWS\system32\drivers\tap0801.sys - ok
21:08:30.0125 3368 [ 07C20E596A0838809BC5FF5DE5A65973 ] C:\WINDOWS\system32\drivers\VKbms.sys
21:08:30.0125 3368 C:\WINDOWS\system32\drivers\VKbms.sys - ok
21:08:30.0125 3368 [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys
21:08:30.0125 3368 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
21:08:30.0125 3368 [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys
21:08:30.0125 3368 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
21:08:30.0125 3368 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
21:08:30.0125 3368 C:\WINDOWS\system32\drivers\hidclass.sys - ok
21:08:30.0140 3368 [ 887F5CF01755D3087E4E9DEC22101567 ] C:\WINDOWS\system32\drivers\hidkmdf.sys
21:08:30.0140 3368 C:\WINDOWS\system32\drivers\hidkmdf.sys - ok
21:08:30.0140 3368 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
21:08:30.0140 3368 C:\WINDOWS\system32\drivers\hidparse.sys - ok
21:08:30.0140 3368 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] C:\WINDOWS\system32\drivers\kbdclass.sys
21:08:30.0140 3368 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
21:08:30.0140 3368 [ 4CB582831DBDE63CE43B45D771218374 ] C:\WINDOWS\system32\drivers\mouclass.sys
21:08:30.0140 3368 C:\WINDOWS\system32\drivers\mouclass.sys - ok
21:08:30.0140 3368 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
21:08:30.0140 3368 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
21:08:30.0156 3368 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
21:08:30.0156 3368 C:\WINDOWS\system32\drivers\termdd.sys - ok
21:08:30.0156 3368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
21:08:30.0156 3368 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
21:08:30.0156 3368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
21:08:30.0156 3368 C:\WINDOWS\system32\drivers\swenum.sys - ok
21:08:30.0156 3368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
21:08:30.0156 3368 C:\WINDOWS\system32\drivers\update.sys - ok
21:08:30.0171 3368 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
21:08:30.0171 3368 C:\WINDOWS\system32\drivers\usbd.sys - ok
21:08:30.0171 3368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
21:08:30.0171 3368 C:\WINDOWS\system32\drivers\usbhub.sys - ok
21:08:30.0171 3368 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
21:08:30.0171 3368 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
21:08:30.0171 3368 [ 86C8F23616C6C6E5B2776901C17B945B ] C:\WINDOWS\system32\drivers\kbdhid.sys
21:08:30.0171 3368 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
21:08:30.0187 3368 [ BB269EBA740737AB749B214D568B6812 ] C:\WINDOWS\system32\drivers\mouhid.sys
21:08:30.0187 3368 C:\WINDOWS\system32\drivers\mouhid.sys - ok
21:08:30.0187 3368 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
21:08:30.0187 3368 C:\WINDOWS\system32\drivers\drmk.sys - ok
21:08:30.0187 3368 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] C:\WINDOWS\system32\drivers\monfilt.sys
21:08:30.0187 3368 C:\WINDOWS\system32\drivers\monfilt.sys - ok
21:08:30.0187 3368 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
21:08:30.0187 3368 C:\WINDOWS\system32\drivers\portcls.sys - ok
21:08:30.0187 3368 [ 80ED26C12AF05779A3F897B9BADF6F28 ] C:\WINDOWS\system32\drivers\viahduaa.sys
21:08:30.0187 3368 C:\WINDOWS\system32\drivers\viahduaa.sys - ok
21:08:30.0203 3368 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
21:08:30.0203 3368 C:\WINDOWS\system32\drivers\beep.sys - ok
21:08:30.0203 3368 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
21:08:30.0203 3368 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
21:08:30.0203 3368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
21:08:30.0203 3368 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
21:08:30.0203 3368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
21:08:30.0203 3368 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
21:08:30.0218 3368 [ C528E27945367191E7BAE364930B6932 ] C:\WINDOWS\system32\drivers\i8042prt.sys
21:08:30.0218 3368 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
21:08:30.0218 3368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
21:08:30.0218 3368 C:\WINDOWS\system32\drivers\null.sys - ok
21:08:30.0218 3368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
21:08:30.0218 3368 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
21:08:30.0218 3368 [ BEAE63CA06345E0714A3CAE6232482EA ] C:\WINDOWS\system32\drivers\fwdrv.sys
21:08:30.0218 3368 C:\WINDOWS\system32\drivers\fwdrv.sys - ok
21:08:30.0218 3368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
21:08:30.0218 3368 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
21:08:30.0234 3368 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
21:08:30.0234 3368 C:\WINDOWS\system32\drivers\msfs.sys - ok
21:08:30.0234 3368 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
21:08:30.0234 3368 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
21:08:30.0234 3368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
21:08:30.0234 3368 C:\WINDOWS\system32\drivers\vga.sys - ok
21:08:30.0234 3368 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
21:08:30.0234 3368 C:\WINDOWS\system32\drivers\ipsec.sys - ok
21:08:30.0250 3368 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
21:08:30.0250 3368 C:\WINDOWS\system32\drivers\npfs.sys - ok
21:08:30.0250 3368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
21:08:30.0250 3368 C:\WINDOWS\system32\drivers\rasacd.sys - ok
21:08:30.0250 3368 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
21:08:30.0250 3368 C:\WINDOWS\system32\drivers\tcpip.sys - ok
21:08:30.0250 3368 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
21:08:30.0250 3368 C:\WINDOWS\system32\drivers\afd.sys - ok
21:08:30.0265 3368 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
21:08:30.0265 3368 C:\WINDOWS\system32\drivers\ipnat.sys - ok
21:08:30.0265 3368 [ 61FC4DBE4A3E95973509DA6B920E83AA ] C:\WINDOWS\system32\drivers\mfetdik.sys
21:08:30.0265 3368 C:\WINDOWS\system32\drivers\mfetdik.sys - ok
21:08:30.0265 3368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
21:08:30.0265 3368 C:\WINDOWS\system32\drivers\netbios.sys - ok
21:08:30.0265 3368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
21:08:30.0265 3368 C:\WINDOWS\system32\drivers\netbt.sys - ok
21:08:30.0265 3368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
21:08:30.0265 3368 C:\WINDOWS\system32\drivers\wanarp.sys - ok
21:08:30.0281 3368 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
21:08:30.0281 3368 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
21:08:30.0281 3368 [ 7EB15DCE4EC3A0220BD796A15C18186E ] C:\WINDOWS\system32\drivers\processr.sys
21:08:30.0281 3368 C:\WINDOWS\system32\drivers\processr.sys - ok
21:08:30.0281 3368 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
21:08:30.0281 3368 C:\WINDOWS\system32\drivers\rdbss.sys - ok
21:08:30.0281 3368 [ AC366695A0796560AA37215AD5762AAF ] C:\WINDOWS\system32\drivers\fips.sys
21:08:30.0281 3368 C:\WINDOWS\system32\drivers\fips.sys - ok
21:08:30.0296 3368 [ F1B81D62EA598047D28DD12E1F417976 ] C:\WINDOWS\system32\drivers\khips.sys
21:08:30.0296 3368 C:\WINDOWS\system32\drivers\khips.sys - ok
21:08:30.0296 3368 [ 9B08A8C6331C2DA9C30377BCB4262721 ] C:\WINDOWS\system32\smss.exe
21:08:30.0296 3368 C:\WINDOWS\system32\smss.exe - ok
21:08:30.0296 3368 [ 0A12141F94F9C7A478AF490454320E97 ] C:\WINDOWS\system32\ntdll.dll
21:08:30.0296 3368 C:\WINDOWS\system32\ntdll.dll - ok
21:08:30.0296 3368 [ C7A9FF12C63E2E448722B02C71A8C431 ] C:\WINDOWS\system32\autochk.exe
21:08:30.0296 3368 C:\WINDOWS\system32\autochk.exe - ok
21:08:30.0296 3368 [ C512B618D0E19339572AD125E26B9CB5 ] C:\WINDOWS\system32\drivers\danew.sys
21:08:30.0296 3368 C:\WINDOWS\system32\drivers\danew.sys - ok
21:08:30.0312 3368 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
21:08:30.0312 3368 C:\WINDOWS\system32\drivers\hidusb.sys - ok
21:08:30.0312 3368 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
21:08:30.0312 3368 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
21:08:30.0312 3368 [ 56A6034E7764E23D9114223EB3523925 ] C:\WINDOWS\system32\sfcfiles.dll
21:08:30.0312 3368 C:\WINDOWS\system32\sfcfiles.dll - ok
21:08:30.0312 3368 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
21:08:30.0312 3368 C:\WINDOWS\system32\drivers\cdfs.sys - ok
21:08:30.0328 3368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
21:08:30.0328 3368 C:\WINDOWS\system32\drivers\atapi.sys - ok
21:08:30.0328 3368 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
21:08:30.0328 3368 C:\WINDOWS\system32\drivers\wmilib.sys - ok
21:08:30.0328 3368 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
21:08:30.0328 3368 C:\WINDOWS\system32\drivers\dxapi.sys - ok
21:08:30.0328 3368 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
21:08:30.0328 3368 C:\WINDOWS\system32\watchdog.sys - ok
21:08:30.0328 3368 [ 89B9C5051E815C943C3A9EBB2619DF6A ] C:\WINDOWS\system32\win32k.sys
21:08:30.0328 3368 C:\WINDOWS\system32\win32k.sys - ok
21:08:30.0343 3368 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
21:08:30.0343 3368 C:\WINDOWS\system32\basesrv.dll - ok
21:08:30.0343 3368 [ CE440A5DEB0861CC621A6A704EBB1E71 ] C:\WINDOWS\system32\csrsrv.dll
21:08:30.0343 3368 C:\WINDOWS\system32\csrsrv.dll - ok
21:08:30.0343 3368 [ 628CE66E3FD35BFC7969DBAC245DC069 ] C:\WINDOWS\system32\csrss.exe
21:08:30.0343 3368 C:\WINDOWS\system32\csrss.exe - ok
21:08:30.0343 3368 [ 90C925765E695AB984BE2E8A21B62AE9 ] C:\WINDOWS\system32\gdi32.dll
21:08:30.0343 3368 C:\WINDOWS\system32\gdi32.dll - ok
21:08:30.0359 3368 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
21:08:30.0359 3368 C:\WINDOWS\system32\winsrv.dll - ok
21:08:30.0359 3368 [ 545C653E8FE241CA6200798AA94FE5C7 ] C:\WINDOWS\system32\kernel32.dll
21:08:30.0359 3368 C:\WINDOWS\system32\kernel32.dll - ok
21:08:30.0359 3368 [ E16E0990967374E76F3E40CACAFD3D53 ] C:\WINDOWS\system32\user32.dll
21:08:30.0359 3368 C:\WINDOWS\system32\user32.dll - ok
21:08:30.0359 3368 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
21:08:30.0359 3368 C:\WINDOWS\system32\drivers\dxg.sys - ok
21:08:30.0359 3368 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
21:08:30.0359 3368 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
21:08:30.0375 3368 [ 8A067CC459AA9CF7597CEEFE05B35F3B ] C:\WINDOWS\system32\nv4_disp.dll
21:08:30.0375 3368 C:\WINDOWS\system32\nv4_disp.dll - ok
21:08:30.0375 3368 [ 1BD2076C717CB48967D5078EC9650891 ] C:\WINDOWS\system32\vga.dll
21:08:30.0375 3368 C:\WINDOWS\system32\vga.dll - ok
21:08:30.0375 3368 [ CDDB1F8E1AEA356F3AD106F2CF9B7FEA ] C:\WINDOWS\system32\winlogon.exe
21:08:30.0375 3368 C:\WINDOWS\system32\winlogon.exe - ok
21:08:30.0375 3368 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] C:\WINDOWS\system32\advapi32.dll
21:08:30.0375 3368 C:\WINDOWS\system32\advapi32.dll - ok
21:08:30.0390 3368 [ DD2A19C756A3992416C00CEEE55A3337 ] C:\WINDOWS\system32\rpcrt4.dll
21:08:30.0390 3368 C:\WINDOWS\system32\rpcrt4.dll - ok
21:08:30.0390 3368 [ 69DF78F490C85052C7AF6C8ABE4AF1C5 ] C:\WINDOWS\system32\secur32.dll
21:08:30.0390 3368 C:\WINDOWS\system32\secur32.dll - ok
21:08:30.0390 3368 [ DEA06DA25BB393E0A69C6E71BE5681DC ] C:\WINDOWS\system32\authz.dll
21:08:30.0390 3368 C:\WINDOWS\system32\authz.dll - ok
21:08:30.0390 3368 [ D405267A0CAB7A2F9A97F8BE0E8C7A1D ] C:\WINDOWS\system32\crypt32.dll
21:08:30.0390 3368 C:\WINDOWS\system32\crypt32.dll - ok
21:08:30.0390 3368 [ D165DFCB4EA452510E53416F573018BB ] C:\WINDOWS\system32\msvcrt.dll
21:08:30.0390 3368 C:\WINDOWS\system32\msvcrt.dll - ok
21:08:30.0406 3368 [ 052B3C1DADDE0D267987E8DA3BBE1AFB ] C:\WINDOWS\system32\msasn1.dll
21:08:30.0406 3368 C:\WINDOWS\system32\msasn1.dll - ok
21:08:30.0406 3368 [ 4D0C43A5446E4CA079D783CD70E9D543 ] C:\WINDOWS\system32\nddeapi.dll
21:08:30.0406 3368 C:\WINDOWS\system32\nddeapi.dll - ok
21:08:30.0406 3368 [ 8F43DFAF8B01F5775B931145E0FBB4B1 ] C:\WINDOWS\system32\netapi32.dll
21:08:30.0406 3368 C:\WINDOWS\system32\netapi32.dll - ok
21:08:30.0406 3368 [ ABBAF72B2E4D7C8D238D1AA8424244B4 ] C:\WINDOWS\system32\profmap.dll
21:08:30.0406 3368 C:\WINDOWS\system32\profmap.dll - ok
21:08:30.0421 3368 [ 7625B324EE90A716E447115A4B7F7364 ] C:\WINDOWS\system32\userenv.dll
21:08:30.0421 3368 C:\WINDOWS\system32\userenv.dll - ok
21:08:30.0421 3368 [ F9631D6681944F2CC0824FCEE52E8526 ] C:\WINDOWS\system32\psapi.dll
21:08:30.0421 3368 C:\WINDOWS\system32\psapi.dll - ok
21:08:30.0421 3368 [ FAE69704BB5FF6F8E7C60B21048CD1C3 ] C:\WINDOWS\system32\regapi.dll
21:08:30.0421 3368 C:\WINDOWS\system32\regapi.dll - ok
21:08:30.0421 3368 [ 0E93A7F2BE83AF906D9EAFB370300CAA ] C:\WINDOWS\system32\setupapi.dll
21:08:30.0421 3368 C:\WINDOWS\system32\setupapi.dll - ok
21:08:30.0421 3368 [ 614F8186BDAB926E3B1D8927A4161B54 ] C:\WINDOWS\system32\version.dll
21:08:30.0421 3368 C:\WINDOWS\system32\version.dll - ok
21:08:30.0437 3368 [ EF42EA58F8BF96753BE84B3227AD119E ] C:\WINDOWS\system32\winsta.dll
21:08:30.0437 3368 C:\WINDOWS\system32\winsta.dll - ok
21:08:30.0437 3368 [ FCD15D33AD9D7BD371F00651A23947CE ] C:\WINDOWS\system32\wintrust.dll
21:08:30.0437 3368 C:\WINDOWS\system32\wintrust.dll - ok
21:08:30.0437 3368 [ D21DBAA97839B1786E278FDD2F3444AC ] C:\WINDOWS\system32\imagehlp.dll
21:08:30.0437 3368 C:\WINDOWS\system32\imagehlp.dll - ok
21:08:30.0437 3368 [ 6C60CA8AC7470AC01CFD3D24C7283CD1 ] C:\WINDOWS\system32\imm32.dll
21:08:30.0437 3368 C:\WINDOWS\system32\imm32.dll - ok
21:08:30.0453 3368 [ 859F7735F199C90403340183A3DDFB78 ] C:\WINDOWS\system32\ws2help.dll
21:08:30.0453 3368 C:\WINDOWS\system32\ws2help.dll - ok
21:08:30.0453 3368 [ 951D473917C51F21496D914CF6E5DDD1 ] C:\WINDOWS\system32\ws2_32.dll
21:08:30.0453 3368 C:\WINDOWS\system32\ws2_32.dll - ok
21:08:30.0453 3368 [ 36E68E02AF2206FC4A8C73CAEABE1FB0 ] C:\WINDOWS\system32\kbdcz.dll
21:08:30.0453 3368 C:\WINDOWS\system32\kbdcz.dll - ok

dave5 · #19 Příspěvek od **dave5** » 29 srp 2012 18:16

21:08:30.0453 3368 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
21:08:30.0453 3368 C:\WINDOWS\system32\atmfd.dll - ok
21:08:30.0453 3368 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
21:08:30.0453 3368 C:\WINDOWS\system32\kbdus.dll - ok
21:08:30.0468 3368 [ C1367E52DDAB839B8A21E412519E5FB5 ] C:\WINDOWS\system32\msgina.dll
21:08:30.0468 3368 C:\WINDOWS\system32\msgina.dll - ok
21:08:30.0468 3368 [ E145ADD7DAEF759C4F5FB80A180A9C30 ] C:\WINDOWS\system32\comctl32.dll
21:08:30.0468 3368 C:\WINDOWS\system32\comctl32.dll - ok
21:08:30.0468 3368 [ ED180CFF554C5797E983501823E78613 ] C:\WINDOWS\system32\odbc32.dll
21:08:30.0468 3368 C:\WINDOWS\system32\odbc32.dll - ok
21:08:30.0468 3368 [ D6F092E2D661AD284D34189B78FE08E6 ] C:\WINDOWS\system32\comdlg32.dll
21:08:30.0468 3368 C:\WINDOWS\system32\comdlg32.dll - ok
21:08:30.0484 3368 [ 639A1D31DCB23068087B1F781EDCD4A9 ] C:\WINDOWS\system32\shell32.dll
21:08:30.0484 3368 C:\WINDOWS\system32\shell32.dll - ok
21:08:30.0484 3368 [ 5553738BD481C5456BB4E22B6F4D99EB ] C:\WINDOWS\system32\shlwapi.dll
21:08:30.0484 3368 C:\WINDOWS\system32\shlwapi.dll - ok
21:08:30.0484 3368 [ E139BB65A83049154EE40B46A42B9BAC ] C:\WINDOWS\system32\sxs.dll
21:08:30.0484 3368 C:\WINDOWS\system32\sxs.dll - ok
21:08:30.0484 3368 [ 8A72A30FDC803DC06755D3B36D966F31 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
21:08:30.0484 3368 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
21:08:30.0500 3368 [ 62D35D5F2D6ACE259DF6226D7079A661 ] C:\WINDOWS\system32\odbcint.dll
21:08:30.0500 3368 C:\WINDOWS\system32\odbcint.dll - ok
21:08:30.0500 3368 [ ED9B683C7A8BBAAAB9B377197D20832C ] C:\WINDOWS\system32\ole32.dll
21:08:30.0500 3368 C:\WINDOWS\system32\ole32.dll - ok
21:08:30.0500 3368 [ 5EE949255BABC0B17C09DDB2E59E3878 ] C:\WINDOWS\system32\sfc.dll
21:08:30.0500 3368 C:\WINDOWS\system32\sfc.dll - ok
21:08:30.0500 3368 [ 83451053EAD9F92B697C1BCBA91987FC ] C:\WINDOWS\system32\sfc_os.dll
21:08:30.0500 3368 C:\WINDOWS\system32\sfc_os.dll - ok
21:08:30.0500 3368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] C:\WINDOWS\system32\shsvcs.dll
21:08:30.0500 3368 C:\WINDOWS\system32\shsvcs.dll - ok
21:08:30.0515 3368 [ 11882C729C6B2E2E045F8B93BDB69295 ] C:\WINDOWS\system32\apphelp.dll
21:08:30.0515 3368 C:\WINDOWS\system32\apphelp.dll - ok
21:08:30.0515 3368 [ ED0A176354487CEED65B80A7148AB739 ] C:\WINDOWS\system32\lsass.exe
21:08:30.0515 3368 C:\WINDOWS\system32\lsass.exe - ok
21:08:30.0515 3368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
21:08:30.0515 3368 C:\WINDOWS\system32\services.exe - ok
21:08:30.0515 3368 [ C8F04C22EB595DBC0624CB4484DCF6D4 ] C:\WINDOWS\system32\lsasrv.dll
21:08:30.0515 3368 C:\WINDOWS\system32\lsasrv.dll - ok
21:08:30.0531 3368 [ A46994F7DF0F6FFFA9FBD52C57DFF15C ] C:\WINDOWS\system32\msvcp60.dll
21:08:30.0531 3368 C:\WINDOWS\system32\msvcp60.dll - ok
21:08:30.0531 3368 [ 1B7A9C069457EC6E37E1F1D79B58AE87 ] C:\WINDOWS\system32\ncobjapi.dll
21:08:30.0531 3368 C:\WINDOWS\system32\ncobjapi.dll - ok
21:08:30.0531 3368 [ 3FE1BBF9A6865275464D38B0A2B4A93D ] C:\WINDOWS\system32\mpr.dll
21:08:30.0531 3368 C:\WINDOWS\system32\mpr.dll - ok
21:08:30.0531 3368 [ EE43B67C08B2DF9F529A75EAB8877D19 ] C:\WINDOWS\system32\scesrv.dll
21:08:30.0531 3368 C:\WINDOWS\system32\scesrv.dll - ok
21:08:30.0531 3368 [ 2FFDE877A4584FF839458B7500B53C54 ] C:\WINDOWS\system32\ntdsapi.dll
21:08:30.0531 3368 C:\WINDOWS\system32\ntdsapi.dll - ok
21:08:30.0546 3368 [ CBE9EE6C6A5FD587CE6A4607C3B8B7C6 ] C:\WINDOWS\system32\umpnpmgr.dll
21:08:30.0546 3368 C:\WINDOWS\system32\umpnpmgr.dll - ok
21:08:30.0546 3368 [ 5E5489C1D9AC8ED236EA8C6E54A997B9 ] C:\WINDOWS\AppPatch\acadproc.dll
21:08:30.0546 3368 C:\WINDOWS\AppPatch\acadproc.dll - ok
21:08:30.0546 3368 [ 443FA2B9D23DAA57077A670E7B14052A ] C:\WINDOWS\system32\dnsapi.dll
21:08:30.0546 3368 C:\WINDOWS\system32\dnsapi.dll - ok
21:08:30.0546 3368 [ 2F1DE43508B086C7A6117A35FE17BA0D ] C:\WINDOWS\system32\samlib.dll
21:08:30.0546 3368 C:\WINDOWS\system32\samlib.dll - ok
21:08:30.0562 3368 [ 923122A0B25850462C2BD576EABD60AF ] C:\WINDOWS\system32\samsrv.dll
21:08:30.0562 3368 C:\WINDOWS\system32\samsrv.dll - ok
21:08:30.0562 3368 [ 2E14E691EFA7847A603612A80889D6A0 ] C:\WINDOWS\system32\shimeng.dll
21:08:30.0562 3368 C:\WINDOWS\system32\shimeng.dll - ok
21:08:30.0562 3368 [ AD68FEF8C99D87611F5617E46766E055 ] C:\WINDOWS\system32\wldap32.dll
21:08:30.0562 3368 C:\WINDOWS\system32\wldap32.dll - ok
21:08:30.0562 3368 [ 2C677B499B36B7991643B04BB8AA7AEA ] C:\WINDOWS\AppPatch\acgenral.dll
21:08:30.0562 3368 C:\WINDOWS\AppPatch\acgenral.dll - ok
21:08:30.0562 3368 [ 6A9BDF7029BD29FBF3BE6EE6CD768013 ] C:\WINDOWS\system32\cryptdll.dll
21:08:30.0562 3368 C:\WINDOWS\system32\cryptdll.dll - ok
21:08:30.0578 3368 [ D61C4E13A776DC9D29EF22B44EB0AB7F ] C:\WINDOWS\system32\winmm.dll
21:08:30.0578 3368 C:\WINDOWS\system32\winmm.dll - ok
21:08:30.0578 3368 [ 4B2068CB18F72E78ACD07BD94F743F94 ] C:\WINDOWS\system32\msacm32.dll
21:08:30.0578 3368 C:\WINDOWS\system32\msacm32.dll - ok
21:08:30.0578 3368 [ 865E2815C3597A952F13ECF463B52D7E ] C:\WINDOWS\system32\oleaut32.dll
21:08:30.0578 3368 C:\WINDOWS\system32\oleaut32.dll - ok
21:08:30.0578 3368 [ B5E0985B9D9B809D57A4999B29CB4A3D ] C:\WINDOWS\system32\uxtheme.dll
21:08:30.0578 3368 C:\WINDOWS\system32\uxtheme.dll - ok
21:08:30.0593 3368 [ 79D7A4B85ED05818604678E84746C176 ] C:\WINDOWS\system32\msapsspc.dll
21:08:30.0593 3368 C:\WINDOWS\system32\msapsspc.dll - ok
21:08:30.0593 3368 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
21:08:30.0593 3368 C:\WINDOWS\system32\msvcrt40.dll - ok
21:08:30.0593 3368 [ 50EAEE3F7F79A3206311AD09CB6EE2F1 ] C:\WINDOWS\system32\digest.dll
21:08:30.0593 3368 C:\WINDOWS\system32\digest.dll - ok
21:08:30.0593 3368 [ F987BA178D3D2AC5A448906AA74244A6 ] C:\WINDOWS\system32\msnsspc.dll
21:08:30.0593 3368 C:\WINDOWS\system32\msnsspc.dll - ok
21:08:30.0609 3368 [ A639E2A83CD57882B6D0F6F203BA73AF ] C:\WINDOWS\system32\schannel.dll
21:08:30.0609 3368 C:\WINDOWS\system32\schannel.dll - ok
21:08:30.0609 3368 [ DAE17E35517159E5852B1712878D9702 ] C:\WINDOWS\system32\kerberos.dll
21:08:30.0609 3368 C:\WINDOWS\system32\kerberos.dll - ok
21:08:30.0609 3368 [ 26AE5F5ADF4A30C8BCEA736343170201 ] C:\WINDOWS\system32\msctfime.ime
21:08:30.0609 3368 C:\WINDOWS\system32\msctfime.ime - ok
21:08:30.0609 3368 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
21:08:30.0609 3368 C:\WINDOWS\system32\msprivs.dll - ok
21:08:30.0609 3368 [ 7A943FB5D0260595A7DA43246F070D2D ] C:\WINDOWS\system32\iphlpapi.dll
21:08:30.0609 3368 C:\WINDOWS\system32\iphlpapi.dll - ok
21:08:30.0625 3368 [ E1E17EB9523D54F3A43C3DBB709D61A9 ] C:\WINDOWS\system32\msv1_0.dll
21:08:30.0625 3368 C:\WINDOWS\system32\msv1_0.dll - ok
21:08:30.0625 3368 [ C2ED0E3408F50BBC149D4F0936E67832 ] C:\WINDOWS\system32\netlogon.dll
21:08:30.0625 3368 C:\WINDOWS\system32\netlogon.dll - ok
21:08:30.0625 3368 [ FA4E1CDBA256787F2149F4AAD07BC91F ] C:\WINDOWS\system32\w32time.dll
21:08:30.0625 3368 C:\WINDOWS\system32\w32time.dll - ok
21:08:30.0625 3368 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
21:08:30.0625 3368 C:\WINDOWS\system32\rsaenh.dll - ok
21:08:30.0625 3368 [ A06D566DF5918E78DCF80596B17D2C9A ] C:\WINDOWS\system32\wdigest.dll
21:08:30.0625 3368 C:\WINDOWS\system32\wdigest.dll - ok
21:08:30.0640 3368 [ 7D7B90E9DA5263804D9C6ADEADAC9D6E ] C:\WINDOWS\system32\winscard.dll
21:08:30.0640 3368 C:\WINDOWS\system32\winscard.dll - ok
21:08:30.0640 3368 [ 190E67B026EDB080440BD2F735654E0C ] C:\WINDOWS\system32\wtsapi32.dll
21:08:30.0640 3368 C:\WINDOWS\system32\wtsapi32.dll - ok
21:08:30.0640 3368 [ 830CE8951C71F361D7D2F38416CC8BC1 ] C:\WINDOWS\system32\scecli.dll
21:08:30.0640 3368 C:\WINDOWS\system32\scecli.dll - ok
21:08:30.0640 3368 [ BE4A520E29B6391F49E79CCC52044D93 ] C:\WINDOWS\system32\svchost.exe
21:08:30.0640 3368 C:\WINDOWS\system32\svchost.exe - ok
21:08:30.0656 3368 [ EB25940843AB2EBD333107CF064B8787 ] C:\WINDOWS\system32\ntmarta.dll
21:08:30.0656 3368 C:\WINDOWS\system32\ntmarta.dll - ok
21:08:30.0656 3368 [ BE27674D1CBC3214AEC84B4336A38BBF ] C:\WINDOWS\system32\rpcss.dll
21:08:30.0656 3368 C:\WINDOWS\system32\rpcss.dll - ok
21:08:30.0656 3368 [ 61AAE581F5DC8B393C93EE0DF32F38B2 ] C:\WINDOWS\system32\xpsp2res.dll
21:08:30.0656 3368 C:\WINDOWS\system32\xpsp2res.dll - ok
21:08:30.0656 3368 [ 2EE99F67C930931EB404DADCE57E976E ] C:\WINDOWS\system32\eventlog.dll
21:08:30.0656 3368 C:\WINDOWS\system32\eventlog.dll - ok
21:08:30.0656 3368 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] C:\WINDOWS\system32\mswsock.dll
21:08:30.0656 3368 C:\WINDOWS\system32\mswsock.dll - ok
21:08:30.0671 3368 [ E19A4040E79BE0AACA971117378F7F2B ] C:\Program Files\Bonjour\mdnsNSP.dll
21:08:30.0671 3368 C:\Program Files\Bonjour\mdnsNSP.dll - ok
21:08:30.0671 3368 [ ED18ADEE4AA21EB26977260152D7241A ] C:\WINDOWS\system32\hnetcfg.dll
21:08:30.0671 3368 C:\WINDOWS\system32\hnetcfg.dll - ok
21:08:30.0671 3368 [ DF2F39569BF7F223AF3CCBC23D07BF6E ] C:\WINDOWS\system32\winrnr.dll
21:08:30.0671 3368 C:\WINDOWS\system32\winrnr.dll - ok
21:08:30.0671 3368 [ 8DBCEA7B495024A29FEF59B5FE709DAC ] C:\WINDOWS\system32\wshtcpip.dll
21:08:30.0671 3368 C:\WINDOWS\system32\wshtcpip.dll - ok
21:08:30.0687 3368 [ B26098F3DC08D841DE3D79C38ACCB807 ] C:\WINDOWS\system32\rasadhlp.dll
21:08:30.0687 3368 C:\WINDOWS\system32\rasadhlp.dll - ok
21:08:30.0687 3368 [ 8C9A53E285AC5E6704844D0459EC85BE ] C:\WINDOWS\system32\dhcpcsvc.dll
21:08:30.0687 3368 C:\WINDOWS\system32\dhcpcsvc.dll - ok
21:08:30.0687 3368 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
21:08:30.0687 3368 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
21:08:30.0687 3368 [ DFAA406BF19F4EE806A6F8D4342137F7 ] C:\WINDOWS\system32\dnsrslvr.dll
21:08:30.0687 3368 C:\WINDOWS\system32\dnsrslvr.dll - ok
21:08:30.0703 3368 [ 0AB159F536E3E8F7F07113702A07CCA5 ] C:\WINDOWS\system32\lmhsvc.dll
21:08:30.0703 3368 C:\WINDOWS\system32\lmhsvc.dll - ok
21:08:30.0703 3368 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] C:\WINDOWS\system32\wzcsvc.dll
21:08:30.0703 3368 C:\WINDOWS\system32\wzcsvc.dll - ok
21:08:30.0703 3368 [ AC531D7E51B7B5FB52D7585935222DE6 ] C:\WINDOWS\system32\atl.dll
21:08:30.0703 3368 C:\WINDOWS\system32\atl.dll - ok
21:08:30.0703 3368 [ 6011D2787CD0CE16CE6E40C30F13F6F8 ] C:\WINDOWS\system32\dot3api.dll
21:08:30.0703 3368 C:\WINDOWS\system32\dot3api.dll - ok
21:08:30.0703 3368 [ 6E4DFC1D92AD235FC76E8C7EE5544A00 ] C:\WINDOWS\system32\eapolqec.dll
21:08:30.0703 3368 C:\WINDOWS\system32\eapolqec.dll - ok
21:08:30.0718 3368 [ 39026490EF6992293A38AA13204BA6F3 ] C:\WINDOWS\system32\esent.dll
21:08:30.0718 3368 C:\WINDOWS\system32\esent.dll - ok
21:08:30.0718 3368 [ 9D221D3CBB4DFA1FD225B2769009F99B ] C:\WINDOWS\system32\qutil.dll
21:08:30.0718 3368 C:\WINDOWS\system32\qutil.dll - ok
21:08:30.0718 3368 [ 043FD4E92FE9BA70BFB8AC49848887CB ] C:\WINDOWS\system32\rtutils.dll
21:08:30.0718 3368 C:\WINDOWS\system32\rtutils.dll - ok
21:08:30.0718 3368 [ ACDB4C56ADCAD6913371C2B38BC016E2 ] C:\WINDOWS\system32\wmi.dll
21:08:30.0718 3368 C:\WINDOWS\system32\wmi.dll - ok
21:08:30.0734 3368 [ 66DF63A7BAE72033C2E7E9B60A20E05C ] C:\WINDOWS\system32\clbcatq.dll
21:08:30.0734 3368 C:\WINDOWS\system32\clbcatq.dll - ok
21:08:30.0734 3368 [ E7B375DFFB68A16659CA66474A280C47 ] C:\WINDOWS\system32\comres.dll
21:08:30.0734 3368 C:\WINDOWS\system32\comres.dll - ok
21:08:30.0734 3368 [ 0B1AA4B12FC08CCB7EAB6AAA1E25AC16 ] C:\WINDOWS\system32\rastls.dll
21:08:30.0734 3368 C:\WINDOWS\system32\rastls.dll - ok
21:08:30.0734 3368 [ F37A3D11450C4BA9BD862DFF7451728C ] C:\WINDOWS\system32\cryptui.dll
21:08:30.0734 3368 C:\WINDOWS\system32\cryptui.dll - ok
21:08:30.0734 3368 [ 616A0CC9DA2BAA008306EEA895F8BC0F ] C:\WINDOWS\system32\cscdll.dll
21:08:30.0734 3368 C:\WINDOWS\system32\cscdll.dll - ok
21:08:30.0750 3368 [ 883E504885373DCC08DFEF30A10E4F12 ] C:\WINDOWS\system32\dimsntfy.dll
21:08:30.0750 3368 C:\WINDOWS\system32\dimsntfy.dll - ok
21:08:30.0750 3368 [ 8CC571653F6741481F6B9BBEAF8F362F ] C:\WINDOWS\system32\logonui.exe
21:08:30.0750 3368 C:\WINDOWS\system32\logonui.exe - ok
21:08:30.0750 3368 [ 0F1F2827B4FDF4401E0B9D60C63CE0D8 ] C:\WINDOWS\system32\winspool.drv
21:08:30.0750 3368 C:\WINDOWS\system32\winspool.drv - ok
21:08:30.0750 3368 [ 4807A2D624C4D3643B29AE2BA3FAA13D ] C:\WINDOWS\system32\wlnotify.dll
21:08:30.0750 3368 C:\WINDOWS\system32\wlnotify.dll - ok
21:08:30.0765 3368 [ A579E4FFF919F9A892F9E0BDA82A65BD ] C:\WINDOWS\system32\wininet.dll
21:08:30.0765 3368 C:\WINDOWS\system32\wininet.dll - ok
21:08:30.0765 3368 [ 01DEFAA24704069BDB1A559A9C6EBC88 ] C:\WINDOWS\system32\duser.dll
21:08:30.0765 3368 C:\WINDOWS\system32\duser.dll - ok
21:08:30.0765 3368 [ 627551A1011199BCE013D0F4B6CACECF ] C:\WINDOWS\system32\msimg32.dll
21:08:30.0765 3368 C:\WINDOWS\system32\msimg32.dll - ok
21:08:30.0765 3368 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
21:08:30.0765 3368 C:\WINDOWS\system32\normaliz.dll - ok
21:08:30.0765 3368 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
21:08:30.0765 3368 C:\WINDOWS\system32\oleacc.dll - ok
21:08:30.0781 3368 [ 8F541317DF26B3686B3B6F4CF7A39401 ] C:\WINDOWS\system32\urlmon.dll
21:08:30.0781 3368 C:\WINDOWS\system32\urlmon.dll - ok
21:08:30.0781 3368 [ DC9155CBB3E68868E4F1170C528D6DA1 ] C:\WINDOWS\system32\iertutil.dll
21:08:30.0781 3368 C:\WINDOWS\system32\iertutil.dll - ok
21:08:30.0781 3368 [ 98CA2F18D988D7EA7D0183CE1FE83461 ] C:\WINDOWS\system32\shgina.dll
21:08:30.0781 3368 C:\WINDOWS\system32\shgina.dll - ok
21:08:30.0781 3368 [ 28217BEA16EC1790ADF5495BDCD03B35 ] C:\WINDOWS\system32\activeds.dll
21:08:30.0781 3368 C:\WINDOWS\system32\activeds.dll - ok
21:08:30.0796 3368 [ B88893C7FB9671C84DBF6400CD2170CD ] C:\WINDOWS\system32\adsldpc.dll
21:08:30.0796 3368 C:\WINDOWS\system32\adsldpc.dll - ok
21:08:30.0796 3368 [ AC992C58B28038A43E63DE07361B9732 ] C:\WINDOWS\system32\mprapi.dll
21:08:30.0796 3368 C:\WINDOWS\system32\mprapi.dll - ok
21:08:30.0796 3368 [ 0B3077EC67D9509B6B8A1FA3006E717B ] C:\WINDOWS\system32\rasapi32.dll
21:08:30.0796 3368 C:\WINDOWS\system32\rasapi32.dll - ok
21:08:30.0796 3368 [ A4F20BF76D85B92FE6E0C6B3884E8718 ] C:\WINDOWS\system32\rasman.dll
21:08:30.0796 3368 C:\WINDOWS\system32\rasman.dll - ok
21:08:30.0796 3368 [ A8B1342EE63C191258460EFE5D30D6A1 ] C:\WINDOWS\system32\tapi32.dll
21:08:30.0796 3368 C:\WINDOWS\system32\tapi32.dll - ok
21:08:30.0812 3368 [ D1995A48DCC77C8C3DE97BF89C1F8232 ] C:\WINDOWS\system32\riched20.dll
21:08:30.0812 3368 C:\WINDOWS\system32\riched20.dll - ok
21:08:30.0812 3368 [ BF5A61ED318A04CE683374069EA42CA6 ] C:\WINDOWS\system32\raschap.dll
21:08:30.0812 3368 C:\WINDOWS\system32\raschap.dll - ok
21:08:30.0812 3368 [ 3FF232A7731621B8902D81D42418C93C ] C:\WINDOWS\system32\schedsvc.dll
21:08:30.0812 3368 C:\WINDOWS\system32\schedsvc.dll - ok
21:08:30.0812 3368 [ F6226D2AF6E3ACF5889F33E9E53602AC ] C:\WINDOWS\system32\msidle.dll
21:08:30.0812 3368 C:\WINDOWS\system32\msidle.dll - ok
21:08:30.0828 3368 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
21:08:30.0828 3368 C:\WINDOWS\system32\spoolsv.exe - ok
21:08:30.0828 3368 [ DE31B88962A8645DBA5A37B993E7B0F1 ] C:\WINDOWS\system32\audiosrv.dll
21:08:30.0828 3368 C:\WINDOWS\system32\audiosrv.dll - ok
21:08:30.0828 3368 [ 936C1D110232D23B621CB0196E4F80F0 ] C:\WINDOWS\system32\wkssvc.dll
21:08:30.0828 3368 C:\WINDOWS\system32\wkssvc.dll - ok
21:08:30.0828 3368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
21:08:30.0828 3368 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
21:08:30.0828 3368 [ 47AE51048A82DFA1CD6B51D369F7E169 ] C:\WINDOWS\system32\webclnt.dll
21:08:30.0828 3368 C:\WINDOWS\system32\webclnt.dll - ok
21:08:30.0843 3368 [ 0C83FC56707BF68DB04947052A8188B1 ] C:\WINDOWS\system32\ASTSRV.EXE
21:08:30.0843 3368 C:\WINDOWS\system32\ASTSRV.EXE - ok
21:08:30.0843 3368 [ 1FAE19D0457176318BBA4A8795656EBC ] C:\WINDOWS\system32\drivers\parvdm.sys
21:08:30.0843 3368 C:\WINDOWS\system32\drivers\parvdm.sys - ok
21:08:30.0843 3368 [ 5AB58C337AC65837FE404462AD6265AB ] C:\Program Files\Bonjour\mDNSResponder.exe
21:08:30.0843 3368 C:\Program Files\Bonjour\mDNSResponder.exe - ok
21:08:30.0843 3368 [ 9FA69781CAA7A1DA981A24F240A61A60 ] C:\WINDOWS\system32\powrprof.dll
21:08:30.0843 3368 C:\WINDOWS\system32\powrprof.dll - ok
21:08:30.0859 3368 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:08:30.0859 3368 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
21:08:30.0859 3368 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
21:08:30.0859 3368 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
21:08:30.0859 3368 [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
21:08:30.0859 3368 C:\WINDOWS\system32\mscoree.dll - ok
21:08:30.0859 3368 [ 7BF2BC7728F77838E195743E76727F7B ] C:\WINDOWS\system32\certcli.dll
21:08:30.0859 3368 C:\WINDOWS\system32\certcli.dll - ok
21:08:30.0859 3368 [ F3AB0933CBD166D271992F411C27CCAF ] C:\WINDOWS\system32\cryptsvc.dll
21:08:30.0859 3368 C:\WINDOWS\system32\cryptsvc.dll - ok
21:08:30.0875 3368 [ 1F63900E2EB00101B9ACA2B7A870704E ] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:08:30.0875 3368 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - ok
21:08:30.0875 3368 [ 2BFEFE9E865655A76982F050450B9591 ] C:\WINDOWS\system32\dmserver.dll
21:08:30.0875 3368 C:\WINDOWS\system32\dmserver.dll - ok
21:08:30.0875 3368 [ A2A4912798F2BE706ABADD3D30800D16 ] C:\WINDOWS\system32\ersvc.dll
21:08:30.0875 3368 C:\WINDOWS\system32\ersvc.dll - ok
21:08:30.0875 3368 [ A371F11EF07653591C8DE26AFB13CE7F ] C:\WINDOWS\system32\es.dll
21:08:30.0875 3368 C:\WINDOWS\system32\es.dll - ok
21:08:30.0890 3368 [ F3CA4A37CD2144DFF7E28A75B30B0FD0 ] C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
21:08:30.0890 3368 C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe - ok
21:08:30.0890 3368 [ FCFE31FB75F8A6295B6B0AF87A626282 ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:08:30.0890 3368 C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
21:08:30.0890 3368 [ 00E25EE90166B3E1BE6E74AEBF858306 ] C:\WINDOWS\system32\hidserv.dll
21:08:30.0890 3368 C:\WINDOWS\system32\hidserv.dll - ok
21:08:30.0890 3368 [ FFB0A2D2B73A64979CD29C15B3B0A9D5 ] C:\WINDOWS\system32\hid.dll
21:08:30.0890 3368 C:\WINDOWS\system32\hid.dll - ok
21:08:30.0890 3368 [ 2BDF47962B25656443A2CBEE57D47AEA ] C:\Program Files\Kerio\Personal Firewall 4\kfe.dll
21:08:30.0890 3368 C:\Program Files\Kerio\Personal Firewall 4\kfe.dll - ok
21:08:30.0906 3368 [ B07780B0B2CF4F6456289679FE9DF368 ] C:\WINDOWS\system32\wsock32.dll
21:08:30.0906 3368 C:\WINDOWS\system32\wsock32.dll - ok
21:08:30.0906 3368 [ 86BF302376815C881CA111631F7B8929 ] C:\Program Files\Kerio\Personal Firewall 4\ktlibeay32_0.9.7.2.dll
21:08:30.0906 3368 C:\Program Files\Kerio\Personal Firewall 4\ktlibeay32_0.9.7.2.dll - ok
21:08:30.0906 3368 [ 5A542C4E0F036431D0B7B607FC08758F ] C:\Program Files\Kerio\Personal Firewall 4\msvcr70.dll
21:08:30.0906 3368 C:\Program Files\Kerio\Personal Firewall 4\msvcr70.dll - ok
21:08:30.0906 3368 [ 5B07B01168C2BF129C5E7227D8EF0CB8 ] C:\Program Files\Kerio\Personal Firewall 4\kticonv.dll
21:08:30.0906 3368 C:\Program Files\Kerio\Personal Firewall 4\kticonv.dll - ok
21:08:30.0921 3368 [ E0570B65BC965F9E9FE02E5B3BAF0AE2 ] C:\Program Files\Kerio\Personal Firewall 4\ktssleay32_0.9.7.2.dll
21:08:30.0921 3368 C:\Program Files\Kerio\Personal Firewall 4\ktssleay32_0.9.7.2.dll - ok
21:08:30.0921 3368 [ E3BCE3C975BA95B0500E4B7F8D61E432 ] C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
21:08:30.0921 3368 C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe - ok
21:08:30.0921 3368 [ D905050080DB4CCC3EB09AD24DE6BD67 ] C:\WINDOWS\system32\netmsg.dll
21:08:30.0921 3368 C:\WINDOWS\system32\netmsg.dll - ok
21:08:30.0921 3368 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] C:\WINDOWS\system32\srvsvc.dll
21:08:30.0921 3368 C:\WINDOWS\system32\srvsvc.dll - ok
21:08:30.0921 3368 [ DC2126F3456A6FE04BA8A50E3987F349 ] C:\Program Files\McAfee\VirusScan Enterprise\mytilus3_worker.dll
21:08:30.0921 3368 C:\Program Files\McAfee\VirusScan Enterprise\mytilus3_worker.dll - ok
21:08:30.0937 3368 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
21:08:30.0937 3368 C:\WINDOWS\system32\drivers\srv.sys - ok
21:08:30.0937 3368 [ 332D5439C89E9FA475EDFB69B02E1975 ] C:\WINDOWS\system32\shfolder.dll
21:08:30.0937 3368 C:\WINDOWS\system32\shfolder.dll - ok
21:08:30.0937 3368 [ 4B9200371D1766FD3FB6E6D7F8D9EC80 ] C:\Program Files\McAfee\VirusScan Enterprise\lockdown.dll
21:08:30.0937 3368 C:\Program Files\McAfee\VirusScan Enterprise\lockdown.dll - ok
21:08:30.0937 3368 [ 3C15C03E72CCD51A6E90FB6936D84FEE ] C:\Program Files\McAfee\VirusScan Enterprise\mytilus3_server.dll
21:08:30.0937 3368 C:\Program Files\McAfee\VirusScan Enterprise\mytilus3_server.dll - ok
21:08:30.0953 3368 [ BFFB54B16B9C7B1D80F183B10234A4A3 ] C:\Program Files\McAfee\VirusScan Enterprise\Res0900\McShield.DLL
21:08:30.0953 3368 C:\Program Files\McAfee\VirusScan Enterprise\Res0900\McShield.DLL - ok
21:08:30.0953 3368 [ 1B963D79740B187795407CD03E2F7B4D ] C:\Program Files\McAfee\Common Framework\FrameworkService.exe
21:08:30.0953 3368 C:\Program Files\McAfee\Common Framework\FrameworkService.exe - ok
21:08:30.0953 3368 [ 7D86BF7E930A483E67484BBC91FF7CD5 ] C:\Program Files\McAfee\Common Framework\nailog3.dll
21:08:30.0953 3368 C:\Program Files\McAfee\Common Framework\nailog3.dll - ok
21:08:30.0953 3368 [ 0138A1A02E08FAF01E6C387CED7A91C4 ] C:\Program Files\Kerio\Personal Firewall 4\ktzlib.dll
21:08:30.0953 3368 C:\Program Files\Kerio\Personal Firewall 4\ktzlib.dll - ok
21:08:30.0968 3368 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll
21:08:30.0968 3368 C:\WINDOWS\system32\msvcr71.dll - ok
21:08:30.0968 3368 [ ECDB189942E5F9FA05B4EF09D000534B ] C:\Program Files\McAfee\Common Framework\naxml3_71.dll
21:08:30.0968 3368 C:\Program Files\McAfee\Common Framework\naxml3_71.dll - ok
21:08:30.0968 3368 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll
21:08:30.0968 3368 C:\WINDOWS\system32\msvcp71.dll - ok
21:08:30.0968 3368 [ EC37B222A92A95948D2A1C71DC1544D9 ] C:\Program Files\McAfee\Common Framework\AppLib.dll
21:08:30.0968 3368 C:\Program Files\McAfee\Common Framework\AppLib.dll - ok
21:08:30.0968 3368 [ A1DF927F39BF907C2CC88290DC075579 ] C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll
21:08:30.0968 3368 C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll - ok
21:08:30.0984 3368 [ 9D7EF8E7DD3BA8A73CA25E4658AE84B9 ] C:\Program Files\McAfee\Common Framework\cryptocme2.dll
21:08:30.0984 3368 C:\Program Files\McAfee\Common Framework\cryptocme2.dll - ok
21:08:30.0984 3368 [ 188CB9B4E1B51215D385B7AB4A89CBD0 ] C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
21:08:30.0984 3368 C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe - ok
21:08:30.0984 3368 [ 5E3075E17D48A2F018C398FF890BDFCC ] C:\Program Files\McAfee\Common Framework\0409\AgentRes.Dll
21:08:30.0984 3368 C:\Program Files\McAfee\Common Framework\0409\AgentRes.Dll - ok
21:08:30.0984 3368 [ 6C6AA104272198495D51CC606677DA39 ] C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
21:08:30.0984 3368 C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe - ok
21:08:31.0000 3368 [ 27CB9025DE862EC0D143B6286B66493E ] C:\Program Files\Kerio\Personal Firewall 4\kwsapi.dll
21:08:31.0000 3368 C:\Program Files\Kerio\Personal Firewall 4\kwsapi.dll - ok
21:08:31.0000 3368 [ DE880A525EC99DE38C5F85F3A3A3E16E ] C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll
21:08:31.0000 3368 C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll - ok
21:08:31.0000 3368 [ 2C264A0CC77E3E307D5FE407F90FAF5E ] C:\WINDOWS\system32\msi.dll
21:08:31.0000 3368 C:\WINDOWS\system32\msi.dll - ok
21:08:31.0000 3368 [ 03853A3540EC3F64EBDEFFB2ECE757D4 ] C:\WINDOWS\system32\wbem\wbemprox.dll
21:08:31.0000 3368 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
21:08:31.0000 3368 [ 5D1D9D1AC352D82C815EDF67E6EE5C97 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
21:08:31.0000 3368 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
21:08:31.0015 3368 [ BE8B69EE0D6D6E03B3277C83429AE1C8 ] C:\Program Files\McAfee\VirusScan Enterprise\condl.dll
21:08:31.0015 3368 C:\Program Files\McAfee\VirusScan Enterprise\condl.dll - ok
21:08:31.0015 3368 [ 472C9DB931D5DAB846AEE46C63643BD2 ] C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll
21:08:31.0015 3368 C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll - ok
21:08:31.0015 3368 [ 464325F6C822FD26A44E54E0DC9F144F ] C:\WINDOWS\system32\lz32.dll
21:08:31.0015 3368 C:\WINDOWS\system32\lz32.dll - ok
21:08:31.0015 3368 [ 9A6BDF3477C0AD97D20BDE0D71DAF6EB ] C:\Program Files\McAfee\Common Framework\Logging.dll
21:08:31.0015 3368 C:\Program Files\McAfee\Common Framework\Logging.dll - ok
21:08:31.0031 3368 [ 5C2C7AC2ABB73251D67F09182AE6B30F ] C:\WINDOWS\system32\mfevtps.exe
21:08:31.0031 3368 C:\WINDOWS\system32\mfevtps.exe - ok
21:08:31.0031 3368 [ F67B927B1095FCCFAFD68D1E1ADCFFBD ] C:\Program Files\McAfee\Common Framework\UserSpace.Dll
21:08:31.0031 3368 C:\Program Files\McAfee\Common Framework\UserSpace.Dll - ok
21:08:31.0031 3368 [ 841E2FA780B91F091A29A872A15CB83C ] C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll
21:08:31.0031 3368 C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll - ok
21:08:31.0031 3368 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] C:\WINDOWS\system32\netman.dll
21:08:31.0031 3368 C:\WINDOWS\system32\netman.dll - ok
21:08:31.0046 3368 [ A75415E932DA0FCAAEE7AAB64A68B62B ] C:\Program Files\McAfee\Common Framework\Management.dll
21:08:31.0046 3368 C:\Program Files\McAfee\Common Framework\Management.dll - ok
21:08:31.0046 3368 [ E0DD5DB829C887C4DCC2D9B31470F7EC ] C:\WINDOWS\system32\netshell.dll
21:08:31.0046 3368 C:\WINDOWS\system32\netshell.dll - ok
21:08:31.0046 3368 [ 0573C75A2895D973EA6EF2495620BA49 ] C:\WINDOWS\system32\nvsvc32.exe
21:08:31.0046 3368 C:\WINDOWS\system32\nvsvc32.exe - ok
21:08:31.0046 3368 [ 13E913B6E7E8915D8AE37A8EA1208B67 ] C:\Program Files\McAfee\Common Framework\naPolicyManager.dll
21:08:31.0046 3368 C:\Program Files\McAfee\Common Framework\naPolicyManager.dll - ok
21:08:31.0046 3368 [ 1D37681166E7B0AE1FABF5676439F924 ] C:\WINDOWS\system32\credui.dll
21:08:31.0046 3368 C:\WINDOWS\system32\credui.dll - ok
21:08:31.0062 3368 [ C9AFEA3C13B62701FAE571D8466EB5F6 ] C:\WINDOWS\system32\dot3dlg.dll
21:08:31.0062 3368 C:\WINDOWS\system32\dot3dlg.dll - ok
21:08:31.0062 3368 [ A7162CFFDA477AE2239D4FB6F8094534 ] C:\WINDOWS\system32\onex.dll
21:08:31.0062 3368 C:\WINDOWS\system32\onex.dll - ok
21:08:31.0062 3368 [ DFBCA5222331A476C42DF1AA3921629E ] C:\WINDOWS\system32\eappcfg.dll
21:08:31.0062 3368 C:\WINDOWS\system32\eappcfg.dll - ok
21:08:31.0062 3368 [ F6D35EBC8F11300AAFD1D4CA6DC65B9D ] C:\WINDOWS\system32\eappprxy.dll
21:08:31.0062 3368 C:\WINDOWS\system32\eappprxy.dll - ok
21:08:31.0078 3368 [ 134579F748163BC51D126488A2962B04 ] C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
21:08:31.0078 3368 C:\Program Files\McAfee\Common Framework\naPrdMgr.exe - ok
21:08:31.0078 3368 [ D76D39056EF8B8C09BC544754448E48F ] C:\WINDOWS\system32\ipsecsvc.dll
21:08:31.0078 3368 C:\WINDOWS\system32\ipsecsvc.dll - ok
21:08:31.0078 3368 [ 7A50E919F9CF6D3850A40C18F92C5E03 ] C:\WINDOWS\system32\nvcpl.dll
21:08:31.0078 3368 C:\WINDOWS\system32\nvcpl.dll - ok
21:08:31.0078 3368 [ 2DF6B86A8CE10CC93CE4C6DC72C5E791 ] C:\WINDOWS\system32\wzcsapi.dll
21:08:31.0078 3368 C:\WINDOWS\system32\wzcsapi.dll - ok
21:08:31.0078 3368 [ 44E2D9C2C7192467D4D0A8E03A621567 ] C:\WINDOWS\system32\oakley.dll
21:08:31.0078 3368 C:\WINDOWS\system32\oakley.dll - ok
21:08:31.0093 3368 [ D92DBED30DBF45E7D2700596BB491B03 ] C:\WINDOWS\system32\pstorsvc.dll
21:08:31.0093 3368 C:\WINDOWS\system32\pstorsvc.dll - ok
21:08:31.0093 3368 [ 8D65C4D78E0D22E2655AFEB682656F15 ] C:\WINDOWS\system32\winipsec.dll
21:08:31.0093 3368 C:\WINDOWS\system32\winipsec.dll - ok
21:08:31.0093 3368 [ 3D8593AA6CB1C610CCC4EE4A2079841C ] C:\WINDOWS\system32\psbase.dll
21:08:31.0093 3368 C:\WINDOWS\system32\psbase.dll - ok
21:08:31.0093 3368 [ 8F31505484A190D5B22274708799F4EC ] C:\WINDOWS\system32\regsvc.dll
21:08:31.0093 3368 C:\WINDOWS\system32\regsvc.dll - ok
21:08:31.0109 3368 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] C:\WINDOWS\system32\seclogon.dll
21:08:31.0109 3368 C:\WINDOWS\system32\seclogon.dll - ok
21:08:31.0109 3368 [ A530B75C10C23C9AB28FDB6CE719E21F ] C:\WINDOWS\system32\sens.dll
21:08:31.0109 3368 C:\WINDOWS\system32\sens.dll - ok
21:08:31.0109 3368 [ 35B91147124F64AC8081A2EDB9EA4DEE ] C:\WINDOWS\system32\srsvc.dll
21:08:31.0109 3368 C:\WINDOWS\system32\srsvc.dll - ok
21:08:31.0109 3368 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
21:08:31.0109 3368 C:\WINDOWS\system32\dssenh.dll - ok
21:08:31.0109 3368 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] C:\WINDOWS\system32\wiaservc.dll
21:08:31.0109 3368 C:\WINDOWS\system32\wiaservc.dll - ok
21:08:31.0125 3368 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] C:\WINDOWS\system32\trkwks.dll
21:08:31.0125 3368 C:\WINDOWS\system32\trkwks.dll - ok
21:08:31.0125 3368 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] C:\WINDOWS\system32\wdfmgr.exe
21:08:31.0125 3368 C:\WINDOWS\system32\wdfmgr.exe - ok
21:08:31.0125 3368 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] C:\WINDOWS\system32\termsrv.dll
21:08:31.0125 3368 C:\WINDOWS\system32\termsrv.dll - ok
21:08:31.0125 3368 [ 06E30C9FC68ED62A5C11B989E51679DE ] C:\Program Files\McAfee\Common Framework\UpdateSubSys.Dll
21:08:31.0125 3368 C:\Program Files\McAfee\Common Framework\UpdateSubSys.Dll - ok
21:08:31.0140 3368 [ F77ADF735A6AB15B083840F5B6D74B00 ] C:\Program Files\McAfee\Common Framework\updater.Dll
21:08:31.0140 3368 C:\Program Files\McAfee\Common Framework\updater.Dll - ok
21:08:31.0140 3368 [ 65DDCE6C4F63C6AAC3D99EFBA4C1E9C4 ] C:\WINDOWS\system32\cscui.dll
21:08:31.0140 3368 C:\WINDOWS\system32\cscui.dll - ok
21:08:31.0140 3368 [ E488332126E3B1182D2B8A0C35408EC6 ] C:\WINDOWS\system32\wbem\wmisvc.dll
21:08:31.0140 3368 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
21:08:31.0140 3368 [ F23EB535F0834B3B1E0CDD16DB4ED7A1 ] C:\WINDOWS\system32\cfgmgr32.dll
21:08:31.0140 3368 C:\WINDOWS\system32\cfgmgr32.dll - ok
21:08:31.0140 3368 [ 4F45453DF86912A09E757859FE18A26C ] C:\WINDOWS\system32\mscms.dll
21:08:31.0140 3368 C:\WINDOWS\system32\mscms.dll - ok
21:08:31.0156 3368 [ 1635D157B5DAEADAF323B5E9FB6FD5E2 ] C:\WINDOWS\system32\vssapi.dll
21:08:31.0156 3368 C:\WINDOWS\system32\vssapi.dll - ok
21:08:31.0156 3368 [ 72C1FF5AE0330CCF9C35BCBBAD267F3B ] C:\WINDOWS\system32\icaapi.dll
21:08:31.0156 3368 C:\WINDOWS\system32\icaapi.dll - ok
21:08:31.0156 3368 [ C1232035BB304A4AEDE089BB4B83409D ] C:\Program Files\McAfee\Common Framework\ipcchannel.dll
21:08:31.0156 3368 C:\Program Files\McAfee\Common Framework\ipcchannel.dll - ok
21:08:31.0156 3368 [ 6E0F6ABF57F2E3A73456450A1501D9B3 ] C:\WINDOWS\system32\mstlsapi.dll
21:08:31.0156 3368 C:\WINDOWS\system32\mstlsapi.dll - ok
21:08:31.0171 3368 [ CD63EB2645EF6DC6D912B1E6F9750A8D ] C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll
21:08:31.0171 3368 C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll - ok
21:08:31.0171 3368 [ 234BBFAC0545E978049B4CCD0E2405C2 ] C:\Program Files\McAfee\Common Framework\mfeCmnLib71.dll
21:08:31.0171 3368 C:\Program Files\McAfee\Common Framework\mfeCmnLib71.dll - ok
21:08:31.0171 3368 [ 14E87D5268FFA7F6BF6DC33B40A37866 ] C:\WINDOWS\system32\dpcdll.dll
21:08:31.0171 3368 C:\WINDOWS\system32\dpcdll.dll - ok
21:08:31.0171 3368 [ 6F4D3480C42EC33BB56613DC7C787720 ] C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
21:08:31.0171 3368 C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe - ok
21:08:31.0171 3368 [ 89E739BBA5F636297EA5B5F811189E06 ] C:\WINDOWS\system32\browser.dll
21:08:31.0171 3368 C:\WINDOWS\system32\browser.dll - ok
21:08:31.0187 3368 [ 653B038066D1FD5962BB88796ED7CFC0 ] C:\WINDOWS\system32\wdmaud.drv
21:08:31.0187 3368 C:\WINDOWS\system32\wdmaud.drv - ok
21:08:31.0187 3368 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
21:08:31.0187 3368 C:\WINDOWS\system32\wuaueng.dll - ok
21:08:31.0187 3368 [ C1364564800EE9784192145324A23308 ] C:\WINDOWS\system32\wuauserv.dll
21:08:31.0187 3368 C:\WINDOWS\system32\wuauserv.dll - ok
21:08:31.0187 3368 [ 051C4F9607E2A1913FA84104BF9CDDF2 ] C:\Program Files\McAfee\VirusScan Enterprise\mytilus3.dll
21:08:31.0187 3368 C:\Program Files\McAfee\VirusScan Enterprise\mytilus3.dll - ok
21:08:31.0203 3368 [ 7DC1830F22E7D275B438127B68030239 ] C:\WINDOWS\system32\userinit.exe
21:08:31.0203 3368 C:\WINDOWS\system32\userinit.exe - ok
21:08:31.0203 3368 [ 14FCD22557C5200D4FE761620BC1BE97 ] C:\Program Files\McAfee\VirusScan Enterprise\ftl.dll
21:08:31.0203 3368 C:\Program Files\McAfee\VirusScan Enterprise\ftl.dll - ok
21:08:31.0203 3368 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
21:08:31.0203 3368 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
21:08:31.0203 3368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
21:08:31.0203 3368 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
21:08:31.0203 3368 [ 12FD48F2191A9194ED501E93FD7D276B ] C:\Program Files\McAfee\Common Framework\Scheduler.dll
21:08:31.0203 3368 C:\Program Files\McAfee\Common Framework\Scheduler.dll - ok
21:08:31.0218 3368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
21:08:31.0218 3368 C:\WINDOWS\system32\drivers\splitter.sys - ok
21:08:31.0218 3368 [ F66D2E3B8CA33F29D63F27A5676FE0C9 ] C:\WINDOWS\system32\rdpwsx.dll
21:08:31.0218 3368 C:\WINDOWS\system32\rdpwsx.dll - ok
21:08:31.0218 3368 [ 9F53BAAE57C32DE60A921951A5E31B97 ] C:\Program Files\McAfee\VirusScan Enterprise\vsplugin.dll
21:08:31.0218 3368 C:\Program Files\McAfee\VirusScan Enterprise\vsplugin.dll - ok
21:08:31.0218 3368 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
21:08:31.0218 3368 C:\WINDOWS\system32\drivers\aec.sys - ok
21:08:31.0234 3368 [ 84963584AEEF0562B632FC85B108B654 ] C:\WINDOWS\system32\winhttp.dll
21:08:31.0234 3368 C:\WINDOWS\system32\winhttp.dll - ok
21:08:31.0234 3368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
21:08:31.0234 3368 C:\WINDOWS\system32\drivers\swmidi.sys - ok
21:08:31.0234 3368 [ 8702CD069DE8F6B527E92CF55F78D5D2 ] C:\WINDOWS\system32\cabinet.dll
21:08:31.0234 3368 C:\WINDOWS\system32\cabinet.dll - ok
21:08:31.0234 3368 [ 5239ABED9DB03D8E9708A65B63B605F0 ] C:\Program Files\McAfee\Common Framework\TCSubSys.dll
21:08:31.0234 3368 C:\Program Files\McAfee\Common Framework\TCSubSys.dll - ok
21:08:31.0250 3368 [ 3A3C1A6E89530C0E85681C723BB69DEE ] C:\WINDOWS\system32\mspatcha.dll
21:08:31.0250 3368 C:\WINDOWS\system32\mspatcha.dll - ok
21:08:31.0250 3368 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
21:08:31.0250 3368 C:\WINDOWS\system32\drivers\dmusic.sys - ok
21:08:31.0250 3368 [ 3BECFAA73C00CA42CB8FC85A21F45141 ] C:\Program Files\McAfee\Common Framework\CMALib.dll
21:08:31.0250 3368 C:\Program Files\McAfee\Common Framework\CMALib.dll - ok
21:08:31.0250 3368 [ 7D770F6FD01B8478F61287BEEEBDBF8E ] C:\WINDOWS\system32\oledlg.dll
21:08:31.0250 3368 C:\WINDOWS\system32\oledlg.dll - ok
21:08:31.0250 3368 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
21:08:31.0250 3368 C:\WINDOWS\system32\drivers\kmixer.sys - ok
21:08:31.0265 3368 [ 0E8CB0A757E27B87F4DB45AC031BF02E ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
21:08:31.0265 3368 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
21:08:31.0265 3368 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
21:08:31.0265 3368 C:\WINDOWS\system32\wups.dll - ok
21:08:31.0265 3368 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
21:08:31.0265 3368 C:\WINDOWS\system32\wups2.dll - ok
21:08:31.0265 3368 [ F58FACA9621D2DB01BD0927D9A0A208E ] C:\WINDOWS\system32\ipnathlp.dll
21:08:31.0265 3368 C:\WINDOWS\system32\ipnathlp.dll - ok
21:08:31.0281 3368 [ E35CD9EFE457E1DE5E9CF94F1F92B52B ] C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
21:08:31.0281 3368 C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe - ok
21:08:31.0281 3368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
21:08:31.0281 3368 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
21:08:31.0281 3368 [ 48D065081DC8666764A903952AD6FB80 ] C:\WINDOWS\system32\comsvcs.dll
21:08:31.0281 3368 C:\WINDOWS\system32\comsvcs.dll - ok
21:08:31.0281 3368 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
21:08:31.0281 3368 C:\WINDOWS\system32\wuauclt.exe - ok
21:08:31.0281 3368 [ 6A1D3708BD2CB56B9B4FEBA43D40D571 ] C:\Program Files\McAfee\VirusScan Enterprise\naiann.dll
21:08:31.0281 3368 C:\Program Files\McAfee\VirusScan Enterprise\naiann.dll - ok
21:08:31.0296 3368 [ 7E780D549F168637940EC27A6747FAC9 ] C:\Program Files\McAfee\VirusScan Enterprise\NaEvent.Dll
21:08:31.0296 3368 C:\Program Files\McAfee\VirusScan Enterprise\NaEvent.Dll - ok
21:08:31.0296 3368 [ 93B96546B71A819DD9ACAC1E7D8F3E07 ] C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.DLL
21:08:31.0296 3368 C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.DLL - ok
21:08:31.0296 3368 [ 0892B57DC527FCED9FB02F2E6343C5FF ] C:\WINDOWS\system32\colbact.dll
21:08:31.0296 3368 C:\WINDOWS\system32\colbact.dll - ok
21:08:31.0296 3368 [ 0B13FD431ED8AD66F4482B3D33F54986 ] C:\WINDOWS\system32\nvrscs.dll
21:08:31.0296 3368 C:\WINDOWS\system32\nvrscs.dll - ok
21:08:31.0312 3368 [ E9113D2BAAE752340038024DAFC23535 ] C:\WINDOWS\system32\mtxclu.dll
21:08:31.0312 3368 C:\WINDOWS\system32\mtxclu.dll - ok
21:08:31.0312 3368 [ 2161B0A46C4F57FA3645DD881572962C ] C:\WINDOWS\system32\nvapi.dll
21:08:31.0312 3368 C:\WINDOWS\system32\nvapi.dll - ok
21:08:31.0312 3368 [ F0A0997640611EB605A122023FE47204 ] C:\WINDOWS\system32\clusapi.dll
21:08:31.0312 3368 C:\WINDOWS\system32\clusapi.dll - ok
21:08:31.0312 3368 [ FBA94CD67E28DF2BDB4D6824A95FF9DB ] C:\WINDOWS\system32\resutils.dll
21:08:31.0312 3368 C:\WINDOWS\system32\resutils.dll - ok
21:08:31.0312 3368 [ 58A0D4A0DB5FB76438A38F30E666B212 ] C:\WINDOWS\system32\msacm32.drv
21:08:31.0312 3368 C:\WINDOWS\system32\msacm32.drv - ok
21:08:31.0328 3368 [ 160A1500DDBE42F8793E3AD341E4BEC4 ] C:\WINDOWS\system32\midimap.dll
21:08:31.0328 3368 C:\WINDOWS\system32\midimap.dll - ok
21:08:31.0328 3368 [ 44FA404CBDF4A9D472AC371A1CADE16B ] C:\Program Files\McAfee\Common Framework\Genevtinf3.dll
21:08:31.0328 3368 C:\Program Files\McAfee\Common Framework\Genevtinf3.dll - ok
21:08:31.0328 3368 [ 33FC9AB5D74633F257B879B401F70BBE ] C:\WINDOWS\system32\rundll32.exe
21:08:31.0328 3368 C:\WINDOWS\system32\rundll32.exe - ok
21:08:31.0328 3368 [ 6B227D8DDFEF9546F393DF255C9BA6DF ] C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll
21:08:31.0328 3368 C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll - ok
21:08:31.0343 3368 [ 1957C5C463BCDC21F374523FD32A3115 ] C:\Program Files\Common Files\McAfee\Engine\mcscan32.dll
21:08:31.0343 3368 C:\Program Files\Common Files\McAfee\Engine\mcscan32.dll - ok
21:08:31.0343 3368 [ 27AFD587C462E280EE046B8CCA3C2CD1 ] C:\WINDOWS\explorer.exe
21:08:31.0343 3368 C:\WINDOWS\explorer.exe - ok
21:08:31.0343 3368 [ 508B8A0B72953469B3282A495CA6D482 ] C:\WINDOWS\system32\actxprxy.dll
21:08:31.0343 3368 C:\WINDOWS\system32\actxprxy.dll - ok
21:08:31.0343 3368 [ E45ECB5A023F77F813CD0DFF92699B76 ] C:\WINDOWS\system32\browseui.dll
21:08:31.0343 3368 C:\WINDOWS\system32\browseui.dll - ok
21:08:31.0359 3368 [ 6D4084D7ACF7A369C802116A9128F2F5 ] C:\WINDOWS\system32\shdocvw.dll
21:08:31.0359 3368 C:\WINDOWS\system32\shdocvw.dll - ok
21:08:31.0359 3368 [ DC9EFCC8827EB2C0D17A7E4B2DE77E63 ] C:\WINDOWS\system32\desk.cpl
21:08:31.0359 3368 C:\WINDOWS\system32\desk.cpl - ok
21:08:31.0359 3368 [ 42FC2993518A71372BE7B8176CAAC8CF ] C:\WINDOWS\system32\themeui.dll
21:08:31.0359 3368 C:\WINDOWS\system32\themeui.dll - ok
21:08:31.0359 3368 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] C:\WINDOWS\system32\wscsvc.dll
21:08:31.0359 3368 C:\WINDOWS\system32\wscsvc.dll - ok
21:08:31.0359 3368 [ 15BC40DEDF4E5A0DDB5D3623B9483DDA ] C:\WINDOWS\system32\wbem\wbemcore.dll
21:08:31.0359 3368 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
21:08:31.0375 3368 [ 58A4129B7AB2CF2E7F00256F7EDAEAC2 ] C:\WINDOWS\system32\cmd.exe
21:08:31.0375 3368 C:\WINDOWS\system32\cmd.exe - ok
21:08:31.0375 3368 [ B9D1F1606B3A4EA30E2141FDEDCA4342 ] C:\WINDOWS\system32\ieframe.dll
21:08:31.0375 3368 C:\WINDOWS\system32\ieframe.dll - ok
21:08:31.0375 3368 [ BE47A0CA98B7192B59DC27A843C9CEA1 ] C:\WINDOWS\system32\wbem\esscli.dll
21:08:31.0375 3368 C:\WINDOWS\system32\wbem\esscli.dll - ok
21:08:31.0375 3368 [ FA898CA2FB6FBE4A46F9D27971B3E1B5 ] C:\WINDOWS\system32\wbem\fastprox.dll
21:08:31.0375 3368 C:\WINDOWS\system32\wbem\fastprox.dll - ok
21:08:31.0375 3368 [ 8E70589EC4DDE3B22C5EE4A527BA0865 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
21:08:31.0375 3368 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
21:08:31.0390 3368 [ C56B6D0402371CF3700EB322EF3AAF61 ] C:\WINDOWS\system32\drivers\tdtcp.sys
21:08:31.0390 3368 C:\WINDOWS\system32\drivers\tdtcp.sys - ok
21:08:31.0390 3368 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] C:\WINDOWS\system32\drivers\rdpwd.sys
21:08:31.0390 3368 C:\WINDOWS\system32\drivers\rdpwd.sys - ok
21:08:31.0390 3368 [ 8A36A2FF9C36BCDDCBD8F7C0C4DC0083 ] C:\WINDOWS\system32\wbem\wmiutils.dll
21:08:31.0390 3368 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
21:08:31.0390 3368 [ E8A0384A25ECA1188E6F19F548947B53 ] C:\WINDOWS\system32\wbem\repdrvfs.dll
21:08:31.0390 3368 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
21:08:31.0406 3368 [ 4C501DD03666A9427DFEE53C3BD13900 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
21:08:31.0406 3368 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
21:08:31.0406 3368 [ 2FDB32EF0E2CFF15ECC751BD61235398 ] C:\WINDOWS\system32\wbem\wbemess.dll
21:08:31.0406 3368 C:\WINDOWS\system32\wbem\wbemess.dll - ok
21:08:31.0406 3368 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
21:08:31.0406 3368 C:\WINDOWS\system32\wuapi.dll - ok
21:08:31.0406 3368 [ C97254C95FF161F9EAEBE5CB0DFDEC3C ] C:\WINDOWS\system32\wbem\ncprov.dll
21:08:31.0406 3368 C:\WINDOWS\system32\wbem\ncprov.dll - ok
21:08:31.0406 3368 [ 9D8B38DE3CE3FEBD4CD18539C3414C87 ] C:\Program Files\Kerio\Personal Firewall 4\gkh.dll
21:08:31.0406 3368 C:\Program Files\Kerio\Personal Firewall 4\gkh.dll - ok
21:08:31.0421 3368 [ 47E827EB2C26A383AD16BF80C0FCA8FA ] C:\WINDOWS\system32\cryptnet.dll
21:08:31.0421 3368 C:\WINDOWS\system32\cryptnet.dll - ok
21:08:31.0421 3368 [ C77D916102E469F130A504CB9DACB930 ] C:\WINDOWS\system32\sensapi.dll
21:08:31.0421 3368 C:\WINDOWS\system32\sensapi.dll - ok
21:08:31.0421 3368 [ CA18BB84848E691D012A0368131945CC ] C:\Program Files\McAfee\VirusScan Enterprise\midutil.dll
21:08:31.0421 3368 C:\Program Files\McAfee\VirusScan Enterprise\midutil.dll - ok
21:08:31.0421 3368 [ F5BB3D0BB06C4DE2AC2E593460AE15EA ] C:\Program Files\McAfee\VirusScan Enterprise\nailite.dll
21:08:31.0421 3368 C:\Program Files\McAfee\VirusScan Enterprise\nailite.dll - ok
21:08:31.0437 3368 [ 39026E0FC3F91D6E601A2F28056918AA ] C:\Program Files\McAfee\VirusScan Enterprise\mfeapfa.dll
21:08:31.0437 3368 C:\Program Files\McAfee\VirusScan Enterprise\mfeapfa.dll - ok
21:08:31.0437 3368 [ CF3315B51F46C9C91C663DB04804398E ] C:\Program Files\McAfee\VirusScan Enterprise\mfehida.dll
21:08:31.0437 3368 C:\Program Files\McAfee\VirusScan Enterprise\mfehida.dll - ok
21:08:31.0437 3368 [ AF3BAF4CDED14D5FD7B8D94B78AE3F0A ] C:\WINDOWS\system32\drivers\mfeapfk.sys
21:08:31.0437 3368 C:\WINDOWS\system32\drivers\mfeapfk.sys - ok
21:08:31.0437 3368 [ 7F0077B0701B30001602CFE7A44F1957 ] C:\Program Files\McAfee\VirusScan Enterprise\mfeavfa.dll
21:08:31.0437 3368 C:\Program Files\McAfee\VirusScan Enterprise\mfeavfa.dll - ok
21:08:31.0453 3368 [ 2EBF8D78F99E2F667FA5F65312A489AB ] C:\WINDOWS\system32\drivers\mfeavfk.sys
21:08:31.0453 3368 C:\WINDOWS\system32\drivers\mfeavfk.sys - ok
21:08:31.0453 3368 [ DC02DF6BBCC74BC8022807B968BD24BC ] C:\WINDOWS\system32\wbem\wbemcons.dll
21:08:31.0453 3368 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
21:08:31.0453 3368 [ CD78F171ACF966E4F83302C4192E881F ] C:\WINDOWS\system32\spoolss.dll
21:08:31.0453 3368 C:\WINDOWS\system32\spoolss.dll - ok
21:08:31.0453 3368 [ 88842DE939A827577BF24243699AC80A ] C:\WINDOWS\system32\alg.exe
21:08:31.0453 3368 C:\WINDOWS\system32\alg.exe - ok
21:08:31.0453 3368 [ 32BAAEAEC3ED1536ED6EA387C4AA85A5 ] C:\WINDOWS\system32\localspl.dll
21:08:31.0453 3368 C:\WINDOWS\system32\localspl.dll - ok
21:08:31.0468 3368 [ C0D44791C969D65E63F250BC8BA0DC57 ] C:\WINDOWS\system32\AdobePDF.dll
21:08:31.0468 3368 C:\WINDOWS\system32\AdobePDF.dll - ok
21:08:31.0468 3368 [ 8DBB957A4E5DCA82F90C5F8A14BC789D ] C:\WINDOWS\system32\netcfgx.dll
21:08:31.0468 3368 C:\WINDOWS\system32\netcfgx.dll - ok
21:08:31.0468 3368 [ EDB3D87983DA77A0A4CFA046C8BCE5CA ] C:\WINDOWS\system32\cnbjmon.dll
21:08:31.0468 3368 C:\WINDOWS\system32\cnbjmon.dll - ok
21:08:31.0468 3368 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll
21:08:31.0468 3368 C:\WINDOWS\system32\mdimon.dll - ok
21:08:31.0484 3368 [ A751CFE02B53DC37EDC912D9BD778775 ] C:\WINDOWS\system32\MLMON_0G.DLL
21:08:31.0484 3368 C:\WINDOWS\system32\MLMON_0G.DLL - ok
21:08:31.0484 3368 [ B71DDDB2C32CF40382CBF7EB595A6FA9 ] C:\WINDOWS\system32\MSPOOL0G.DLL
21:08:31.0484 3368 C:\WINDOWS\system32\MSPOOL0G.DLL - ok
21:08:31.0484 3368 [ E2EB496B7A1CACF6550EF028B329893A ] C:\WINDOWS\system32\pjlmon.dll
21:08:31.0484 3368 C:\WINDOWS\system32\pjlmon.dll - ok
21:08:31.0484 3368 [ C2546CD7A398476F9DF5614B2AE160E8 ] C:\WINDOWS\system32\tapisrv.dll
21:08:31.0484 3368 C:\WINDOWS\system32\tapisrv.dll - ok
21:08:31.0484 3368 [ D57554C664B64604BD1EE13EA2C07E77 ] C:\WINDOWS\system32\rasmans.dll
21:08:31.0484 3368 C:\WINDOWS\system32\rasmans.dll - ok
21:08:31.0500 3368 [ 519C77BC60B14AB6187C4D328105CD61 ] C:\WINDOWS\system32\tcpmon.dll
21:08:31.0500 3368 C:\WINDOWS\system32\tcpmon.dll - ok
21:08:31.0500 3368 [ 9DD7DCC47F1EAA3FBCC985C20AD71B64 ] C:\WINDOWS\system32\usbmon.dll
21:08:31.0500 3368 C:\WINDOWS\system32\usbmon.dll - ok
21:08:31.0500 3368 [ EFEC5E7E5FE57957F9592A1500762E02 ] C:\WINDOWS\system32\rastapi.dll
21:08:31.0500 3368 C:\WINDOWS\system32\rastapi.dll - ok
21:08:31.0500 3368 [ 4F54119ACB137AF8ABE45AF7242E72CF ] C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR0G.DLL
21:08:31.0500 3368 C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR0G.DLL - ok
21:08:31.0515 3368 [ B481C1BE44B8821AC00DA47C565851B5 ] C:\WINDOWS\system32\MIMF320G.DLL
21:08:31.0515 3368 C:\WINDOWS\system32\MIMF320G.DLL - ok
21:08:31.0515 3368 [ 867C65E6246A113F1BCD2B4B575D8E6C ] C:\WINDOWS\system32\MTAG320G.DLL
21:08:31.0515 3368 C:\WINDOWS\system32\MTAG320G.DLL - ok
21:08:31.0515 3368 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
21:08:31.0515 3368 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
21:08:31.0515 3368 [ CE21D96724212D72D8D8406FD232072F ] C:\WINDOWS\system32\unimdm.tsp
21:08:31.0515 3368 C:\WINDOWS\system32\unimdm.tsp - ok
21:08:31.0531 3368 [ 94E5D1795A0855E5F1FB5BDCF903F9DA ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
21:08:31.0531 3368 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
21:08:31.0531 3368 [ 06C93A33555CF66FA5618125658B7594 ] C:\WINDOWS\system32\uniplat.dll
21:08:31.0531 3368 C:\WINDOWS\system32\uniplat.dll - ok
21:08:31.0531 3368 [ 1EC6A255B9B5AE8F53F0F3A41E66E5FD ] C:\WINDOWS\system32\win32spl.dll
21:08:31.0531 3368 C:\WINDOWS\system32\win32spl.dll - ok
21:08:31.0531 3368 [ 6E3248D3F8766502A51DF12F1F54BCE3 ] C:\WINDOWS\system32\netrap.dll
21:08:31.0531 3368 C:\WINDOWS\system32\netrap.dll - ok
21:08:31.0531 3368 [ F420C325956CA593679A8796065BFBB6 ] C:\WINDOWS\system32\inetpp.dll
21:08:31.0531 3368 C:\WINDOWS\system32\inetpp.dll - ok
21:08:31.0546 3368 [ 4EB458471415ADA85DE62D03E770D0CD ] C:\WINDOWS\system32\kmddsp.tsp
21:08:31.0546 3368 C:\WINDOWS\system32\kmddsp.tsp - ok
21:08:31.0546 3368 [ 3382CA270103BBDA349CE07BDBA60DA7 ] C:\WINDOWS\system32\ipconf.tsp
21:08:31.0546 3368 C:\WINDOWS\system32\ipconf.tsp - ok
21:08:31.0546 3368 [ 6FD0456A046649399FEF9110FFFB0E79 ] C:\WINDOWS\system32\ndptsp.tsp
21:08:31.0546 3368 C:\WINDOWS\system32\ndptsp.tsp - ok
21:08:31.0546 3368 [ 67FF1B2F19BED51A335BBC844A32EF46 ] C:\WINDOWS\system32\h323.tsp
21:08:31.0546 3368 C:\WINDOWS\system32\h323.tsp - ok
21:08:31.0562 3368 [ 508D2C123D48C6A63DAE370FFC6770A8 ] C:\WINDOWS\system32\hidphone.tsp
21:08:31.0562 3368 C:\WINDOWS\system32\hidphone.tsp - ok
21:08:31.0562 3368 [ 4D252655B9FBC4002447EEBC1751B5D9 ] C:\WINDOWS\system32\rasppp.dll
21:08:31.0562 3368 C:\WINDOWS\system32\rasppp.dll - ok
21:08:31.0562 3368 [ D63EAABBB757EB417EDDC8CDB5598704 ] C:\WINDOWS\system32\ntlsapi.dll
21:08:31.0562 3368 C:\WINDOWS\system32\ntlsapi.dll - ok
21:08:31.0562 3368 [ DEDF090BB17D77B12A7465486AA7F91C ] C:\WINDOWS\system32\rasqec.dll
21:08:31.0562 3368 C:\WINDOWS\system32\rasqec.dll - ok
21:08:31.0562 3368 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\DOCUME~1\David\LOCALS~1\Temp\1BB304B4-91C5-4FE8-BDA6-CAFDA4EE5A91.exe
21:08:31.0562 3368 C:\DOCUME~1\David\LOCALS~1\Temp\1BB304B4-91C5-4FE8-BDA6-CAFDA4EE5A91.exe - ok
21:08:31.0578 3368 [ D65C288E5F9B0C557F685CECC0B1B1E6 ] C:\WINDOWS\system32\msutb.dll
21:08:31.0578 3368 C:\WINDOWS\system32\msutb.dll - ok
21:08:31.0578 3368 [ 269A0930085C63E0464C85F3FA1D2DBA ] C:\WINDOWS\system32\msctf.dll
21:08:31.0578 3368 C:\WINDOWS\system32\msctf.dll - ok
21:08:31.0578 3368 [ 7FDE9FC15765E02B23E1756930165AD1 ] C:\WINDOWS\system32\linkinfo.dll
21:08:31.0578 3368 C:\WINDOWS\system32\linkinfo.dll - ok
21:08:31.0578 3368 [ 5D23A83D4B6324EC147F17334E057493 ] C:\WINDOWS\system32\ntshrui.dll
21:08:31.0578 3368 C:\WINDOWS\system32\ntshrui.dll - ok
21:08:31.0593 3368 [ 6B4377A3DA487722270E5DD2A20DDDF2 ] C:\WINDOWS\system32\verclsid.exe
21:08:31.0593 3368 C:\WINDOWS\system32\verclsid.exe - ok
21:08:31.0593 3368 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\37123221.sys
21:08:31.0593 3368 C:\WINDOWS\system32\drivers\37123221.sys - ok
21:08:31.0593 3368 [ 129E4E748829A3D027787E6740EE351D ] C:\WINDOWS\system32\mlang.dll
21:08:31.0593 3368 C:\WINDOWS\system32\mlang.dll - ok
21:08:31.0593 3368 [ C93152B9BBEC79C7A6CA39E4E4F77ECB ] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
21:08:31.0593 3368 C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe - ok
21:08:31.0609 3368 [ 21C141732D231677D8FEC89A73EB44A2 ] C:\WINDOWS\system32\msxml3.dll
21:08:31.0609 3368 C:\WINDOWS\system32\msxml3.dll - ok
21:08:31.0609 3368 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
21:08:31.0609 3368 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
21:08:31.0609 3368 [ AEC67D05840ED618DAF8A19BF8E80BAA ] C:\WINDOWS\system32\upnp.dll
21:08:31.0609 3368 C:\WINDOWS\system32\upnp.dll - ok
21:08:31.0609 3368 [ B68B20BC561C8ECF672DF627A4D8DC8F ] C:\WINDOWS\system32\stobject.dll
21:08:31.0609 3368 C:\WINDOWS\system32\stobject.dll - ok
21:08:31.0609 3368 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
21:08:31.0609 3368 C:\WINDOWS\system32\webcheck.dll - ok
21:08:31.0625 3368 [ 55C3D3D15782ED6A92BDDEC0AE48E9E9 ] C:\WINDOWS\system32\ssdpapi.dll
21:08:31.0625 3368 C:\WINDOWS\system32\ssdpapi.dll - ok
21:08:31.0625 3368 [ A6DC9E1950657DD5AA1395CB2E5B01CD ] C:\WINDOWS\system32\wbem\cimwin32.dll
21:08:31.0625 3368 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
21:08:31.0625 3368 [ E868299439DCBFD5117A2FEB90217C84 ] C:\WINDOWS\system32\batmeter.dll
21:08:31.0625 3368 C:\WINDOWS\system32\batmeter.dll - ok
21:08:31.0625 3368 [ F7B93AAFAD33B2320954C17E26C8D361 ] C:\WINDOWS\system32\imapi.exe
21:08:31.0625 3368 C:\WINDOWS\system32\imapi.exe - ok
21:08:31.0640 3368 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
21:08:31.0640 3368 C:\WINDOWS\system32\drivers\http.sys - ok
21:08:31.0640 3368 [ C3C4E2BDE357D77A128CE77C7E67E76A ] C:\WINDOWS\system32\wbem\framedyn.dll
21:08:31.0640 3368 C:\WINDOWS\system32\wbem\framedyn.dll - ok
21:08:31.0640 3368 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] C:\WINDOWS\system32\ssdpsrv.dll
21:08:31.0640 3368 C:\WINDOWS\system32\ssdpsrv.dll - ok
21:08:31.0640 3368 [ D081C72A6A33B6B7127D17B66FFDF995 ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
21:08:31.0640 3368 C:\Program Files\NVIDIA Corporation\nview\nwiz.exe - ok
21:08:31.0640 3368 [ 2ABF16D8A9F80936E884EC323B335410 ] C:\WINDOWS\system32\nvmctray.dll
21:08:31.0640 3368 C:\WINDOWS\system32\nvmctray.dll - ok
21:08:31.0656 3368 [ 0A74B5376B81E29BF5D4CDB9FACC5E46 ] C:\Program Files\McAfee\Common Framework\UdaterUI.exe
21:08:31.0656 3368 C:\Program Files\McAfee\Common Framework\UdaterUI.exe - ok
21:08:31.0656 3368 [ 0FC6A06A953F7F4A8336DB27767310C4 ] C:\WINDOWS\system32\rasdlg.dll
21:08:31.0656 3368 C:\WINDOWS\system32\rasdlg.dll - ok
21:08:31.0656 3368 [ A760DE5BFC2C1A17635DA7F7BDE37769 ] C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
21:08:31.0656 3368 C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe - ok
21:08:31.0656 3368 [ D5DE3333EA2BB10015F484134565DB92 ] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
21:08:31.0656 3368 C:\Program Files\OpenVPN\bin\openvpn-gui.exe - ok
21:08:31.0671 3368 [ 6705043F0BB486E666D57DBBB5D389D0 ] C:\Program Files\NVIDIA Corporation\nview\nView.dll
21:08:31.0671 3368 C:\Program Files\NVIDIA Corporation\nview\nView.dll - ok
21:08:31.0671 3368 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:08:31.0671 3368 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
21:08:31.0671 3368 [ C92328F77863CA4472CBCB2292B12D1C ] C:\Program Files\NVIDIA Corporation\nview\NVWRSCS.dll
21:08:31.0671 3368 C:\Program Files\NVIDIA Corporation\nview\NVWRSCS.dll - ok
21:08:31.0671 3368 [ 0C66454DEBE3B89199D637CB036723B5 ] C:\Program Files\OpenVPN\bin\libeay32.dll
21:08:31.0671 3368 C:\Program Files\OpenVPN\bin\libeay32.dll - ok
21:08:31.0687 3368 [ 84BD091511BB994664D33EC313645BF9 ] C:\WINDOWS\system32\nvwddi.dll
21:08:31.0687 3368 C:\WINDOWS\system32\nvwddi.dll - ok
21:08:31.0687 3368 [ E162B072785CAD20F3F5262965F2E809 ] C:\WINDOWS\system32\security.dll
21:08:31.0687 3368 C:\WINDOWS\system32\security.dll - ok
21:08:31.0687 3368 [ E1636F57581CAB5D995FD54D2991EF57 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
21:08:31.0687 3368 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe - ok
21:08:31.0687 3368 [ 38ED0EC2661770A7699E599C45DAE844 ] C:\Program Files\Razer\DeathAdder\razerhid.exe
21:08:31.0687 3368 C:\Program Files\Razer\DeathAdder\razerhid.exe - ok
21:08:31.0687 3368 [ 7D41B90803F8B9EBAEAC9ECB3E53882F ] C:\Program Files\OpenVPN\bin\openvpn.exe
21:08:31.0687 3368 C:\Program Files\OpenVPN\bin\openvpn.exe - ok
21:08:31.0703 3368 [ FE3E0386343E090812161D31FAA7C04A ] C:\WINDOWS\system32\wbem\wmipcima.dll
21:08:31.0703 3368 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
21:08:31.0703 3368 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
21:08:31.0703 3368 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
21:08:31.0703 3368 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
21:08:31.0703 3368 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
21:08:31.0703 3368 [ A756B8F0F7BAFBA6DFE39F7D169F2519 ] C:\WINDOWS\system32\ctfmon.exe
21:08:31.0703 3368 C:\WINDOWS\system32\ctfmon.exe - ok
21:08:31.0718 3368 [ DF872832944E29564DD9824F85AEA51B ] C:\Program Files\Razer\DeathAdder\CheckPidVid.dll
21:08:31.0718 3368 C:\Program Files\Razer\DeathAdder\CheckPidVid.dll - ok
21:08:31.0718 3368 [ FE4083ADBD690EF8B02EC30CF756EFBD ] C:\WINDOWS\ime\sptip.dll
21:08:31.0718 3368 C:\WINDOWS\ime\sptip.dll - ok
21:08:31.0718 3368 [ AA8C99220DAF040D1F0543F51BDEE84A ] C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll
21:08:31.0718 3368 C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll - ok
21:08:31.0718 3368 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libcurl.dll
21:08:31.0718 3368 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libcurl.dll - ok
21:08:31.0718 3368 [ 0460FC2BA9D61054C5F1A3A0EADD39F7 ] C:\Program Files\McAfee\VirusScan Enterprise\graphics.dll
21:08:31.0718 3368 C:\Program Files\McAfee\VirusScan Enterprise\graphics.dll - ok
21:08:31.0734 3368 [ 8E009E7AC012823845D5F39A77F4A27F ] C:\WINDOWS\system32\dsound.dll
21:08:31.0734 3368 C:\WINDOWS\system32\dsound.dll - ok
21:08:31.0734 3368 [ 507C2C7E84331D28C64A7ADF5BFC4557 ] C:\Program Files\OpenVPN\bin\libssl32.dll
21:08:31.0734 3368 C:\Program Files\OpenVPN\bin\libssl32.dll - ok
21:08:31.0734 3368 [ 16C195EBC0A3EC35C48D0C2D9A346BAB ] C:\WINDOWS\system32\olepro32.dll
21:08:31.0734 3368 C:\WINDOWS\system32\olepro32.dll - ok
21:08:31.0734 3368 [ A6E17D648B65385824464032C5B38B97 ] C:\Program Files\McAfee\VirusScan Enterprise\AdsLokUU.Dll
21:08:31.0734 3368 C:\Program Files\McAfee\VirusScan Enterprise\AdsLokUU.Dll - ok
21:08:31.0750 3368 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libeay32.dll
21:08:31.0750 3368 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libeay32.dll - ok
21:08:31.0750 3368 [ AF6A4BCDE2343E8562D3003A1740CC96 ] C:\WINDOWS\system32\ksuser.dll
21:08:31.0750 3368 C:\WINDOWS\system32\ksuser.dll - ok
21:08:31.0750 3368 [ EEEF5FF5B53416D6197965A6D6D723B6 ] C:\Program Files\Razer\DeathAdder\razertra.exe
21:08:31.0750 3368 C:\Program Files\Razer\DeathAdder\razertra.exe - ok
21:08:31.0750 3368 [ 39DA15B313F798372DA59F53355E8477 ] C:\Program Files\McAfee\Common Framework\McTray.exe
21:08:31.0750 3368 C:\Program Files\McAfee\Common Framework\McTray.exe - ok
21:08:31.0765 3368 [ 79AF4AF3E24A99D1790380B770B336FC ] C:\Program Files\McAfee\Common Framework\0409\UpdRes.Dll
21:08:31.0765 3368 C:\Program Files\McAfee\Common Framework\0409\UpdRes.Dll - ok
21:08:31.0765 3368 [ F694D53C6BF3EE02D128D5A42DBECC9E ] C:\Program Files\Razer\DeathAdder\razerlan.dll
21:08:31.0765 3368 C:\Program Files\Razer\DeathAdder\razerlan.dll - ok
21:08:31.0765 3368 [ 829E425E30DA88834E8FC058B261D983 ] C:\Program Files\McAfee\Common Framework\JrMac.dll
21:08:31.0765 3368 C:\Program Files\McAfee\Common Framework\JrMac.dll - ok
21:08:31.0765 3368 [ D95D91A67D4B73D0E5A7C29F91793D33 ] C:\WINDOWS\system32\adsldp.dll
21:08:31.0765 3368 C:\WINDOWS\system32\adsldp.dll - ok
21:08:31.0765 3368 [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
21:08:31.0765 3368 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
21:08:31.0781 3368 [ 2A032EFAE93D6C5DE769796FB355185F ] C:\Program Files\Razer\DeathAdder\razerofa.exe
21:08:31.0781 3368 C:\Program Files\Razer\DeathAdder\razerofa.exe - ok
21:08:31.0781 3368 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\ssleay32.dll
21:08:31.0781 3368 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\ssleay32.dll - ok
21:08:31.0781 3368 [ 268D17827F501D68BA0AB26C1DCD8264 ] C:\Program Files\Razer\DeathAdder\vdDaemon.exe
21:08:31.0781 3368 C:\Program Files\Razer\DeathAdder\vdDaemon.exe - ok
21:08:31.0781 3368 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll
21:08:31.0781 3368 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll - ok
21:08:31.0796 3368 [ 36AAA6502AE7FAFA284873C6563E7912 ] C:\WINDOWS\system32\wshnetbs.dll
21:08:31.0796 3368 C:\WINDOWS\system32\wshnetbs.dll - ok
21:08:31.0796 3368 [ 165AE7A443F2139DD2C078AD87699F91 ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
21:08:31.0796 3368 C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
21:08:31.0796 3368 ============================================================
21:08:31.0796 3368 Scan finished
21:08:31.0796 3368 ============================================================
21:08:31.0906 3360 Detected object count: 14
21:08:31.0906 3360 Actual detected object count: 14
21:09:46.0187 3360 astcc ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0187 3360 astcc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 ATMsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 ATMsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 fwdrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 fwdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 khips ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 khips ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 KPF4 ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 KPF4 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 tap0801 ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:46.0203 3360 tap0801 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:46.0203 3360 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - skipped by user
21:09:46.0203 3360 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Skip
21:09:46.0218 3360 \Device\Harddisk1\DR1 ( Rootkit.Boot.Sinowal.b ) - skipped by user
21:09:46.0218 3360 \Device\Harddisk1\DR1 ( Rootkit.Boot.Sinowal.b ) - User select action: Skip
21:09:56.0437 2696 Deinitialize success

#20 Příspěvek od **vyosek** » 29 srp 2012 18:17

Takze u polozek Sinowal (DR0 i DR1) v TDSSKilleru zvolte moznost Cure

dave5 · #21 Příspěvek od **dave5** » 29 srp 2012 18:28

provedeno, zde je novy log z tddss:

21:23:55.0796 3208 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:23:56.0031 3208 ============================================================
21:23:56.0031 3208 Current date / time: 2012/08/29 21:23:56.0031
21:23:56.0031 3208 SystemInfo:
21:23:56.0031 3208
21:23:56.0031 3208 OS Version: 5.1.2600 ServicePack: 3.0
21:23:56.0031 3208 Product type: Workstation
21:23:56.0031 3208 ComputerName: DAVIDOS
21:23:56.0031 3208 UserName: David
21:23:56.0031 3208 Windows directory: C:\WINDOWS
21:23:56.0031 3208 System windows directory: C:\WINDOWS
21:23:56.0031 3208 Processor architecture: Intel x86
21:23:56.0031 3208 Number of processors: 2
21:23:56.0031 3208 Page size: 0x1000
21:23:56.0031 3208 Boot type: Normal boot
21:23:56.0031 3208 ============================================================
21:23:58.0468 3208 BG loaded
21:24:24.0859 3208 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:24:24.0968 3208 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:24:24.0984 3208 ============================================================
21:24:24.0984 3208 \Device\Harddisk0\DR0:
21:24:24.0984 3208 MBR partitions:
21:24:24.0984 3208 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
21:24:25.0078 3208 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0xC34F28D
21:24:25.0546 3208 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1869E5D7, BlocksNum 0x21CE27A9
21:24:25.0546 3208 \Device\Harddisk1\DR1:
21:24:25.0546 3208 MBR partitions:
21:24:25.0546 3208 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x445C7AF
21:24:25.0546 3208 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x445C82D, BlocksNum 0x50ADDD3
21:24:25.0546 3208 ============================================================
21:24:29.0031 3208 C: <-> \Device\Harddisk0\DR0\Partition1
21:24:29.0046 3208 D: <-> \Device\Harddisk1\DR1\Partition1
21:24:32.0609 3208 E: <-> \Device\Harddisk0\DR0\Partition2
21:24:33.0046 3208 F: <-> \Device\Harddisk0\DR0\Partition3
21:24:33.0109 3208 G: <-> \Device\Harddisk1\DR1\Partition2
21:24:33.0109 3208 ============================================================
21:24:33.0109 3208 Initialize success
21:24:33.0109 3208 ============================================================
21:24:57.0671 0212 ============================================================
21:24:57.0671 0212 Scan started
21:24:57.0671 0212 Mode: Manual; SigCheck; TDLFS;
21:24:57.0671 0212 ============================================================
21:24:58.0187 0212 ================ Scan system memory ========================
21:24:58.0187 0212 System memory - ok
21:24:58.0187 0212 ================ Scan services =============================
21:24:58.0250 0212 Abiosdsk - ok
21:24:58.0250 0212 abp480n5 - ok
21:24:58.0281 0212 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:24:59.0359 0212 ACPI - ok
21:24:59.0375 0212 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:24:59.0484 0212 ACPIEC - ok
21:24:59.0484 0212 adpu160m - ok
21:24:59.0484 0212 ae3g.sys - ok
21:24:59.0515 0212 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:24:59.0609 0212 aec - ok
21:24:59.0625 0212 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:24:59.0671 0212 AFD - ok
21:24:59.0671 0212 Aha154x - ok
21:24:59.0671 0212 aic78u2 - ok
21:24:59.0687 0212 aic78xx - ok
21:24:59.0703 0212 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:24:59.0796 0212 Alerter - ok
21:24:59.0828 0212 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
21:24:59.0906 0212 ALG - ok
21:24:59.0921 0212 AliIde - ok
21:24:59.0937 0212 [ FCFFA85CFD4BF7A4711012847048DCA3 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
21:24:59.0968 0212 AmdK8 - ok
21:24:59.0968 0212 amsint - ok
21:24:59.0984 0212 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:25:00.0078 0212 AppMgmt - ok
21:25:00.0093 0212 asc - ok
21:25:00.0093 0212 asc3350p - ok
21:25:00.0093 0212 asc3550 - ok
21:25:00.0156 0212 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:25:00.0187 0212 aspnet_state - ok
21:25:00.0218 0212 [ 0C83FC56707BF68DB04947052A8188B1 ] astcc C:\WINDOWS\system32\astsrv.exe
21:25:00.0218 0212 astcc ( UnsignedFile.Multi.Generic ) - warning
21:25:00.0218 0212 astcc - detected UnsignedFile.Multi.Generic (1)
21:25:00.0234 0212 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:25:00.0328 0212 AsyncMac - ok
21:25:00.0343 0212 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:25:00.0421 0212 atapi - ok
21:25:00.0437 0212 Atdisk - ok
21:25:00.0453 0212 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:25:00.0546 0212 Atmarpc - ok
21:25:00.0578 0212 [ 523CA82A8810F4354E6425406AFBC130 ] ATMsrvc C:\WINDOWS\System32\ATMsrvc.exe
21:25:00.0593 0212 ATMsrvc ( UnsignedFile.Multi.Generic ) - warning
21:25:00.0593 0212 ATMsrvc - detected UnsignedFile.Multi.Generic (1)
21:25:00.0609 0212 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:25:00.0703 0212 AudioSrv - ok
21:25:00.0718 0212 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:25:00.0828 0212 audstub - ok
21:25:00.0843 0212 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:25:00.0937 0212 Beep - ok
21:25:00.0968 0212 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\System32\qmgr.dll
21:25:01.0093 0212 BITS - ok
21:25:01.0156 0212 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:25:01.0171 0212 Bonjour Service - ok
21:25:01.0187 0212 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
21:25:01.0250 0212 Browser - ok
21:25:01.0265 0212 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:25:01.0359 0212 cbidf2k - ok
21:25:01.0359 0212 cd20xrnt - ok
21:25:01.0375 0212 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:25:01.0484 0212 Cdaudio - ok
21:25:01.0500 0212 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:25:01.0593 0212 Cdfs - ok
21:25:01.0609 0212 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:25:01.0703 0212 Cdrom - ok
21:25:01.0703 0212 Changer - ok
21:25:01.0718 0212 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:25:01.0828 0212 CiSvc - ok
21:25:01.0843 0212 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:25:02.0000 0212 ClipSrv - ok
21:25:02.0031 0212 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:25:02.0062 0212 clr_optimization_v2.0.50727_32 - ok
21:25:02.0078 0212 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:25:02.0125 0212 clr_optimization_v4.0.30319_32 - ok
21:25:02.0125 0212 CmdIde - ok
21:25:02.0140 0212 COMSysApp - ok
21:25:02.0140 0212 Cpqarray - ok
21:25:02.0156 0212 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:25:02.0250 0212 CryptSvc - ok
21:25:02.0250 0212 dac2w2k - ok
21:25:02.0265 0212 dac960nt - ok
21:25:02.0281 0212 [ C512B618D0E19339572AD125E26B9CB5 ] danewFltr C:\WINDOWS\system32\drivers\danew.sys
21:25:02.0328 0212 danewFltr - ok
21:25:02.0359 0212 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:25:02.0390 0212 DcomLaunch - ok
21:25:02.0421 0212 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:25:02.0500 0212 Dhcp - ok
21:25:02.0531 0212 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:25:02.0640 0212 Disk - ok
21:25:02.0640 0212 dmadmin - ok
21:25:02.0671 0212 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:25:02.0937 0212 dmboot - ok
21:25:02.0953 0212 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:25:03.0171 0212 dmio - ok
21:25:03.0171 0212 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:25:03.0281 0212 dmload - ok
21:25:03.0296 0212 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:25:03.0390 0212 dmserver - ok
21:25:03.0406 0212 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:25:03.0515 0212 DMusic - ok
21:25:03.0531 0212 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:25:03.0578 0212 Dnscache - ok
21:25:03.0593 0212 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:25:03.0687 0212 Dot3svc - ok
21:25:03.0687 0212 dpti2o - ok
21:25:03.0687 0212 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:25:03.0781 0212 drmkaud - ok
21:25:03.0796 0212 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:25:03.0937 0212 EapHost - ok
21:25:03.0953 0212 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:25:04.0046 0212 ERSvc - ok
21:25:04.0062 0212 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
21:25:04.0078 0212 Eventlog - ok
21:25:04.0109 0212 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
21:25:04.0156 0212 EventSystem - ok
21:25:04.0187 0212 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:25:04.0281 0212 Fastfat - ok
21:25:04.0296 0212 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:25:04.0328 0212 FastUserSwitchingCompatibility - ok
21:25:04.0343 0212 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:25:04.0437 0212 Fdc - ok
21:25:04.0453 0212 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:25:04.0671 0212 Fips - ok
21:25:04.0703 0212 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:25:04.0812 0212 FLEXnet Licensing Service - ok
21:25:04.0828 0212 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:25:04.0906 0212 Flpydisk - ok
21:25:04.0937 0212 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:25:05.0031 0212 FltMgr - ok
21:25:05.0062 0212 [ 993883524AA9CF1C90E1545411A9AC9C ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:25:05.0125 0212 FontCache3.0.0.0 - ok
21:25:05.0125 0212 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:25:05.0218 0212 Fs_Rec - ok
21:25:05.0218 0212 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:25:05.0328 0212 Ftdisk - ok
21:25:05.0343 0212 [ BEAE63CA06345E0714A3CAE6232482EA ] fwdrv C:\WINDOWS\system32\drivers\fwdrv.sys
21:25:05.0359 0212 fwdrv ( UnsignedFile.Multi.Generic ) - warning
21:25:05.0359 0212 fwdrv - detected UnsignedFile.Multi.Generic (1)
21:25:05.0390 0212 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:25:05.0468 0212 Gpc - ok
21:25:05.0484 0212 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:25:05.0578 0212 HDAudBus - ok
21:25:05.0609 0212 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:25:05.0703 0212 helpsvc - ok
21:25:05.0718 0212 [ 887F5CF01755D3087E4E9DEC22101567 ] hidkmdf C:\WINDOWS\system32\DRIVERS\hidkmdf.sys
21:25:05.0734 0212 hidkmdf - ok
21:25:05.0750 0212 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:25:05.0890 0212 HidServ - ok
21:25:05.0906 0212 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:25:05.0984 0212 hidusb - ok
21:25:06.0000 0212 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:25:06.0093 0212 hkmsvc - ok
21:25:06.0093 0212 hpn - ok
21:25:06.0109 0212 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:25:06.0140 0212 HTTP - ok
21:25:06.0156 0212 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:25:06.0250 0212 HTTPFilter - ok
21:25:06.0250 0212 i2omgmt - ok
21:25:06.0250 0212 i2omp - ok
21:25:06.0281 0212 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
21:25:06.0421 0212 i8042prt - ok
21:25:06.0453 0212 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:25:06.0468 0212 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:25:06.0468 0212 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:25:06.0515 0212 [ E7CC3AEAED9893A88876744CD439F76C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:25:06.0546 0212 idsvc ( UnsignedFile.Multi.Generic ) - warning
21:25:06.0546 0212 idsvc - detected UnsignedFile.Multi.Generic (1)
21:25:06.0562 0212 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:25:06.0656 0212 Imapi - ok
21:25:06.0687 0212 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\System32\imapi.exe
21:25:06.0765 0212 ImapiService - ok
21:25:06.0781 0212 ini910u - ok
21:25:06.0781 0212 IntelIde - ok
21:25:06.0796 0212 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:25:06.0906 0212 ip6fw - ok
21:25:06.0906 0212 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:25:07.0015 0212 IpFilterDriver - ok
21:25:07.0031 0212 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:25:07.0125 0212 IpInIp - ok
21:25:07.0140 0212 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:25:07.0218 0212 IpNat - ok
21:25:07.0234 0212 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:25:07.0312 0212 IPSec - ok
21:25:07.0328 0212 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:25:07.0406 0212 IRENUM - ok
21:25:07.0421 0212 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:25:07.0515 0212 isapnp - ok
21:25:07.0531 0212 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:25:07.0625 0212 Kbdclass - ok
21:25:07.0625 0212 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:25:07.0781 0212 kbdhid - ok
21:25:07.0796 0212 [ F1B81D62EA598047D28DD12E1F417976 ] khips C:\WINDOWS\system32\drivers\khips.sys
21:25:07.0812 0212 khips ( UnsignedFile.Multi.Generic ) - warning
21:25:07.0812 0212 khips - detected UnsignedFile.Multi.Generic (1)
21:25:07.0828 0212 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:25:07.0906 0212 kmixer - ok
21:25:07.0953 0212 [ F3CA4A37CD2144DFF7E28A75B30B0FD0 ] KPF4 C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
21:25:08.0000 0212 KPF4 ( UnsignedFile.Multi.Generic ) - warning
21:25:08.0000 0212 KPF4 - detected UnsignedFile.Multi.Generic (1)
21:25:08.0015 0212 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:25:08.0062 0212 KSecDD - ok
21:25:08.0078 0212 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:25:08.0109 0212 lanmanserver - ok
21:25:08.0140 0212 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:25:08.0187 0212 lanmanworkstation - ok
21:25:08.0187 0212 lbrtfdc - ok
21:25:08.0218 0212 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:25:08.0312 0212 LmHosts - ok
21:25:08.0328 0212 [ E3BCE3C975BA95B0500E4B7F8D61E432 ] McAfeeEngineService C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
21:25:08.0375 0212 McAfeeEngineService - ok
21:25:08.0406 0212 [ 1B963D79740B187795407CD03E2F7B4D ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
21:25:08.0421 0212 McAfeeFramework - ok
21:25:08.0421 0212 [ 6F4D3480C42EC33BB56613DC7C787720 ] McShield C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
21:25:08.0453 0212 McShield - ok
21:25:08.0453 0212 [ 6C6AA104272198495D51CC606677DA39 ] McTaskManager C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
21:25:08.0468 0212 McTaskManager - ok
21:25:08.0484 0212 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:25:08.0578 0212 Messenger - ok
21:25:08.0593 0212 [ AF3BAF4CDED14D5FD7B8D94B78AE3F0A ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
21:25:08.0625 0212 mfeapfk - ok
21:25:08.0625 0212 [ 2EBF8D78F99E2F667FA5F65312A489AB ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
21:25:08.0640 0212 mfeavfk - ok
21:25:08.0656 0212 [ 188324D4412103ED3B086B69D5D210E2 ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
21:25:08.0671 0212 mfebopk - ok
21:25:08.0687 0212 [ 51897A0530EA0531898ABBE566A9DD8A ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
21:25:08.0718 0212 mfehidk - ok
21:25:08.0734 0212 [ 192C71EA9990426372E1B803DBAD2C59 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys
21:25:08.0750 0212 mferkdet - ok
21:25:08.0781 0212 [ 61FC4DBE4A3E95973509DA6B920E83AA ] mfetdik C:\WINDOWS\system32\drivers\mfetdik.sys
21:25:08.0859 0212 mfetdik - ok
21:25:08.0875 0212 [ 5C2C7AC2ABB73251D67F09182AE6B30F ] mfevtp C:\WINDOWS\system32\mfevtps.exe
21:25:08.0890 0212 mfevtp - ok
21:25:08.0906 0212 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:25:09.0015 0212 mnmdd - ok
21:25:09.0031 0212 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
21:25:09.0125 0212 mnmsrvc - ok
21:25:09.0140 0212 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:25:09.0234 0212 Modem - ok
21:25:09.0281 0212 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] monfilt C:\WINDOWS\system32\drivers\monfilt.sys
21:25:09.0406 0212 monfilt - ok
21:25:09.0421 0212 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:25:09.0515 0212 Mouclass - ok
21:25:09.0531 0212 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:25:09.0640 0212 mouhid - ok
21:25:09.0640 0212 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:25:09.0734 0212 MountMgr - ok
21:25:09.0734 0212 mraid35x - ok
21:25:09.0750 0212 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:25:09.0843 0212 MRxDAV - ok
21:25:09.0875 0212 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:25:09.0921 0212 MRxSmb - ok
21:25:09.0937 0212 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:25:10.0015 0212 MSDTC - ok
21:25:10.0031 0212 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:25:10.0125 0212 Msfs - ok
21:25:10.0125 0212 MSIServer - ok
21:25:10.0140 0212 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:25:10.0218 0212 MSKSSRV - ok
21:25:10.0234 0212 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:25:10.0312 0212 MSPCLOCK - ok
21:25:10.0328 0212 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:25:10.0406 0212 MSPQM - ok
21:25:10.0421 0212 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:25:10.0500 0212 mssmbios - ok
21:25:10.0515 0212 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
21:25:10.0546 0212 MTsensor - ok
21:25:10.0546 0212 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:25:10.0593 0212 Mup - ok
21:25:10.0609 0212 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:25:10.0718 0212 napagent - ok
21:25:10.0718 0212 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:25:10.0812 0212 NDIS - ok
21:25:10.0828 0212 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:25:10.0843 0212 NdisTapi - ok
21:25:10.0859 0212 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:25:10.0937 0212 Ndisuio - ok
21:25:10.0953 0212 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:25:11.0031 0212 NdisWan - ok
21:25:11.0046 0212 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:25:11.0093 0212 NDProxy - ok
21:25:11.0093 0212 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:25:11.0171 0212 NetBIOS - ok
21:25:11.0187 0212 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:25:11.0281 0212 NetBT - ok
21:25:11.0312 0212 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
21:25:11.0390 0212 NetDDE - ok
21:25:11.0390 0212 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:25:11.0484 0212 NetDDEdsdm - ok
21:25:11.0500 0212 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\System32\lsass.exe
21:25:11.0593 0212 Netlogon - ok
21:25:11.0609 0212 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
21:25:11.0703 0212 Netman - ok
21:25:11.0718 0212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:25:11.0750 0212 NetTcpPortSharing - ok
21:25:11.0765 0212 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
21:25:11.0781 0212 Nla - ok
21:25:11.0843 0212 [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:25:11.0859 0212 NMIndexingService - ok
21:25:11.0875 0212 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:25:11.0968 0212 Npfs - ok
21:25:12.0000 0212 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:25:12.0093 0212 Ntfs - ok
21:25:12.0093 0212 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
21:25:12.0187 0212 NtLmSsp - ok
21:25:12.0218 0212 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:25:12.0328 0212 NtmsSvc - ok
21:25:12.0359 0212 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:25:12.0453 0212 Null - ok
21:25:12.0687 0212 [ 4B54DCD6ADEE535DF80F07C59DDD8F14 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:25:13.0000 0212 nv - ok
21:25:13.0031 0212 [ 0573C75A2895D973EA6EF2495620BA49 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
21:25:13.0046 0212 NVSvc - ok
21:25:13.0062 0212 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:25:13.0187 0212 NwlnkFlt - ok
21:25:13.0203 0212 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:25:13.0312 0212 NwlnkFwd - ok
21:25:13.0359 0212 [ 126A11FA2401AC42FE2D9C2705EC27BC ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
21:25:13.0359 0212 OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
21:25:13.0359 0212 OpenVPNService - detected UnsignedFile.Multi.Generic (1)
21:25:13.0375 0212 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:25:13.0406 0212 ose - ok
21:25:13.0421 0212 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:25:13.0515 0212 Parport - ok
21:25:13.0531 0212 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:25:13.0625 0212 PartMgr - ok
21:25:13.0640 0212 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:25:13.0750 0212 ParVdm - ok
21:25:13.0750 0212 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:25:13.0828 0212 PCI - ok
21:25:13.0828 0212 PCIDump - ok
21:25:13.0843 0212 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:25:13.0953 0212 PCIIde - ok
21:25:13.0968 0212 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:25:14.0125 0212 Pcmcia - ok
21:25:14.0125 0212 PDCOMP - ok
21:25:14.0125 0212 PDFRAME - ok
21:25:14.0125 0212 PDRELI - ok
21:25:14.0140 0212 PDRFRAME - ok
21:25:14.0140 0212 perc2 - ok
21:25:14.0140 0212 perc2hib - ok
21:25:14.0156 0212 [ 5903FA75200807AD739286BBF40C4904 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
21:25:14.0156 0212 pfc ( UnsignedFile.Multi.Generic ) - warning
21:25:14.0156 0212 pfc - detected UnsignedFile.Multi.Generic (1)
21:25:14.0187 0212 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
21:25:14.0203 0212 PlugPlay - ok
21:25:14.0203 0212 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
21:25:14.0281 0212 PolicyAgent - ok
21:25:14.0296 0212 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:25:14.0375 0212 PptpMiniport - ok
21:25:14.0390 0212 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
21:25:14.0593 0212 Processor - ok
21:25:14.0593 0212 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:25:14.0687 0212 ProtectedStorage - ok
21:25:14.0687 0212 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:25:14.0781 0212 PSched - ok
21:25:14.0781 0212 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:25:14.0875 0212 Ptilink - ok
21:25:14.0890 0212 [ 0C8DA0A8B0D227319C285E0EAE65DEFD ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:25:14.0890 0212 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
21:25:14.0890 0212 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
21:25:14.0906 0212 ql1080 - ok
21:25:14.0906 0212 Ql10wnt - ok
21:25:14.0906 0212 ql12160 - ok
21:25:14.0906 0212 ql1240 - ok
21:25:14.0921 0212 ql1280 - ok
21:25:14.0921 0212 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:25:15.0031 0212 RasAcd - ok
21:25:15.0062 0212 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:25:15.0140 0212 RasAuto - ok
21:25:15.0156 0212 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:25:15.0250 0212 Rasl2tp - ok
21:25:15.0281 0212 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:25:15.0359 0212 RasMan - ok
21:25:15.0359 0212 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:25:15.0437 0212 RasPppoe - ok
21:25:15.0437 0212 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:25:15.0546 0212 Raspti - ok
21:25:15.0562 0212 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:25:15.0640 0212 Rdbss - ok
21:25:15.0656 0212 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:25:15.0750 0212 RDPCDD - ok
21:25:15.0765 0212 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:25:15.0859 0212 rdpdr - ok
21:25:15.0875 0212 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:25:15.0906 0212 RDPWD - ok
21:25:15.0921 0212 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:25:16.0015 0212 RDSessMgr - ok
21:25:16.0031 0212 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:25:16.0109 0212 redbook - ok
21:25:16.0125 0212 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:25:16.0203 0212 RemoteAccess - ok
21:25:16.0218 0212 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:25:16.0312 0212 RemoteRegistry - ok
21:25:16.0312 0212 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
21:25:16.0406 0212 RpcLocator - ok
21:25:16.0421 0212 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:25:16.0453 0212 RpcSs - ok
21:25:16.0468 0212 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
21:25:16.0578 0212 RSVP - ok
21:25:16.0593 0212 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:25:16.0640 0212 RTLE8023xp - ok
21:25:16.0656 0212 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
21:25:16.0734 0212 SamSs - ok
21:25:16.0750 0212 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:25:16.0828 0212 SCardSvr - ok
21:25:16.0843 0212 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:25:16.0984 0212 Schedule - ok
21:25:16.0984 0212 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:25:17.0078 0212 Secdrv - ok
21:25:17.0078 0212 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:25:17.0218 0212 seclogon - ok
21:25:17.0218 0212 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
21:25:17.0312 0212 SENS - ok
21:25:17.0312 0212 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:25:17.0406 0212 serenum - ok
21:25:17.0406 0212 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:25:17.0484 0212 Serial - ok
21:25:17.0515 0212 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:25:17.0609 0212 Sfloppy - ok
21:25:17.0625 0212 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:25:17.0718 0212 SharedAccess - ok
21:25:17.0734 0212 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:25:17.0765 0212 ShellHWDetection - ok
21:25:17.0765 0212 Simbad - ok
21:25:17.0765 0212 Sparrow - ok
21:25:17.0781 0212 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:25:17.0875 0212 splitter - ok
21:25:17.0875 0212 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:25:17.0906 0212 Spooler - ok
21:25:17.0937 0212 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\System32\DRIVERS\sr.sys
21:25:18.0015 0212 sr - ok
21:25:18.0031 0212 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\System32\srsvc.dll
21:25:18.0109 0212 srservice - ok
21:25:18.0140 0212 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:25:18.0187 0212 Srv - ok
21:25:18.0203 0212 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:25:18.0296 0212 SSDPSRV - ok
21:25:18.0328 0212 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:25:18.0437 0212 stisvc - ok
21:25:18.0453 0212 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:25:18.0546 0212 swenum - ok
21:25:18.0593 0212 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:25:18.0625 0212 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
21:25:18.0625 0212 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
21:25:18.0625 0212 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:25:18.0718 0212 swmidi - ok
21:25:18.0734 0212 SwPrv - ok
21:25:18.0734 0212 symc810 - ok
21:25:18.0734 0212 symc8xx - ok
21:25:18.0734 0212 sym_hi - ok
21:25:18.0750 0212 sym_u3 - ok
21:25:18.0765 0212 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:25:18.0843 0212 sysaudio - ok
21:25:18.0875 0212 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:25:18.0953 0212 SysmonLog - ok
21:25:18.0984 0212 [ 846B7C0E3F6370CDCCE157A5B36E70CD ] tap0801 C:\WINDOWS\system32\DRIVERS\tap0801.sys
21:25:18.0984 0212 tap0801 ( UnsignedFile.Multi.Generic ) - warning
21:25:18.0984 0212 tap0801 - detected UnsignedFile.Multi.Generic (1)
21:25:19.0000 0212 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:25:19.0093 0212 TapiSrv - ok
21:25:19.0109 0212 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:25:19.0140 0212 Tcpip - ok
21:25:19.0171 0212 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:25:19.0265 0212 TDPIPE - ok
21:25:19.0281 0212 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:25:19.0375 0212 TDTCP - ok
21:25:19.0375 0212 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:25:19.0453 0212 TermDD - ok
21:25:19.0468 0212 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
21:25:19.0609 0212 TermService - ok
21:25:19.0625 0212 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:25:19.0640 0212 Themes - ok
21:25:19.0656 0212 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
21:25:19.0734 0212 TlntSvr - ok
21:25:19.0750 0212 TosIde - ok
21:25:19.0765 0212 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:25:19.0859 0212 TrkWks - ok
21:25:19.0875 0212 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:25:19.0953 0212 Udfs - ok
21:25:19.0968 0212 ultra - ok
21:25:19.0984 0212 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
21:25:20.0031 0212 UMWdf - ok
21:25:20.0046 0212 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:25:20.0140 0212 Update - ok
21:25:20.0156 0212 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
21:25:20.0234 0212 upnphost - ok
21:25:20.0250 0212 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
21:25:20.0328 0212 UPS - ok
21:25:20.0359 0212 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:25:20.0453 0212 usbccgp - ok
21:25:20.0453 0212 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:25:20.0531 0212 usbehci - ok
21:25:20.0546 0212 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:25:20.0625 0212 usbhub - ok
21:25:20.0640 0212 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:25:20.0718 0212 usbohci - ok
21:25:20.0734 0212 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:25:20.0828 0212 usbprint - ok
21:25:20.0843 0212 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:25:20.0921 0212 usbscan - ok
21:25:20.0937 0212 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:25:21.0031 0212 USBSTOR - ok
21:25:21.0031 0212 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:25:21.0125 0212 VgaSave - ok
21:25:21.0140 0212 [ 80ED26C12AF05779A3F897B9BADF6F28 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
21:25:21.0156 0212 VIAHdAudAddService - ok
21:25:21.0156 0212 ViaIde - ok
21:25:21.0187 0212 [ 07C20E596A0838809BC5FF5DE5A65973 ] VKbms C:\WINDOWS\system32\DRIVERS\VKbms.sys
21:25:21.0218 0212 VKbms - ok
21:25:21.0218 0212 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:25:21.0312 0212 VolSnap - ok
21:25:21.0328 0212 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
21:25:21.0421 0212 VSS - ok
21:25:21.0437 0212 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\System32\w32time.dll
21:25:21.0531 0212 W32Time - ok
21:25:21.0531 0212 WacHidRouter - ok
21:25:21.0531 0212 wacomrouterfilter - ok
21:25:21.0531 0212 wacomvhid - ok
21:25:21.0562 0212 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:25:21.0671 0212 Wanarp - ok
21:25:21.0703 0212 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
21:25:21.0734 0212 Wdf01000 - ok
21:25:21.0734 0212 WDICA - ok
21:25:21.0750 0212 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:25:21.0828 0212 wdmaud - ok
21:25:21.0859 0212 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:25:21.0937 0212 WebClient - ok
21:25:22.0000 0212 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:25:22.0078 0212 winmgmt - ok
21:25:22.0109 0212 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:25:22.0125 0212 WmdmPmSN - ok
21:25:22.0156 0212 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:25:22.0203 0212 Wmi - ok
21:25:22.0218 0212 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:25:22.0296 0212 WmiAcpi - ok
21:25:22.0312 0212 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:25:22.0406 0212 WmiApSrv - ok
21:25:22.0468 0212 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:25:22.0515 0212 WPFFontCache_v0400 - ok
21:25:22.0546 0212 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:25:22.0625 0212 wscsvc - ok
21:25:22.0656 0212 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:25:22.0734 0212 wuauserv - ok
21:25:22.0765 0212 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:25:22.0875 0212 WZCSVC - ok
21:25:22.0890 0212 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:25:22.0984 0212 xmlprov - ok
21:25:23.0000 0212 ================ Scan global ===============================
21:25:23.0015 0212 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
21:25:23.0046 0212 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
21:25:23.0046 0212 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
21:25:23.0062 0212 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
21:25:23.0062 0212 [Global] - ok
21:25:23.0062 0212 ================ Scan MBR ==================================
21:25:23.0078 0212 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
21:25:23.0312 0212 \Device\Harddisk0\DR0 - ok
21:25:23.0328 0212 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
21:25:23.0703 0212 \Device\Harddisk1\DR1 - ok
21:25:23.0703 0212 ================ Scan VBR ==================================
21:25:23.0718 0212 [ AE331AF67184E5DD2B5FBB5A23D10390 ] \Device\Harddisk0\DR0\Partition1
21:25:23.0718 0212 \Device\Harddisk0\DR0\Partition1 - ok
21:25:23.0734 0212 [ 01AEB818E16400AD3C570C3D15E2791D ] \Device\Harddisk0\DR0\Partition2
21:25:23.0734 0212 \Device\Harddisk0\DR0\Partition2 - ok
21:25:23.0750 0212 [ 23B80275C549C090131D5AE936FBD907 ] \Device\Harddisk0\DR0\Partition3
21:25:23.0750 0212 \Device\Harddisk0\DR0\Partition3 - ok
21:25:23.0781 0212 [ 64A514648C21AAB3CCFAF7A5E6033056 ] \Device\Harddisk1\DR1\Partition1
21:25:23.0781 0212 \Device\Harddisk1\DR1\Partition1 - ok
21:25:23.0812 0212 [ 098BE6F2D22AB4004A840F7C76F4C4D5 ] \Device\Harddisk1\DR1\Partition2
21:25:23.0812 0212 \Device\Harddisk1\DR1\Partition2 - ok
21:25:23.0812 0212 ================ Scan active images ========================
21:25:23.0812 0212 [ FCFFA85CFD4BF7A4711012847048DCA3 ] C:\WINDOWS\system32\drivers\AmdK8.sys
21:25:23.0812 0212 C:\WINDOWS\system32\drivers\AmdK8.sys - ok
21:25:23.0812 0212 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
21:25:23.0812 0212 C:\WINDOWS\system32\drivers\videoprt.sys - ok
21:25:23.0812 0212 [ 4B54DCD6ADEE535DF80F07C59DDD8F14 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
21:25:23.0812 0212 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
21:25:23.0812 0212 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
21:25:23.0812 0212 C:\WINDOWS\system32\drivers\cdrom.sys - ok
21:25:23.0828 0212 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
21:25:23.0828 0212 C:\WINDOWS\system32\drivers\imapi.sys - ok
21:25:23.0828 0212 [ 5903FA75200807AD739286BBF40C4904 ] C:\WINDOWS\system32\drivers\pfc.sys
21:25:23.0828 0212 C:\WINDOWS\system32\drivers\pfc.sys - ok
21:25:23.0828 0212 [ 89619EF503F949FAE09252A8B883EE11 ] C:\WINDOWS\system32\drivers\Rtenicxp.sys
21:25:23.0828 0212 C:\WINDOWS\system32\drivers\Rtenicxp.sys - ok
21:25:23.0828 0212 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
21:25:23.0828 0212 C:\WINDOWS\system32\drivers\usbehci.sys - ok
21:25:23.0843 0212 [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
21:25:23.0843 0212 C:\WINDOWS\system32\drivers\usbohci.sys - ok
21:25:23.0843 0212 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
21:25:23.0843 0212 C:\WINDOWS\system32\drivers\usbport.sys - ok
21:25:23.0843 0212 [ D48659BB24C48345D926ECB45C1EBDF5 ] C:\WINDOWS\system32\drivers\ASACPI.sys
21:25:23.0843 0212 C:\WINDOWS\system32\drivers\ASACPI.sys - ok
21:25:23.0843 0212 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
21:25:23.0843 0212 C:\WINDOWS\system32\drivers\audstub.sys - ok
21:25:23.0843 0212 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
21:25:23.0843 0212 C:\WINDOWS\system32\drivers\fdc.sys - ok
21:25:23.0859 0212 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
21:25:23.0859 0212 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
21:25:23.0859 0212 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
21:25:23.0859 0212 C:\WINDOWS\system32\drivers\ks.sys - ok
21:25:23.0859 0212 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] C:\WINDOWS\system32\drivers\parport.sys
21:25:23.0859 0212 C:\WINDOWS\system32\drivers\parport.sys - ok
21:25:23.0859 0212 [ 611BFD220305BE3A85AE876EA47D4AA5 ] C:\WINDOWS\system32\drivers\redbook.sys
21:25:23.0859 0212 C:\WINDOWS\system32\drivers\redbook.sys - ok
21:25:23.0875 0212 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
21:25:23.0875 0212 C:\WINDOWS\system32\drivers\serenum.sys - ok
21:25:23.0875 0212 [ B842729337C9B921615C40D3C1A1AF96 ] C:\WINDOWS\system32\drivers\serial.sys
21:25:23.0875 0212 C:\WINDOWS\system32\drivers\serial.sys - ok
21:25:23.0875 0212 [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
21:25:23.0875 0212 C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
21:25:23.0875 0212 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
21:25:23.0875 0212 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
21:25:23.0875 0212 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
21:25:23.0875 0212 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
21:25:23.0890 0212 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
21:25:23.0890 0212 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
21:25:23.0890 0212 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
21:25:23.0890 0212 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
21:25:23.0890 0212 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
21:25:23.0890 0212 C:\WINDOWS\system32\drivers\tdi.sys - ok
21:25:23.0890 0212 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
21:25:23.0890 0212 C:\WINDOWS\system32\drivers\msgpc.sys - ok
21:25:23.0906 0212 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
21:25:23.0906 0212 C:\WINDOWS\system32\drivers\psched.sys - ok
21:25:23.0906 0212 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
21:25:23.0906 0212 C:\WINDOWS\system32\drivers\raspptp.sys - ok
21:25:23.0906 0212 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
21:25:23.0906 0212 C:\WINDOWS\system32\drivers\ptilink.sys - ok
21:25:23.0906 0212 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
21:25:23.0906 0212 C:\WINDOWS\system32\drivers\raspti.sys - ok
21:25:23.0906 0212 [ 846B7C0E3F6370CDCCE157A5B36E70CD ] C:\WINDOWS\system32\drivers\tap0801.sys
21:25:23.0906 0212 C:\WINDOWS\system32\drivers\tap0801.sys - ok
21:25:23.0921 0212 [ 07C20E596A0838809BC5FF5DE5A65973 ] C:\WINDOWS\system32\drivers\VKbms.sys
21:25:23.0921 0212 C:\WINDOWS\system32\drivers\VKbms.sys - ok
21:25:23.0921 0212 [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys
21:25:23.0921 0212 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
21:25:23.0921 0212 [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys
21:25:23.0921 0212 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
21:25:23.0921 0212 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
21:25:23.0921 0212 C:\WINDOWS\system32\drivers\hidclass.sys - ok
21:25:23.0921 0212 [ 887F5CF01755D3087E4E9DEC22101567 ] C:\WINDOWS\system32\drivers\hidkmdf.sys
21:25:23.0921 0212 C:\WINDOWS\system32\drivers\hidkmdf.sys - ok
21:25:23.0937 0212 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
21:25:23.0937 0212 C:\WINDOWS\system32\drivers\hidparse.sys - ok
21:25:23.0937 0212 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] C:\WINDOWS\system32\drivers\kbdclass.sys
21:25:23.0937 0212 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
21:25:23.0937 0212 [ 4CB582831DBDE63CE43B45D771218374 ] C:\WINDOWS\system32\drivers\mouclass.sys
21:25:23.0937 0212 C:\WINDOWS\system32\drivers\mouclass.sys - ok
21:25:23.0937 0212 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
21:25:23.0937 0212 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
21:25:23.0953 0212 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
21:25:23.0953 0212 C:\WINDOWS\system32\drivers\termdd.sys - ok
21:25:23.0953 0212 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
21:25:23.0953 0212 C:\WINDOWS\system32\drivers\swenum.sys - ok
21:25:23.0953 0212 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
21:25:23.0953 0212 C:\WINDOWS\system32\drivers\update.sys - ok
21:25:23.0953 0212 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
21:25:23.0953 0212 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
21:25:23.0953 0212 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
21:25:23.0953 0212 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
21:25:23.0968 0212 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
21:25:23.0968 0212 C:\WINDOWS\system32\drivers\usbd.sys - ok
21:25:23.0968 0212 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
21:25:23.0968 0212 C:\WINDOWS\system32\drivers\usbhub.sys - ok
21:25:23.0968 0212 [ BB269EBA740737AB749B214D568B6812 ] C:\WINDOWS\system32\drivers\mouhid.sys
21:25:23.0968 0212 C:\WINDOWS\system32\drivers\mouhid.sys - ok
21:25:23.0968 0212 [ 86C8F23616C6C6E5B2776901C17B945B ] C:\WINDOWS\system32\drivers\kbdhid.sys
21:25:23.0968 0212 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
21:25:23.0984 0212 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
21:25:23.0984 0212 C:\WINDOWS\system32\drivers\drmk.sys - ok
21:25:23.0984 0212 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] C:\WINDOWS\system32\drivers\monfilt.sys
21:25:23.0984 0212 C:\WINDOWS\system32\drivers\monfilt.sys - ok
21:25:23.0984 0212 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
21:25:23.0984 0212 C:\WINDOWS\system32\drivers\portcls.sys - ok
21:25:23.0984 0212 [ 80ED26C12AF05779A3F897B9BADF6F28 ] C:\WINDOWS\system32\drivers\viahduaa.sys
21:25:23.0984 0212 C:\WINDOWS\system32\drivers\viahduaa.sys - ok
21:25:23.0984 0212 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
21:25:23.0984 0212 C:\WINDOWS\system32\drivers\beep.sys - ok
21:25:24.0000 0212 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
21:25:24.0000 0212 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
21:25:24.0000 0212 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
21:25:24.0000 0212 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
21:25:24.0000 0212 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
21:25:24.0000 0212 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
21:25:24.0000 0212 [ C528E27945367191E7BAE364930B6932 ] C:\WINDOWS\system32\drivers\i8042prt.sys
21:25:24.0000 0212 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
21:25:24.0015 0212 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
21:25:24.0015 0212 C:\WINDOWS\system32\drivers\null.sys - ok
21:25:24.0015 0212 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
21:25:24.0015 0212 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
21:25:24.0015 0212 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
21:25:24.0015 0212 C:\WINDOWS\system32\drivers\vga.sys - ok
21:25:24.0015 0212 [ BEAE63CA06345E0714A3CAE6232482EA ] C:\WINDOWS\system32\drivers\fwdrv.sys
21:25:24.0015 0212 C:\WINDOWS\system32\drivers\fwdrv.sys - ok
21:25:24.0031 0212 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
21:25:24.0031 0212 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
21:25:24.0031 0212 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
21:25:24.0031 0212 C:\WINDOWS\system32\drivers\msfs.sys - ok
21:25:24.0031 0212 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
21:25:24.0031 0212 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
21:25:24.0031 0212 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
21:25:24.0031 0212 C:\WINDOWS\system32\drivers\ipsec.sys - ok
21:25:24.0031 0212 [ 61FC4DBE4A3E95973509DA6B920E83AA ] C:\WINDOWS\system32\drivers\mfetdik.sys
21:25:24.0031 0212 C:\WINDOWS\system32\drivers\mfetdik.sys - ok
21:25:24.0046 0212 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
21:25:24.0046 0212 C:\WINDOWS\system32\drivers\npfs.sys - ok
21:25:24.0046 0212 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
21:25:24.0046 0212 C:\WINDOWS\system32\drivers\rasacd.sys - ok
21:25:24.0046 0212 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
21:25:24.0046 0212 C:\WINDOWS\system32\drivers\tcpip.sys - ok
21:25:24.0046 0212 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
21:25:24.0046 0212 C:\WINDOWS\system32\drivers\afd.sys - ok
21:25:24.0062 0212 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
21:25:24.0062 0212 C:\WINDOWS\system32\drivers\ipnat.sys - ok
21:25:24.0062 0212 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
21:25:24.0062 0212 C:\WINDOWS\system32\drivers\netbios.sys - ok
21:25:24.0062 0212 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
21:25:24.0062 0212 C:\WINDOWS\system32\drivers\netbt.sys - ok
21:25:24.0062 0212 [ 7EB15DCE4EC3A0220BD796A15C18186E ] C:\WINDOWS\system32\drivers\processr.sys
21:25:24.0062 0212 C:\WINDOWS\system32\drivers\processr.sys - ok
21:25:24.0062 0212 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
21:25:24.0062 0212 C:\WINDOWS\system32\drivers\wanarp.sys - ok
21:25:24.0078 0212 [ F1B81D62EA598047D28DD12E1F417976 ] C:\WINDOWS\system32\drivers\khips.sys
21:25:24.0078 0212 C:\WINDOWS\system32\drivers\khips.sys - ok
21:25:24.0078 0212 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
21:25:24.0078 0212 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
21:25:24.0078 0212 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
21:25:24.0078 0212 C:\WINDOWS\system32\drivers\rdbss.sys - ok
21:25:24.0078 0212 [ AC366695A0796560AA37215AD5762AAF ] C:\WINDOWS\system32\drivers\fips.sys
21:25:24.0078 0212 C:\WINDOWS\system32\drivers\fips.sys - ok
21:25:24.0093 0212 [ 9B08A8C6331C2DA9C30377BCB4262721 ] C:\WINDOWS\system32\smss.exe
21:25:24.0093 0212 C:\WINDOWS\system32\smss.exe - ok
21:25:24.0093 0212 [ 0A12141F94F9C7A478AF490454320E97 ] C:\WINDOWS\system32\ntdll.dll
21:25:24.0093 0212 C:\WINDOWS\system32\ntdll.dll - ok
21:25:24.0093 0212 [ C7A9FF12C63E2E448722B02C71A8C431 ] C:\WINDOWS\system32\autochk.exe
21:25:24.0093 0212 C:\WINDOWS\system32\autochk.exe - ok
21:25:24.0093 0212 [ C512B618D0E19339572AD125E26B9CB5 ] C:\WINDOWS\system32\drivers\danew.sys
21:25:24.0093 0212 C:\WINDOWS\system32\drivers\danew.sys - ok
21:25:24.0093 0212 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
21:25:24.0093 0212 C:\WINDOWS\system32\drivers\hidusb.sys - ok
21:25:24.0109 0212 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
21:25:24.0109 0212 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
21:25:24.0109 0212 [ 56A6034E7764E23D9114223EB3523925 ] C:\WINDOWS\system32\sfcfiles.dll
21:25:24.0109 0212 C:\WINDOWS\system32\sfcfiles.dll - ok
21:25:24.0109 0212 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
21:25:24.0109 0212 C:\WINDOWS\system32\drivers\cdfs.sys - ok
21:25:24.0109 0212 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
21:25:24.0109 0212 C:\WINDOWS\system32\drivers\atapi.sys - ok
21:25:24.0125 0212 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
21:25:24.0125 0212 C:\WINDOWS\system32\drivers\wmilib.sys - ok
21:25:24.0125 0212 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
21:25:24.0125 0212 C:\WINDOWS\system32\drivers\dxapi.sys - ok
21:25:24.0125 0212 [ CE440A5DEB0861CC621A6A704EBB1E71 ] C:\WINDOWS\system32\csrsrv.dll
21:25:24.0125 0212 C:\WINDOWS\system32\csrsrv.dll - ok
21:25:24.0125 0212 [ 628CE66E3FD35BFC7969DBAC245DC069 ] C:\WINDOWS\system32\csrss.exe
21:25:24.0125 0212 C:\WINDOWS\system32\csrss.exe - ok
21:25:24.0140 0212 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
21:25:24.0140 0212 C:\WINDOWS\system32\watchdog.sys - ok
21:25:24.0140 0212 [ 89B9C5051E815C943C3A9EBB2619DF6A ] C:\WINDOWS\system32\win32k.sys
21:25:24.0140 0212 C:\WINDOWS\system32\win32k.sys - ok
21:25:24.0140 0212 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
21:25:24.0140 0212 C:\WINDOWS\system32\basesrv.dll - ok
21:25:24.0140 0212 [ 90C925765E695AB984BE2E8A21B62AE9 ] C:\WINDOWS\system32\gdi32.dll
21:25:24.0140 0212 C:\WINDOWS\system32\gdi32.dll - ok
21:25:24.0140 0212 [ 545C653E8FE241CA6200798AA94FE5C7 ] C:\WINDOWS\system32\kernel32.dll
21:25:24.0140 0212 C:\WINDOWS\system32\kernel32.dll - ok
21:25:24.0156 0212 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
21:25:24.0156 0212 C:\WINDOWS\system32\winsrv.dll - ok
21:25:24.0156 0212 [ E16E0990967374E76F3E40CACAFD3D53 ] C:\WINDOWS\system32\user32.dll
21:25:24.0156 0212 C:\WINDOWS\system32\user32.dll - ok
21:25:24.0156 0212 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
21:25:24.0156 0212 C:\WINDOWS\system32\drivers\dxg.sys - ok
21:25:24.0156 0212 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
21:25:24.0156 0212 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
21:25:24.0171 0212 [ 8A067CC459AA9CF7597CEEFE05B35F3B ] C:\WINDOWS\system32\nv4_disp.dll
21:25:24.0171 0212 C:\WINDOWS\system32\nv4_disp.dll - ok
21:25:24.0171 0212 [ 1BD2076C717CB48967D5078EC9650891 ] C:\WINDOWS\system32\vga.dll
21:25:24.0171 0212 C:\WINDOWS\system32\vga.dll - ok
21:25:24.0171 0212 [ CDDB1F8E1AEA356F3AD106F2CF9B7FEA ] C:\WINDOWS\system32\winlogon.exe
21:25:24.0171 0212 C:\WINDOWS\system32\winlogon.exe - ok
21:25:24.0171 0212 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] C:\WINDOWS\system32\advapi32.dll
21:25:24.0171 0212 C:\WINDOWS\system32\advapi32.dll - ok
21:25:24.0171 0212 [ DD2A19C756A3992416C00CEEE55A3337 ] C:\WINDOWS\system32\rpcrt4.dll
21:25:24.0171 0212 C:\WINDOWS\system32\rpcrt4.dll - ok
21:25:24.0187 0212 [ DEA06DA25BB393E0A69C6E71BE5681DC ] C:\WINDOWS\system32\authz.dll
21:25:24.0187 0212 C:\WINDOWS\system32\authz.dll - ok
21:25:24.0187 0212 [ 69DF78F490C85052C7AF6C8ABE4AF1C5 ] C:\WINDOWS\system32\secur32.dll
21:25:24.0187 0212 C:\WINDOWS\system32\secur32.dll - ok

dave5 · #22 Příspěvek od **dave5** » 29 srp 2012 18:28

21:25:24.0187 0212 [ D405267A0CAB7A2F9A97F8BE0E8C7A1D ] C:\WINDOWS\system32\crypt32.dll
21:25:24.0187 0212 C:\WINDOWS\system32\crypt32.dll - ok
21:25:24.0187 0212 [ 052B3C1DADDE0D267987E8DA3BBE1AFB ] C:\WINDOWS\system32\msasn1.dll
21:25:24.0187 0212 C:\WINDOWS\system32\msasn1.dll - ok
21:25:24.0187 0212 [ D165DFCB4EA452510E53416F573018BB ] C:\WINDOWS\system32\msvcrt.dll
21:25:24.0187 0212 C:\WINDOWS\system32\msvcrt.dll - ok
21:25:24.0203 0212 [ 4D0C43A5446E4CA079D783CD70E9D543 ] C:\WINDOWS\system32\nddeapi.dll
21:25:24.0203 0212 C:\WINDOWS\system32\nddeapi.dll - ok
21:25:24.0203 0212 [ 8F43DFAF8B01F5775B931145E0FBB4B1 ] C:\WINDOWS\system32\netapi32.dll
21:25:24.0203 0212 C:\WINDOWS\system32\netapi32.dll - ok
21:25:24.0203 0212 [ ABBAF72B2E4D7C8D238D1AA8424244B4 ] C:\WINDOWS\system32\profmap.dll
21:25:24.0203 0212 C:\WINDOWS\system32\profmap.dll - ok
21:25:24.0203 0212 [ 7625B324EE90A716E447115A4B7F7364 ] C:\WINDOWS\system32\userenv.dll
21:25:24.0203 0212 C:\WINDOWS\system32\userenv.dll - ok
21:25:24.0218 0212 [ F9631D6681944F2CC0824FCEE52E8526 ] C:\WINDOWS\system32\psapi.dll
21:25:24.0218 0212 C:\WINDOWS\system32\psapi.dll - ok
21:25:24.0218 0212 [ FAE69704BB5FF6F8E7C60B21048CD1C3 ] C:\WINDOWS\system32\regapi.dll
21:25:24.0218 0212 C:\WINDOWS\system32\regapi.dll - ok
21:25:24.0218 0212 [ 0E93A7F2BE83AF906D9EAFB370300CAA ] C:\WINDOWS\system32\setupapi.dll
21:25:24.0218 0212 C:\WINDOWS\system32\setupapi.dll - ok
21:25:24.0218 0212 [ 614F8186BDAB926E3B1D8927A4161B54 ] C:\WINDOWS\system32\version.dll
21:25:24.0218 0212 C:\WINDOWS\system32\version.dll - ok
21:25:24.0218 0212 [ EF42EA58F8BF96753BE84B3227AD119E ] C:\WINDOWS\system32\winsta.dll
21:25:24.0218 0212 C:\WINDOWS\system32\winsta.dll - ok
21:25:24.0234 0212 [ FCD15D33AD9D7BD371F00651A23947CE ] C:\WINDOWS\system32\wintrust.dll
21:25:24.0234 0212 C:\WINDOWS\system32\wintrust.dll - ok
21:25:24.0234 0212 [ D21DBAA97839B1786E278FDD2F3444AC ] C:\WINDOWS\system32\imagehlp.dll
21:25:24.0234 0212 C:\WINDOWS\system32\imagehlp.dll - ok
21:25:24.0234 0212 [ 951D473917C51F21496D914CF6E5DDD1 ] C:\WINDOWS\system32\ws2_32.dll
21:25:24.0234 0212 C:\WINDOWS\system32\ws2_32.dll - ok
21:25:24.0234 0212 [ 6C60CA8AC7470AC01CFD3D24C7283CD1 ] C:\WINDOWS\system32\imm32.dll
21:25:24.0234 0212 C:\WINDOWS\system32\imm32.dll - ok
21:25:24.0250 0212 [ 36E68E02AF2206FC4A8C73CAEABE1FB0 ] C:\WINDOWS\system32\kbdcz.dll
21:25:24.0250 0212 C:\WINDOWS\system32\kbdcz.dll - ok
21:25:24.0250 0212 [ 859F7735F199C90403340183A3DDFB78 ] C:\WINDOWS\system32\ws2help.dll
21:25:24.0250 0212 C:\WINDOWS\system32\ws2help.dll - ok
21:25:24.0250 0212 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
21:25:24.0250 0212 C:\WINDOWS\system32\atmfd.dll - ok
21:25:24.0250 0212 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
21:25:24.0250 0212 C:\WINDOWS\system32\kbdus.dll - ok
21:25:24.0250 0212 [ C1367E52DDAB839B8A21E412519E5FB5 ] C:\WINDOWS\system32\msgina.dll
21:25:24.0250 0212 C:\WINDOWS\system32\msgina.dll - ok
21:25:24.0265 0212 [ E145ADD7DAEF759C4F5FB80A180A9C30 ] C:\WINDOWS\system32\comctl32.dll
21:25:24.0265 0212 C:\WINDOWS\system32\comctl32.dll - ok
21:25:24.0265 0212 [ ED180CFF554C5797E983501823E78613 ] C:\WINDOWS\system32\odbc32.dll
21:25:24.0265 0212 C:\WINDOWS\system32\odbc32.dll - ok
21:25:24.0265 0212 [ D6F092E2D661AD284D34189B78FE08E6 ] C:\WINDOWS\system32\comdlg32.dll
21:25:24.0265 0212 C:\WINDOWS\system32\comdlg32.dll - ok
21:25:24.0265 0212 [ 639A1D31DCB23068087B1F781EDCD4A9 ] C:\WINDOWS\system32\shell32.dll
21:25:24.0265 0212 C:\WINDOWS\system32\shell32.dll - ok
21:25:24.0281 0212 [ 5553738BD481C5456BB4E22B6F4D99EB ] C:\WINDOWS\system32\shlwapi.dll
21:25:24.0281 0212 C:\WINDOWS\system32\shlwapi.dll - ok
21:25:24.0281 0212 [ E139BB65A83049154EE40B46A42B9BAC ] C:\WINDOWS\system32\sxs.dll
21:25:24.0281 0212 C:\WINDOWS\system32\sxs.dll - ok
21:25:24.0281 0212 [ 8A72A30FDC803DC06755D3B36D966F31 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
21:25:24.0281 0212 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
21:25:24.0281 0212 [ 62D35D5F2D6ACE259DF6226D7079A661 ] C:\WINDOWS\system32\odbcint.dll
21:25:24.0281 0212 C:\WINDOWS\system32\odbcint.dll - ok
21:25:24.0296 0212 [ 5EE949255BABC0B17C09DDB2E59E3878 ] C:\WINDOWS\system32\sfc.dll
21:25:24.0296 0212 C:\WINDOWS\system32\sfc.dll - ok
21:25:24.0296 0212 [ 83451053EAD9F92B697C1BCBA91987FC ] C:\WINDOWS\system32\sfc_os.dll
21:25:24.0296 0212 C:\WINDOWS\system32\sfc_os.dll - ok
21:25:24.0296 0212 [ EE9A2B9EA968A792A053C9D1A86BF870 ] C:\WINDOWS\system32\shsvcs.dll
21:25:24.0296 0212 C:\WINDOWS\system32\shsvcs.dll - ok
21:25:24.0296 0212 [ ED9B683C7A8BBAAAB9B377197D20832C ] C:\WINDOWS\system32\ole32.dll
21:25:24.0296 0212 C:\WINDOWS\system32\ole32.dll - ok
21:25:24.0296 0212 [ 11882C729C6B2E2E045F8B93BDB69295 ] C:\WINDOWS\system32\apphelp.dll
21:25:24.0296 0212 C:\WINDOWS\system32\apphelp.dll - ok
21:25:24.0312 0212 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
21:25:24.0312 0212 C:\WINDOWS\system32\services.exe - ok
21:25:24.0312 0212 [ C8F04C22EB595DBC0624CB4484DCF6D4 ] C:\WINDOWS\system32\lsasrv.dll
21:25:24.0312 0212 C:\WINDOWS\system32\lsasrv.dll - ok
21:25:24.0312 0212 [ ED0A176354487CEED65B80A7148AB739 ] C:\WINDOWS\system32\lsass.exe
21:25:24.0312 0212 C:\WINDOWS\system32\lsass.exe - ok
21:25:24.0312 0212 [ 1B7A9C069457EC6E37E1F1D79B58AE87 ] C:\WINDOWS\system32\ncobjapi.dll
21:25:24.0312 0212 C:\WINDOWS\system32\ncobjapi.dll - ok
21:25:24.0328 0212 [ A46994F7DF0F6FFFA9FBD52C57DFF15C ] C:\WINDOWS\system32\msvcp60.dll
21:25:24.0328 0212 C:\WINDOWS\system32\msvcp60.dll - ok
21:25:24.0328 0212 [ EE43B67C08B2DF9F529A75EAB8877D19 ] C:\WINDOWS\system32\scesrv.dll
21:25:24.0328 0212 C:\WINDOWS\system32\scesrv.dll - ok
21:25:24.0328 0212 [ 3FE1BBF9A6865275464D38B0A2B4A93D ] C:\WINDOWS\system32\mpr.dll
21:25:24.0328 0212 C:\WINDOWS\system32\mpr.dll - ok
21:25:24.0328 0212 [ 5E5489C1D9AC8ED236EA8C6E54A997B9 ] C:\WINDOWS\AppPatch\acadproc.dll
21:25:24.0328 0212 C:\WINDOWS\AppPatch\acadproc.dll - ok
21:25:24.0343 0212 [ 443FA2B9D23DAA57077A670E7B14052A ] C:\WINDOWS\system32\dnsapi.dll
21:25:24.0343 0212 C:\WINDOWS\system32\dnsapi.dll - ok
21:25:24.0343 0212 [ 2FFDE877A4584FF839458B7500B53C54 ] C:\WINDOWS\system32\ntdsapi.dll
21:25:24.0343 0212 C:\WINDOWS\system32\ntdsapi.dll - ok
21:25:24.0343 0212 [ 2E14E691EFA7847A603612A80889D6A0 ] C:\WINDOWS\system32\shimeng.dll
21:25:24.0343 0212 C:\WINDOWS\system32\shimeng.dll - ok
21:25:24.0343 0212 [ CBE9EE6C6A5FD587CE6A4607C3B8B7C6 ] C:\WINDOWS\system32\umpnpmgr.dll
21:25:24.0343 0212 C:\WINDOWS\system32\umpnpmgr.dll - ok
21:25:24.0343 0212 [ AD68FEF8C99D87611F5617E46766E055 ] C:\WINDOWS\system32\wldap32.dll
21:25:24.0343 0212 C:\WINDOWS\system32\wldap32.dll - ok
21:25:24.0359 0212 [ 2F1DE43508B086C7A6117A35FE17BA0D ] C:\WINDOWS\system32\samlib.dll
21:25:24.0359 0212 C:\WINDOWS\system32\samlib.dll - ok
21:25:24.0359 0212 [ 923122A0B25850462C2BD576EABD60AF ] C:\WINDOWS\system32\samsrv.dll
21:25:24.0359 0212 C:\WINDOWS\system32\samsrv.dll - ok
21:25:24.0359 0212 [ 2C677B499B36B7991643B04BB8AA7AEA ] C:\WINDOWS\AppPatch\acgenral.dll
21:25:24.0359 0212 C:\WINDOWS\AppPatch\acgenral.dll - ok
21:25:24.0359 0212 [ 6A9BDF7029BD29FBF3BE6EE6CD768013 ] C:\WINDOWS\system32\cryptdll.dll
21:25:24.0359 0212 C:\WINDOWS\system32\cryptdll.dll - ok
21:25:24.0375 0212 [ 4B2068CB18F72E78ACD07BD94F743F94 ] C:\WINDOWS\system32\msacm32.dll
21:25:24.0375 0212 C:\WINDOWS\system32\msacm32.dll - ok
21:25:24.0375 0212 [ 865E2815C3597A952F13ECF463B52D7E ] C:\WINDOWS\system32\oleaut32.dll
21:25:24.0375 0212 C:\WINDOWS\system32\oleaut32.dll - ok
21:25:24.0375 0212 [ B5E0985B9D9B809D57A4999B29CB4A3D ] C:\WINDOWS\system32\uxtheme.dll
21:25:24.0375 0212 C:\WINDOWS\system32\uxtheme.dll - ok
21:25:24.0375 0212 [ D61C4E13A776DC9D29EF22B44EB0AB7F ] C:\WINDOWS\system32\winmm.dll
21:25:24.0375 0212 C:\WINDOWS\system32\winmm.dll - ok
21:25:24.0375 0212 [ 79D7A4B85ED05818604678E84746C176 ] C:\WINDOWS\system32\msapsspc.dll
21:25:24.0375 0212 C:\WINDOWS\system32\msapsspc.dll - ok
21:25:24.0390 0212 [ 50EAEE3F7F79A3206311AD09CB6EE2F1 ] C:\WINDOWS\system32\digest.dll
21:25:24.0390 0212 C:\WINDOWS\system32\digest.dll - ok
21:25:24.0390 0212 [ F987BA178D3D2AC5A448906AA74244A6 ] C:\WINDOWS\system32\msnsspc.dll
21:25:24.0390 0212 C:\WINDOWS\system32\msnsspc.dll - ok
21:25:24.0390 0212 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
21:25:24.0390 0212 C:\WINDOWS\system32\msvcrt40.dll - ok
21:25:24.0390 0212 [ A639E2A83CD57882B6D0F6F203BA73AF ] C:\WINDOWS\system32\schannel.dll
21:25:24.0390 0212 C:\WINDOWS\system32\schannel.dll - ok
21:25:24.0406 0212 [ 26AE5F5ADF4A30C8BCEA736343170201 ] C:\WINDOWS\system32\msctfime.ime
21:25:24.0406 0212 C:\WINDOWS\system32\msctfime.ime - ok
21:25:24.0406 0212 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
21:25:24.0406 0212 C:\WINDOWS\system32\msprivs.dll - ok
21:25:24.0406 0212 [ DAE17E35517159E5852B1712878D9702 ] C:\WINDOWS\system32\kerberos.dll
21:25:24.0406 0212 C:\WINDOWS\system32\kerberos.dll - ok
21:25:24.0406 0212 [ 7A943FB5D0260595A7DA43246F070D2D ] C:\WINDOWS\system32\iphlpapi.dll
21:25:24.0406 0212 C:\WINDOWS\system32\iphlpapi.dll - ok
21:25:24.0406 0212 [ E1E17EB9523D54F3A43C3DBB709D61A9 ] C:\WINDOWS\system32\msv1_0.dll
21:25:24.0406 0212 C:\WINDOWS\system32\msv1_0.dll - ok
21:25:24.0421 0212 [ C2ED0E3408F50BBC149D4F0936E67832 ] C:\WINDOWS\system32\netlogon.dll
21:25:24.0421 0212 C:\WINDOWS\system32\netlogon.dll - ok
21:25:24.0421 0212 [ FA4E1CDBA256787F2149F4AAD07BC91F ] C:\WINDOWS\system32\w32time.dll
21:25:24.0421 0212 C:\WINDOWS\system32\w32time.dll - ok
21:25:24.0421 0212 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
21:25:24.0421 0212 C:\WINDOWS\system32\rsaenh.dll - ok
21:25:24.0421 0212 [ A06D566DF5918E78DCF80596B17D2C9A ] C:\WINDOWS\system32\wdigest.dll
21:25:24.0421 0212 C:\WINDOWS\system32\wdigest.dll - ok
21:25:24.0421 0212 [ 7D7B90E9DA5263804D9C6ADEADAC9D6E ] C:\WINDOWS\system32\winscard.dll
21:25:24.0421 0212 C:\WINDOWS\system32\winscard.dll - ok
21:25:24.0437 0212 [ 190E67B026EDB080440BD2F735654E0C ] C:\WINDOWS\system32\wtsapi32.dll
21:25:24.0437 0212 C:\WINDOWS\system32\wtsapi32.dll - ok
21:25:24.0437 0212 [ 830CE8951C71F361D7D2F38416CC8BC1 ] C:\WINDOWS\system32\scecli.dll
21:25:24.0437 0212 C:\WINDOWS\system32\scecli.dll - ok
21:25:24.0437 0212 [ BE4A520E29B6391F49E79CCC52044D93 ] C:\WINDOWS\system32\svchost.exe
21:25:24.0437 0212 C:\WINDOWS\system32\svchost.exe - ok
21:25:24.0437 0212 [ EB25940843AB2EBD333107CF064B8787 ] C:\WINDOWS\system32\ntmarta.dll
21:25:24.0437 0212 C:\WINDOWS\system32\ntmarta.dll - ok
21:25:24.0453 0212 [ BE27674D1CBC3214AEC84B4336A38BBF ] C:\WINDOWS\system32\rpcss.dll
21:25:24.0453 0212 C:\WINDOWS\system32\rpcss.dll - ok
21:25:24.0453 0212 [ 61AAE581F5DC8B393C93EE0DF32F38B2 ] C:\WINDOWS\system32\xpsp2res.dll
21:25:24.0453 0212 C:\WINDOWS\system32\xpsp2res.dll - ok
21:25:24.0453 0212 [ 2EE99F67C930931EB404DADCE57E976E ] C:\WINDOWS\system32\eventlog.dll
21:25:24.0453 0212 C:\WINDOWS\system32\eventlog.dll - ok
21:25:24.0453 0212 [ ED18ADEE4AA21EB26977260152D7241A ] C:\WINDOWS\system32\hnetcfg.dll
21:25:24.0453 0212 C:\WINDOWS\system32\hnetcfg.dll - ok
21:25:24.0453 0212 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] C:\WINDOWS\system32\mswsock.dll
21:25:24.0453 0212 C:\WINDOWS\system32\mswsock.dll - ok
21:25:24.0468 0212 [ E19A4040E79BE0AACA971117378F7F2B ] C:\Program Files\Bonjour\mdnsNSP.dll
21:25:24.0468 0212 C:\Program Files\Bonjour\mdnsNSP.dll - ok
21:25:24.0468 0212 [ DF2F39569BF7F223AF3CCBC23D07BF6E ] C:\WINDOWS\system32\winrnr.dll
21:25:24.0468 0212 C:\WINDOWS\system32\winrnr.dll - ok
21:25:24.0468 0212 [ 8DBCEA7B495024A29FEF59B5FE709DAC ] C:\WINDOWS\system32\wshtcpip.dll
21:25:24.0468 0212 C:\WINDOWS\system32\wshtcpip.dll - ok
21:25:24.0468 0212 [ B26098F3DC08D841DE3D79C38ACCB807 ] C:\WINDOWS\system32\rasadhlp.dll
21:25:24.0468 0212 C:\WINDOWS\system32\rasadhlp.dll - ok
21:25:24.0484 0212 [ 8C9A53E285AC5E6704844D0459EC85BE ] C:\WINDOWS\system32\dhcpcsvc.dll
21:25:24.0484 0212 C:\WINDOWS\system32\dhcpcsvc.dll - ok
21:25:24.0484 0212 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
21:25:24.0484 0212 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
21:25:24.0484 0212 [ DFAA406BF19F4EE806A6F8D4342137F7 ] C:\WINDOWS\system32\dnsrslvr.dll
21:25:24.0484 0212 C:\WINDOWS\system32\dnsrslvr.dll - ok
21:25:24.0484 0212 [ 0AB159F536E3E8F7F07113702A07CCA5 ] C:\WINDOWS\system32\lmhsvc.dll
21:25:24.0484 0212 C:\WINDOWS\system32\lmhsvc.dll - ok
21:25:24.0484 0212 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] C:\WINDOWS\system32\wzcsvc.dll
21:25:24.0484 0212 C:\WINDOWS\system32\wzcsvc.dll - ok
21:25:24.0500 0212 [ AC531D7E51B7B5FB52D7585935222DE6 ] C:\WINDOWS\system32\atl.dll
21:25:24.0500 0212 C:\WINDOWS\system32\atl.dll - ok
21:25:24.0500 0212 [ 6011D2787CD0CE16CE6E40C30F13F6F8 ] C:\WINDOWS\system32\dot3api.dll
21:25:24.0500 0212 C:\WINDOWS\system32\dot3api.dll - ok
21:25:24.0500 0212 [ 6E4DFC1D92AD235FC76E8C7EE5544A00 ] C:\WINDOWS\system32\eapolqec.dll
21:25:24.0500 0212 C:\WINDOWS\system32\eapolqec.dll - ok
21:25:24.0500 0212 [ 39026490EF6992293A38AA13204BA6F3 ] C:\WINDOWS\system32\esent.dll
21:25:24.0500 0212 C:\WINDOWS\system32\esent.dll - ok
21:25:24.0515 0212 [ 9D221D3CBB4DFA1FD225B2769009F99B ] C:\WINDOWS\system32\qutil.dll
21:25:24.0515 0212 C:\WINDOWS\system32\qutil.dll - ok
21:25:24.0515 0212 [ 043FD4E92FE9BA70BFB8AC49848887CB ] C:\WINDOWS\system32\rtutils.dll
21:25:24.0515 0212 C:\WINDOWS\system32\rtutils.dll - ok
21:25:24.0515 0212 [ ACDB4C56ADCAD6913371C2B38BC016E2 ] C:\WINDOWS\system32\wmi.dll
21:25:24.0515 0212 C:\WINDOWS\system32\wmi.dll - ok
21:25:24.0515 0212 [ 66DF63A7BAE72033C2E7E9B60A20E05C ] C:\WINDOWS\system32\clbcatq.dll
21:25:24.0515 0212 C:\WINDOWS\system32\clbcatq.dll - ok
21:25:24.0515 0212 [ E7B375DFFB68A16659CA66474A280C47 ] C:\WINDOWS\system32\comres.dll
21:25:24.0515 0212 C:\WINDOWS\system32\comres.dll - ok
21:25:24.0531 0212 [ F37A3D11450C4BA9BD862DFF7451728C ] C:\WINDOWS\system32\cryptui.dll
21:25:24.0531 0212 C:\WINDOWS\system32\cryptui.dll - ok
21:25:24.0531 0212 [ 8CC571653F6741481F6B9BBEAF8F362F ] C:\WINDOWS\system32\logonui.exe
21:25:24.0531 0212 C:\WINDOWS\system32\logonui.exe - ok
21:25:24.0531 0212 [ 0B1AA4B12FC08CCB7EAB6AAA1E25AC16 ] C:\WINDOWS\system32\rastls.dll
21:25:24.0531 0212 C:\WINDOWS\system32\rastls.dll - ok
21:25:24.0531 0212 [ 616A0CC9DA2BAA008306EEA895F8BC0F ] C:\WINDOWS\system32\cscdll.dll
21:25:24.0531 0212 C:\WINDOWS\system32\cscdll.dll - ok
21:25:24.0546 0212 [ 883E504885373DCC08DFEF30A10E4F12 ] C:\WINDOWS\system32\dimsntfy.dll
21:25:24.0546 0212 C:\WINDOWS\system32\dimsntfy.dll - ok
21:25:24.0546 0212 [ A579E4FFF919F9A892F9E0BDA82A65BD ] C:\WINDOWS\system32\wininet.dll
21:25:24.0546 0212 C:\WINDOWS\system32\wininet.dll - ok
21:25:24.0546 0212 [ 0F1F2827B4FDF4401E0B9D60C63CE0D8 ] C:\WINDOWS\system32\winspool.drv
21:25:24.0546 0212 C:\WINDOWS\system32\winspool.drv - ok
21:25:24.0546 0212 [ 4807A2D624C4D3643B29AE2BA3FAA13D ] C:\WINDOWS\system32\wlnotify.dll
21:25:24.0546 0212 C:\WINDOWS\system32\wlnotify.dll - ok
21:25:24.0546 0212 [ 01DEFAA24704069BDB1A559A9C6EBC88 ] C:\WINDOWS\system32\duser.dll
21:25:24.0546 0212 C:\WINDOWS\system32\duser.dll - ok
21:25:24.0562 0212 [ 627551A1011199BCE013D0F4B6CACECF ] C:\WINDOWS\system32\msimg32.dll
21:25:24.0562 0212 C:\WINDOWS\system32\msimg32.dll - ok
21:25:24.0562 0212 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
21:25:24.0562 0212 C:\WINDOWS\system32\normaliz.dll - ok
21:25:24.0562 0212 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
21:25:24.0562 0212 C:\WINDOWS\system32\oleacc.dll - ok
21:25:24.0562 0212 [ 98CA2F18D988D7EA7D0183CE1FE83461 ] C:\WINDOWS\system32\shgina.dll
21:25:24.0562 0212 C:\WINDOWS\system32\shgina.dll - ok
21:25:24.0578 0212 [ 8F541317DF26B3686B3B6F4CF7A39401 ] C:\WINDOWS\system32\urlmon.dll
21:25:24.0578 0212 C:\WINDOWS\system32\urlmon.dll - ok
21:25:24.0578 0212 [ DC9155CBB3E68868E4F1170C528D6DA1 ] C:\WINDOWS\system32\iertutil.dll
21:25:24.0578 0212 C:\WINDOWS\system32\iertutil.dll - ok
21:25:24.0578 0212 [ 28217BEA16EC1790ADF5495BDCD03B35 ] C:\WINDOWS\system32\activeds.dll
21:25:24.0578 0212 C:\WINDOWS\system32\activeds.dll - ok
21:25:24.0578 0212 [ B88893C7FB9671C84DBF6400CD2170CD ] C:\WINDOWS\system32\adsldpc.dll
21:25:24.0578 0212 C:\WINDOWS\system32\adsldpc.dll - ok
21:25:24.0578 0212 [ AC992C58B28038A43E63DE07361B9732 ] C:\WINDOWS\system32\mprapi.dll
21:25:24.0578 0212 C:\WINDOWS\system32\mprapi.dll - ok
21:25:24.0593 0212 [ 0B3077EC67D9509B6B8A1FA3006E717B ] C:\WINDOWS\system32\rasapi32.dll
21:25:24.0593 0212 C:\WINDOWS\system32\rasapi32.dll - ok
21:25:24.0593 0212 [ A4F20BF76D85B92FE6E0C6B3884E8718 ] C:\WINDOWS\system32\rasman.dll
21:25:24.0593 0212 C:\WINDOWS\system32\rasman.dll - ok
21:25:24.0593 0212 [ A8B1342EE63C191258460EFE5D30D6A1 ] C:\WINDOWS\system32\tapi32.dll
21:25:24.0593 0212 C:\WINDOWS\system32\tapi32.dll - ok
21:25:24.0593 0212 [ D1995A48DCC77C8C3DE97BF89C1F8232 ] C:\WINDOWS\system32\riched20.dll
21:25:24.0593 0212 C:\WINDOWS\system32\riched20.dll - ok
21:25:24.0609 0212 [ BF5A61ED318A04CE683374069EA42CA6 ] C:\WINDOWS\system32\raschap.dll
21:25:24.0609 0212 C:\WINDOWS\system32\raschap.dll - ok
21:25:24.0609 0212 [ 3FF232A7731621B8902D81D42418C93C ] C:\WINDOWS\system32\schedsvc.dll
21:25:24.0609 0212 C:\WINDOWS\system32\schedsvc.dll - ok
21:25:24.0609 0212 [ F6226D2AF6E3ACF5889F33E9E53602AC ] C:\WINDOWS\system32\msidle.dll
21:25:24.0609 0212 C:\WINDOWS\system32\msidle.dll - ok
21:25:24.0609 0212 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
21:25:24.0609 0212 C:\WINDOWS\system32\spoolsv.exe - ok
21:25:24.0625 0212 [ DE31B88962A8645DBA5A37B993E7B0F1 ] C:\WINDOWS\system32\audiosrv.dll
21:25:24.0625 0212 C:\WINDOWS\system32\audiosrv.dll - ok
21:25:24.0625 0212 [ 936C1D110232D23B621CB0196E4F80F0 ] C:\WINDOWS\system32\wkssvc.dll
21:25:24.0625 0212 C:\WINDOWS\system32\wkssvc.dll - ok
21:25:24.0625 0212 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
21:25:24.0625 0212 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
21:25:24.0625 0212 [ 47AE51048A82DFA1CD6B51D369F7E169 ] C:\WINDOWS\system32\webclnt.dll
21:25:24.0625 0212 C:\WINDOWS\system32\webclnt.dll - ok
21:25:24.0625 0212 [ 0C83FC56707BF68DB04947052A8188B1 ] C:\WINDOWS\system32\ASTSRV.EXE
21:25:24.0625 0212 C:\WINDOWS\system32\ASTSRV.EXE - ok
21:25:24.0640 0212 [ 1FAE19D0457176318BBA4A8795656EBC ] C:\WINDOWS\system32\drivers\parvdm.sys
21:25:24.0640 0212 C:\WINDOWS\system32\drivers\parvdm.sys - ok
21:25:24.0640 0212 [ 5AB58C337AC65837FE404462AD6265AB ] C:\Program Files\Bonjour\mDNSResponder.exe
21:25:24.0640 0212 C:\Program Files\Bonjour\mDNSResponder.exe - ok
21:25:24.0640 0212 [ 9FA69781CAA7A1DA981A24F240A61A60 ] C:\WINDOWS\system32\powrprof.dll
21:25:24.0640 0212 C:\WINDOWS\system32\powrprof.dll - ok
21:25:24.0640 0212 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:25:24.0640 0212 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
21:25:24.0656 0212 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
21:25:24.0656 0212 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
21:25:24.0656 0212 [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
21:25:24.0656 0212 C:\WINDOWS\system32\mscoree.dll - ok
21:25:24.0656 0212 [ 1F63900E2EB00101B9ACA2B7A870704E ] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:25:24.0656 0212 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - ok
21:25:24.0656 0212 [ 7BF2BC7728F77838E195743E76727F7B ] C:\WINDOWS\system32\certcli.dll
21:25:24.0656 0212 C:\WINDOWS\system32\certcli.dll - ok
21:25:24.0656 0212 [ F3AB0933CBD166D271992F411C27CCAF ] C:\WINDOWS\system32\cryptsvc.dll
21:25:24.0656 0212 C:\WINDOWS\system32\cryptsvc.dll - ok
21:25:24.0671 0212 [ A2A4912798F2BE706ABADD3D30800D16 ] C:\WINDOWS\system32\ersvc.dll
21:25:24.0671 0212 C:\WINDOWS\system32\ersvc.dll - ok
21:25:24.0671 0212 [ A371F11EF07653591C8DE26AFB13CE7F ] C:\WINDOWS\system32\es.dll
21:25:24.0671 0212 C:\WINDOWS\system32\es.dll - ok
21:25:24.0671 0212 [ 2BFEFE9E865655A76982F050450B9591 ] C:\WINDOWS\system32\dmserver.dll
21:25:24.0671 0212 C:\WINDOWS\system32\dmserver.dll - ok
21:25:24.0671 0212 [ F3CA4A37CD2144DFF7E28A75B30B0FD0 ] C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
21:25:24.0671 0212 C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe - ok
21:25:24.0671 0212 [ FCFE31FB75F8A6295B6B0AF87A626282 ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:25:24.0671 0212 C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
21:25:24.0687 0212 [ 00E25EE90166B3E1BE6E74AEBF858306 ] C:\WINDOWS\system32\hidserv.dll
21:25:24.0687 0212 C:\WINDOWS\system32\hidserv.dll - ok
21:25:24.0687 0212 [ FFB0A2D2B73A64979CD29C15B3B0A9D5 ] C:\WINDOWS\system32\hid.dll
21:25:24.0687 0212 C:\WINDOWS\system32\hid.dll - ok
21:25:24.0687 0212 [ 2BDF47962B25656443A2CBEE57D47AEA ] C:\Program Files\Kerio\Personal Firewall 4\kfe.dll
21:25:24.0687 0212 C:\Program Files\Kerio\Personal Firewall 4\kfe.dll - ok
21:25:24.0687 0212 [ 86BF302376815C881CA111631F7B8929 ] C:\Program Files\Kerio\Personal Firewall 4\ktlibeay32_0.9.7.2.dll
21:25:24.0687 0212 C:\Program Files\Kerio\Personal Firewall 4\ktlibeay32_0.9.7.2.dll - ok
21:25:24.0703 0212 [ B07780B0B2CF4F6456289679FE9DF368 ] C:\WINDOWS\system32\wsock32.dll
21:25:24.0703 0212 C:\WINDOWS\system32\wsock32.dll - ok
21:25:24.0703 0212 [ E0570B65BC965F9E9FE02E5B3BAF0AE2 ] C:\Program Files\Kerio\Personal Firewall 4\ktssleay32_0.9.7.2.dll
21:25:24.0703 0212 C:\Program Files\Kerio\Personal Firewall 4\ktssleay32_0.9.7.2.dll - ok
21:25:24.0703 0212 [ 5A542C4E0F036431D0B7B607FC08758F ] C:\Program Files\Kerio\Personal Firewall 4\msvcr70.dll
21:25:24.0703 0212 C:\Program Files\Kerio\Personal Firewall 4\msvcr70.dll - ok
21:25:24.0703 0212 [ 5B07B01168C2BF129C5E7227D8EF0CB8 ] C:\Program Files\Kerio\Personal Firewall 4\kticonv.dll
21:25:24.0703 0212 C:\Program Files\Kerio\Personal Firewall 4\kticonv.dll - ok
21:25:24.0703 0212 [ E3BCE3C975BA95B0500E4B7F8D61E432 ] C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
21:25:24.0703 0212 C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe - ok
21:25:24.0718 0212 [ DC2126F3456A6FE04BA8A50E3987F349 ] C:\Program Files\McAfee\VirusScan Enterprise\mytilus3_worker.dll
21:25:24.0718 0212 C:\Program Files\McAfee\VirusScan Enterprise\mytilus3_worker.dll - ok
21:25:24.0718 0212 [ D905050080DB4CCC3EB09AD24DE6BD67 ] C:\WINDOWS\system32\netmsg.dll
21:25:24.0718 0212 C:\WINDOWS\system32\netmsg.dll - ok
21:25:24.0718 0212 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] C:\WINDOWS\system32\srvsvc.dll
21:25:24.0718 0212 C:\WINDOWS\system32\srvsvc.dll - ok
21:25:24.0718 0212 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
21:25:24.0718 0212 C:\WINDOWS\system32\drivers\srv.sys - ok
21:25:24.0734 0212 [ 332D5439C89E9FA475EDFB69B02E1975 ] C:\WINDOWS\system32\shfolder.dll
21:25:24.0734 0212 C:\WINDOWS\system32\shfolder.dll - ok
21:25:24.0734 0212 [ 1B963D79740B187795407CD03E2F7B4D ] C:\Program Files\McAfee\Common Framework\FrameworkService.exe
21:25:24.0734 0212 C:\Program Files\McAfee\Common Framework\FrameworkService.exe - ok
21:25:24.0734 0212 [ 4B9200371D1766FD3FB6E6D7F8D9EC80 ] C:\Program Files\McAfee\VirusScan Enterprise\lockdown.dll
21:25:24.0734 0212 C:\Program Files\McAfee\VirusScan Enterprise\lockdown.dll - ok
21:25:24.0734 0212 [ 3C15C03E72CCD51A6E90FB6936D84FEE ] C:\Program Files\McAfee\VirusScan Enterprise\mytilus3_server.dll
21:25:24.0734 0212 C:\Program Files\McAfee\VirusScan Enterprise\mytilus3_server.dll - ok
21:25:24.0750 0212 [ BFFB54B16B9C7B1D80F183B10234A4A3 ] C:\Program Files\McAfee\VirusScan Enterprise\Res0900\McShield.DLL
21:25:24.0750 0212 C:\Program Files\McAfee\VirusScan Enterprise\Res0900\McShield.DLL - ok
21:25:24.0750 0212 [ 7D86BF7E930A483E67484BBC91FF7CD5 ] C:\Program Files\McAfee\Common Framework\nailog3.dll
21:25:24.0750 0212 C:\Program Files\McAfee\Common Framework\nailog3.dll - ok
21:25:24.0750 0212 [ 0138A1A02E08FAF01E6C387CED7A91C4 ] C:\Program Files\Kerio\Personal Firewall 4\ktzlib.dll
21:25:24.0750 0212 C:\Program Files\Kerio\Personal Firewall 4\ktzlib.dll - ok
21:25:24.0750 0212 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll
21:25:24.0750 0212 C:\WINDOWS\system32\msvcr71.dll - ok
21:25:24.0750 0212 [ ECDB189942E5F9FA05B4EF09D000534B ] C:\Program Files\McAfee\Common Framework\naxml3_71.dll
21:25:24.0750 0212 C:\Program Files\McAfee\Common Framework\naxml3_71.dll - ok
21:25:24.0765 0212 [ A1DF927F39BF907C2CC88290DC075579 ] C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll
21:25:24.0765 0212 C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll - ok
21:25:24.0765 0212 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll
21:25:24.0765 0212 C:\WINDOWS\system32\msvcp71.dll - ok
21:25:24.0765 0212 [ EC37B222A92A95948D2A1C71DC1544D9 ] C:\Program Files\McAfee\Common Framework\AppLib.dll
21:25:24.0765 0212 C:\Program Files\McAfee\Common Framework\AppLib.dll - ok
21:25:24.0765 0212 [ 9D7EF8E7DD3BA8A73CA25E4658AE84B9 ] C:\Program Files\McAfee\Common Framework\cryptocme2.dll
21:25:24.0765 0212 C:\Program Files\McAfee\Common Framework\cryptocme2.dll - ok
21:25:24.0781 0212 [ 188CB9B4E1B51215D385B7AB4A89CBD0 ] C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
21:25:24.0781 0212 C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe - ok
21:25:24.0781 0212 [ 5E3075E17D48A2F018C398FF890BDFCC ] C:\Program Files\McAfee\Common Framework\0409\AgentRes.Dll
21:25:24.0781 0212 C:\Program Files\McAfee\Common Framework\0409\AgentRes.Dll - ok
21:25:24.0781 0212 [ 6C6AA104272198495D51CC606677DA39 ] C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
21:25:24.0781 0212 C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe - ok
21:25:24.0781 0212 [ 27CB9025DE862EC0D143B6286B66493E ] C:\Program Files\Kerio\Personal Firewall 4\kwsapi.dll
21:25:24.0781 0212 C:\Program Files\Kerio\Personal Firewall 4\kwsapi.dll - ok
21:25:24.0781 0212 [ DE880A525EC99DE38C5F85F3A3A3E16E ] C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll
21:25:24.0781 0212 C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll - ok
21:25:24.0796 0212 [ 2C264A0CC77E3E307D5FE407F90FAF5E ] C:\WINDOWS\system32\msi.dll
21:25:24.0796 0212 C:\WINDOWS\system32\msi.dll - ok
21:25:24.0796 0212 [ 03853A3540EC3F64EBDEFFB2ECE757D4 ] C:\WINDOWS\system32\wbem\wbemprox.dll
21:25:24.0796 0212 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
21:25:24.0796 0212 [ 5D1D9D1AC352D82C815EDF67E6EE5C97 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
21:25:24.0796 0212 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
21:25:24.0796 0212 [ BE8B69EE0D6D6E03B3277C83429AE1C8 ] C:\Program Files\McAfee\VirusScan Enterprise\condl.dll
21:25:24.0796 0212 C:\Program Files\McAfee\VirusScan Enterprise\condl.dll - ok
21:25:24.0812 0212 [ 472C9DB931D5DAB846AEE46C63643BD2 ] C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll
21:25:24.0812 0212 C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll - ok
21:25:24.0812 0212 [ 464325F6C822FD26A44E54E0DC9F144F ] C:\WINDOWS\system32\lz32.dll
21:25:24.0812 0212 C:\WINDOWS\system32\lz32.dll - ok
21:25:24.0812 0212 [ 9A6BDF3477C0AD97D20BDE0D71DAF6EB ] C:\Program Files\McAfee\Common Framework\Logging.dll
21:25:24.0812 0212 C:\Program Files\McAfee\Common Framework\Logging.dll - ok
21:25:24.0812 0212 [ 5C2C7AC2ABB73251D67F09182AE6B30F ] C:\WINDOWS\system32\mfevtps.exe
21:25:24.0812 0212 C:\WINDOWS\system32\mfevtps.exe - ok
21:25:24.0812 0212 [ F67B927B1095FCCFAFD68D1E1ADCFFBD ] C:\Program Files\McAfee\Common Framework\UserSpace.Dll
21:25:24.0812 0212 C:\Program Files\McAfee\Common Framework\UserSpace.Dll - ok
21:25:24.0828 0212 [ 841E2FA780B91F091A29A872A15CB83C ] C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll
21:25:24.0828 0212 C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll - ok
21:25:24.0828 0212 [ A75415E932DA0FCAAEE7AAB64A68B62B ] C:\Program Files\McAfee\Common Framework\Management.dll
21:25:24.0828 0212 C:\Program Files\McAfee\Common Framework\Management.dll - ok
21:25:24.0828 0212 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] C:\WINDOWS\system32\netman.dll
21:25:24.0828 0212 C:\WINDOWS\system32\netman.dll - ok
21:25:24.0828 0212 [ 0573C75A2895D973EA6EF2495620BA49 ] C:\WINDOWS\system32\nvsvc32.exe
21:25:24.0828 0212 C:\WINDOWS\system32\nvsvc32.exe - ok
21:25:24.0843 0212 [ E0DD5DB829C887C4DCC2D9B31470F7EC ] C:\WINDOWS\system32\netshell.dll
21:25:24.0843 0212 C:\WINDOWS\system32\netshell.dll - ok
21:25:24.0843 0212 [ D76D39056EF8B8C09BC544754448E48F ] C:\WINDOWS\system32\ipsecsvc.dll
21:25:24.0843 0212 C:\WINDOWS\system32\ipsecsvc.dll - ok
21:25:24.0843 0212 [ 7A50E919F9CF6D3850A40C18F92C5E03 ] C:\WINDOWS\system32\nvcpl.dll
21:25:24.0843 0212 C:\WINDOWS\system32\nvcpl.dll - ok
21:25:24.0843 0212 [ 13E913B6E7E8915D8AE37A8EA1208B67 ] C:\Program Files\McAfee\Common Framework\naPolicyManager.dll
21:25:24.0843 0212 C:\Program Files\McAfee\Common Framework\naPolicyManager.dll - ok
21:25:24.0843 0212 [ 44E2D9C2C7192467D4D0A8E03A621567 ] C:\WINDOWS\system32\oakley.dll
21:25:24.0843 0212 C:\WINDOWS\system32\oakley.dll - ok
21:25:24.0859 0212 [ 8F31505484A190D5B22274708799F4EC ] C:\WINDOWS\system32\regsvc.dll
21:25:24.0859 0212 C:\WINDOWS\system32\regsvc.dll - ok
21:25:24.0859 0212 [ 1D37681166E7B0AE1FABF5676439F924 ] C:\WINDOWS\system32\credui.dll
21:25:24.0859 0212 C:\WINDOWS\system32\credui.dll - ok
21:25:24.0859 0212 [ D92DBED30DBF45E7D2700596BB491B03 ] C:\WINDOWS\system32\pstorsvc.dll
21:25:24.0859 0212 C:\WINDOWS\system32\pstorsvc.dll - ok
21:25:24.0859 0212 [ 8D65C4D78E0D22E2655AFEB682656F15 ] C:\WINDOWS\system32\winipsec.dll
21:25:24.0859 0212 C:\WINDOWS\system32\winipsec.dll - ok
21:25:24.0875 0212 [ 134579F748163BC51D126488A2962B04 ] C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
21:25:24.0875 0212 C:\Program Files\McAfee\Common Framework\naPrdMgr.exe - ok
21:25:24.0875 0212 [ C9AFEA3C13B62701FAE571D8466EB5F6 ] C:\WINDOWS\system32\dot3dlg.dll
21:25:24.0875 0212 C:\WINDOWS\system32\dot3dlg.dll - ok
21:25:24.0875 0212 [ A7162CFFDA477AE2239D4FB6F8094534 ] C:\WINDOWS\system32\onex.dll
21:25:24.0875 0212 C:\WINDOWS\system32\onex.dll - ok
21:25:24.0875 0212 [ 3D8593AA6CB1C610CCC4EE4A2079841C ] C:\WINDOWS\system32\psbase.dll
21:25:24.0875 0212 C:\WINDOWS\system32\psbase.dll - ok
21:25:24.0875 0212 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
21:25:24.0875 0212 C:\WINDOWS\system32\dssenh.dll - ok
21:25:24.0890 0212 [ DFBCA5222331A476C42DF1AA3921629E ] C:\WINDOWS\system32\eappcfg.dll
21:25:24.0890 0212 C:\WINDOWS\system32\eappcfg.dll - ok
21:25:24.0890 0212 [ F6D35EBC8F11300AAFD1D4CA6DC65B9D ] C:\WINDOWS\system32\eappprxy.dll
21:25:24.0890 0212 C:\WINDOWS\system32\eappprxy.dll - ok
21:25:24.0890 0212 [ 2DF6B86A8CE10CC93CE4C6DC72C5E791 ] C:\WINDOWS\system32\wzcsapi.dll
21:25:24.0890 0212 C:\WINDOWS\system32\wzcsapi.dll - ok
21:25:24.0890 0212 [ 65DDCE6C4F63C6AAC3D99EFBA4C1E9C4 ] C:\WINDOWS\system32\cscui.dll
21:25:24.0890 0212 C:\WINDOWS\system32\cscui.dll - ok
21:25:24.0906 0212 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] C:\WINDOWS\system32\seclogon.dll
21:25:24.0906 0212 C:\WINDOWS\system32\seclogon.dll - ok
21:25:24.0906 0212 [ A530B75C10C23C9AB28FDB6CE719E21F ] C:\WINDOWS\system32\sens.dll
21:25:24.0906 0212 C:\WINDOWS\system32\sens.dll - ok
21:25:24.0906 0212 [ 35B91147124F64AC8081A2EDB9EA4DEE ] C:\WINDOWS\system32\srsvc.dll
21:25:24.0906 0212 C:\WINDOWS\system32\srsvc.dll - ok
21:25:24.0906 0212 [ 14E87D5268FFA7F6BF6DC33B40A37866 ] C:\WINDOWS\system32\dpcdll.dll
21:25:24.0906 0212 C:\WINDOWS\system32\dpcdll.dll - ok
21:25:24.0906 0212 [ 653B038066D1FD5962BB88796ED7CFC0 ] C:\WINDOWS\system32\wdmaud.drv
21:25:24.0906 0212 C:\WINDOWS\system32\wdmaud.drv - ok
21:25:24.0921 0212 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
21:25:24.0921 0212 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
21:25:24.0921 0212 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
21:25:24.0921 0212 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
21:25:24.0921 0212 [ 7DC1830F22E7D275B438127B68030239 ] C:\WINDOWS\system32\userinit.exe
21:25:24.0921 0212 C:\WINDOWS\system32\userinit.exe - ok
21:25:24.0921 0212 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
21:25:24.0921 0212 C:\WINDOWS\system32\drivers\splitter.sys - ok
21:25:24.0921 0212 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
21:25:24.0921 0212 C:\WINDOWS\system32\drivers\aec.sys - ok
21:25:24.0937 0212 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
21:25:24.0937 0212 C:\WINDOWS\system32\drivers\swmidi.sys - ok
21:25:24.0937 0212 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
21:25:24.0937 0212 C:\WINDOWS\system32\drivers\dmusic.sys - ok
21:25:24.0937 0212 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
21:25:24.0937 0212 C:\WINDOWS\system32\drivers\kmixer.sys - ok
21:25:24.0937 0212 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
21:25:24.0937 0212 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
21:25:24.0953 0212 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] C:\WINDOWS\system32\wiaservc.dll
21:25:24.0953 0212 C:\WINDOWS\system32\wiaservc.dll - ok
21:25:24.0953 0212 [ F23EB535F0834B3B1E0CDD16DB4ED7A1 ] C:\WINDOWS\system32\cfgmgr32.dll
21:25:24.0953 0212 C:\WINDOWS\system32\cfgmgr32.dll - ok
21:25:24.0953 0212 [ 4F45453DF86912A09E757859FE18A26C ] C:\WINDOWS\system32\mscms.dll
21:25:24.0953 0212 C:\WINDOWS\system32\mscms.dll - ok
21:25:24.0953 0212 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] C:\WINDOWS\system32\termsrv.dll
21:25:24.0953 0212 C:\WINDOWS\system32\termsrv.dll - ok
21:25:24.0953 0212 [ 06E30C9FC68ED62A5C11B989E51679DE ] C:\Program Files\McAfee\Common Framework\UpdateSubSys.Dll
21:25:24.0953 0212 C:\Program Files\McAfee\Common Framework\UpdateSubSys.Dll - ok
21:25:24.0968 0212 [ F77ADF735A6AB15B083840F5B6D74B00 ] C:\Program Files\McAfee\Common Framework\updater.Dll
21:25:24.0968 0212 C:\Program Files\McAfee\Common Framework\updater.Dll - ok
21:25:24.0968 0212 [ 7D770F6FD01B8478F61287BEEEBDBF8E ] C:\WINDOWS\system32\oledlg.dll
21:25:24.0968 0212 C:\WINDOWS\system32\oledlg.dll - ok
21:25:24.0968 0212 [ 72C1FF5AE0330CCF9C35BCBBAD267F3B ] C:\WINDOWS\system32\icaapi.dll
21:25:24.0968 0212 C:\WINDOWS\system32\icaapi.dll - ok
21:25:24.0968 0212 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] C:\WINDOWS\system32\trkwks.dll
21:25:24.0968 0212 C:\WINDOWS\system32\trkwks.dll - ok
21:25:24.0984 0212 [ 0E8CB0A757E27B87F4DB45AC031BF02E ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
21:25:24.0984 0212 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
21:25:24.0984 0212 [ 6E0F6ABF57F2E3A73456450A1501D9B3 ] C:\WINDOWS\system32\mstlsapi.dll
21:25:24.0984 0212 C:\WINDOWS\system32\mstlsapi.dll - ok
21:25:24.0984 0212 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] C:\WINDOWS\system32\wdfmgr.exe
21:25:24.0984 0212 C:\WINDOWS\system32\wdfmgr.exe - ok
21:25:24.0984 0212 [ 58A0D4A0DB5FB76438A38F30E666B212 ] C:\WINDOWS\system32\msacm32.drv
21:25:24.0984 0212 C:\WINDOWS\system32\msacm32.drv - ok
21:25:24.0984 0212 [ C1232035BB304A4AEDE089BB4B83409D ] C:\Program Files\McAfee\Common Framework\ipcchannel.dll
21:25:24.0984 0212 C:\Program Files\McAfee\Common Framework\ipcchannel.dll - ok
21:25:25.0000 0212 [ 160A1500DDBE42F8793E3AD341E4BEC4 ] C:\WINDOWS\system32\midimap.dll
21:25:25.0000 0212 C:\WINDOWS\system32\midimap.dll - ok
21:25:25.0000 0212 [ E488332126E3B1182D2B8A0C35408EC6 ] C:\WINDOWS\system32\wbem\wmisvc.dll
21:25:25.0000 0212 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
21:25:25.0000 0212 [ CD63EB2645EF6DC6D912B1E6F9750A8D ] C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll
21:25:25.0000 0212 C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll - ok
21:25:25.0000 0212 [ 234BBFAC0545E978049B4CCD0E2405C2 ] C:\Program Files\McAfee\Common Framework\mfeCmnLib71.dll
21:25:25.0000 0212 C:\Program Files\McAfee\Common Framework\mfeCmnLib71.dll - ok
21:25:25.0015 0212 [ 1635D157B5DAEADAF323B5E9FB6FD5E2 ] C:\WINDOWS\system32\vssapi.dll
21:25:25.0015 0212 C:\WINDOWS\system32\vssapi.dll - ok
21:25:25.0015 0212 [ 6F4D3480C42EC33BB56613DC7C787720 ] C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
21:25:25.0015 0212 C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe - ok
21:25:25.0015 0212 [ 89E739BBA5F636297EA5B5F811189E06 ] C:\WINDOWS\system32\browser.dll
21:25:25.0015 0212 C:\WINDOWS\system32\browser.dll - ok
21:25:25.0015 0212 [ C1364564800EE9784192145324A23308 ] C:\WINDOWS\system32\wuauserv.dll
21:25:25.0015 0212 C:\WINDOWS\system32\wuauserv.dll - ok
21:25:25.0031 0212 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
21:25:25.0031 0212 C:\WINDOWS\system32\wuaueng.dll - ok
21:25:25.0031 0212 [ 12FD48F2191A9194ED501E93FD7D276B ] C:\Program Files\McAfee\Common Framework\Scheduler.dll
21:25:25.0031 0212 C:\Program Files\McAfee\Common Framework\Scheduler.dll - ok
21:25:25.0031 0212 [ 051C4F9607E2A1913FA84104BF9CDDF2 ] C:\Program Files\McAfee\VirusScan Enterprise\mytilus3.dll
21:25:25.0031 0212 C:\Program Files\McAfee\VirusScan Enterprise\mytilus3.dll - ok
21:25:25.0031 0212 [ 14FCD22557C5200D4FE761620BC1BE97 ] C:\Program Files\McAfee\VirusScan Enterprise\ftl.dll
21:25:25.0031 0212 C:\Program Files\McAfee\VirusScan Enterprise\ftl.dll - ok
21:25:25.0031 0212 [ 0B13FD431ED8AD66F4482B3D33F54986 ] C:\WINDOWS\system32\nvrscs.dll
21:25:25.0031 0212 C:\WINDOWS\system32\nvrscs.dll - ok
21:25:25.0046 0212 [ 27AFD587C462E280EE046B8CCA3C2CD1 ] C:\WINDOWS\explorer.exe
21:25:25.0046 0212 C:\WINDOWS\explorer.exe - ok
21:25:25.0046 0212 [ 9F53BAAE57C32DE60A921951A5E31B97 ] C:\Program Files\McAfee\VirusScan Enterprise\vsplugin.dll
21:25:25.0046 0212 C:\Program Files\McAfee\VirusScan Enterprise\vsplugin.dll - ok
21:25:25.0046 0212 [ 5239ABED9DB03D8E9708A65B63B605F0 ] C:\Program Files\McAfee\Common Framework\TCSubSys.dll
21:25:25.0046 0212 C:\Program Files\McAfee\Common Framework\TCSubSys.dll - ok
21:25:25.0046 0212 [ 2161B0A46C4F57FA3645DD881572962C ] C:\WINDOWS\system32\nvapi.dll
21:25:25.0046 0212 C:\WINDOWS\system32\nvapi.dll - ok
21:25:25.0062 0212 [ 3BECFAA73C00CA42CB8FC85A21F45141 ] C:\Program Files\McAfee\Common Framework\CMALib.dll
21:25:25.0062 0212 C:\Program Files\McAfee\Common Framework\CMALib.dll - ok
21:25:25.0062 0212 [ F66D2E3B8CA33F29D63F27A5676FE0C9 ] C:\WINDOWS\system32\rdpwsx.dll
21:25:25.0062 0212 C:\WINDOWS\system32\rdpwsx.dll - ok
21:25:25.0062 0212 [ 84963584AEEF0562B632FC85B108B654 ] C:\WINDOWS\system32\winhttp.dll
21:25:25.0062 0212 C:\WINDOWS\system32\winhttp.dll - ok
21:25:25.0062 0212 [ E45ECB5A023F77F813CD0DFF92699B76 ] C:\WINDOWS\system32\browseui.dll
21:25:25.0062 0212 C:\WINDOWS\system32\browseui.dll - ok
21:25:25.0062 0212 [ 8702CD069DE8F6B527E92CF55F78D5D2 ] C:\WINDOWS\system32\cabinet.dll
21:25:25.0062 0212 C:\WINDOWS\system32\cabinet.dll - ok
21:25:25.0078 0212 [ 3A3C1A6E89530C0E85681C723BB69DEE ] C:\WINDOWS\system32\mspatcha.dll
21:25:25.0078 0212 C:\WINDOWS\system32\mspatcha.dll - ok
21:25:25.0078 0212 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
21:25:25.0078 0212 C:\WINDOWS\system32\wups.dll - ok
21:25:25.0078 0212 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
21:25:25.0078 0212 C:\WINDOWS\system32\wups2.dll - ok
21:25:25.0078 0212 [ 48D065081DC8666764A903952AD6FB80 ] C:\WINDOWS\system32\comsvcs.dll
21:25:25.0078 0212 C:\WINDOWS\system32\comsvcs.dll - ok
21:25:25.0093 0212 [ 6D4084D7ACF7A369C802116A9128F2F5 ] C:\WINDOWS\system32\shdocvw.dll
21:25:25.0093 0212 C:\WINDOWS\system32\shdocvw.dll - ok
21:25:25.0093 0212 [ 33FC9AB5D74633F257B879B401F70BBE ] C:\WINDOWS\system32\rundll32.exe
21:25:25.0093 0212 C:\WINDOWS\system32\rundll32.exe - ok
21:25:25.0093 0212 [ 6B227D8DDFEF9546F393DF255C9BA6DF ] C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll
21:25:25.0093 0212 C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll - ok
21:25:25.0093 0212 [ 0892B57DC527FCED9FB02F2E6343C5FF ] C:\WINDOWS\system32\colbact.dll
21:25:25.0093 0212 C:\WINDOWS\system32\colbact.dll - ok
21:25:25.0093 0212 [ E9113D2BAAE752340038024DAFC23535 ] C:\WINDOWS\system32\mtxclu.dll
21:25:25.0093 0212 C:\WINDOWS\system32\mtxclu.dll - ok
21:25:25.0109 0212 [ F0A0997640611EB605A122023FE47204 ] C:\WINDOWS\system32\clusapi.dll
21:25:25.0109 0212 C:\WINDOWS\system32\clusapi.dll - ok
21:25:25.0109 0212 [ FBA94CD67E28DF2BDB4D6824A95FF9DB ] C:\WINDOWS\system32\resutils.dll
21:25:25.0109 0212 C:\WINDOWS\system32\resutils.dll - ok
21:25:25.0109 0212 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
21:25:25.0109 0212 C:\WINDOWS\system32\wuauclt.exe - ok
21:25:25.0109 0212 [ DC9EFCC8827EB2C0D17A7E4B2DE77E63 ] C:\WINDOWS\system32\desk.cpl
21:25:25.0109 0212 C:\WINDOWS\system32\desk.cpl - ok
21:25:25.0125 0212 [ 508B8A0B72953469B3282A495CA6D482 ] C:\WINDOWS\system32\actxprxy.dll
21:25:25.0125 0212 C:\WINDOWS\system32\actxprxy.dll - ok
21:25:25.0125 0212 [ 42FC2993518A71372BE7B8176CAAC8CF ] C:\WINDOWS\system32\themeui.dll
21:25:25.0125 0212 C:\WINDOWS\system32\themeui.dll - ok
21:25:25.0125 0212 [ F58FACA9621D2DB01BD0927D9A0A208E ] C:\WINDOWS\system32\ipnathlp.dll
21:25:25.0125 0212 C:\WINDOWS\system32\ipnathlp.dll - ok
21:25:25.0125 0212 [ E35CD9EFE457E1DE5E9CF94F1F92B52B ] C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
21:25:25.0125 0212 C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe - ok
21:25:25.0140 0212 [ 15BC40DEDF4E5A0DDB5D3623B9483DDA ] C:\WINDOWS\system32\wbem\wbemcore.dll
21:25:25.0140 0212 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
21:25:25.0140 0212 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] C:\WINDOWS\system32\wscsvc.dll
21:25:25.0140 0212 C:\WINDOWS\system32\wscsvc.dll - ok
21:25:25.0140 0212 [ 6A1D3708BD2CB56B9B4FEBA43D40D571 ] C:\Program Files\McAfee\VirusScan Enterprise\naiann.dll
21:25:25.0140 0212 C:\Program Files\McAfee\VirusScan Enterprise\naiann.dll - ok
21:25:25.0140 0212 [ BE47A0CA98B7192B59DC27A843C9CEA1 ] C:\WINDOWS\system32\wbem\esscli.dll
21:25:25.0140 0212 C:\WINDOWS\system32\wbem\esscli.dll - ok
21:25:25.0140 0212 [ 93B96546B71A819DD9ACAC1E7D8F3E07 ] C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.DLL
21:25:25.0140 0212 C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.DLL - ok
21:25:25.0156 0212 [ 7E780D549F168637940EC27A6747FAC9 ] C:\Program Files\McAfee\VirusScan Enterprise\NaEvent.Dll
21:25:25.0156 0212 C:\Program Files\McAfee\VirusScan Enterprise\NaEvent.Dll - ok
21:25:25.0156 0212 [ 58A4129B7AB2CF2E7F00256F7EDAEAC2 ] C:\WINDOWS\system32\cmd.exe
21:25:25.0156 0212 C:\WINDOWS\system32\cmd.exe - ok
21:25:25.0156 0212 [ B9D1F1606B3A4EA30E2141FDEDCA4342 ] C:\WINDOWS\system32\ieframe.dll
21:25:25.0156 0212 C:\WINDOWS\system32\ieframe.dll - ok
21:25:25.0156 0212 [ FA898CA2FB6FBE4A46F9D27971B3E1B5 ] C:\WINDOWS\system32\wbem\fastprox.dll
21:25:25.0156 0212 C:\WINDOWS\system32\wbem\fastprox.dll - ok
21:25:25.0171 0212 [ 8E70589EC4DDE3B22C5EE4A527BA0865 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
21:25:25.0171 0212 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
21:25:25.0171 0212 [ 8A36A2FF9C36BCDDCBD8F7C0C4DC0083 ] C:\WINDOWS\system32\wbem\wmiutils.dll
21:25:25.0171 0212 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
21:25:25.0171 0212 [ 44FA404CBDF4A9D472AC371A1CADE16B ] C:\Program Files\McAfee\Common Framework\Genevtinf3.dll
21:25:25.0171 0212 C:\Program Files\McAfee\Common Framework\Genevtinf3.dll - ok
21:25:25.0171 0212 [ E8A0384A25ECA1188E6F19F548947B53 ] C:\WINDOWS\system32\wbem\repdrvfs.dll
21:25:25.0171 0212 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
21:25:25.0171 0212 [ 4C501DD03666A9427DFEE53C3BD13900 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
21:25:25.0171 0212 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
21:25:25.0187 0212 [ 1957C5C463BCDC21F374523FD32A3115 ] C:\Program Files\Common Files\McAfee\Engine\mcscan32.dll
21:25:25.0187 0212 C:\Program Files\Common Files\McAfee\Engine\mcscan32.dll - ok
21:25:25.0187 0212 [ 2FDB32EF0E2CFF15ECC751BD61235398 ] C:\WINDOWS\system32\wbem\wbemess.dll
21:25:25.0187 0212 C:\WINDOWS\system32\wbem\wbemess.dll - ok
21:25:25.0187 0212 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
21:25:25.0187 0212 C:\WINDOWS\system32\wuapi.dll - ok
21:25:25.0187 0212 [ C97254C95FF161F9EAEBE5CB0DFDEC3C ] C:\WINDOWS\system32\wbem\ncprov.dll
21:25:25.0187 0212 C:\WINDOWS\system32\wbem\ncprov.dll - ok
21:25:25.0187 0212 [ 47E827EB2C26A383AD16BF80C0FCA8FA ] C:\WINDOWS\system32\cryptnet.dll
21:25:25.0187 0212 C:\WINDOWS\system32\cryptnet.dll - ok
21:25:25.0203 0212 [ C77D916102E469F130A504CB9DACB930 ] C:\WINDOWS\system32\sensapi.dll
21:25:25.0203 0212 C:\WINDOWS\system32\sensapi.dll - ok
21:25:25.0203 0212 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] C:\WINDOWS\system32\drivers\rdpwd.sys
21:25:25.0203 0212 C:\WINDOWS\system32\drivers\rdpwd.sys - ok
21:25:25.0203 0212 [ C56B6D0402371CF3700EB322EF3AAF61 ] C:\WINDOWS\system32\drivers\tdtcp.sys
21:25:25.0203 0212 C:\WINDOWS\system32\drivers\tdtcp.sys - ok
21:25:25.0203 0212 [ 9D8B38DE3CE3FEBD4CD18539C3414C87 ] C:\Program Files\Kerio\Personal Firewall 4\gkh.dll
21:25:25.0203 0212 C:\Program Files\Kerio\Personal Firewall 4\gkh.dll - ok
21:25:25.0218 0212 [ CA18BB84848E691D012A0368131945CC ] C:\Program Files\McAfee\VirusScan Enterprise\midutil.dll
21:25:25.0218 0212 C:\Program Files\McAfee\VirusScan Enterprise\midutil.dll - ok
21:25:25.0218 0212 [ F5BB3D0BB06C4DE2AC2E593460AE15EA ] C:\Program Files\McAfee\VirusScan Enterprise\nailite.dll
21:25:25.0218 0212 C:\Program Files\McAfee\VirusScan Enterprise\nailite.dll - ok
21:25:25.0218 0212 [ 39026E0FC3F91D6E601A2F28056918AA ] C:\Program Files\McAfee\VirusScan Enterprise\mfeapfa.dll
21:25:25.0218 0212 C:\Program Files\McAfee\VirusScan Enterprise\mfeapfa.dll - ok
21:25:25.0218 0212 [ CF3315B51F46C9C91C663DB04804398E ] C:\Program Files\McAfee\VirusScan Enterprise\mfehida.dll
21:25:25.0218 0212 C:\Program Files\McAfee\VirusScan Enterprise\mfehida.dll - ok
21:25:25.0218 0212 [ AF3BAF4CDED14D5FD7B8D94B78AE3F0A ] C:\WINDOWS\system32\drivers\mfeapfk.sys
21:25:25.0218 0212 C:\WINDOWS\system32\drivers\mfeapfk.sys - ok
21:25:25.0234 0212 [ 7F0077B0701B30001602CFE7A44F1957 ] C:\Program Files\McAfee\VirusScan Enterprise\mfeavfa.dll
21:25:25.0234 0212 C:\Program Files\McAfee\VirusScan Enterprise\mfeavfa.dll - ok
21:25:25.0234 0212 [ 2EBF8D78F99E2F667FA5F65312A489AB ] C:\WINDOWS\system32\drivers\mfeavfk.sys
21:25:25.0234 0212 C:\WINDOWS\system32\drivers\mfeavfk.sys - ok
21:25:25.0234 0212 [ CD78F171ACF966E4F83302C4192E881F ] C:\WINDOWS\system32\spoolss.dll
21:25:25.0234 0212 C:\WINDOWS\system32\spoolss.dll - ok
21:25:25.0234 0212 [ DC02DF6BBCC74BC8022807B968BD24BC ] C:\WINDOWS\system32\wbem\wbemcons.dll
21:25:25.0234 0212 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
21:25:25.0250 0212 [ 88842DE939A827577BF24243699AC80A ] C:\WINDOWS\system32\alg.exe
21:25:25.0250 0212 C:\WINDOWS\system32\alg.exe - ok
21:25:25.0250 0212 [ 32BAAEAEC3ED1536ED6EA387C4AA85A5 ] C:\WINDOWS\system32\localspl.dll
21:25:25.0250 0212 C:\WINDOWS\system32\localspl.dll - ok
21:25:25.0250 0212 [ C0D44791C969D65E63F250BC8BA0DC57 ] C:\WINDOWS\system32\AdobePDF.dll
21:25:25.0250 0212 C:\WINDOWS\system32\AdobePDF.dll - ok
21:25:25.0250 0212 [ EDB3D87983DA77A0A4CFA046C8BCE5CA ] C:\WINDOWS\system32\cnbjmon.dll
21:25:25.0250 0212 C:\WINDOWS\system32\cnbjmon.dll - ok
21:25:25.0250 0212 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll
21:25:25.0250 0212 C:\WINDOWS\system32\mdimon.dll - ok
21:25:25.0265 0212 [ 8DBB957A4E5DCA82F90C5F8A14BC789D ] C:\WINDOWS\system32\netcfgx.dll
21:25:25.0265 0212 C:\WINDOWS\system32\netcfgx.dll - ok
21:25:25.0265 0212 [ A751CFE02B53DC37EDC912D9BD778775 ] C:\WINDOWS\system32\MLMON_0G.DLL
21:25:25.0265 0212 C:\WINDOWS\system32\MLMON_0G.DLL - ok
21:25:25.0265 0212 [ B71DDDB2C32CF40382CBF7EB595A6FA9 ] C:\WINDOWS\system32\MSPOOL0G.DLL
21:25:25.0265 0212 C:\WINDOWS\system32\MSPOOL0G.DLL - ok
21:25:25.0265 0212 [ C2546CD7A398476F9DF5614B2AE160E8 ] C:\WINDOWS\system32\tapisrv.dll
21:25:25.0265 0212 C:\WINDOWS\system32\tapisrv.dll - ok
21:25:25.0281 0212 [ E2EB496B7A1CACF6550EF028B329893A ] C:\WINDOWS\system32\pjlmon.dll
21:25:25.0281 0212 C:\WINDOWS\system32\pjlmon.dll - ok
21:25:25.0281 0212 [ 519C77BC60B14AB6187C4D328105CD61 ] C:\WINDOWS\system32\tcpmon.dll
21:25:25.0281 0212 C:\WINDOWS\system32\tcpmon.dll - ok
21:25:25.0281 0212 [ D57554C664B64604BD1EE13EA2C07E77 ] C:\WINDOWS\system32\rasmans.dll
21:25:25.0281 0212 C:\WINDOWS\system32\rasmans.dll - ok
21:25:25.0281 0212 [ 9DD7DCC47F1EAA3FBCC985C20AD71B64 ] C:\WINDOWS\system32\usbmon.dll
21:25:25.0281 0212 C:\WINDOWS\system32\usbmon.dll - ok
21:25:25.0281 0212 [ EFEC5E7E5FE57957F9592A1500762E02 ] C:\WINDOWS\system32\rastapi.dll
21:25:25.0281 0212 C:\WINDOWS\system32\rastapi.dll - ok
21:25:25.0296 0212 [ 4F54119ACB137AF8ABE45AF7242E72CF ] C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR0G.DLL
21:25:25.0296 0212 C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR0G.DLL - ok
21:25:25.0296 0212 [ B481C1BE44B8821AC00DA47C565851B5 ] C:\WINDOWS\system32\MIMF320G.DLL
21:25:25.0296 0212 C:\WINDOWS\system32\MIMF320G.DLL - ok
21:25:25.0296 0212 [ 867C65E6246A113F1BCD2B4B575D8E6C ] C:\WINDOWS\system32\MTAG320G.DLL
21:25:25.0296 0212 C:\WINDOWS\system32\MTAG320G.DLL - ok
21:25:25.0296 0212 [ CE21D96724212D72D8D8406FD232072F ] C:\WINDOWS\system32\unimdm.tsp
21:25:25.0296 0212 C:\WINDOWS\system32\unimdm.tsp - ok
21:25:25.0312 0212 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
21:25:25.0312 0212 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
21:25:25.0312 0212 [ 06C93A33555CF66FA5618125658B7594 ] C:\WINDOWS\system32\uniplat.dll
21:25:25.0312 0212 C:\WINDOWS\system32\uniplat.dll - ok
21:25:25.0312 0212 [ 94E5D1795A0855E5F1FB5BDCF903F9DA ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
21:25:25.0312 0212 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
21:25:25.0312 0212 [ 1EC6A255B9B5AE8F53F0F3A41E66E5FD ] C:\WINDOWS\system32\win32spl.dll
21:25:25.0312 0212 C:\WINDOWS\system32\win32spl.dll - ok
21:25:25.0328 0212 [ 4EB458471415ADA85DE62D03E770D0CD ] C:\WINDOWS\system32\kmddsp.tsp
21:25:25.0328 0212 C:\WINDOWS\system32\kmddsp.tsp - ok
21:25:25.0328 0212 [ 6E3248D3F8766502A51DF12F1F54BCE3 ] C:\WINDOWS\system32\netrap.dll
21:25:25.0328 0212 C:\WINDOWS\system32\netrap.dll - ok
21:25:25.0328 0212 [ F420C325956CA593679A8796065BFBB6 ] C:\WINDOWS\system32\inetpp.dll
21:25:25.0328 0212 C:\WINDOWS\system32\inetpp.dll - ok
21:25:25.0328 0212 [ 6FD0456A046649399FEF9110FFFB0E79 ] C:\WINDOWS\system32\ndptsp.tsp
21:25:25.0328 0212 C:\WINDOWS\system32\ndptsp.tsp - ok
21:25:25.0328 0212 [ 3382CA270103BBDA349CE07BDBA60DA7 ] C:\WINDOWS\system32\ipconf.tsp
21:25:25.0328 0212 C:\WINDOWS\system32\ipconf.tsp - ok
21:25:25.0343 0212 [ 67FF1B2F19BED51A335BBC844A32EF46 ] C:\WINDOWS\system32\h323.tsp
21:25:25.0343 0212 C:\WINDOWS\system32\h323.tsp - ok
21:25:25.0343 0212 [ 508D2C123D48C6A63DAE370FFC6770A8 ] C:\WINDOWS\system32\hidphone.tsp
21:25:25.0343 0212 C:\WINDOWS\system32\hidphone.tsp - ok
21:25:25.0343 0212 [ 4D252655B9FBC4002447EEBC1751B5D9 ] C:\WINDOWS\system32\rasppp.dll
21:25:25.0343 0212 C:\WINDOWS\system32\rasppp.dll - ok
21:25:25.0343 0212 [ D63EAABBB757EB417EDDC8CDB5598704 ] C:\WINDOWS\system32\ntlsapi.dll
21:25:25.0343 0212 C:\WINDOWS\system32\ntlsapi.dll - ok
21:25:25.0359 0212 [ DEDF090BB17D77B12A7465486AA7F91C ] C:\WINDOWS\system32\rasqec.dll
21:25:25.0359 0212 C:\WINDOWS\system32\rasqec.dll - ok
21:25:25.0359 0212 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\DOCUME~1\David\LOCALS~1\Temp\6A317473-601F-4EB8-8566-90C4CC9F6B0F.exe
21:25:25.0359 0212 C:\DOCUME~1\David\LOCALS~1\Temp\6A317473-601F-4EB8-8566-90C4CC9F6B0F.exe - ok
21:25:25.0359 0212 [ D65C288E5F9B0C557F685CECC0B1B1E6 ] C:\WINDOWS\system32\msutb.dll
21:25:25.0359 0212 C:\WINDOWS\system32\msutb.dll - ok
21:25:25.0359 0212 [ 269A0930085C63E0464C85F3FA1D2DBA ] C:\WINDOWS\system32\msctf.dll
21:25:25.0359 0212 C:\WINDOWS\system32\msctf.dll - ok
21:25:25.0359 0212 [ 7FDE9FC15765E02B23E1756930165AD1 ] C:\WINDOWS\system32\linkinfo.dll
21:25:25.0359 0212 C:\WINDOWS\system32\linkinfo.dll - ok
21:25:25.0375 0212 [ 5D23A83D4B6324EC147F17334E057493 ] C:\WINDOWS\system32\ntshrui.dll
21:25:25.0375 0212 C:\WINDOWS\system32\ntshrui.dll - ok
21:25:25.0375 0212 [ 6B4377A3DA487722270E5DD2A20DDDF2 ] C:\WINDOWS\system32\verclsid.exe
21:25:25.0375 0212 C:\WINDOWS\system32\verclsid.exe - ok
21:25:25.0375 0212 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\55989234.sys
21:25:25.0375 0212 C:\WINDOWS\system32\drivers\55989234.sys - ok
21:25:25.0375 0212 [ 21C141732D231677D8FEC89A73EB44A2 ] C:\WINDOWS\system32\msxml3.dll
21:25:25.0375 0212 C:\WINDOWS\system32\msxml3.dll - ok
21:25:25.0390 0212 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
21:25:25.0390 0212 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
21:25:25.0390 0212 [ 129E4E748829A3D027787E6740EE351D ] C:\WINDOWS\system32\mlang.dll
21:25:25.0390 0212 C:\WINDOWS\system32\mlang.dll - ok
21:25:25.0390 0212 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
21:25:25.0390 0212 C:\WINDOWS\system32\webcheck.dll - ok
21:25:25.0390 0212 [ B68B20BC561C8ECF672DF627A4D8DC8F ] C:\WINDOWS\system32\stobject.dll
21:25:25.0390 0212 C:\WINDOWS\system32\stobject.dll - ok
21:25:25.0390 0212 [ E868299439DCBFD5117A2FEB90217C84 ] C:\WINDOWS\system32\batmeter.dll
21:25:25.0390 0212 C:\WINDOWS\system32\batmeter.dll - ok
21:25:25.0406 0212 [ F7B93AAFAD33B2320954C17E26C8D361 ] C:\WINDOWS\system32\imapi.exe
21:25:25.0406 0212 C:\WINDOWS\system32\imapi.exe - ok
21:25:25.0406 0212 [ AEC67D05840ED618DAF8A19BF8E80BAA ] C:\WINDOWS\system32\upnp.dll
21:25:25.0406 0212 C:\WINDOWS\system32\upnp.dll - ok
21:25:25.0406 0212 [ 55C3D3D15782ED6A92BDDEC0AE48E9E9 ] C:\WINDOWS\system32\ssdpapi.dll
21:25:25.0406 0212 C:\WINDOWS\system32\ssdpapi.dll - ok
21:25:25.0406 0212 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
21:25:25.0406 0212 C:\WINDOWS\system32\drivers\http.sys - ok
21:25:25.0421 0212 [ A6DC9E1950657DD5AA1395CB2E5B01CD ] C:\WINDOWS\system32\wbem\cimwin32.dll
21:25:25.0421 0212 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
21:25:25.0421 0212 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] C:\WINDOWS\system32\ssdpsrv.dll
21:25:25.0421 0212 C:\WINDOWS\system32\ssdpsrv.dll - ok
21:25:25.0421 0212 [ 0FC6A06A953F7F4A8336DB27767310C4 ] C:\WINDOWS\system32\rasdlg.dll
21:25:25.0421 0212 C:\WINDOWS\system32\rasdlg.dll - ok
21:25:25.0421 0212 [ C3C4E2BDE357D77A128CE77C7E67E76A ] C:\WINDOWS\system32\wbem\framedyn.dll
21:25:25.0421 0212 C:\WINDOWS\system32\wbem\framedyn.dll - ok
21:25:25.0421 0212 [ E162B072785CAD20F3F5262965F2E809 ] C:\WINDOWS\system32\security.dll
21:25:25.0421 0212 C:\WINDOWS\system32\security.dll - ok
21:25:25.0437 0212 [ FE3E0386343E090812161D31FAA7C04A ] C:\WINDOWS\system32\wbem\wmipcima.dll
21:25:25.0437 0212 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
21:25:25.0437 0212 [ C93152B9BBEC79C7A6CA39E4E4F77ECB ] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
21:25:25.0437 0212 C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe - ok
21:25:25.0437 0212 [ D081C72A6A33B6B7127D17B66FFDF995 ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
21:25:25.0437 0212 C:\Program Files\NVIDIA Corporation\nview\nwiz.exe - ok
21:25:25.0437 0212 [ 2ABF16D8A9F80936E884EC323B335410 ] C:\WINDOWS\system32\nvmctray.dll
21:25:25.0437 0212 C:\WINDOWS\system32\nvmctray.dll - ok
21:25:25.0453 0212 [ 0A74B5376B81E29BF5D4CDB9FACC5E46 ] C:\Program Files\McAfee\Common Framework\UdaterUI.exe
21:25:25.0453 0212 C:\Program Files\McAfee\Common Framework\UdaterUI.exe - ok
21:25:25.0453 0212 [ A760DE5BFC2C1A17635DA7F7BDE37769 ] C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
21:25:25.0453 0212 C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe - ok
21:25:25.0453 0212 [ D5DE3333EA2BB10015F484134565DB92 ] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
21:25:25.0453 0212 C:\Program Files\OpenVPN\bin\openvpn-gui.exe - ok
21:25:25.0453 0212 [ 0C66454DEBE3B89199D637CB036723B5 ] C:\Program Files\OpenVPN\bin\libeay32.dll
21:25:25.0453 0212 C:\Program Files\OpenVPN\bin\libeay32.dll - ok
21:25:25.0453 0212 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:25:25.0453 0212 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
21:25:25.0468 0212 [ 6705043F0BB486E666D57DBBB5D389D0 ] C:\Program Files\NVIDIA Corporation\nview\nView.dll
21:25:25.0468 0212 C:\Program Files\NVIDIA Corporation\nview\nView.dll - ok
21:25:25.0468 0212 [ C92328F77863CA4472CBCB2292B12D1C ] C:\Program Files\NVIDIA Corporation\nview\NVWRSCS.dll
21:25:25.0468 0212 C:\Program Files\NVIDIA Corporation\nview\NVWRSCS.dll - ok
21:25:25.0468 0212 [ 84BD091511BB994664D33EC313645BF9 ] C:\WINDOWS\system32\nvwddi.dll
21:25:25.0468 0212 C:\WINDOWS\system32\nvwddi.dll - ok
21:25:25.0468 0212 [ E1636F57581CAB5D995FD54D2991EF57 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
21:25:25.0468 0212 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe - ok
21:25:25.0484 0212 [ 38ED0EC2661770A7699E599C45DAE844 ] C:\Program Files\Razer\DeathAdder\razerhid.exe
21:25:25.0484 0212 C:\Program Files\Razer\DeathAdder\razerhid.exe - ok
21:25:25.0484 0212 [ 7D41B90803F8B9EBAEAC9ECB3E53882F ] C:\Program Files\OpenVPN\bin\openvpn.exe
21:25:25.0484 0212 C:\Program Files\OpenVPN\bin\openvpn.exe - ok
21:25:25.0484 0212 [ A6E17D648B65385824464032C5B38B97 ] C:\Program Files\McAfee\VirusScan Enterprise\AdsLokUU.Dll
21:25:25.0484 0212 C:\Program Files\McAfee\VirusScan Enterprise\AdsLokUU.Dll - ok
21:25:25.0484 0212 [ D95D91A67D4B73D0E5A7C29F91793D33 ] C:\WINDOWS\system32\adsldp.dll
21:25:25.0484 0212 C:\WINDOWS\system32\adsldp.dll - ok
21:25:25.0484 0212 [ A756B8F0F7BAFBA6DFE39F7D169F2519 ] C:\WINDOWS\system32\ctfmon.exe
21:25:25.0484 0212 C:\WINDOWS\system32\ctfmon.exe - ok
21:25:25.0500 0212 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
21:25:25.0500 0212 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
21:25:25.0500 0212 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
21:25:25.0500 0212 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
21:25:25.0500 0212 [ DF872832944E29564DD9824F85AEA51B ] C:\Program Files\Razer\DeathAdder\CheckPidVid.dll
21:25:25.0500 0212 C:\Program Files\Razer\DeathAdder\CheckPidVid.dll - ok
21:25:25.0500 0212 [ AA8C99220DAF040D1F0543F51BDEE84A ] C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll
21:25:25.0500 0212 C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll - ok
21:25:25.0515 0212 [ 0460FC2BA9D61054C5F1A3A0EADD39F7 ] C:\Program Files\McAfee\VirusScan Enterprise\graphics.dll
21:25:25.0515 0212 C:\Program Files\McAfee\VirusScan Enterprise\graphics.dll - ok
21:25:25.0515 0212 [ FE4083ADBD690EF8B02EC30CF756EFBD ] C:\WINDOWS\ime\sptip.dll
21:25:25.0515 0212 C:\WINDOWS\ime\sptip.dll - ok
21:25:25.0515 0212 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libcurl.dll
21:25:25.0515 0212 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libcurl.dll - ok
21:25:25.0515 0212 [ 8E009E7AC012823845D5F39A77F4A27F ] C:\WINDOWS\system32\dsound.dll
21:25:25.0515 0212 C:\WINDOWS\system32\dsound.dll - ok
21:25:25.0515 0212 [ 507C2C7E84331D28C64A7ADF5BFC4557 ] C:\Program Files\OpenVPN\bin\libssl32.dll
21:25:25.0515 0212 C:\Program Files\OpenVPN\bin\libssl32.dll - ok
21:25:25.0531 0212 [ 79AF4AF3E24A99D1790380B770B336FC ] C:\Program Files\McAfee\Common Framework\0409\UpdRes.Dll
21:25:25.0531 0212 C:\Program Files\McAfee\Common Framework\0409\UpdRes.Dll - ok
21:25:25.0531 0212 [ 39DA15B313F798372DA59F53355E8477 ] C:\Program Files\McAfee\Common Framework\McTray.exe
21:25:25.0531 0212 C:\Program Files\McAfee\Common Framework\McTray.exe - ok
21:25:25.0531 0212 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libeay32.dll
21:25:25.0531 0212 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\libeay32.dll - ok
21:25:25.0531 0212 [ 36AAA6502AE7FAFA284873C6563E7912 ] C:\WINDOWS\system32\wshnetbs.dll
21:25:25.0531 0212 C:\WINDOWS\system32\wshnetbs.dll - ok
21:25:25.0546 0212 [ 829E425E30DA88834E8FC058B261D983 ] C:\Program Files\McAfee\Common Framework\JrMac.dll
21:25:25.0546 0212 C:\Program Files\McAfee\Common Framework\JrMac.dll - ok
21:25:25.0546 0212 [ 16C195EBC0A3EC35C48D0C2D9A346BAB ] C:\WINDOWS\system32\olepro32.dll
21:25:25.0546 0212 C:\WINDOWS\system32\olepro32.dll - ok
21:25:25.0546 0212 [ AF6A4BCDE2343E8562D3003A1740CC96 ] C:\WINDOWS\system32\ksuser.dll
21:25:25.0546 0212 C:\WINDOWS\system32\ksuser.dll - ok
21:25:25.0546 0212 [ EEEF5FF5B53416D6197965A6D6D723B6 ] C:\Program Files\Razer\DeathAdder\razertra.exe
21:25:25.0546 0212 C:\Program Files\Razer\DeathAdder\razertra.exe - ok
21:25:25.0546 0212 [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
21:25:25.0546 0212 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
21:25:25.0562 0212 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\ssleay32.dll
21:25:25.0562 0212 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\ssleay32.dll - ok
21:25:25.0562 0212 [ F694D53C6BF3EE02D128D5A42DBECC9E ] C:\Program Files\Razer\DeathAdder\razerlan.dll
21:25:25.0562 0212 C:\Program Files\Razer\DeathAdder\razerlan.dll - ok
21:25:25.0562 0212 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll
21:25:25.0562 0212 C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll - ok
21:25:25.0562 0212 [ 2A032EFAE93D6C5DE769796FB355185F ] C:\Program Files\Razer\DeathAdder\razerofa.exe
21:25:25.0562 0212 C:\Program Files\Razer\DeathAdder\razerofa.exe - ok
21:25:25.0578 0212 [ 268D17827F501D68BA0AB26C1DCD8264 ] C:\Program Files\Razer\DeathAdder\vdDaemon.exe
21:25:25.0578 0212 C:\Program Files\Razer\DeathAdder\vdDaemon.exe - ok
21:25:25.0578 0212 [ 165AE7A443F2139DD2C078AD87699F91 ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
21:25:25.0578 0212 C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
21:25:25.0578 0212 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
21:25:25.0578 0212 C:\WINDOWS\system32\advpack.dll - ok
21:25:25.0578 0212 [ 2695ED5F8A4FAC0B16BA36D28481182D ] C:\WINDOWS\system32\drprov.dll
21:25:25.0578 0212 C:\WINDOWS\system32\drprov.dll - ok
21:25:25.0578 0212 [ 14B9BE12D4539225D2785093802DEEF0 ] C:\WINDOWS\system32\netui0.dll
21:25:25.0578 0212 C:\WINDOWS\system32\netui0.dll - ok
21:25:25.0593 0212 [ 3B93BD2EA2B66FA32C344ACCE7378A43 ] C:\WINDOWS\system32\ntlanman.dll
21:25:25.0593 0212 C:\WINDOWS\system32\ntlanman.dll - ok
21:25:25.0593 0212 [ 2B50EA34CBCFAB1B71E66EAFC1F9AB8C ] C:\WINDOWS\system32\davclnt.dll
21:25:25.0593 0212 C:\WINDOWS\system32\davclnt.dll - ok
21:25:25.0593 0212 [ BBBCD7E2493566BF8FF676DB69D9A754 ] C:\WINDOWS\system32\netui1.dll
21:25:25.0593 0212 C:\WINDOWS\system32\netui1.dll - ok
21:25:25.0593 0212 ============================================================
21:25:25.0593 0212 Scan finished
21:25:25.0593 0212 ============================================================
21:25:25.0703 2620 Detected object count: 12
21:25:25.0703 2620 Actual detected object count: 12
21:25:37.0843 2620 astcc ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0843 2620 astcc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0843 2620 ATMsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0843 2620 ATMsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0843 2620 fwdrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0843 2620 fwdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0843 2620 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0843 2620 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0843 2620 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0843 2620 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0843 2620 khips ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0843 2620 khips ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0843 2620 KPF4 ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0843 2620 KPF4 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0859 2620 OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0859 2620 OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0859 2620 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0859 2620 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0859 2620 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0859 2620 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0859 2620 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0859 2620 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:37.0859 2620 tap0801 ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:37.0859 2620 tap0801 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:42.0421 3180 Deinitialize success

#23 Příspěvek od **vyosek** » 29 srp 2012 18:38

Fajn, jdeme dale

Spustte znovu RogueKiller

Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

dave5 · #24 Příspěvek od **dave5** » 29 srp 2012 18:49

RogueKiller V8.0.0 [08/26/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : David [Práva správce]
Mód : Odebrat -- Datum : 08/29/2012 21:46:03

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0514435)
SSDT[37] : NtCreateFile @ 0x805790A2 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0513C5C)
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB05100B0)
SSDT[47] : NtCreateProcess @ 0x805D1250 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0513031)
SSDT[48] : NtCreateProcessEx @ 0x805D119A -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0512EAE)
SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0513693)
SSDT[62] : NtDeleteFile @ 0x80576C4A -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB05144B5)
SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB05104E1)
SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0510574)
SSDT[97] : NtLoadDriver @ 0x80584172 -> HOOKED (\SystemRoot\system32\drivers\khips.sys @ 0xB029C8B0)
SSDT[108] : NtMapViewOfSection @ 0x805B2042 -> HOOKED (\SystemRoot\system32\drivers\khips.sys @ 0xB029CA20)
SSDT[116] : NtOpenFile @ 0x8057A1A0 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0513F27)
SSDT[119] : NtOpenKey @ 0x806253B4 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0510307)
SSDT[206] : NtResumeThread @ 0x805D4A18 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB051371F)
SSDT[224] : NtSetInformationFile @ 0x8057B02E -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0514229)
SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB051067D)
SSDT[274] : NtWriteFile @ 0x8057CF10 -> HOOKED (\SystemRoot\system32\drivers\fwdrv.sys @ 0xB0514186)

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD502IJ +++++
--- User ---
[MBR] 6e031a596155cbab2bc280c8e50c591e
[BSP] d95faf2b0f8bb5cdb2ca53665ecd2741 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 376931 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST3802110A +++++
--- User ---
[MBR] bd4c3c3fc3c9e51bd8b99af086547340
[BSP] e92cde90035fe2dc01689485b709e95b : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 35000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 71682030 | Size: 41307 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

------------------------------------------------

RogueKiller V8.0.0 [08/26/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : David [Práva správce]
Mód : Oprava HOSTS -- Datum : 08/29/2012 21:48:50

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

#25 Příspěvek od **vyosek** » 29 srp 2012 19:01

Tak a pustime tam jeste jeden nastroj

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

dave5 · #26 Příspěvek od **dave5** » 29 srp 2012 19:24

Zde log z combofixu:

ComboFix 12-08-28.03 - David 29.08.2012 22:10:34.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2856 [GMT 2:00]
Spuštěný z: c:\documents and settings\David\Plocha\ComboFix.exe
AV: McAfee VirusScan Enterprise *Disabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
FW: Kerio Personal Firewall *Disabled* {333BECA0-DED8-4139-A516-8D9E44E22669}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\David\WINDOWS
c:\windows\msmqinst.log
c:\windows\system32\SET656.tmp
c:\windows\system32\SET6A5.tmp
c:\windows\system32\SET6F4.tmp
c:\windows\system32\SET743.tmp
c:\windows\system32\SET792.tmp
C:\zip.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-29 )))))))))))))))))))))))))))))))
.
.
2012-08-29 19:22 . 2012-08-29 19:22 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-29 18:52 . 2012-08-29 18:52 14580 ----a-w- C:\backup.reg
2012-08-29 18:52 . 2012-08-29 18:52 574 ----a-w- C:\cleanup.bat
2012-08-27 18:56 . 2012-08-27 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\GARMIN
2012-08-25 23:02 . 2012-08-27 20:59 -------- d-----w- c:\program files\Giants
2012-08-22 07:11 . 2012-08-22 07:11 -------- d-----w- c:\program files\7-Zip
2012-08-21 11:25 . 2012-08-21 11:25 -------- d-----w- c:\documents and settings\David\Data aplikací\WTablet
2012-08-21 11:23 . 2012-08-29 08:24 -------- d-----w- c:\program files\Tablet
2012-08-11 09:39 . 2012-08-11 09:39 -------- d-----w- c:\documents and settings\David\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 06:11 . 2012-04-05 18:16 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-28 06:11 . 2012-01-03 16:44 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2002-09-20 18:03 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2012-01-03 13:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-04 01:38 . 2012-07-19 22:38 176000 ----a-w- c:\windows\system32\SNSShell.dll
2012-07-03 18:22 . 2002-09-20 17:41 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2002-09-20 18:05 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2002-09-20 18:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2002-09-20 18:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2012-01-03 14:33 385024 ----a-w- c:\windows\system32\html.iec
2012-06-21 13:12 . 2012-01-03 15:42 11680 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
2012-06-15 20:01 . 2012-01-09 22:59 57344 ----a-r- c:\documents and settings\David\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2012-06-05 15:49 . 2012-01-03 14:33 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2002-09-20 18:04 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2002-09-20 18:04 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2009-08-06 18:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 18:24 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2012-01-03 14:33 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2012-01-03 14:33 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2012-01-03 14:33 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2012-01-03 14:33 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2012-01-03 13:00 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2009-08-06 18:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 18:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 18:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2002-09-20 18:03 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2012-01-03 14:33 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2012-01-03 13:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-14 29831168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-10-08 203072]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2009-08-25 136512]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-04-26 124224]
"openvpn-gui"="c:\program files\OpenVPN\bin\openvpn-gui.exe" [2005-08-18 99328]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2012-01-14 248832]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
.
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.9.2005 12:05 286720]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.9.2005 12:05 81920]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [26.4.2011 21:07 22816]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [3.1.2012 18:01 69192]
R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [3.1.2012 17:42 11136]
R3 hidkmdf;KMDF Driver;c:\windows\system32\drivers\hidkmdf.sys [3.1.2012 17:42 11680]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [24.6.2004 3:54 23552]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [3.1.2012 16:25 238080]
R3 VKbms;Razer Gaming Device;c:\windows\system32\drivers\VKbms.sys [3.1.2012 17:42 10240]
S3 ae3g.sys;ae3g.sys;\??\c:\windows\system32\drivers\ae3g.sys --> c:\windows\system32\drivers\ae3g.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [3.1.2012 18:01 67240]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys --> c:\windows\system32\DRIVERS\wacomrouterfilter.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 38104476
*NewlyCreated* - 78477687
*Deregistered* - 38104476
*Deregistered* - 78477687
*Deregistered* - TrueSight
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: DhcpNameServer = 192.168.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-22357546.sys
SafeBoot-78477687.sys
SafeBoot-88796557.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-29 22:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\:őwjY*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="???\11?\16?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.8"
"DeviceInstanceIds"=multi:"h:\\drivers\\chipset\\xp\\smbus\\smbusati.inf\00"
.
Celkový čas: 2012-08-29 22:19:13
ComboFix-quarantined-files.txt 2012-08-29 20:19
.
Před spuštěním: Volných bajtů: 69 998 616 576
Po spuštění: Volných bajtů: 69 976 272 896
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer
.
- - End Of File - - 33C38BE2816EAE66068FF372A034FCD3

#27 Příspěvek od **vyosek** » 29 srp 2012 19:30

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

RegNull::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\:őwjY*]

Collect::
c:\windows\system32\drivers\ae3g.sys

Driver::
ae3g.sys

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"=-
"3389:TCP"=-
"65533:TCP"=-
"52344:TCP"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=-
"AdobeCS5.5ServiceManager"=-

Folder::
c:\documents and settings\David\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

dave5 · #28 Příspěvek od **dave5** » 29 srp 2012 19:53

ComboFix 12-08-28.03 - David 29.08.2012 22:39:36.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2822 [GMT 2:00]
Spuštěný z: c:\documents and settings\David\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\David\Plocha\CFScript.txt
AV: McAfee VirusScan Enterprise *Disabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
FW: Kerio Personal Firewall *Disabled* {333BECA0-DED8-4139-A516-8D9E44E22669}
.
ADS - WINDOWS: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AE3G.SYS
-------\Service_ae3g.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-29 )))))))))))))))))))))))))))))))
.
.
2012-08-29 19:22 . 2012-08-29 19:22 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-29 18:52 . 2012-08-29 18:52 14580 ----a-w- C:\backup.reg
2012-08-29 18:52 . 2012-08-29 18:52 574 ----a-w- C:\cleanup.bat
2012-08-27 18:56 . 2012-08-27 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\GARMIN
2012-08-25 23:02 . 2012-08-27 20:59 -------- d-----w- c:\program files\Giants
2012-08-22 07:11 . 2012-08-22 07:11 -------- d-----w- c:\program files\7-Zip
2012-08-21 11:25 . 2012-08-21 11:25 -------- d-----w- c:\documents and settings\David\Data aplikací\WTablet
2012-08-21 11:23 . 2012-08-29 08:24 -------- d-----w- c:\program files\Tablet
2012-08-11 09:39 . 2012-08-11 09:39 -------- d-----w- c:\documents and settings\David\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 06:11 . 2012-04-05 18:16 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-28 06:11 . 2012-01-03 16:44 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2002-09-20 18:03 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2012-01-03 13:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-04 01:38 . 2012-07-19 22:38 176000 ----a-w- c:\windows\system32\SNSShell.dll
2012-07-03 18:22 . 2002-09-20 17:41 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2002-09-20 18:05 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2002-09-20 18:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2002-09-20 18:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2012-01-03 14:33 385024 ----a-w- c:\windows\system32\html.iec
2012-06-21 13:12 . 2012-01-03 15:42 11680 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
2012-06-15 20:01 . 2012-01-09 22:59 57344 ----a-r- c:\documents and settings\David\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2012-06-05 15:49 . 2012-01-03 14:33 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2002-09-20 18:04 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2002-09-20 18:04 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2009-08-06 18:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 18:24 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2012-01-03 14:33 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2012-01-03 14:33 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2012-01-03 14:33 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2012-01-03 14:33 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2012-01-03 13:00 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2009-08-06 18:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 18:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 18:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2002-09-20 18:03 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2012-01-03 14:33 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2012-01-03 13:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-14 29831168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-10-08 203072]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2009-08-25 136512]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-04-26 124224]
"openvpn-gui"="c:\program files\OpenVPN\bin\openvpn-gui.exe" [2005-08-18 99328]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2012-01-14 248832]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
.
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.9.2005 12:05 286720]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.9.2005 12:05 81920]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [26.4.2011 21:07 22816]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [3.1.2012 18:01 69192]
R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [3.1.2012 17:42 11136]
R3 hidkmdf;KMDF Driver;c:\windows\system32\drivers\hidkmdf.sys [3.1.2012 17:42 11680]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [24.6.2004 3:54 23552]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [3.1.2012 16:25 238080]
R3 VKbms;Razer Gaming Device;c:\windows\system32\drivers\VKbms.sys [3.1.2012 17:42 10240]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [3.1.2012 18:01 67240]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys --> c:\windows\system32\DRIVERS\wacomrouterfilter.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: DhcpNameServer = 192.168.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-29 22:47
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\:őwjY*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="???\11?\16?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.8"
"DeviceInstanceIds"=multi:"h:\\drivers\\chipset\\xp\\smbus\\smbusati.inf\00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3508)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\astsrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Kerio\Personal Firewall 4\kpf4ss.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\Kerio\Personal Firewall 4\kpf4gui.exe
c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\mfeann.exe
c:\program files\Kerio\Personal Firewall 4\kpf4gui.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\McAfee\Common Framework\McTray.exe
c:\program files\Razer\DeathAdder\razertra.exe
c:\program files\Razer\DeathAdder\razerofa.exe
c:\program files\Razer\DeathAdder\vdDaemon.exe
.
**************************************************************************
.
Celkový čas: 2012-08-29 22:51:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-29 20:51
ComboFix2.txt 2012-08-29 20:19
.
Před spuštěním: Volných bajtů: 69 958 860 800
Po spuštění: Volných bajtů: 69 857 685 504
.
- - End Of File - - 3EB0571590822664B24AFF28FC8A4CE2

#29 Příspěvek od **vyosek** » 29 srp 2012 19:58

Super, uz to vypada moc dobre...Jak se chova nas pacient

dave5 · #30 Příspěvek od **dave5** » 29 srp 2012 20:07

Porad se mne pta, kdy uz bude konec...ale jinak to snasi dobre...daleko vic byl vystresovany jeho majitel (tim myslim sebe..)
- odezva pocitace (vcetne internetu) jako normalne
- zatim jsem nezkousel spoustet zadne programy
- trochu binec na plose a okoli
- po dvou bootovanich z CD do toho prostredi pro hubeni haveti mi windows ukazuji o 2 hodiny vic, muzu hodiny bez obav posunout zpet?

VIRY.CZ

zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal

Re: zpomalila se odezva pocitace, detekovan Sinowal