Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Iexplore problem
Message
<blockquote data-quote="Jwill1919" data-source="post: 318833" data-attributes="member: 32096"><p>Ok, here are the latest results. I'm still unable to open and use Firefox, the system just won't let me...</p><p></p><p></p><p>11:01:57.0000 0x06dc TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20</p><p>11:01:57.0171 0x06dc ============================================================</p><p>11:01:57.0171 0x06dc Current date / time: 2014/12/21 11:01:57.0171</p><p>11:01:57.0171 0x06dc SystemInfo:</p><p>11:01:57.0171 0x06dc </p><p>11:01:57.0171 0x06dc OS Version: 5.1.2600 ServicePack: 3.0</p><p>11:01:57.0171 0x06dc Product type: Workstation</p><p>11:01:57.0171 0x06dc ComputerName: JUSTIN</p><p>11:01:57.0171 0x06dc UserName: JW</p><p>11:01:57.0171 0x06dc Windows directory: C:\WINDOWS</p><p>11:01:57.0328 0x06dc System windows directory: C:\WINDOWS</p><p>11:01:57.0328 0x06dc Processor architecture: Intel x86</p><p>11:01:57.0328 0x06dc Number of processors: 1</p><p>11:01:57.0328 0x06dc Page size: 0x1000</p><p>11:01:57.0328 0x06dc Boot type: Normal boot</p><p>11:01:57.0328 0x06dc ============================================================</p><p>11:01:57.0328 0x06dc BG loaded</p><p>11:01:58.0640 0x06dc System UUID: {81D3F674-931D-82DB-D38F-56C914F3BD50}</p><p>11:02:05.0828 0x06dc Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000044</p><p>11:02:05.0859 0x06dc ============================================================</p><p>11:02:05.0859 0x06dc \Device\Harddisk0\DR0:</p><p>11:02:05.0859 0x06dc MBR partitions:</p><p>11:02:05.0859 0x06dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x11614400</p><p>11:02:05.0859 0x06dc ============================================================</p><p>11:02:05.0953 0x06dc C: <-> \Device\Harddisk0\DR0\Partition1</p><p>11:02:05.0953 0x06dc ============================================================</p><p>11:02:05.0953 0x06dc Initialize success</p><p>11:02:05.0953 0x06dc ============================================================</p><p>11:02:41.0812 0x0d40 ============================================================</p><p>11:02:41.0828 0x0d40 Scan started</p><p>11:02:41.0828 0x0d40 Mode: Manual; </p><p>11:02:41.0828 0x0d40 ============================================================</p><p>11:02:41.0828 0x0d40 KSN ping started</p><p>11:02:42.0203 0x0d40 KSN ping finished: true</p><p>11:02:45.0453 0x0d40 ================ Scan system memory ========================</p><p>11:02:45.0453 0x0d40 System memory - ok</p><p>11:02:45.0468 0x0d40 ================ Scan services =============================</p><p>11:02:45.0546 0x0d40 [ B0CC0B50441372157F31C4C023D43A3E, A0FCC03588C06E42D3B8465AC7D0F7A909E8CABEEE3C82B3CBD68F150D7692EE ] A2DDA C:\EEK\BIN\a2ddax86.sys</p><p>11:02:45.0546 0x0d40 A2DDA - ok</p><p>11:02:45.0890 0x0d40 Abiosdsk - ok</p><p>11:02:45.0937 0x0d40 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS</p><p>11:02:45.0937 0x0d40 abp480n5 - ok</p><p>11:02:46.0015 0x0d40 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys</p><p>11:02:46.0046 0x0d40 ACPI - ok</p><p>11:02:46.0078 0x0d40 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys</p><p>11:02:46.0078 0x0d40 ACPIEC - ok</p><p>11:02:46.0187 0x0d40 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>11:02:46.0234 0x0d40 AdobeFlashPlayerUpdateSvc - ok</p><p>11:02:46.0312 0x0d40 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys</p><p>11:02:46.0328 0x0d40 adpu160m - ok</p><p>11:02:46.0375 0x0d40 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys</p><p>11:02:46.0375 0x0d40 aec - ok</p><p>11:02:46.0453 0x0d40 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys</p><p>11:02:46.0453 0x0d40 AFD - ok</p><p>11:02:46.0500 0x0d40 [ 8ED60797908FD394EEE0D6949F493224, E07C471050F8D13F0BE52BC2CF88BA0EB8612B4957C43FF16B90197C57738C99 ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe</p><p>11:02:46.0500 0x0d40 AgereModemAudio - ok</p><p>11:02:46.0718 0x0d40 [ BAF68DCBA949633DF0C16D37AF2A2351, 85BE7F87685BF3BF1B8CE8CD79A9DA44E3B611F712A5C1EDA6AF45EE1A933C0B ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys</p><p>11:02:46.0765 0x0d40 AgereSoftModem - ok</p><p>11:02:46.0812 0x0d40 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys</p><p>11:02:46.0812 0x0d40 agp440 - ok</p><p>11:02:46.0843 0x0d40 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys</p><p>11:02:46.0843 0x0d40 agpCPQ - ok</p><p>11:02:46.0875 0x0d40 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys</p><p>11:02:46.0875 0x0d40 Aha154x - ok</p><p>11:02:46.0890 0x0d40 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys</p><p>11:02:46.0906 0x0d40 aic78u2 - ok</p><p>11:02:46.0921 0x0d40 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys</p><p>11:02:46.0937 0x0d40 aic78xx - ok</p><p>11:02:46.0984 0x0d40 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll</p><p>11:02:46.0984 0x0d40 Alerter - ok</p><p>11:02:47.0015 0x0d40 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe</p><p>11:02:47.0015 0x0d40 ALG - ok</p><p>11:02:47.0046 0x0d40 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys</p><p>11:02:47.0046 0x0d40 AliIde - ok</p><p>11:02:47.0093 0x0d40 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys</p><p>11:02:47.0109 0x0d40 alim1541 - ok</p><p>11:02:47.0140 0x0d40 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys</p><p>11:02:47.0140 0x0d40 amdagp - ok</p><p>11:02:47.0156 0x0d40 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys</p><p>11:02:47.0171 0x0d40 amsint - ok</p><p>11:02:47.0203 0x0d40 [ 2953A157A783BFC06F42F99FEFA5EB07, 90236C68F46FA25F6C0561A38CAE7BEB2E35281AF33B3779BC52CDA0F73018CC ] ANIO C:\WINDOWS\system32\ANIO.SYS</p><p>11:02:47.0203 0x0d40 ANIO - ok</p><p>11:02:47.0265 0x0d40 [ 3C417A392EC51E601AC55B5E196549E7, 913228A695B92F2EB597960E88E4D0A4CD117E08BC3BE714926E9EA71B7081E9 ] ANIWConnService C:\WINDOWS\system32\ANIWConnService.exe</p><p>11:02:47.0296 0x0d40 ANIWConnService - ok</p><p>11:02:47.0359 0x0d40 [ 495874EB368DCBACB56591B5DCB7336F, 59148D49E23AA0CE338CE82999ED1B9F8C8771AB980A7FF5095CC94D81840CA9 ] ANIWZCSdService C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe</p><p>11:02:47.0406 0x0d40 ANIWZCSdService - ok</p><p>11:02:47.0468 0x0d40 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>11:02:47.0468 0x0d40 Apple Mobile Device - ok</p><p>11:02:47.0500 0x0d40 AppMgmt - ok</p><p>11:02:47.0546 0x0d40 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys</p><p>11:02:47.0546 0x0d40 asc - ok</p><p>11:02:47.0578 0x0d40 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys</p><p>11:02:47.0578 0x0d40 asc3350p - ok</p><p>11:02:47.0593 0x0d40 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys</p><p>11:02:47.0593 0x0d40 asc3550 - ok</p><p>11:02:47.0718 0x0d40 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe</p><p>11:02:47.0750 0x0d40 aspnet_state - ok</p><p>11:02:47.0765 0x0d40 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys</p><p>11:02:47.0781 0x0d40 AsyncMac - ok</p><p>11:02:47.0906 0x0d40 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys</p><p>11:02:47.0906 0x0d40 atapi - ok</p><p>11:02:47.0937 0x0d40 Atdisk - ok</p><p>11:02:47.0984 0x0d40 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys</p><p>11:02:47.0984 0x0d40 Atmarpc - ok</p><p>11:02:48.0078 0x0d40 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll</p><p>11:02:48.0078 0x0d40 AudioSrv - ok</p><p>11:02:48.0125 0x0d40 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys</p><p>11:02:48.0125 0x0d40 audstub - ok</p><p>11:02:48.0171 0x0d40 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys</p><p>11:02:48.0171 0x0d40 Beep - ok</p><p>11:02:48.0281 0x0d40 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll</p><p>11:02:48.0375 0x0d40 BITS - ok</p><p>11:02:48.0484 0x0d40 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe</p><p>11:02:48.0546 0x0d40 Bonjour Service - ok</p><p>11:02:48.0609 0x0d40 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll</p><p>11:02:48.0609 0x0d40 Browser - ok</p><p>11:02:48.0656 0x0d40 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys</p><p>11:02:48.0656 0x0d40 cbidf - ok</p><p>11:02:48.0671 0x0d40 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys</p><p>11:02:48.0671 0x0d40 cbidf2k - ok</p><p>11:02:48.0718 0x0d40 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys</p><p>11:02:48.0718 0x0d40 cd20xrnt - ok</p><p>11:02:48.0734 0x0d40 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys</p><p>11:02:48.0734 0x0d40 Cdaudio - ok</p><p>11:02:48.0765 0x0d40 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys</p><p>11:02:48.0765 0x0d40 Cdfs - ok</p><p>11:02:48.0812 0x0d40 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys</p><p>11:02:48.0812 0x0d40 Cdrom - ok</p><p>11:02:48.0828 0x0d40 Changer - ok</p><p>11:02:48.0875 0x0d40 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe</p><p>11:02:48.0890 0x0d40 CiSvc - ok</p><p>11:02:48.0921 0x0d40 [ DBC8CDAFC84E96E894C3BAAED9B30F47, A25CDF4BBF8227878D3CBB8E74904A43751EC4E98DFEBFE4CBD3953890A170F9 ] cleanhlp C:\EEK\bin\cleanhlp32.sys</p><p>11:02:48.0937 0x0d40 cleanhlp - ok</p><p>11:02:48.0968 0x0d40 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe</p><p>11:02:48.0968 0x0d40 ClipSrv - ok</p><p>11:02:49.0015 0x0d40 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe</p><p>11:02:49.0093 0x0d40 clr_optimization_v2.0.50727_32 - ok</p><p>11:02:49.0156 0x0d40 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys</p><p>11:02:49.0156 0x0d40 CmdIde - ok</p><p>11:02:49.0171 0x0d40 COMSysApp - ok</p><p>11:02:49.0187 0x0d40 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys</p><p>11:02:49.0203 0x0d40 Cpqarray - ok</p><p>11:02:49.0234 0x0d40 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll</p><p>11:02:49.0250 0x0d40 CryptSvc - ok</p><p>11:02:49.0312 0x0d40 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys</p><p>11:02:49.0343 0x0d40 dac2w2k - ok</p><p>11:02:49.0359 0x0d40 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys</p><p>11:02:49.0359 0x0d40 dac960nt - ok</p><p>11:02:49.0468 0x0d40 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll</p><p>11:02:49.0484 0x0d40 DcomLaunch - ok</p><p>11:02:49.0546 0x0d40 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll</p><p>11:02:49.0546 0x0d40 Dhcp - ok</p><p>11:02:49.0593 0x0d40 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys</p><p>11:02:49.0609 0x0d40 Disk - ok</p><p>11:02:49.0609 0x0d40 dmadmin - ok</p><p>11:02:49.0781 0x0d40 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys</p><p>11:02:49.0921 0x0d40 dmboot - ok</p><p>11:02:49.0984 0x0d40 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys</p><p>11:02:50.0062 0x0d40 dmio - ok</p><p>11:02:50.0281 0x0d40 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys</p><p>11:02:50.0281 0x0d40 dmload - ok</p><p>11:02:50.0312 0x0d40 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll</p><p>11:02:50.0312 0x0d40 dmserver - ok</p><p>11:02:50.0359 0x0d40 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys</p><p>11:02:50.0359 0x0d40 DMusic - ok</p><p>11:02:50.0406 0x0d40 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll</p><p>11:02:50.0421 0x0d40 Dnscache - ok</p><p>11:02:50.0468 0x0d40 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll</p><p>11:02:50.0515 0x0d40 Dot3svc - ok</p><p>11:02:50.0546 0x0d40 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys</p><p>11:02:50.0546 0x0d40 dpti2o - ok</p><p>11:02:50.0593 0x0d40 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys</p><p>11:02:50.0593 0x0d40 drmkaud - ok</p><p>11:02:50.0625 0x0d40 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll</p><p>11:02:50.0640 0x0d40 EapHost - ok</p><p>11:02:50.0671 0x0d40 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll</p><p>11:02:50.0671 0x0d40 ERSvc - ok</p><p>11:02:50.0781 0x0d40 [ 23112102BC2A8FE44B8AC44A05BDF4C3, F986F92C8D60531E3652ADB4767709531C444CE51B55F638E8B898B3C274C47F ] ETService C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe</p><p>11:02:50.0781 0x0d40 ETService - ok</p><p>11:02:50.0843 0x0d40 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe</p><p>11:02:50.0890 0x0d40 Eventlog - ok</p><p>11:02:50.0968 0x0d40 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll</p><p>11:02:50.0984 0x0d40 EventSystem - ok</p><p>11:02:51.0046 0x0d40 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys</p><p>11:02:51.0078 0x0d40 Fastfat - ok</p><p>11:02:51.0125 0x0d40 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll</p><p>11:02:51.0140 0x0d40 FastUserSwitchingCompatibility - ok</p><p>11:02:51.0218 0x0d40 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe</p><p>11:02:51.0234 0x0d40 Fax - ok</p><p>11:02:51.0250 0x0d40 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys</p><p>11:02:51.0250 0x0d40 Fdc - ok</p><p>11:02:51.0312 0x0d40 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys</p><p>11:02:51.0312 0x0d40 Fips - ok</p><p>11:02:51.0328 0x0d40 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys</p><p>11:02:51.0328 0x0d40 Flpydisk - ok</p><p>11:02:51.0375 0x0d40 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys</p><p>11:02:51.0406 0x0d40 FltMgr - ok</p><p>11:02:51.0500 0x0d40 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe</p><p>11:02:51.0515 0x0d40 FontCache3.0.0.0 - ok</p><p>11:02:51.0562 0x0d40 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys</p><p>11:02:51.0562 0x0d40 Fs_Rec - ok</p><p>11:02:51.0609 0x0d40 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys</p><p>11:02:51.0625 0x0d40 Ftdisk - ok</p><p>11:02:51.0671 0x0d40 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys</p><p>11:02:51.0671 0x0d40 GEARAspiWDM - ok</p><p>11:02:51.0718 0x0d40 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys</p><p>11:02:51.0718 0x0d40 Gpc - ok</p><p>11:02:51.0765 0x0d40 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys</p><p>11:02:51.0781 0x0d40 HDAudBus - ok</p><p>11:02:51.0875 0x0d40 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll</p><p>11:02:51.0875 0x0d40 helpsvc - ok</p><p>11:02:51.0906 0x0d40 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll</p><p>11:02:51.0921 0x0d40 HidServ - ok</p><p>11:02:51.0968 0x0d40 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys</p><p>11:02:51.0968 0x0d40 hidusb - ok</p><p>11:02:52.0000 0x0d40 [ B3635FD088BA2F6F03A276A961BE6ED2, 119E3283E9101031883A1742BD904672C84DD6971F4DE42932B4B798B02C86D4 ] hitmanpro37 C:\WINDOWS\system32\drivers\hitmanpro37.sys</p><p>11:02:52.0015 0x0d40 hitmanpro37 - ok</p><p>11:02:52.0031 0x0d40 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll</p><p>11:02:52.0062 0x0d40 hkmsvc - ok</p><p>11:02:52.0093 0x0d40 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys</p><p>11:02:52.0093 0x0d40 hpn - ok</p><p>11:02:52.0234 0x0d40 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll</p><p>11:02:52.0250 0x0d40 hpqcxs08 - ok</p><p>11:02:52.0328 0x0d40 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll</p><p>11:02:52.0343 0x0d40 hpqddsvc - ok</p><p>11:02:52.0484 0x0d40 [ A04F4AC48895774A2CF9D1C9EAAACEF0, 012F10DE086C3551D75716EF1F6DCC477C8C1E776267D9FC4073BEADAFD37C9C ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL</p><p>11:02:52.0500 0x0d40 HPSLPSVC - ok</p><p>11:02:52.0578 0x0d40 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys</p><p>11:02:52.0593 0x0d40 HPZid412 - ok</p><p>11:02:52.0640 0x0d40 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys</p><p>11:02:52.0640 0x0d40 HPZipr12 - ok</p><p>11:02:52.0687 0x0d40 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys</p><p>11:02:52.0687 0x0d40 HPZius12 - ok</p><p>11:02:52.0812 0x0d40 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys</p><p>11:02:52.0828 0x0d40 HTTP - ok</p><p>11:02:52.0859 0x0d40 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll</p><p>11:02:52.0906 0x0d40 HTTPFilter - ok</p><p>11:02:53.0000 0x0d40 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys</p><p>11:02:53.0000 0x0d40 i2omgmt - ok</p><p>11:02:53.0031 0x0d40 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys</p><p>11:02:53.0046 0x0d40 i2omp - ok</p><p>11:02:53.0078 0x0d40 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys</p><p>11:02:53.0093 0x0d40 i8042prt - ok</p><p>11:02:53.0546 0x0d40 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe</p><p>11:02:54.0062 0x0d40 idsvc - ok</p><p>11:02:54.0109 0x0d40 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys</p><p>11:02:54.0109 0x0d40 Imapi - ok</p><p>11:02:54.0234 0x0d40 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe</p><p>11:02:54.0234 0x0d40 ImapiService - ok</p><p>11:02:54.0296 0x0d40 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys</p><p>11:02:54.0328 0x0d40 ini910u - ok</p><p>11:02:54.0421 0x0d40 [ C6E5276C00EBDEB096BB5EF4B797D1B6, 2620D2F7B5242E9DD0217FB4E0CBACF1DB8AB1B92187AD2847904948E1ABFEC1 ] int15 C:\WINDOWS\system32\drivers\int15.sys</p><p>11:02:54.0421 0x0d40 int15 - ok</p><p>11:02:54.0437 0x0d40 int15.sys - ok</p><p>11:02:56.0062 0x0d40 [ 19AFBB8427CE65042599555E578170DF, 2EC8FA208CF3DD93934B85E1DB99469D390A33CC23D4F2D4ADB523C8BFFF8D10 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys</p><p>11:02:56.0250 0x0d40 IntcAzAudAddService - ok</p><p>11:02:56.0343 0x0d40 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys</p><p>11:02:56.0406 0x0d40 IntelIde - ok</p><p>11:02:56.0515 0x0d40 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys</p><p>11:02:56.0531 0x0d40 Ip6Fw - ok</p><p>11:02:56.0593 0x0d40 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys</p><p>11:02:56.0625 0x0d40 IpFilterDriver - ok</p><p>11:02:56.0671 0x0d40 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys</p><p>11:02:56.0687 0x0d40 IpInIp - ok</p><p>11:02:56.0765 0x0d40 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys</p><p>11:02:56.0765 0x0d40 IpNat - ok</p><p>11:02:56.0906 0x0d40 [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe</p><p>11:02:57.0046 0x0d40 iPod Service - ok</p><p>11:02:57.0125 0x0d40 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys</p><p>11:02:57.0125 0x0d40 IPSec - ok</p><p>11:02:57.0156 0x0d40 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys</p><p>11:02:57.0156 0x0d40 IRENUM - ok</p><p>11:02:57.0203 0x0d40 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys</p><p>11:02:57.0203 0x0d40 isapnp - ok</p><p>11:02:57.0234 0x0d40 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys</p><p>11:02:57.0234 0x0d40 Kbdclass - ok</p><p>11:02:57.0250 0x0d40 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys</p><p>11:02:57.0250 0x0d40 kbdhid - ok</p><p>11:02:57.0312 0x0d40 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys</p><p>11:02:57.0359 0x0d40 kmixer - ok</p><p>11:02:57.0406 0x0d40 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys</p><p>11:02:57.0484 0x0d40 KSecDD - ok</p><p>11:02:57.0578 0x0d40 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll</p><p>11:02:57.0578 0x0d40 LanmanServer - ok</p><p>11:02:57.0687 0x0d40 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll</p><p>11:02:57.0703 0x0d40 lanmanworkstation - ok</p><p>11:02:57.0718 0x0d40 lbrtfdc - ok</p><p>11:02:57.0843 0x0d40 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll</p><p>11:02:57.0843 0x0d40 LmHosts - ok</p><p>11:02:57.0890 0x0d40 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll</p><p>11:02:57.0921 0x0d40 Messenger - ok</p><p>11:02:57.0984 0x0d40 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys</p><p>11:02:57.0984 0x0d40 mnmdd - ok</p><p>11:02:58.0031 0x0d40 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe</p><p>11:02:58.0062 0x0d40 mnmsrvc - ok</p><p>11:02:58.0125 0x0d40 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys</p><p>11:02:58.0140 0x0d40 Modem - ok</p><p>11:02:58.0171 0x0d40 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys</p><p>11:02:58.0187 0x0d40 Mouclass - ok</p><p>11:02:58.0203 0x0d40 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys</p><p>11:02:58.0203 0x0d40 mouhid - ok</p><p>11:02:58.0250 0x0d40 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys</p><p>11:02:58.0265 0x0d40 MountMgr - ok</p><p>11:02:58.0421 0x0d40 [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe</p><p>11:02:58.0531 0x0d40 MozillaMaintenance - ok</p><p>11:02:58.0593 0x0d40 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys</p><p>11:02:58.0609 0x0d40 mraid35x - ok</p><p>11:02:58.0796 0x0d40 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys</p><p>11:02:58.0828 0x0d40 MRxDAV - ok</p><p>11:02:58.0984 0x0d40 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys</p><p>11:02:59.0046 0x0d40 MRxSmb - ok</p><p>11:02:59.0140 0x0d40 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe</p><p>11:02:59.0187 0x0d40 MSDTC - ok</p><p>11:02:59.0234 0x0d40 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys</p><p>11:02:59.0234 0x0d40 Msfs - ok</p><p>11:02:59.0265 0x0d40 MSIServer - ok</p><p>11:02:59.0296 0x0d40 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys</p><p>11:02:59.0312 0x0d40 MSKSSRV - ok</p><p>11:02:59.0343 0x0d40 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys</p><p>11:02:59.0359 0x0d40 MSPCLOCK - ok</p><p>11:02:59.0390 0x0d40 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys</p><p>11:02:59.0406 0x0d40 MSPQM - ok</p><p>11:02:59.0453 0x0d40 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys</p><p>11:02:59.0453 0x0d40 mssmbios - ok</p><p>11:02:59.0515 0x0d40 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys</p><p>11:02:59.0546 0x0d40 Mup - ok</p><p>11:02:59.0625 0x0d40 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll</p><p>11:02:59.0718 0x0d40 napagent - ok</p><p>11:02:59.0984 0x0d40 NAVENG - ok</p><p>11:02:59.0984 0x0d40 NAVEX15 - ok</p><p>11:03:00.0062 0x0d40 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys</p><p>11:03:00.0109 0x0d40 NDIS - ok</p><p>11:03:00.0156 0x0d40 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys</p><p>11:03:00.0156 0x0d40 NdisTapi - ok</p><p>11:03:00.0218 0x0d40 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys</p><p>11:03:00.0218 0x0d40 Ndisuio - ok</p><p>11:03:00.0406 0x0d40 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys</p><p>11:03:00.0406 0x0d40 NdisWan - ok</p><p>11:03:00.0500 0x0d40 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys</p><p>11:03:00.0500 0x0d40 NDProxy - ok</p><p>11:03:00.0562 0x0d40 [ 80B7A96F908DA13617E7E6832C5C6A64, 08B81AFE120B8064B6E001BDF424168305D55F38AE2071300F57C8EA32BEAE56 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll</p><p>11:03:00.0562 0x0d40 Net Driver HPZ12 - ok</p><p>11:03:00.0625 0x0d40 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys</p><p>11:03:00.0625 0x0d40 NetBIOS - ok</p><p>11:03:00.0765 0x0d40 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys</p><p>11:03:00.0765 0x0d40 NetBT - ok</p><p>11:03:00.0843 0x0d40 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe</p><p>11:03:00.0875 0x0d40 NetDDE - ok</p><p>11:03:00.0953 0x0d40 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe</p><p>11:03:00.0968 0x0d40 NetDDEdsdm - ok</p><p>11:03:01.0156 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe</p><p>11:03:01.0156 0x0d40 Netlogon - ok</p><p>11:03:01.0406 0x0d40 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll</p><p>11:03:01.0406 0x0d40 Netman - ok</p><p>11:03:01.0531 0x0d40 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe</p><p>11:03:01.0578 0x0d40 NetTcpPortSharing - ok</p><p>11:03:01.0656 0x0d40 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll</p><p>11:03:01.0671 0x0d40 Nla - ok</p><p>11:03:01.0687 0x0d40 Norton Internet Security - ok</p><p>11:03:01.0734 0x0d40 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys</p><p>11:03:01.0734 0x0d40 Npfs - ok</p><p>11:03:01.0859 0x0d40 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys</p><p>11:03:01.0984 0x0d40 Ntfs - ok</p><p>11:03:02.0000 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe</p><p>11:03:02.0015 0x0d40 NtLmSsp - ok</p><p>11:03:02.0125 0x0d40 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll</p><p>11:03:02.0421 0x0d40 NtmsSvc - ok</p><p>11:03:02.0500 0x0d40 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys</p><p>11:03:02.0515 0x0d40 Null - ok</p><p>11:03:06.0265 0x0d40 [ 7C56F3FD65B2BDB315CA3605A5392D7B, 1C33B2723BBD958FE06D71B6AC5C54DF1F46491C292749FE0DB8577BF056A765 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys</p><p>11:03:06.0812 0x0d40 nv - ok</p><p>11:03:06.0921 0x0d40 [ 45BA510DB13A0496DB1CD16826519E03, AE6B736B243E789927EE06ACF3C3E059B68C8D72281C8F4940090E31908E9D4C ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys</p><p>11:03:06.0953 0x0d40 NVENETFD - ok</p><p>11:03:07.0015 0x0d40 [ 57CBDB934FB1AFB7E03B413D151A6152, 2FC08150CB2F16EEE906E07E1462D2289E0E4CE56331F2AA9DD96392D8A9D670 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys</p><p>11:03:07.0031 0x0d40 nvnetbus - ok</p><p>11:03:07.0109 0x0d40 [ 7E5B3BE5DCD54BBB44B0C7DB7BD3EC8F, 540C18DA16E8463F373ACA931C911CCEA09781A56156D125804BBF9D6B6CEFDD ] NVSvc C:\WINDOWS\system32\nvsvc32.exe</p><p>11:03:07.0156 0x0d40 NVSvc - ok</p><p>11:03:07.0328 0x0d40 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys</p><p>11:03:07.0406 0x0d40 NwlnkFlt - ok</p><p>11:03:07.0484 0x0d40 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys</p><p>11:03:07.0500 0x0d40 NwlnkFwd - ok</p><p>11:03:07.0890 0x0d40 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE</p><p>11:03:07.0968 0x0d40 odserv - ok</p><p>11:03:08.0046 0x0d40 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE</p><p>11:03:08.0125 0x0d40 ose - ok</p><p>11:03:08.0203 0x0d40 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys</p><p>11:03:08.0218 0x0d40 Parport - ok</p><p>11:03:08.0265 0x0d40 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys</p><p>11:03:08.0296 0x0d40 PartMgr - ok</p><p>11:03:08.0328 0x0d40 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys</p><p>11:03:08.0359 0x0d40 ParVdm - ok</p><p>11:03:08.0375 0x0d40 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys</p><p>11:03:08.0390 0x0d40 PCI - ok</p><p>11:03:08.0406 0x0d40 PCIDump - ok</p><p>11:03:08.0437 0x0d40 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys</p><p>11:03:08.0468 0x0d40 PCIIde - ok</p><p>11:03:08.0703 0x0d40 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys</p><p>11:03:08.0734 0x0d40 Pcmcia - ok</p><p>11:03:08.0750 0x0d40 PDCOMP - ok</p><p>11:03:08.0937 0x0d40 PDFRAME - ok</p><p>11:03:08.0968 0x0d40 PDRELI - ok</p><p>11:03:08.0984 0x0d40 PDRFRAME - ok</p><p>11:03:09.0062 0x0d40 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys</p><p>11:03:09.0078 0x0d40 perc2 - ok</p><p>11:03:09.0109 0x0d40 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys</p><p>11:03:09.0109 0x0d40 perc2hib - ok</p><p>11:03:09.0593 0x0d40 [ F042EE4C8D66248D9B86DCF52ABAE416, AE0F5CC54E4B133DF66A54572A7CE52FAFF11F8FD0CAEAB088AAD3699D6EC924 ] PEVSystemStart C:\ComboFix\pev.3XE</p><p>11:03:09.0609 0x0d40 PEVSystemStart - ok</p><p>11:03:09.0656 0x0d40 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe</p><p>11:03:09.0656 0x0d40 PlugPlay - ok</p><p>11:03:09.0734 0x0d40 [ 0C155C5D8942B3CBCF9506A9D376B9AD, 37F4878548DD7063CA31FB21D6955A45C25F648C332A736DA84DEA5AAE7486AF ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll</p><p>11:03:09.0750 0x0d40 Pml Driver HPZ12 - ok</p><p>11:03:09.0765 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe</p><p>11:03:09.0781 0x0d40 PolicyAgent - ok</p><p>11:03:09.0875 0x0d40 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys</p><p>11:03:09.0875 0x0d40 PptpMiniport - ok</p><p>11:03:09.0906 0x0d40 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys</p><p>11:03:09.0906 0x0d40 Processor - ok</p><p>11:03:09.0937 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe</p><p>11:03:09.0937 0x0d40 ProtectedStorage - ok</p><p>11:03:09.0968 0x0d40 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys</p><p>11:03:09.0968 0x0d40 PSched - ok</p><p>11:03:10.0000 0x0d40 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys</p><p>11:03:10.0000 0x0d40 Ptilink - ok</p><p>11:03:10.0046 0x0d40 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys</p><p>11:03:10.0062 0x0d40 ql1080 - ok</p><p>11:03:10.0109 0x0d40 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys</p><p>11:03:10.0125 0x0d40 Ql10wnt - ok</p><p>11:03:10.0156 0x0d40 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys</p><p>11:03:10.0171 0x0d40 ql12160 - ok</p><p>11:03:10.0187 0x0d40 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys</p><p>11:03:10.0203 0x0d40 ql1240 - ok</p><p>11:03:10.0218 0x0d40 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys</p><p>11:03:10.0250 0x0d40 ql1280 - ok</p><p>11:03:10.0265 0x0d40 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys</p><p>11:03:10.0265 0x0d40 RasAcd - ok</p><p>11:03:10.0343 0x0d40 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll</p><p>11:03:10.0359 0x0d40 RasAuto - ok</p><p>11:03:10.0390 0x0d40 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys</p><p>11:03:10.0390 0x0d40 Rasl2tp - ok</p><p>11:03:10.0468 0x0d40 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll</p><p>11:03:10.0484 0x0d40 RasMan - ok</p><p>11:03:10.0500 0x0d40 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys</p><p>11:03:10.0500 0x0d40 RasPppoe - ok</p><p>11:03:10.0531 0x0d40 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys</p><p>11:03:10.0531 0x0d40 Raspti - ok</p><p>11:03:10.0609 0x0d40 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys</p><p>11:03:10.0625 0x0d40 Rdbss - ok</p><p>11:03:10.0656 0x0d40 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys</p><p>11:03:10.0656 0x0d40 RDPCDD - ok</p><p>11:03:10.0750 0x0d40 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys</p><p>11:03:10.0796 0x0d40 rdpdr - ok</p><p>11:03:10.0890 0x0d40 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys</p><p>11:03:10.0921 0x0d40 RDPWD - ok</p><p>11:03:11.0046 0x0d40 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe</p><p>11:03:11.0125 0x0d40 RDSessMgr - ok</p><p>11:03:11.0171 0x0d40 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys</p><p>11:03:11.0171 0x0d40 redbook - ok</p><p>11:03:11.0250 0x0d40 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll</p><p>11:03:11.0281 0x0d40 RemoteAccess - ok</p><p>11:03:11.0328 0x0d40 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe</p><p>11:03:11.0359 0x0d40 RpcLocator - ok</p><p>11:03:11.0500 0x0d40 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll</p><p>11:03:11.0515 0x0d40 RpcSs - ok</p><p>11:03:11.0734 0x0d40 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe</p><p>11:03:11.0796 0x0d40 RSVP - ok</p><p>11:03:12.0031 0x0d40 [ 84BEAF4A13A36CB9BB0663DF9089CEA2, FAD68F354491E90C81854815A363174440893729856032DB6B6254BEB1A1F856 ] rt2870 C:\WINDOWS\system32\DRIVERS\Drt2870.sys</p><p>11:03:12.0046 0x0d40 rt2870 - ok</p><p>11:03:12.0078 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe</p><p>11:03:12.0078 0x0d40 SamSs - ok</p><p>11:03:12.0187 0x0d40 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe</p><p>11:03:12.0250 0x0d40 SCardSvr - ok</p><p>11:03:12.0328 0x0d40 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll</p><p>11:03:12.0343 0x0d40 Schedule - ok</p><p>11:03:12.0421 0x0d40 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys</p><p>11:03:12.0468 0x0d40 Secdrv - ok</p><p>11:03:12.0546 0x0d40 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll</p><p>11:03:12.0546 0x0d40 seclogon - ok</p><p>11:03:12.0593 0x0d40 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll</p><p>11:03:12.0593 0x0d40 SENS - ok</p><p>11:03:12.0656 0x0d40 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys</p><p>11:03:12.0656 0x0d40 Serial - ok</p><p>11:03:12.0828 0x0d40 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys</p><p>11:03:12.0828 0x0d40 Sfloppy - ok</p><p>11:03:12.0968 0x0d40 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll</p><p>11:03:12.0984 0x0d40 SharedAccess - ok</p><p>11:03:13.0046 0x0d40 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll</p><p>11:03:13.0046 0x0d40 ShellHWDetection - ok</p><p>11:03:13.0078 0x0d40 Simbad - ok</p><p>11:03:13.0140 0x0d40 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys</p><p>11:03:13.0187 0x0d40 sisagp - ok</p><p>11:03:13.0203 0x0d40 SophosVirusRemovalTool - ok</p><p>11:03:13.0250 0x0d40 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys</p><p>11:03:13.0265 0x0d40 Sparrow - ok</p><p>11:03:13.0296 0x0d40 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys</p><p>11:03:13.0296 0x0d40 splitter - ok</p><p>11:03:13.0390 0x0d40 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe</p><p>11:03:13.0390 0x0d40 Spooler - ok</p><p>11:03:13.0437 0x0d40 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys</p><p>11:03:13.0453 0x0d40 sr - ok</p><p>11:03:13.0546 0x0d40 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll</p><p>11:03:13.0562 0x0d40 srservice - ok</p><p>11:03:13.0562 0x0d40 SRTSP - ok</p><p>11:03:13.0593 0x0d40 SRTSPX - ok</p><p>11:03:13.0703 0x0d40 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys</p><p>11:03:13.0734 0x0d40 Srv - ok</p><p>11:03:13.0843 0x0d40 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll</p><p>11:03:13.0843 0x0d40 SSDPSRV - ok</p><p>11:03:13.0968 0x0d40 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll</p><p>11:03:13.0984 0x0d40 stisvc - ok</p><p>11:03:14.0031 0x0d40 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys</p><p>11:03:14.0031 0x0d40 swenum - ok</p><p>11:03:14.0062 0x0d40 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys</p><p>11:03:14.0078 0x0d40 swmidi - ok</p><p>11:03:14.0093 0x0d40 SwPrv - ok</p><p>11:03:14.0156 0x0d40 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys</p><p>11:03:14.0156 0x0d40 symc810 - ok</p><p>11:03:14.0203 0x0d40 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys</p><p>11:03:14.0203 0x0d40 symc8xx - ok</p><p>11:03:14.0265 0x0d40 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys</p><p>11:03:14.0281 0x0d40 sym_hi - ok</p><p>11:03:14.0312 0x0d40 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys</p><p>11:03:14.0328 0x0d40 sym_u3 - ok</p><p>11:03:14.0390 0x0d40 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys</p><p>11:03:14.0390 0x0d40 sysaudio - ok</p><p>11:03:14.0453 0x0d40 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe</p><p>11:03:14.0484 0x0d40 SysmonLog - ok</p><p>11:03:14.0593 0x0d40 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll</p><p>11:03:14.0593 0x0d40 TapiSrv - ok</p><p>11:03:14.0718 0x0d40 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys</p><p>11:03:14.0812 0x0d40 Tcpip - ok</p><p>11:03:14.0890 0x0d40 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys</p><p>11:03:14.0906 0x0d40 TDPIPE - ok</p><p>11:03:14.0937 0x0d40 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys</p><p>11:03:14.0953 0x0d40 TDTCP - ok</p><p>11:03:15.0031 0x0d40 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys</p><p>11:03:15.0031 0x0d40 TermDD - ok</p><p>11:03:15.0125 0x0d40 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll</p><p>11:03:15.0140 0x0d40 TermService - ok</p><p>11:03:15.0187 0x0d40 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll</p><p>11:03:15.0203 0x0d40 Themes - ok</p><p>11:03:15.0250 0x0d40 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys</p><p>11:03:15.0265 0x0d40 TosIde - ok</p><p>11:03:15.0343 0x0d40 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll</p><p>11:03:15.0343 0x0d40 TrkWks - ok</p><p>11:03:15.0421 0x0d40 [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys</p><p>11:03:15.0453 0x0d40 TrueSight - ok</p><p>11:03:15.0500 0x0d40 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys</p><p>11:03:15.0531 0x0d40 Udfs - ok</p><p>11:03:15.0593 0x0d40 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys</p><p>11:03:15.0671 0x0d40 ultra - ok</p><p>11:03:15.0812 0x0d40 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys</p><p>11:03:15.0828 0x0d40 Update - ok</p><p>11:03:15.0937 0x0d40 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll</p><p>11:03:16.0015 0x0d40 upnphost - ok</p><p>11:03:16.0046 0x0d40 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe</p><p>11:03:16.0046 0x0d40 UPS - ok</p><p>11:03:16.0093 0x0d40 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys</p><p>11:03:16.0109 0x0d40 USBAAPL - ok</p><p>11:03:16.0203 0x0d40 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys</p><p>11:03:16.0203 0x0d40 usbccgp - ok</p><p>11:03:16.0234 0x0d40 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys</p><p>11:03:16.0234 0x0d40 usbehci - ok</p><p>11:03:16.0312 0x0d40 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys</p><p>11:03:16.0312 0x0d40 usbhub - ok</p><p>11:03:16.0343 0x0d40 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys</p><p>11:03:16.0343 0x0d40 usbohci - ok</p><p>11:03:16.0406 0x0d40 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys</p><p>11:03:16.0406 0x0d40 usbprint - ok</p><p>11:03:16.0468 0x0d40 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys</p><p>11:03:16.0468 0x0d40 usbscan - ok</p><p>11:03:16.0515 0x0d40 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS</p><p>11:03:16.0531 0x0d40 USBSTOR - ok</p><p>11:03:16.0578 0x0d40 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys</p><p>11:03:16.0578 0x0d40 VgaSave - ok</p><p>11:03:16.0609 0x0d40 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys</p><p>11:03:16.0625 0x0d40 viaagp - ok</p><p>11:03:16.0671 0x0d40 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys</p><p>11:03:16.0687 0x0d40 ViaIde - ok</p><p>11:03:16.0734 0x0d40 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys</p><p>11:03:16.0750 0x0d40 VolSnap - ok</p><p>11:03:16.0859 0x0d40 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe</p><p>11:03:16.0937 0x0d40 VSS - ok</p><p>11:03:17.0000 0x0d40 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll</p><p>11:03:17.0015 0x0d40 W32Time - ok</p><p>11:03:17.0062 0x0d40 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys</p><p>11:03:17.0062 0x0d40 Wanarp - ok</p><p>11:03:17.0062 0x0d40 WDICA - ok</p><p>11:03:17.0156 0x0d40 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys</p><p>11:03:17.0156 0x0d40 wdmaud - ok</p><p>11:03:17.0203 0x0d40 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll</p><p>11:03:17.0218 0x0d40 WebClient - ok</p><p>11:03:17.0421 0x0d40 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll</p><p>11:03:17.0421 0x0d40 winmgmt - ok</p><p>11:03:17.0953 0x0d40 [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</p><p>11:03:18.0390 0x0d40 wlidsvc - ok</p><p>11:03:18.0578 0x0d40 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll</p><p>11:03:18.0625 0x0d40 WmdmPmSN - ok</p><p>11:03:18.0859 0x0d40 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys</p><p>11:03:18.0875 0x0d40 WmiAcpi - ok</p><p>11:03:19.0015 0x0d40 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe</p><p>11:03:19.0109 0x0d40 WmiApSrv - ok</p><p>11:03:19.0578 0x0d40 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe</p><p>11:03:20.0109 0x0d40 WMPNetworkSvc - ok</p><p>11:03:20.0218 0x0d40 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys</p><p>11:03:20.0218 0x0d40 WS2IFSL - ok</p><p>11:03:20.0343 0x0d40 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll</p><p>11:03:20.0343 0x0d40 wscsvc - ok</p><p>11:03:20.0421 0x0d40 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll</p><p>11:03:20.0421 0x0d40 wuauserv - ok</p><p>11:03:20.0531 0x0d40 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys</p><p>11:03:20.0562 0x0d40 WudfPf - ok</p><p>11:03:20.0593 0x0d40 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys</p><p>11:03:20.0609 0x0d40 WudfRd - ok</p><p>11:03:20.0671 0x0d40 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll</p><p>11:03:20.0734 0x0d40 WudfSvc - ok</p><p>11:03:20.0921 0x0d40 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll</p><p>11:03:20.0953 0x0d40 WZCSVC - ok</p><p>11:03:21.0015 0x0d40 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll</p><p>11:03:21.0078 0x0d40 xmlprov - ok</p><p>11:03:21.0109 0x0d40 ================ Scan global ===============================</p><p>11:03:21.0171 0x0d40 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll</p><p>11:03:21.0250 0x0d40 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll</p><p>11:03:21.0343 0x0d40 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll</p><p>11:03:21.0406 0x0d40 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe</p><p>11:03:21.0421 0x0d40 [ Global ] - ok</p><p>11:03:21.0421 0x0d40 ================ Scan MBR ==================================</p><p>11:03:21.0453 0x0d40 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0</p><p>11:03:27.0484 0x0d40 \Device\Harddisk0\DR0 - ok</p><p>11:03:27.0484 0x0d40 ================ Scan VBR ==================================</p><p>11:03:27.0531 0x0d40 [ 5393A4AF0797DC1BAEC7A5353AE5F840 ] \Device\Harddisk0\DR0\Partition1</p><p>11:03:27.0625 0x0d40 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )</p><p>11:03:27.0625 0x0d40 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected</p><p>11:03:28.0078 0x0d40 ================ Scan active images ========================</p><p>11:03:28.0093 0x0d40 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] C:\WINDOWS\system32\drivers\processr.sys</p><p>11:03:28.0093 0x0d40 C:\WINDOWS\system32\drivers\processr.sys - ok</p><p>11:03:28.0156 0x0d40 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] C:\WINDOWS\system32\drivers\wmiacpi.sys</p><p>11:03:28.0156 0x0d40 C:\WINDOWS\system32\drivers\wmiacpi.sys - ok</p><p>11:03:28.0187 0x0d40 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys</p><p>11:03:28.0187 0x0d40 C:\WINDOWS\system32\drivers\i8042prt.sys - ok</p><p>11:03:28.0203 0x0d40 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys</p><p>11:03:28.0203 0x0d40 C:\WINDOWS\system32\drivers\kbdclass.sys - ok</p><p>11:03:28.0218 0x0d40 [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys</p><p>11:03:28.0218 0x0d40 C:\WINDOWS\system32\drivers\usbport.sys - ok</p><p>11:03:28.0250 0x0d40 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] C:\WINDOWS\system32\drivers\usbohci.sys</p><p>11:03:28.0250 0x0d40 C:\WINDOWS\system32\drivers\usbohci.sys - ok</p><p>11:03:28.0265 0x0d40 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys</p><p>11:03:28.0265 0x0d40 C:\WINDOWS\system32\drivers\usbehci.sys - ok</p><p>11:03:28.0281 0x0d40 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys</p><p>11:03:28.0281 0x0d40 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok</p><p>11:03:28.0296 0x0d40 [ F0C9DED56439020A56FEC577E1151C52, C548CF128732A100C73AAF50B80A32E8593A72312EBC1C824840895542BBF4B0 ] C:\WINDOWS\system32\drivers\nvnrm.sys</p><p>11:03:28.0296 0x0d40 C:\WINDOWS\system32\drivers\nvnrm.sys - ok</p><p>11:03:28.0296 0x0d40 [ 57CBDB934FB1AFB7E03B413D151A6152, 2FC08150CB2F16EEE906E07E1462D2289E0E4CE56331F2AA9DD96392D8A9D670 ] C:\WINDOWS\system32\drivers\nvnetbus.sys</p><p>11:03:28.0296 0x0d40 C:\WINDOWS\system32\drivers\nvnetbus.sys - ok</p><p>11:03:28.0312 0x0d40 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] C:\WINDOWS\system32\drivers\cdrom.sys</p><p>11:03:28.0312 0x0d40 C:\WINDOWS\system32\drivers\cdrom.sys - ok</p><p>11:03:28.0343 0x0d40 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys</p><p>11:03:28.0343 0x0d40 C:\WINDOWS\system32\drivers\imapi.sys - ok</p><p>11:03:28.0343 0x0d40 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys</p><p>11:03:28.0343 0x0d40 C:\WINDOWS\system32\drivers\ks.sys - ok</p><p>11:03:28.0359 0x0d40 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys</p><p>11:03:28.0359 0x0d40 C:\WINDOWS\system32\drivers\redbook.sys - ok</p><p>11:03:28.0375 0x0d40 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys</p><p>11:03:28.0375 0x0d40 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok</p><p>11:03:28.0406 0x0d40 [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys</p><p>11:03:28.0406 0x0d40 C:\WINDOWS\system32\drivers\usbd.sys - ok</p><p>11:03:28.0421 0x0d40 [ BAF68DCBA949633DF0C16D37AF2A2351, 85BE7F87685BF3BF1B8CE8CD79A9DA44E3B611F712A5C1EDA6AF45EE1A933C0B ] C:\WINDOWS\system32\drivers\AGRSM.sys</p><p>11:03:28.0421 0x0d40 C:\WINDOWS\system32\drivers\AGRSM.sys - ok</p><p>11:03:28.0437 0x0d40 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] C:\WINDOWS\system32\drivers\modem.sys</p><p>11:03:28.0437 0x0d40 C:\WINDOWS\system32\drivers\modem.sys - ok</p><p>11:03:28.0453 0x0d40 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys</p><p>11:03:28.0453 0x0d40 C:\WINDOWS\system32\drivers\videoprt.sys - ok</p><p>11:03:28.0468 0x0d40 [ 7C56F3FD65B2BDB315CA3605A5392D7B, 1C33B2723BBD958FE06D71B6AC5C54DF1F46491C292749FE0DB8577BF056A765 ] C:\WINDOWS\system32\drivers\nv4_mini.sys</p><p>11:03:28.0468 0x0d40 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok</p><p>11:03:28.0468 0x0d40 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys</p><p>11:03:28.0468 0x0d40 C:\WINDOWS\system32\drivers\audstub.sys - ok</p><p>11:03:28.0484 0x0d40 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys</p><p>11:03:28.0484 0x0d40 C:\WINDOWS\system32\drivers\ndistapi.sys - ok</p><p>11:03:28.0546 0x0d40 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys</p><p>11:03:28.0546 0x0d40 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok</p><p>11:03:28.0625 0x0d40 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys</p><p>11:03:28.0625 0x0d40 C:\WINDOWS\system32\drivers\ndiswan.sys - ok</p><p>11:03:28.0656 0x0d40 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys</p><p>11:03:28.0656 0x0d40 C:\WINDOWS\system32\drivers\raspppoe.sys - ok</p><p>11:03:28.0687 0x0d40 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys</p><p>11:03:28.0687 0x0d40 C:\WINDOWS\system32\drivers\tdi.sys - ok</p><p>11:03:28.0718 0x0d40 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys</p><p>11:03:28.0718 0x0d40 C:\WINDOWS\system32\drivers\raspptp.sys - ok</p><p>11:03:28.0750 0x0d40 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys</p><p>11:03:28.0750 0x0d40 C:\WINDOWS\system32\drivers\msgpc.sys - ok</p><p>11:03:28.0765 0x0d40 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys</p><p>11:03:28.0765 0x0d40 C:\WINDOWS\system32\drivers\psched.sys - ok</p><p>11:03:28.0796 0x0d40 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys</p><p>11:03:28.0796 0x0d40 C:\WINDOWS\system32\drivers\ptilink.sys - ok</p><p>11:03:28.0812 0x0d40 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys</p><p>11:03:28.0812 0x0d40 C:\WINDOWS\system32\drivers\raspti.sys - ok</p><p>11:03:28.0875 0x0d40 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys</p><p>11:03:28.0875 0x0d40 C:\WINDOWS\system32\drivers\mouclass.sys - ok</p><p>11:03:28.0890 0x0d40 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys</p><p>11:03:28.0890 0x0d40 C:\WINDOWS\system32\drivers\termdd.sys - ok</p><p>11:03:28.0921 0x0d40 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys</p><p>11:03:28.0921 0x0d40 C:\WINDOWS\system32\drivers\swenum.sys - ok</p><p>11:03:29.0000 0x0d40 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys</p><p>11:03:29.0000 0x0d40 C:\WINDOWS\system32\drivers\update.sys - ok</p><p>11:03:29.0015 0x0d40 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys</p><p>11:03:29.0015 0x0d40 C:\WINDOWS\system32\drivers\mssmbios.sys - ok</p><p>11:03:29.0031 0x0d40 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys</p><p>11:03:29.0031 0x0d40 C:\WINDOWS\system32\drivers\ndproxy.sys - ok</p><p>11:03:29.0078 0x0d40 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys</p><p>11:03:29.0078 0x0d40 C:\WINDOWS\system32\drivers\usbhub.sys - ok</p><p>11:03:29.0140 0x0d40 [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys</p><p>11:03:29.0140 0x0d40 C:\WINDOWS\system32\drivers\drmk.sys - ok</p><p>11:03:29.0171 0x0d40 [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys</p><p>11:03:29.0171 0x0d40 C:\WINDOWS\system32\drivers\portcls.sys - ok</p><p>11:03:29.0203 0x0d40 [ 19AFBB8427CE65042599555E578170DF, 2EC8FA208CF3DD93934B85E1DB99469D390A33CC23D4F2D4ADB523C8BFFF8D10 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys</p><p>11:03:29.0203 0x0d40 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok</p><p>11:03:29.0234 0x0d40 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys</p><p>11:03:29.0234 0x0d40 C:\WINDOWS\system32\drivers\fdc.sys - ok</p><p>11:03:29.0250 0x0d40 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys</p><p>11:03:29.0250 0x0d40 C:\WINDOWS\system32\drivers\flpydisk.sys - ok</p><p>11:03:29.0265 0x0d40 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys</p><p>11:03:29.0265 0x0d40 C:\WINDOWS\system32\drivers\sfloppy.sys - ok</p><p>11:03:29.0296 0x0d40 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys</p><p>11:03:29.0296 0x0d40 C:\WINDOWS\system32\drivers\cdaudio.sys - ok</p><p>11:03:29.0312 0x0d40 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys</p><p>11:03:29.0312 0x0d40 C:\WINDOWS\system32\drivers\fs_rec.sys - ok</p><p>11:03:29.0421 0x0d40 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] C:\WINDOWS\system32\drivers\i2omgmt.sys</p><p>11:03:29.0421 0x0d40 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok</p><p>11:03:29.0562 0x0d40 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys</p><p>11:03:29.0562 0x0d40 C:\WINDOWS\system32\drivers\beep.sys - ok</p><p>11:03:29.0593 0x0d40 [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys</p><p>11:03:29.0593 0x0d40 C:\WINDOWS\system32\drivers\hidparse.sys - ok</p><p>11:03:29.0640 0x0d40 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys</p><p>11:03:29.0640 0x0d40 C:\WINDOWS\system32\drivers\kbdhid.sys - ok</p><p>11:03:29.0656 0x0d40 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys</p><p>11:03:29.0656 0x0d40 C:\WINDOWS\system32\drivers\vga.sys - ok</p><p>11:03:29.0687 0x0d40 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys</p><p>11:03:29.0687 0x0d40 C:\WINDOWS\system32\drivers\mnmdd.sys - ok</p><p>11:03:29.0718 0x0d40 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys</p><p>11:03:29.0718 0x0d40 C:\WINDOWS\system32\drivers\msfs.sys - ok</p><p>11:03:29.0734 0x0d40 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys</p><p>11:03:29.0734 0x0d40 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok</p><p>11:03:29.0796 0x0d40 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys</p><p>11:03:29.0796 0x0d40 C:\WINDOWS\system32\drivers\npfs.sys - ok</p><p>11:03:29.0828 0x0d40 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys</p><p>11:03:29.0828 0x0d40 C:\WINDOWS\system32\drivers\rasacd.sys - ok</p><p>11:03:29.0843 0x0d40 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys</p><p>11:03:29.0843 0x0d40 C:\WINDOWS\system32\drivers\ipsec.sys - ok</p><p>11:03:29.0906 0x0d40 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys</p><p>11:03:29.0906 0x0d40 C:\WINDOWS\system32\drivers\tcpip.sys - ok</p><p>11:03:30.0031 0x0d40 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys</p><p>11:03:30.0031 0x0d40 C:\WINDOWS\system32\drivers\netbt.sys - ok</p><p>11:03:30.0062 0x0d40 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys</p><p>11:03:30.0062 0x0d40 C:\WINDOWS\system32\drivers\ipnat.sys - ok</p><p>11:03:30.0171 0x0d40 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys</p><p>11:03:30.0171 0x0d40 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok</p><p>11:03:30.0437 0x0d40 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys</p><p>11:03:30.0437 0x0d40 C:\WINDOWS\system32\drivers\afd.sys - ok</p><p>11:03:30.0453 0x0d40 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys</p><p>11:03:30.0453 0x0d40 C:\WINDOWS\system32\drivers\netbios.sys - ok</p><p>11:03:30.0578 0x0d40 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys</p><p>11:03:30.0578 0x0d40 C:\WINDOWS\system32\drivers\rdbss.sys - ok</p><p>11:03:30.0687 0x0d40 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys</p><p>11:03:30.0687 0x0d40 C:\WINDOWS\system32\drivers\wanarp.sys - ok</p><p>11:03:30.0703 0x0d40 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys</p><p>11:03:30.0703 0x0d40 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok</p><p>11:03:30.0765 0x0d40 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys</p><p>11:03:30.0765 0x0d40 C:\WINDOWS\system32\drivers\fips.sys - ok</p><p>11:03:30.0859 0x0d40 [ B0CC0B50441372157F31C4C023D43A3E, A0FCC03588C06E42D3B8465AC7D0F7A909E8CABEEE3C82B3CBD68F150D7692EE ] C:\EEK\bin\a2ddax86.sys</p><p>11:03:30.0859 0x0d40 C:\EEK\bin\a2ddax86.sys - ok</p><p>11:03:31.0078 0x0d40 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] C:\WINDOWS\system32\drivers\usbccgp.sys</p><p>11:03:31.0078 0x0d40 C:\WINDOWS\system32\drivers\usbccgp.sys - ok</p><p>11:03:31.0234 0x0d40 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe</p><p>11:03:31.0234 0x0d40 C:\WINDOWS\system32\smss.exe - ok</p><p>11:03:31.0281 0x0d40 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll</p><p>11:03:31.0281 0x0d40 C:\WINDOWS\system32\ntdll.dll - ok</p><p>11:03:31.0406 0x0d40 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe</p><p>11:03:31.0406 0x0d40 C:\WINDOWS\system32\autochk.exe - ok</p><p>11:03:31.0453 0x0d40 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll</p><p>11:03:31.0453 0x0d40 C:\WINDOWS\system32\sfcfiles.dll - ok</p><p>11:03:31.0531 0x0d40 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys</p><p>11:03:31.0531 0x0d40 C:\WINDOWS\system32\drivers\cdfs.sys - ok</p><p>11:03:31.0718 0x0d40 [ 84BEAF4A13A36CB9BB0663DF9089CEA2, FAD68F354491E90C81854815A363174440893729856032DB6B6254BEB1A1F856 ] C:\WINDOWS\system32\drivers\Drt2870.sys</p><p>11:03:31.0718 0x0d40 C:\WINDOWS\system32\drivers\Drt2870.sys - ok</p><p>11:03:31.0781 0x0d40 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] C:\WINDOWS\system32\drivers\USBSTOR.SYS</p><p>11:03:31.0781 0x0d40 C:\WINDOWS\system32\drivers\USBSTOR.SYS - ok</p><p>11:03:31.0906 0x0d40 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys</p><p>11:03:31.0906 0x0d40 C:\WINDOWS\system32\drivers\hidclass.sys - ok</p><p>11:03:31.0921 0x0d40 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys</p><p>11:03:31.0921 0x0d40 C:\WINDOWS\system32\drivers\hidusb.sys - ok</p><p>11:03:31.0937 0x0d40 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] C:\WINDOWS\system32\drivers\usbscan.sys</p><p>11:03:31.0937 0x0d40 C:\WINDOWS\system32\drivers\usbscan.sys - ok</p><p>11:03:31.0953 0x0d40 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] C:\WINDOWS\system32\drivers\HPZius12.sys</p><p>11:03:31.0953 0x0d40 C:\WINDOWS\system32\drivers\HPZius12.sys - ok</p><p>11:03:32.0000 0x0d40 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] C:\WINDOWS\system32\drivers\usbprint.sys</p><p>11:03:32.0000 0x0d40 C:\WINDOWS\system32\drivers\usbprint.sys - ok</p><p>11:03:32.0062 0x0d40 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys</p><p>11:03:32.0062 0x0d40 C:\WINDOWS\system32\drivers\mouhid.sys - ok</p><p>11:03:32.0156 0x0d40 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] C:\WINDOWS\system32\drivers\HPZid412.sys</p><p>11:03:32.0156 0x0d40 C:\WINDOWS\system32\drivers\HPZid412.sys - ok</p><p>11:03:32.0187 0x0d40 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] C:\WINDOWS\system32\drivers\HPZipr12.sys</p><p>11:03:32.0187 0x0d40 C:\WINDOWS\system32\drivers\HPZipr12.sys - ok</p><p>11:03:32.0203 0x0d40 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys</p><p>11:03:32.0203 0x0d40 C:\WINDOWS\system32\drivers\atapi.sys - ok</p><p>11:03:32.0218 0x0d40 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys</p><p>11:03:32.0218 0x0d40 C:\WINDOWS\system32\drivers\wmilib.sys - ok</p><p>11:03:32.0281 0x0d40 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys</p><p>11:03:32.0281 0x0d40 C:\WINDOWS\system32\drivers\dxapi.sys - ok</p><p>11:03:32.0312 0x0d40 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys</p><p>11:03:32.0312 0x0d40 C:\WINDOWS\system32\watchdog.sys - ok</p><p>11:03:32.0343 0x0d40 [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys</p><p>11:03:32.0343 0x0d40 C:\WINDOWS\system32\win32k.sys - ok</p><p>11:03:32.0375 0x0d40 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll</p><p>11:03:32.0375 0x0d40 C:\WINDOWS\system32\basesrv.dll - ok</p><p>11:03:32.0390 0x0d40 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll</p><p>11:03:32.0390 0x0d40 C:\WINDOWS\system32\csrsrv.dll - ok</p><p>11:03:32.0484 0x0d40 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe</p><p>11:03:32.0484 0x0d40 C:\WINDOWS\system32\csrss.exe - ok</p><p>11:03:32.0500 0x0d40 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll</p><p>11:03:32.0500 0x0d40 C:\WINDOWS\system32\winsrv.dll - ok</p><p>11:03:32.0578 0x0d40 [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll</p><p>11:03:32.0578 0x0d40 C:\WINDOWS\system32\gdi32.dll - ok</p><p>11:03:32.0609 0x0d40 [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll</p><p>11:03:32.0609 0x0d40 C:\WINDOWS\system32\kernel32.dll - ok</p><p>11:03:32.0640 0x0d40 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll</p><p>11:03:32.0640 0x0d40 C:\WINDOWS\system32\user32.dll - ok</p><p>11:03:32.0671 0x0d40 [ 012DF358CEBAA23ACB26D82077820817, FEDD177BD4F0EB589E23AEE20FA9492FA4824478B34B46377C43E3A12F8A96D8 ] C:\WINDOWS\system32\lpk.dll</p><p>11:03:32.0671 0x0d40 C:\WINDOWS\system32\lpk.dll - ok</p><p>11:03:32.0718 0x0d40 [ 1D845821F5ADB076831DE4C2818F858B, 5F1F18042E6B16BC149F2B0F22ECE3D3668E846C843F016D33C9E6C60E2D64C6 ] C:\WINDOWS\system32\usp10.dll</p><p>11:03:32.0718 0x0d40 C:\WINDOWS\system32\usp10.dll - ok</p><p>11:03:32.0734 0x0d40 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll</p><p>11:03:32.0734 0x0d40 C:\WINDOWS\system32\advapi32.dll - ok</p><p>11:03:32.0750 0x0d40 [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll</p><p>11:03:32.0750 0x0d40 C:\WINDOWS\system32\rpcrt4.dll - ok</p><p>11:03:32.0781 0x0d40 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll</p><p>11:03:32.0781 0x0d40 C:\WINDOWS\system32\secur32.dll - ok</p><p>11:03:32.0812 0x0d40 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys</p><p>11:03:32.0812 0x0d40 C:\WINDOWS\system32\drivers\dxg.sys - ok</p><p>11:03:32.0828 0x0d40 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys</p><p>11:03:32.0828 0x0d40 C:\WINDOWS\system32\drivers\dxgthk.sys - ok</p><p>11:03:32.0859 0x0d40 [ 02EF59B043D03C5A75B66B75520CBEDF, 59F1C09971664004290F00DC02C7A0760BC07F2457B4A200ADACD490A1E6D324 ] C:\WINDOWS\system32\nv4_disp.dll</p><p>11:03:32.0859 0x0d40 C:\WINDOWS\system32\nv4_disp.dll - ok</p><p>11:03:32.0890 0x0d40 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll</p><p>11:03:32.0890 0x0d40 C:\WINDOWS\system32\vga.dll - ok</p><p>11:03:32.0906 0x0d40 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe</p><p>11:03:32.0906 0x0d40 C:\WINDOWS\system32\winlogon.exe - ok</p><p>11:03:32.0953 0x0d40 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll</p><p>11:03:32.0953 0x0d40 C:\WINDOWS\system32\authz.dll - ok</p><p>11:03:33.0000 0x0d40 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll</p><p>11:03:33.0000 0x0d40 C:\WINDOWS\system32\msvcrt.dll - ok</p><p>11:03:33.0078 0x0d40 [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll</p><p>11:03:33.0078 0x0d40 C:\WINDOWS\system32\crypt32.dll - ok</p><p>11:03:33.0234 0x0d40 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll</p><p>11:03:33.0234 0x0d40 C:\WINDOWS\system32\msasn1.dll - ok</p><p>11:03:33.0296 0x0d40 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll</p><p>11:03:33.0296 0x0d40 C:\WINDOWS\system32\nddeapi.dll - ok</p><p>11:03:33.0328 0x0d40 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll</p><p>11:03:33.0328 0x0d40 C:\WINDOWS\system32\netapi32.dll - ok</p><p>11:03:33.0359 0x0d40 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll</p><p>11:03:33.0359 0x0d40 C:\WINDOWS\system32\profmap.dll - ok</p><p>11:03:33.0390 0x0d40 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll</p><p>11:03:33.0390 0x0d40 C:\WINDOWS\system32\userenv.dll - ok</p><p>11:03:33.0437 0x0d40 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll</p><p>11:03:33.0437 0x0d40 C:\WINDOWS\system32\psapi.dll - ok</p><p>11:03:33.0500 0x0d40 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll</p><p>11:03:33.0500 0x0d40 C:\WINDOWS\system32\regapi.dll - ok</p><p>11:03:33.0546 0x0d40 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll</p><p>11:03:33.0546 0x0d40 C:\WINDOWS\system32\setupapi.dll - ok</p><p>11:03:33.0578 0x0d40 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll</p><p>11:03:33.0578 0x0d40 C:\WINDOWS\system32\version.dll - ok</p><p>11:03:33.0593 0x0d40 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll</p><p>11:03:33.0593 0x0d40 C:\WINDOWS\system32\winsta.dll - ok</p><p>11:03:33.0625 0x0d40 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll</p><p>11:03:33.0625 0x0d40 C:\WINDOWS\system32\wintrust.dll - ok</p><p>11:03:33.0703 0x0d40 [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll</p><p>11:03:33.0703 0x0d40 C:\WINDOWS\system32\imagehlp.dll - ok</p><p>11:03:33.0750 0x0d40 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll</p><p>11:03:33.0750 0x0d40 C:\WINDOWS\system32\ws2_32.dll - ok</p><p>11:03:33.0781 0x0d40 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll</p><p>11:03:33.0781 0x0d40 C:\WINDOWS\system32\imm32.dll - ok</p><p>11:03:33.0796 0x0d40 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll</p><p>11:03:33.0796 0x0d40 C:\WINDOWS\system32\ws2help.dll - ok</p><p>11:03:33.0828 0x0d40 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll</p><p>11:03:33.0828 0x0d40 C:\WINDOWS\system32\kbdus.dll - ok</p><p>11:03:33.0937 0x0d40 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll</p><p>11:03:33.0937 0x0d40 C:\WINDOWS\system32\msgina.dll - ok</p><p>11:03:34.0015 0x0d40 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll</p><p>11:03:34.0015 0x0d40 C:\WINDOWS\system32\comctl32.dll - ok</p><p>11:03:34.0093 0x0d40 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll</p><p>11:03:34.0093 0x0d40 C:\WINDOWS\system32\odbc32.dll - ok</p><p>11:03:34.0203 0x0d40 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll</p><p>11:03:34.0203 0x0d40 C:\WINDOWS\system32\comdlg32.dll - ok</p><p>11:03:34.0250 0x0d40 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll</p><p>11:03:34.0250 0x0d40 C:\WINDOWS\system32\shell32.dll - ok</p><p>11:03:34.0281 0x0d40 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll</p><p>11:03:34.0281 0x0d40 C:\WINDOWS\system32\shlwapi.dll - ok</p><p>11:03:34.0406 0x0d40 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll</p><p>11:03:34.0406 0x0d40 C:\WINDOWS\system32\sxs.dll - ok</p><p>11:03:34.0468 0x0d40 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll</p><p>11:03:34.0468 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok</p><p>11:03:34.0515 0x0d40 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll</p><p>11:03:34.0515 0x0d40 C:\WINDOWS\system32\odbcint.dll - ok</p><p>11:03:34.0562 0x0d40 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll</p><p>11:03:34.0562 0x0d40 C:\WINDOWS\system32\shsvcs.dll - ok</p><p>11:03:34.0609 0x0d40 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll</p><p>11:03:34.0609 0x0d40 C:\WINDOWS\system32\sfc.dll - ok</p><p>11:03:34.0671 0x0d40 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll</p><p>11:03:34.0671 0x0d40 C:\WINDOWS\system32\sfc_os.dll - ok</p><p>11:03:34.0765 0x0d40 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll</p><p>11:03:34.0765 0x0d40 C:\WINDOWS\system32\ole32.dll - ok</p><p>11:03:35.0031 0x0d40 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll</p><p>11:03:35.0031 0x0d40 C:\WINDOWS\system32\apphelp.dll - ok</p><p>11:03:35.0125 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe</p><p>11:03:35.0125 0x0d40 C:\WINDOWS\system32\lsass.exe - ok</p><p>11:03:35.0187 0x0d40 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe</p><p>11:03:35.0187 0x0d40 C:\WINDOWS\system32\services.exe - ok</p><p>11:03:35.0203 0x0d40 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll</p><p>11:03:35.0203 0x0d40 C:\WINDOWS\system32\lsasrv.dll - ok</p><p>11:03:35.0343 0x0d40 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll</p><p>11:03:35.0343 0x0d40 C:\WINDOWS\system32\ncobjapi.dll - ok</p><p>11:03:35.0359 0x0d40 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll</p><p>11:03:35.0359 0x0d40 C:\WINDOWS\system32\msvcp60.dll - ok</p><p>11:03:35.0390 0x0d40 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll</p><p>11:03:35.0390 0x0d40 C:\WINDOWS\system32\mpr.dll - ok</p><p>11:03:35.0453 0x0d40 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll</p><p>11:03:35.0453 0x0d40 C:\WINDOWS\system32\scesrv.dll - ok</p><p>11:03:35.0468 0x0d40 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll</p><p>11:03:35.0468 0x0d40 C:\WINDOWS\system32\ntdsapi.dll - ok</p><p>11:03:35.0500 0x0d40 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll</p><p>11:03:35.0500 0x0d40 C:\WINDOWS\system32\dnsapi.dll - ok</p><p>11:03:35.0515 0x0d40 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll</p><p>11:03:35.0531 0x0d40 C:\WINDOWS\system32\umpnpmgr.dll - ok</p><p>11:03:35.0578 0x0d40 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll</p><p>11:03:35.0578 0x0d40 C:\WINDOWS\system32\wldap32.dll - ok</p><p>11:03:35.0609 0x0d40 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll</p><p>11:03:35.0609 0x0d40 C:\WINDOWS\system32\samlib.dll - ok</p><p>11:03:35.0640 0x0d40 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll</p><p>11:03:35.0640 0x0d40 C:\WINDOWS\system32\samsrv.dll - ok</p><p>11:03:35.0656 0x0d40 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll</p><p>11:03:35.0656 0x0d40 C:\WINDOWS\system32\shimeng.dll - ok</p><p>11:03:35.0671 0x0d40 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\AcAdProc.dll</p><p>11:03:35.0671 0x0d40 C:\WINDOWS\AppPatch\AcAdProc.dll - ok</p><p>11:03:35.0687 0x0d40 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll</p><p>11:03:35.0687 0x0d40 C:\WINDOWS\system32\cryptdll.dll - ok</p><p>11:03:35.0750 0x0d40 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\AcGenral.dll</p><p>11:03:35.0750 0x0d40 C:\WINDOWS\AppPatch\AcGenral.dll - ok</p><p>11:03:35.0781 0x0d40 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll</p><p>11:03:35.0781 0x0d40 C:\WINDOWS\system32\winmm.dll - ok</p><p>11:03:35.0812 0x0d40 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll</p><p>11:03:35.0812 0x0d40 C:\WINDOWS\system32\oleaut32.dll - ok</p><p>11:03:35.0843 0x0d40 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll</p><p>11:03:35.0843 0x0d40 C:\WINDOWS\system32\msacm32.dll - ok</p><p>11:03:35.0875 0x0d40 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll</p><p>11:03:35.0875 0x0d40 C:\WINDOWS\system32\uxtheme.dll - ok</p><p>11:03:35.0890 0x0d40 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll</p><p>11:03:35.0890 0x0d40 C:\WINDOWS\system32\msapsspc.dll - ok</p><p>11:03:35.0937 0x0d40 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll</p><p>11:03:35.0937 0x0d40 C:\WINDOWS\system32\msvcrt40.dll - ok</p><p>11:03:35.0953 0x0d40 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll</p><p>11:03:35.0953 0x0d40 C:\WINDOWS\system32\schannel.dll - ok</p><p>11:03:35.0968 0x0d40 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll</p><p>11:03:35.0968 0x0d40 C:\WINDOWS\system32\digest.dll - ok</p><p>11:03:36.0000 0x0d40 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll</p><p>11:03:36.0000 0x0d40 C:\WINDOWS\system32\msnsspc.dll - ok</p><p>11:03:36.0015 0x0d40 [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\MSCTFIME.IME</p><p>11:03:36.0015 0x0d40 C:\WINDOWS\system32\MSCTFIME.IME - ok</p><p>11:03:36.0046 0x0d40 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll</p><p>11:03:36.0046 0x0d40 C:\WINDOWS\system32\msprivs.dll - ok</p><p>11:03:36.0062 0x0d40 [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll</p><p>11:03:36.0062 0x0d40 C:\WINDOWS\system32\atmfd.dll - ok</p><p>11:03:36.0078 0x0d40 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll</p><p>11:03:36.0078 0x0d40 C:\WINDOWS\system32\kerberos.dll - ok</p><p>11:03:36.0093 0x0d40 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll</p><p>11:03:36.0093 0x0d40 C:\WINDOWS\system32\msv1_0.dll - ok</p><p>11:03:36.0125 0x0d40 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll</p><p>11:03:36.0125 0x0d40 C:\WINDOWS\system32\iphlpapi.dll - ok</p><p>11:03:36.0125 0x0d40 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll</p><p>11:03:36.0125 0x0d40 C:\WINDOWS\system32\netlogon.dll - ok</p><p>11:03:36.0156 0x0d40 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll</p><p>11:03:36.0156 0x0d40 C:\WINDOWS\system32\w32time.dll - ok</p><p>11:03:36.0171 0x0d40 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll</p><p>11:03:36.0171 0x0d40 C:\WINDOWS\system32\wdigest.dll - ok</p><p>11:03:36.0187 0x0d40 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll</p><p>11:03:36.0187 0x0d40 C:\WINDOWS\system32\rsaenh.dll - ok</p><p>11:03:36.0203 0x0d40 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll</p><p>11:03:36.0203 0x0d40 C:\WINDOWS\system32\winscard.dll - ok</p><p>11:03:36.0218 0x0d40 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll</p><p>11:03:36.0218 0x0d40 C:\WINDOWS\system32\wtsapi32.dll - ok</p><p>11:03:36.0234 0x0d40 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll</p><p>11:03:36.0234 0x0d40 C:\WINDOWS\system32\scecli.dll - ok</p><p>11:03:36.0250 0x0d40 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe</p><p>11:03:36.0250 0x0d40 C:\WINDOWS\system32\svchost.exe - ok</p><p>11:03:36.0265 0x0d40 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll</p><p>11:03:36.0265 0x0d40 C:\WINDOWS\system32\ntmarta.dll - ok</p><p>11:03:36.0281 0x0d40 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll</p><p>11:03:36.0281 0x0d40 C:\WINDOWS\system32\rpcss.dll - ok</p><p>11:03:36.0281 0x0d40 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll</p><p>11:03:36.0281 0x0d40 C:\WINDOWS\system32\xpsp2res.dll - ok</p><p>11:03:36.0296 0x0d40 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll</p><p>11:03:36.0296 0x0d40 C:\WINDOWS\system32\eventlog.dll - ok</p><p>11:03:36.0312 0x0d40 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll</p><p>11:03:36.0312 0x0d40 C:\WINDOWS\system32\mswsock.dll - ok</p><p>11:03:36.0328 0x0d40 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll</p><p>11:03:36.0328 0x0d40 C:\WINDOWS\system32\hnetcfg.dll - ok</p><p>11:03:36.0328 0x0d40 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll</p><p>11:03:36.0328 0x0d40 C:\WINDOWS\system32\wshtcpip.dll - ok</p><p>11:03:36.0359 0x0d40 [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files\Bonjour\mdnsNSP.dll</p><p>11:03:36.0359 0x0d40 C:\Program Files\Bonjour\mdnsNSP.dll - ok</p><p>11:03:36.0390 0x0d40 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll</p><p>11:03:36.0390 0x0d40 C:\WINDOWS\system32\winrnr.dll - ok</p><p>11:03:36.0421 0x0d40 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll</p><p>11:03:36.0421 0x0d40 C:\WINDOWS\system32\rasadhlp.dll - ok</p><p>11:03:36.0453 0x0d40 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe</p><p>11:03:36.0453 0x0d40 C:\WINDOWS\system32\logonui.exe - ok</p><p>11:03:36.0468 0x0d40 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll</p><p>11:03:36.0468 0x0d40 C:\WINDOWS\system32\cscdll.dll - ok</p><p>11:03:36.0500 0x0d40 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys</p><p>11:03:36.0500 0x0d40 C:\WINDOWS\system32\drivers\ndisuio.sys - ok</p><p>11:03:36.0531 0x0d40 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll</p><p>11:03:36.0531 0x0d40 C:\WINDOWS\system32\duser.dll - ok</p><p>11:03:36.0546 0x0d40 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll</p><p>11:03:36.0546 0x0d40 C:\WINDOWS\system32\dimsntfy.dll - ok</p><p>11:03:36.0562 0x0d40 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll</p><p>11:03:36.0562 0x0d40 C:\WINDOWS\system32\wlnotify.dll - ok</p><p>11:03:36.0593 0x0d40 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv</p><p>11:03:36.0593 0x0d40 C:\WINDOWS\system32\winspool.drv - ok</p><p>11:03:36.0640 0x0d40 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll</p><p>11:03:36.0640 0x0d40 C:\WINDOWS\system32\msimg32.dll - ok</p><p>11:03:36.0734 0x0d40 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll</p><p>11:03:36.0734 0x0d40 C:\WINDOWS\system32\oleacc.dll - ok</p><p>11:03:36.0750 0x0d40 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll</p><p>11:03:36.0750 0x0d40 C:\WINDOWS\system32\dhcpcsvc.dll - ok</p><p>11:03:36.0765 0x0d40 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll</p><p>11:03:36.0765 0x0d40 C:\WINDOWS\system32\dnsrslvr.dll - ok</p><p>11:03:36.0781 0x0d40 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll</p><p>11:03:36.0781 0x0d40 C:\WINDOWS\system32\clbcatq.dll - ok</p><p>11:03:36.0796 0x0d40 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll</p><p>11:03:36.0796 0x0d40 C:\WINDOWS\system32\comres.dll - ok</p><p>11:03:36.0812 0x0d40 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll</p><p>11:03:36.0812 0x0d40 C:\WINDOWS\system32\lmhsvc.dll - ok</p><p>11:03:36.0859 0x0d40 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll</p><p>11:03:36.0859 0x0d40 C:\WINDOWS\system32\wzcsvc.dll - ok</p><p>11:03:36.0875 0x0d40 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll</p><p>11:03:36.0875 0x0d40 C:\WINDOWS\system32\shgina.dll - ok</p><p>11:03:36.0890 0x0d40 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll</p><p>11:03:36.0890 0x0d40 C:\WINDOWS\system32\rtutils.dll - ok</p><p>11:03:36.0921 0x0d40 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll</p><p>11:03:36.0921 0x0d40 C:\WINDOWS\system32\wmi.dll - ok</p><p>11:03:36.0953 0x0d40 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll</p><p>11:03:36.0953 0x0d40 C:\WINDOWS\system32\eapolqec.dll - ok</p><p>11:03:36.0984 0x0d40 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll</p><p>11:03:36.0984 0x0d40 C:\WINDOWS\system32\atl.dll - ok</p><p>11:03:37.0000 0x0d40 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll</p><p>11:03:37.0000 0x0d40 C:\WINDOWS\system32\qutil.dll - ok</p><p>11:03:37.0015 0x0d40 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll</p><p>11:03:37.0015 0x0d40 C:\WINDOWS\system32\dot3api.dll - ok</p><p>11:03:37.0031 0x0d40 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll</p><p>11:03:37.0031 0x0d40 C:\WINDOWS\system32\esent.dll - ok</p><p>11:03:37.0062 0x0d40 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll</p><p>11:03:37.0062 0x0d40 C:\WINDOWS\system32\cscui.dll - ok</p><p>11:03:37.0093 0x0d40 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll</p><p>11:03:37.0093 0x0d40 C:\WINDOWS\system32\powrprof.dll - ok</p><p>11:03:37.0140 0x0d40 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837, 78FEB881B5F1C90AD13DD69BB8C95CDF60C84E127871916D1EE8A938849E6282 ] C:\WINDOWS\system32\dpcdll.dll</p><p>11:03:37.0140 0x0d40 C:\WINDOWS\system32\dpcdll.dll - ok</p><p>11:03:37.0187 0x0d40 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll</p><p>11:03:37.0187 0x0d40 C:\WINDOWS\system32\rastls.dll - ok</p><p>11:03:37.0250 0x0d40 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe</p><p>11:03:37.0250 0x0d40 C:\WINDOWS\system32\userinit.exe - ok</p><p>11:03:37.0250 0x0d40 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll</p><p>11:03:37.0250 0x0d40 C:\WINDOWS\system32\cryptui.dll - ok</p><p>11:03:37.0281 0x0d40 [ 9F20FEF7F8B411165174CEC20583462A, 9511FA64CF8D03A69FEACDFBAF53211A5EC7E069C313C875E1962E97D283A0A5 ] C:\WINDOWS\system32\wininet.dll</p><p>11:03:37.0281 0x0d40 C:\WINDOWS\system32\wininet.dll - ok</p><p>11:03:37.0312 0x0d40 [ 94F96C1648D5F8E4375BF64D404C74BB, FE789E83436302DC0C9D0B1D0E9B0F8A546A9BD9693F3EB64C0B4F4159DCE379 ] C:\WINDOWS\system32\iertutil.dll</p><p>11:03:37.0312 0x0d40 C:\WINDOWS\system32\iertutil.dll - ok</p><p>11:03:37.0328 0x0d40 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll</p><p>11:03:37.0328 0x0d40 C:\WINDOWS\system32\normaliz.dll - ok</p><p>11:03:37.0343 0x0d40 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll</p><p>11:03:37.0343 0x0d40 C:\WINDOWS\system32\mprapi.dll - ok</p><p>11:03:37.0359 0x0d40 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll</p><p>11:03:37.0359 0x0d40 C:\WINDOWS\system32\activeds.dll - ok</p><p>11:03:37.0375 0x0d40 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll</p><p>11:03:37.0375 0x0d40 C:\WINDOWS\system32\adsldpc.dll - ok</p><p>11:03:37.0390 0x0d40 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll</p><p>11:03:37.0390 0x0d40 C:\WINDOWS\system32\rasapi32.dll - ok</p><p>11:03:37.0437 0x0d40 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe</p><p>11:03:37.0437 0x0d40 C:\WINDOWS\explorer.exe - ok</p><p>11:03:37.0468 0x0d40 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll</p><p>11:03:37.0468 0x0d40 C:\WINDOWS\system32\rasman.dll - ok</p><p>11:03:37.0531 0x0d40 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll</p><p>11:03:37.0531 0x0d40 C:\WINDOWS\system32\tapi32.dll - ok</p><p>11:03:37.0546 0x0d40 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll</p><p>11:03:37.0546 0x0d40 C:\WINDOWS\system32\riched20.dll - ok</p><p>11:03:37.0578 0x0d40 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll</p><p>11:03:37.0578 0x0d40 C:\WINDOWS\system32\browseui.dll - ok</p><p>11:03:37.0609 0x0d40 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll</p><p>11:03:37.0609 0x0d40 C:\WINDOWS\system32\raschap.dll - ok</p><p>11:03:37.0671 0x0d40 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll</p><p>11:03:37.0671 0x0d40 C:\WINDOWS\system32\netman.dll - ok</p><p>11:03:37.0687 0x0d40 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll</p><p>11:03:37.0687 0x0d40 C:\WINDOWS\system32\shdocvw.dll - ok</p><p>11:03:37.0718 0x0d40 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll</p><p>11:03:37.0718 0x0d40 C:\WINDOWS\system32\netshell.dll - ok</p><p>11:03:37.0734 0x0d40 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll</p><p>11:03:37.0734 0x0d40 C:\WINDOWS\system32\credui.dll - ok</p><p>11:03:37.0765 0x0d40 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll</p><p>11:03:37.0765 0x0d40 C:\WINDOWS\system32\dot3dlg.dll - ok</p><p>11:03:37.0781 0x0d40 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll</p><p>11:03:37.0781 0x0d40 C:\WINDOWS\system32\onex.dll - ok</p><p>11:03:37.0796 0x0d40 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll</p><p>11:03:37.0796 0x0d40 C:\WINDOWS\system32\eappcfg.dll - ok</p><p>11:03:37.0828 0x0d40 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll</p><p>11:03:37.0828 0x0d40 C:\WINDOWS\system32\eappprxy.dll - ok</p><p>11:03:37.0859 0x0d40 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll</p><p>11:03:37.0859 0x0d40 C:\WINDOWS\system32\wzcsapi.dll - ok</p><p>11:03:37.0875 0x0d40 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl</p><p>11:03:37.0875 0x0d40 C:\WINDOWS\system32\desk.cpl - ok</p><p>11:03:37.0984 0x0d40 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll</p><p>11:03:37.0984 0x0d40 C:\WINDOWS\system32\themeui.dll - ok</p><p>11:03:38.0109 0x0d40 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll</p><p>11:03:38.0109 0x0d40 C:\WINDOWS\system32\schedsvc.dll - ok</p><p>11:03:38.0359 0x0d40 [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll</p><p>11:03:38.0359 0x0d40 C:\WINDOWS\system32\msidle.dll - ok</p><p>11:03:38.0437 0x0d40 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe</p><p>11:03:38.0437 0x0d40 C:\WINDOWS\system32\spoolsv.exe - ok</p><p>11:03:38.0468 0x0d40 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll</p><p>11:03:38.0468 0x0d40 C:\WINDOWS\system32\audiosrv.dll - ok</p><p>11:03:38.0609 0x0d40 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll</p><p>11:03:38.0609 0x0d40 C:\WINDOWS\system32\wkssvc.dll - ok</p><p>11:03:38.0687 0x0d40 [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll</p><p>11:03:38.0687 0x0d40 C:\WINDOWS\system32\actxprxy.dll - ok</p><p>11:03:38.0781 0x0d40 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys</p><p>11:03:38.0781 0x0d40 C:\WINDOWS\system32\drivers\mrxdav.sys - ok</p><p>11:03:38.0812 0x0d40 [ C0D4312262C7B1A46AADB8418B85D8FA, 7614A88F0C811E6D78D8B481D64DA986A7E1CE786CC1BEC02968303EEEB8103B ] C:\WINDOWS\system32\urlmon.dll</p><p>11:03:38.0812 0x0d40 C:\WINDOWS\system32\urlmon.dll - ok</p><p>11:03:38.0875 0x0d40 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll</p><p>11:03:38.0875 0x0d40 C:\WINDOWS\system32\webclnt.dll - ok</p><p>11:03:38.0968 0x0d40 [ E16B687057603A249DA9271E9727CDB0, 0537DF45574FB17A1B8AD2AF0D571A9622B5A0A4D631F98ED115988FF075189E ] C:\WINDOWS\system32\ieframe.dll</p><p>11:03:38.0968 0x0d40 C:\WINDOWS\system32\ieframe.dll - ok</p><p>11:03:39.0093 0x0d40 [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe</p><p>11:03:39.0093 0x0d40 C:\WINDOWS\system32\cmd.exe - ok</p><p>11:03:39.0156 0x0d40 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys</p><p>11:03:39.0156 0x0d40 C:\WINDOWS\system32\drivers\parport.sys - ok</p><p>11:03:39.0171 0x0d40 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll</p><p>11:03:39.0171 0x0d40 C:\WINDOWS\system32\mlang.dll - ok</p><p>11:03:39.0187 0x0d40 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys</p><p>11:03:39.0187 0x0d40 C:\WINDOWS\system32\drivers\serial.sys - ok</p><p>11:03:39.0218 0x0d40 [ 566382CA5F2C41FEAEEEFAC908F1EB92, FF25ACB5CC757F6D7FE8724EDAC16A36332406AF39745C45858AB24CAF24AC48 ] C:\WINDOWS\system32\xmlprovi.dll</p><p>11:03:39.0218 0x0d40 C:\WINDOWS\system32\xmlprovi.dll - ok</p><p>11:03:39.0234 0x0d40 [ 2953A157A783BFC06F42F99FEFA5EB07, 90236C68F46FA25F6C0561A38CAE7BEB2E35281AF33B3779BC52CDA0F73018CC ] C:\WINDOWS\system32\ANIO.sys</p><p>11:03:39.0234 0x0d40 C:\WINDOWS\system32\ANIO.sys - ok</p><p>11:03:39.0281 0x0d40 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll</p><p>11:03:39.0281 0x0d40 C:\WINDOWS\system32\cryptsvc.dll - ok</p><p>11:03:39.0453 0x0d40 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys</p><p>11:03:39.0453 0x0d40 C:\WINDOWS\system32\drivers\wdmaud.sys - ok</p><p>11:03:39.0578 0x0d40 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv</p><p>11:03:39.0578 0x0d40 C:\WINDOWS\system32\wdmaud.drv - ok</p><p>11:03:39.0656 0x0d40 [ FE2571A8C9FFAB1D45502D6B0BF472AA, 1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ] C:\WINDOWS\system32\xp_eos.exe</p><p>11:03:39.0656 0x0d40 C:\WINDOWS\system32\xp_eos.exe - ok</p><p>11:03:39.0718 0x0d40 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys</p><p>11:03:39.0718 0x0d40 C:\WINDOWS\system32\drivers\sysaudio.sys - ok</p><p>11:03:39.0734 0x0d40 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys</p><p>11:03:39.0734 0x0d40 C:\WINDOWS\system32\drivers\aec.sys - ok</p><p>11:03:39.0765 0x0d40 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys</p><p>11:03:39.0765 0x0d40 C:\WINDOWS\system32\drivers\splitter.sys - ok</p><p>11:03:39.0796 0x0d40 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll</p><p>11:03:39.0796 0x0d40 C:\WINDOWS\system32\certcli.dll - ok</p><p>11:03:39.0843 0x0d40 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys</p><p>11:03:39.0843 0x0d40 C:\WINDOWS\system32\drivers\swmidi.sys - ok</p><p>11:03:39.0921 0x0d40 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll</p><p>11:03:39.0921 0x0d40 C:\WINDOWS\system32\ersvc.dll - ok</p><p>11:03:39.0937 0x0d40 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\DMusic.sys</p><p>11:03:39.0937 0x0d40 C:\WINDOWS\system32\drivers\DMusic.sys - ok</p><p>11:03:39.0953 0x0d40 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys</p><p>11:03:39.0953 0x0d40 C:\WINDOWS\system32\drivers\kmixer.sys - ok</p><p>11:03:39.0968 0x0d40 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll</p><p>11:03:39.0968 0x0d40 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok</p><p>11:03:39.0984 0x0d40 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll</p><p>11:03:39.0984 0x0d40 C:\WINDOWS\system32\es.dll - ok</p><p>11:03:39.0984 0x0d40 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys</p><p>11:03:39.0984 0x0d40 C:\WINDOWS\system32\drivers\drmkaud.sys - ok</p><p>11:03:40.0031 0x0d40 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] C:\WINDOWS\system32\hidserv.dll</p><p>11:03:40.0031 0x0d40 C:\WINDOWS\system32\hidserv.dll - ok</p><p>11:03:40.0062 0x0d40 [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll</p><p>11:03:40.0062 0x0d40 C:\WINDOWS\system32\hid.dll - ok</p><p>11:03:40.0078 0x0d40 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll</p><p>11:03:40.0078 0x0d40 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok</p><p>11:03:40.0109 0x0d40 [ 2A6B16AAD88A449B9E124FBF2D308E07, 0320AC1DD22095E56ED53D25262E5E80F11877D7C40EB33A8C07DFD8BDC02F7E ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll</p><p>11:03:40.0109 0x0d40 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok</p><p>11:03:40.0140 0x0d40 [ A04F4AC48895774A2CF9D1C9EAAACEF0, 012F10DE086C3551D75716EF1F6DCC477C8C1E776267D9FC4073BEADAFD37C9C ] C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL</p><p>11:03:40.0140 0x0d40 C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL - ok</p><p>11:03:40.0156 0x0d40 [ C6E5276C00EBDEB096BB5EF4B797D1B6, 2620D2F7B5242E9DD0217FB4E0CBACF1DB8AB1B92187AD2847904948E1ABFEC1 ] C:\WINDOWS\system32\drivers\int15.sys</p><p>11:03:40.0156 0x0d40 C:\WINDOWS\system32\drivers\int15.sys - ok</p><p>11:03:40.0218 0x0d40 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll</p><p>11:03:40.0218 0x0d40 C:\WINDOWS\system32\srvsvc.dll - ok</p><p>11:03:40.0343 0x0d40 [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv</p><p>11:03:40.0343 0x0d40 C:\WINDOWS\system32\msacm32.drv - ok</p><p>11:03:40.0359 0x0d40 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll</p><p>11:03:40.0359 0x0d40 C:\WINDOWS\system32\netmsg.dll - ok</p><p>11:03:40.0437 0x0d40 [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll</p><p>11:03:40.0437 0x0d40 C:\WINDOWS\system32\midimap.dll - ok</p><p>11:03:40.0656 0x0d40 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll</p><p>11:03:40.0656 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok</p><p>11:03:40.0718 0x0d40 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys</p><p>11:03:40.0718 0x0d40 C:\WINDOWS\system32\drivers\srv.sys - ok</p><p>11:03:40.0828 0x0d40 [ 80B7A96F908DA13617E7E6832C5C6A64, 08B81AFE120B8064B6E001BDF424168305D55F38AE2071300F57C8EA32BEAE56 ] C:\WINDOWS\system32\HPZinw12.dll</p><p>11:03:40.0828 0x0d40 C:\WINDOWS\system32\HPZinw12.dll - ok</p><p>11:03:40.0921 0x0d40 [ F042EE4C8D66248D9B86DCF52ABAE416, AE0F5CC54E4B133DF66A54572A7CE52FAFF11F8FD0CAEAB088AAD3699D6EC924 ] C:\ComboFix\pev.3XE</p><p>11:03:40.0921 0x0d40 C:\ComboFix\pev.3XE - ok</p><p>11:03:40.0968 0x0d40 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll</p><p>11:03:40.0968 0x0d40 C:\WINDOWS\system32\wsock32.dll - ok</p><p>11:03:41.0031 0x0d40 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll</p><p>11:03:41.0031 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok</p><p>11:03:41.0062 0x0d40 [ ABC6379205DE2618851C4FCBF72112EB, 22E7528E56DFFAA26CFE722994655686C90824B13EB51184ABFE44D4E95D473F ] C:\ComboFix\hidec.3XE</p><p>11:03:41.0062 0x0d40 C:\ComboFix\hidec.3XE - ok</p><p>11:03:41.0093 0x0d40 [ 0C155C5D8942B3CBCF9506A9D376B9AD, 37F4878548DD7063CA31FB21D6955A45C25F648C332A736DA84DEA5AAE7486AF ] C:\WINDOWS\system32\HPZipm12.dll</p><p>11:03:41.0093 0x0d40 C:\WINDOWS\system32\HPZipm12.dll - ok</p><p>11:03:41.0109 0x0d40 [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll</p><p>11:03:41.0109 0x0d40 C:\WINDOWS\system32\ipsecsvc.dll - ok</p><p>11:03:41.0140 0x0d40 [ A46842C9B0C567A5A9584E83A163560C, 715C24BF2BFDFB50C5B9BFF41B7CC2728D6986AF97EDEEB1F1DF0C35D673AD98 ] C:\ComboFix\swreg.3XE</p><p>11:03:41.0140 0x0d40 C:\ComboFix\swreg.3XE - ok</p><p>11:03:41.0156 0x0d40 [ 584C4DA856450CB22EBBE7A68CC6250F, 56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ] C:\WINDOWS\system32\oakley.dll</p><p>11:03:41.0156 0x0d40 C:\WINDOWS\system32\oakley.dll - ok</p><p>11:03:41.0187 0x0d40 [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll</p><p>11:03:41.0187 0x0d40 C:\WINDOWS\system32\psbase.dll - ok</p><p>11:03:41.0203 0x0d40 [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll</p><p>11:03:41.0203 0x0d40 C:\WINDOWS\system32\pstorsvc.dll - ok</p><p>11:03:41.0218 0x0d40 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll</p><p>11:03:41.0218 0x0d40 C:\WINDOWS\system32\winipsec.dll - ok</p><p>11:03:41.0250 0x0d40 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll</p><p>11:03:41.0250 0x0d40 C:\WINDOWS\system32\dssenh.dll - ok</p><p>11:03:41.0265 0x0d40 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll</p><p>11:03:41.0265 0x0d40 C:\WINDOWS\system32\seclogon.dll - ok</p><p>11:03:41.0281 0x0d40 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll</p><p>11:03:41.0281 0x0d40 C:\WINDOWS\system32\sens.dll - ok</p><p>11:03:41.0312 0x0d40 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll</p><p>11:03:41.0312 0x0d40 C:\WINDOWS\system32\srsvc.dll - ok</p><p>11:03:41.0343 0x0d40 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] C:\WINDOWS\system32\wiaservc.dll</p><p>11:03:41.0343 0x0d40 C:\WINDOWS\system32\wiaservc.dll - ok</p><p>11:03:41.0390 0x0d40 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll</p><p>11:03:41.0390 0x0d40 C:\WINDOWS\system32\trkwks.dll - ok</p><p>11:03:41.0406 0x0d40 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll</p><p>11:03:41.0406 0x0d40 C:\WINDOWS\system32\cfgmgr32.dll - ok</p><p>11:03:41.0437 0x0d40 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] C:\WINDOWS\system32\tapisrv.dll</p><p>11:03:41.0437 0x0d40 C:\WINDOWS\system32\tapisrv.dll - ok</p><p>11:03:41.0453 0x0d40 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll</p><p>11:03:41.0453 0x0d40 C:\WINDOWS\system32\mscms.dll - ok</p><p>11:03:41.0484 0x0d40 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll</p><p>11:03:41.0484 0x0d40 C:\WINDOWS\system32\wbem\wmisvc.dll - ok</p><p>11:03:41.0531 0x0d40 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll</p><p>11:03:41.0531 0x0d40 C:\WINDOWS\system32\vssapi.dll - ok</p><p>11:03:41.0562 0x0d40 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll</p><p>11:03:41.0562 0x0d40 C:\WINDOWS\system32\browser.dll - ok</p><p>11:03:41.0593 0x0d40 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll</p><p>11:03:41.0593 0x0d40 C:\WINDOWS\system32\wuauserv.dll - ok</p><p>11:03:41.0625 0x0d40 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] C:\WINDOWS\system32\fxssvc.exe</p><p>11:03:41.0625 0x0d40 C:\WINDOWS\system32\fxssvc.exe - ok</p><p>11:03:41.0640 0x0d40 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll</p><p>11:03:41.0640 0x0d40 C:\WINDOWS\system32\wuaueng.dll - ok</p><p>11:03:41.0671 0x0d40 [ BDB83C844EDEC9BD01A94750D2C38DDF, B18B9E9B9EE74143153CA2479BF7FC9A5528DB4023FA085D0DA5E9B8795C7428 ] C:\WINDOWS\system32\fxsevent.dll</p><p>11:03:41.0671 0x0d40 C:\WINDOWS\system32\fxsevent.dll - ok</p><p>11:03:41.0703 0x0d40 [ 1144EF6B4BB72E33B41912AE1AE4F97A, 75144F64352D0A426F7171487F733BA85786D3279C18E741F06484440CA0BC19 ] C:\WINDOWS\system32\fxstiff.dll</p><p>11:03:41.0703 0x0d40 C:\WINDOWS\system32\fxstiff.dll - ok</p><p>11:03:41.0703 0x0d40 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll</p><p>11:03:41.0703 0x0d40 C:\WINDOWS\system32\winhttp.dll - ok</p><p>11:03:41.0750 0x0d40 [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll</p><p>11:03:41.0750 0x0d40 C:\WINDOWS\system32\cabinet.dll - ok</p><p>11:03:41.0781 0x0d40 [ 0329D0A4F230094B669A87BB3B85606E, F9A45480E1433B55123DD56327B5777EEF0013BB1693818C28D3D6EFC29D50B4 ] C:\WINDOWS\system32\fxsapi.dll</p><p>11:03:41.0781 0x0d40 C:\WINDOWS\system32\fxsapi.dll - ok</p><p>11:03:41.0796 0x0d40 [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll</p><p>11:03:41.0796 0x0d40 C:\WINDOWS\system32\mspatcha.dll - ok</p><p>11:03:41.0812 0x0d40 [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll</p><p>11:03:41.0812 0x0d40 C:\WINDOWS\system32\wups.dll - ok</p><p>11:03:41.0828 0x0d40 [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll</p><p>11:03:41.0828 0x0d40 C:\WINDOWS\system32\spoolss.dll - ok</p><p>11:03:41.0859 0x0d40 [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll</p><p>11:03:41.0859 0x0d40 C:\WINDOWS\system32\wups2.dll - ok</p><p>11:03:41.0875 0x0d40 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll</p><p>11:03:41.0875 0x0d40 C:\WINDOWS\system32\cryptnet.dll - ok</p><p>11:03:41.0906 0x0d40 [ 5B7D974F49ADECFFFEDFD2C7C2AC0894, 5B433968D0BFCE26E5991EE529C127AA8D9F84B5ACBB85DAAD3F26B58682E5E9 ] C:\WINDOWS\system32\hposwia_p04a.dll</p><p>11:03:41.0906 0x0d40 C:\WINDOWS\system32\hposwia_p04a.dll - ok</p><p>11:03:41.0937 0x0d40 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll</p><p>11:03:41.0937 0x0d40 C:\WINDOWS\system32\wscsvc.dll - ok</p><p>11:03:41.0953 0x0d40 [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll</p><p>11:03:41.0953 0x0d40 C:\WINDOWS\system32\localspl.dll - ok</p><p>11:03:42.0000 0x0d40 [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll</p><p>11:03:42.0000 0x0d40 C:\WINDOWS\system32\cnbjmon.dll - ok</p><p>11:03:42.0046 0x0d40 [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll</p><p>11:03:42.0046 0x0d40 C:\WINDOWS\system32\msi.dll - ok</p><p>11:03:42.0078 0x0d40 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll</p><p>11:03:42.0078 0x0d40 C:\WINDOWS\system32\sensapi.dll - ok</p><p>11:03:42.0109 0x0d40 [ 8FA382B5A54DC35875A067C84FBD6240, AA6E58E8AC7DB92A8B915BD25D183775FBA69A6E23CD7226F9557102B94C3777 ] C:\WINDOWS\system32\hpf3l101.dll</p><p>11:03:42.0109 0x0d40 C:\WINDOWS\system32\hpf3l101.dll - ok</p><p>11:03:42.0140 0x0d40 [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll</p><p>11:03:42.0140 0x0d40 C:\WINDOWS\system32\comsvcs.dll - ok</p><p>11:03:42.0171 0x0d40 [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll</p><p>11:03:42.0171 0x0d40 C:\WINDOWS\system32\colbact.dll - ok</p><p>11:03:42.0203 0x0d40 [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll</p><p>11:03:42.0203 0x0d40 C:\WINDOWS\system32\mtxclu.dll - ok</p><p>11:03:42.0218 0x0d40 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll</p><p>11:03:42.0218 0x0d40 C:\WINDOWS\system32\clusapi.dll - ok</p><p>11:03:42.0234 0x0d40 [ CC6292CA575E851E5B74BF8883AB967A, 40DB13B96395FC753C4BC70C32A1845002DDD613955589F8EE0BF7E049A43779 ] C:\WINDOWS\system32\fxsmon.dll</p><p>11:03:42.0234 0x0d40 C:\WINDOWS\system32\fxsmon.dll - ok</p><p>11:03:42.0265 0x0d40 [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll</p><p>11:03:42.0265 0x0d40 C:\WINDOWS\system32\pjlmon.dll - ok</p><p>11:03:42.0296 0x0d40 [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll</p><p>11:03:42.0296 0x0d40 C:\WINDOWS\system32\resutils.dll - ok</p><p>11:03:42.0343 0x0d40 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll</p><p>11:03:42.0343 0x0d40 C:\WINDOWS\system32\ipnathlp.dll - ok</p><p>11:03:42.0359 0x0d40 [ 2C6786656869093C521337D6AC813BC6, 111C4873DDEC20E8DB08B69A73B91D6213883C025DEB49AEB9D4C7B9818F65FC ] C:\WINDOWS\system32\Primomonnt.dll</p><p>11:03:42.0359 0x0d40 C:\WINDOWS\system32\Primomonnt.dll - ok</p><p>11:03:42.0375 0x0d40 [ C52CE534397E1D3A442FB4C88A3CBE42, 4289052A24780CEEE9C96290B47FDD596B7D4426F776BB7B2ACCBB6E01B41E52 ] C:\WINDOWS\system32\msonpmon.dll</p><p>11:03:42.0375 0x0d40 C:\WINDOWS\system32\msonpmon.dll - ok</p><p>11:03:42.0500 0x0d40 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll</p><p>11:03:42.0500 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok</p><p>11:03:42.0562 0x0d40 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll</p><p>11:03:42.0562 0x0d40 C:\WINDOWS\system32\wbem\wbemprox.dll - ok</p><p>11:03:42.0578 0x0d40 [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll</p><p>11:03:42.0578 0x0d40 C:\WINDOWS\system32\tcpmon.dll - ok</p><p>11:03:42.0593 0x0d40 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll</p><p>11:03:42.0593 0x0d40 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok</p><p>11:03:42.0609 0x0d40 [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll</p><p>11:03:42.0609 0x0d40 C:\WINDOWS\system32\usbmon.dll - ok</p><p>11:03:42.0625 0x0d40 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll</p><p>11:03:42.0625 0x0d40 C:\WINDOWS\system32\wbem\wbemcore.dll - ok</p><p>11:03:42.0656 0x0d40 [ 549443507E0A4D38EA7160927FA8AE5E, 88E1B4039ED42B3F53670D0D085F076060E505AB4FC785FBCFB55D99C1A4B961 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp101.dll</p><p>11:03:42.0656 0x0d40 C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp101.dll - ok</p><p>11:03:42.0687 0x0d40 [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll</p><p>11:03:42.0687 0x0d40 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok</p><p>11:03:42.0718 0x0d40 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll</p><p>11:03:42.0718 0x0d40 C:\WINDOWS\system32\wbem\esscli.dll - ok</p><p>11:03:42.0765 0x0d40 [ F348280907B38FDBDB3CEF55D456E149, 526A1A46491401EA9BA241ADA76A610E8D98831F8D2C82712B931B481EA5529E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll</p><p>11:03:42.0765 0x0d40 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok</p><p>11:03:42.0812 0x0d40 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll</p><p>11:03:42.0812 0x0d40 C:\WINDOWS\system32\win32spl.dll - ok</p><p>11:03:42.0843 0x0d40 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll</p><p>11:03:42.0843 0x0d40 C:\WINDOWS\system32\netrap.dll - ok</p><p>11:03:42.0953 0x0d40 [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll</p><p>11:03:42.0953 0x0d40 C:\WINDOWS\system32\inetpp.dll - ok</p><p>11:03:42.0984 0x0d40 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll</p><p>11:03:42.0984 0x0d40 C:\WINDOWS\system32\wbem\fastprox.dll - ok</p><p>11:03:43.0031 0x0d40 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll</p><p>11:03:43.0031 0x0d40 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok</p><p>11:03:43.0078 0x0d40 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll</p><p>11:03:43.0078 0x0d40 C:\WINDOWS\system32\shfolder.dll - ok</p><p>11:03:43.0140 0x0d40 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll</p><p>11:03:43.0140 0x0d40 C:\WINDOWS\system32\wbem\wmiutils.dll - ok</p><p>11:03:43.0156 0x0d40 [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe</p><p>11:03:43.0156 0x0d40 C:\WINDOWS\system32\wuauclt.exe - ok</p><p>11:03:43.0187 0x0d40 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll</p><p>11:03:43.0187 0x0d40 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok</p><p>11:03:43.0218 0x0d40 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll</p><p>11:03:43.0218 0x0d40 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok</p><p>11:03:43.0296 0x0d40 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll</p><p>11:03:43.0296 0x0d40 C:\WINDOWS\system32\wbem\wbemess.dll - ok</p><p>11:03:43.0343 0x0d40 [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\WINDOWS\system32\wuapi.dll</p><p>11:03:43.0343 0x0d40 C:\WINDOWS\system32\wuapi.dll - ok</p><p>11:03:43.0390 0x0d40 [ 0CE5F8AE9C371A965D17E3F2ED134809, 22627A1E9A5B7068E2A783B5D218D530E2CCB26021333C097B4FF922400367FC ] C:\WINDOWS\system32\fxst30.dll</p><p>11:03:43.0390 0x0d40 C:\WINDOWS\system32\fxst30.dll - ok</p><p>11:03:43.0437 0x0d40 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll</p><p>11:03:43.0437 0x0d40 C:\WINDOWS\system32\wbem\ncprov.dll - ok</p><p>11:03:43.0500 0x0d40 [ 2D583E2844FDD592D1629EB6B10E5702, 94F211492B347190275E8584D9CBDC900D636505A484AA3D624E89812C8AE28B ] C:\WINDOWS\system32\fxsroute.dll</p><p>11:03:43.0500 0x0d40 C:\WINDOWS\system32\fxsroute.dll - ok</p><p>11:03:43.0546 0x0d40 [ AACE07FE34FADDDF973CE068A6424957, A14DC612762F56EE3CF9FBDF58E9476400F2CD9513319AD90E3818B2DB9F4580 ] C:\WINDOWS\system32\unimdm.tsp</p><p>11:03:43.0546 0x0d40 C:\WINDOWS\system32\unimdm.tsp - ok</p><p>11:03:43.0546 0x0d40 [ 995252FCC4692B5B97EE17D596C9386E, E0EC754ADC0976BCF88C4777E788A67844428DF0B828D8EE7B8A039C763DFFDD ] C:\WINDOWS\system32\uniplat.dll</p><p>11:03:43.0546 0x0d40 C:\WINDOWS\system32\uniplat.dll - ok</p><p>11:03:43.0562 0x0d40 [ 19AE6CBA05B9005698A6DEDCC88F202E, 047016D4989FB1460BE11C0C22E10858E3D6598EBA31C98B8489413C1A350A9C ] C:\WINDOWS\system32\unimdmat.dll</p><p>11:03:43.0562 0x0d40 C:\WINDOWS\system32\unimdmat.dll - ok</p><p>11:03:43.0578 0x0d40 [ FE4A73CDBC882A19D070F1C01586E81A, EAF450BA7E168EA41EAA7556E14CBDFCF1B96D7E57A17EC20C3BECFDA9FDFD9A ] C:\WINDOWS\system32\modemui.dll</p><p>11:03:43.0578 0x0d40 C:\WINDOWS\system32\modemui.dll - ok</p><p>11:03:43.0593 0x0d40 [ 76EC97C5068D3D9FAA7774B0F659D31A, 4E2EF0DC0B05187A6154D4D672B7530E14103D7D1EDF1BDE960F9B988B5EC41F ] C:\WINDOWS\system32\kmddsp.tsp</p><p>11:03:43.0593 0x0d40 C:\WINDOWS\system32\kmddsp.tsp - ok</p><p>11:03:43.0609 0x0d40 [ 4589963D84F2984FA5949A72162BA4F4, BC927EC7D0EBDBD2B4780D892D41739840DD31B0FF8C79013014925F52860808 ] C:\WINDOWS\system32\ndptsp.tsp</p><p>11:03:43.0609 0x0d40 C:\WINDOWS\system32\ndptsp.tsp - ok</p><p>11:03:43.0625 0x0d40 [ 8BC2B02DC11C98D14CEE43B8E8393FF3, 1314C33E2E5F11B361CF1E88884B2A9862F8BAB1C498F48DC4C49ACDB28D4732 ] C:\WINDOWS\system32\h323.tsp</p><p>11:03:43.0625 0x0d40 C:\WINDOWS\system32\h323.tsp - ok</p><p>11:03:43.0656 0x0d40 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8, 7E3A0204FCDD5DFFB3B352451232DD86F8298F83918533D874C122A2EF29081B ] C:\WINDOWS\system32\ipconf.tsp</p><p>11:03:43.0656 0x0d40 C:\WINDOWS\system32\ipconf.tsp - ok</p><p>11:03:43.0687 0x0d40 [ 6B552ED3BEE5AA3C4560478FF779BA98, 1778F0B7200F93EB255E1F215BB5FBEAA0DBF63BC60B286D76120F8A787995C4 ] C:\WINDOWS\system32\hidphone.tsp</p><p>11:03:43.0687 0x0d40 C:\WINDOWS\system32\hidphone.tsp - ok</p><p>11:03:43.0687 0x0d40 [ 60655EF9F253944D9BA644BC6A480944, 35B277D05A5E804E325B5CD3C3AC1A75E9E54907E50384BFA0B8215F435B8490 ] C:\Program Files\Internet Explorer\iexplore.exe</p><p>11:03:43.0687 0x0d40 C:\Program Files\Internet Explorer\iexplore.exe - ok</p><p>11:03:43.0781 0x0d40 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll</p><p>11:03:43.0781 0x0d40 C:\WINDOWS\system32\wbem\wbemcons.dll - ok</p><p>11:03:43.0828 0x0d40 [ AF8841FEF8DE40D36E77C6662843EDAE, E7FAE0E448B7123CE4BBD20D5EBFCD8690F6902D7007C39733658EAD65A0A1DE ] C:\WINDOWS\AppPatch\aclayers.dll</p><p>11:03:43.0828 0x0d40 C:\WINDOWS\AppPatch\aclayers.dll - ok</p><p>11:03:43.0843 0x0d40 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll</p><p>11:03:43.0843 0x0d40 C:\WINDOWS\system32\termsrv.dll - ok</p><p>11:03:43.0875 0x0d40 [ 2523016B69F2D222DD2ED1CA532B2016, 2CD617CB80FA91A22517084BEDB819A496F645367A487B31DDC65B0F2BDA6D63 ] C:\WINDOWS\system32\mshtml.dll</p><p>11:03:43.0875 0x0d40 C:\WINDOWS\system32\mshtml.dll - ok</p><p>11:03:43.0890 0x0d40 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll</p><p>11:03:43.0890 0x0d40 C:\WINDOWS\system32\icaapi.dll - ok</p><p>11:03:43.0921 0x0d40 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll</p><p>11:03:43.0921 0x0d40 C:\WINDOWS\system32\mstlsapi.dll - ok</p><p>11:03:43.0984 0x0d40 [ 87B27E19DC5B4F8F3FEF061A155977B9, F76296565DA5471564F6146189AE392E1FB62A71BB61863AE860223873F6E2CF ] C:\WINDOWS\system32\msls31.dll</p><p>11:03:43.0984 0x0d40 C:\WINDOWS\system32\msls31.dll - ok</p><p>11:03:44.0015 0x0d40 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll</p><p>11:03:44.0015 0x0d40 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok</p><p>11:03:44.0046 0x0d40 [ FCA8CD0A6FB5048224EB3EFDCD51DF0A, 4E3F9A2ACF21162042FD514121EC7FD6231501386E3295E1C9AAE933C9BFB580 ] C:\WINDOWS\system32\ieapfltr.dll</p><p>11:03:44.0046 0x0d40 C:\WINDOWS\system32\ieapfltr.dll - ok</p><p>11:03:44.0078 0x0d40 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] C:\WINDOWS\system32\alg.exe</p><p>11:03:44.0078 0x0d40 C:\WINDOWS\system32\alg.exe - ok</p><p>11:03:44.0078 0x0d40 [ E11457C66FDD966EE415FBBC6D9BE643, 9CAF889C740D79F56F1CE817DA7C8F2BAEE740212B578DAC509EA2C8BA2D790E ] C:\WINDOWS\system32\MSIMTF.dll</p><p>11:03:44.0078 0x0d40 C:\WINDOWS\system32\MSIMTF.dll - ok</p><p>11:03:44.0093 0x0d40 [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\MSCTF.dll</p><p>11:03:44.0093 0x0d40 C:\WINDOWS\system32\MSCTF.dll - ok</p><p>11:03:44.0125 0x0d40 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll</p><p>11:03:44.0125 0x0d40 C:\WINDOWS\system32\rasmans.dll - ok</p><p>11:03:44.0140 0x0d40 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll</p><p>11:03:44.0140 0x0d40 C:\WINDOWS\system32\netcfgx.dll - ok</p><p>11:03:44.0156 0x0d40 [ 5F7692CEC90E2E9AA32CD58321E234B8, 0F76BD005B6FC51EE8B2D167C5E792947F8A8FF1A4FBC7F9CB3572BEAFC12639 ] C:\WINDOWS\system32\rastapi.dll</p><p>11:03:44.0156 0x0d40 C:\WINDOWS\system32\rastapi.dll - ok</p><p>11:03:44.0187 0x0d40 [ D0545A010ED2259A740C8414899A938F, 5E6FD116C6F65241A075E4469C5AD1967B8D66DE11E223F7A3F00139FB0160C3 ] C:\WINDOWS\system32\rasppp.dll</p><p>11:03:44.0187 0x0d40 C:\WINDOWS\system32\rasppp.dll - ok</p><p>11:03:44.0218 0x0d40 [ B464BD425D5D09ABE4192234D1577B22, DF7333CAF299A18DEA43ACEF0A6D8C3F79918D1B3FCE437FDED6B54F95C106B9 ] C:\WINDOWS\system32\ntlsapi.dll</p><p>11:03:44.0218 0x0d40 C:\WINDOWS\system32\ntlsapi.dll - ok</p><p>11:03:44.0234 0x0d40 [ A655C88AA555BB8EF8957BD29408827F, 6CD48D32D1DFF68FEED5CC20D0DE12729101381EB8A6774408566C14E0B18FFB ] C:\WINDOWS\system32\rasqec.dll</p><p>11:03:44.0234 0x0d40 C:\WINDOWS\system32\rasqec.dll - ok</p><p>11:03:44.0281 0x0d40 [ F92E1076C42FCD6DB3D72D8CFE9816D5, 94135ACF2D9426BB78E4522429120B03D94B541422C277B9ACA31410874A464C ] C:\WINDOWS\system32\wscntfy.exe</p><p>11:03:44.0281 0x0d40 C:\WINDOWS\system32\wscntfy.exe - ok</p><p>11:03:44.0312 0x0d40 [ F7B098A08EFCF4AB4247264C0AC225D2, 7F5FB938F006E11239B319A23EBDFD7C21B528C49B37826D91A883EC01BCEAD3 ] C:\WINDOWS\system32\jscript.dll</p><p>11:03:44.0312 0x0d40 C:\WINDOWS\system32\jscript.dll - ok</p><p>11:03:44.0343 0x0d40 [ 277A5F9EAF1C88F9AC760C46D259CD3F, 92C7DC64B83B0E447A0DBCBDA793E3C912B6F5F77F409B218CF34C11D3445C13 ] C:\WINDOWS\system32\imgutil.dll</p><p>11:03:44.0343 0x0d40 C:\WINDOWS\system32\imgutil.dll - ok</p><p>11:03:44.0343 0x0d40 [ 33F9AECBCCDBE739C1FDCE879B621530, 8F9C49CF46A36476CE091A65F779334D163443501C3B97B599AB22D94E11F94F ] C:\WINDOWS\system32\pngfilt.dll</p><p>11:03:44.0343 0x0d40 C:\WINDOWS\system32\pngfilt.dll - ok</p><p>11:03:44.0359 0x0d40 [ 0B3C45D5E09D4F9FA312BC3196598B3F, BF8B8A7F962DF08AD5A43D0176766D994B231478F4B95937AAD9E5237A42BF7A ] C:\WINDOWS\system32\mshtmled.dll</p><p>11:03:44.0359 0x0d40 C:\WINDOWS\system32\mshtmled.dll - ok</p><p>11:03:44.0375 0x0d40 [ 03A02D5A2D50198BDF6C62AF209438D0, 7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ] C:\WINDOWS\system32\msxml3.dll</p><p>11:03:44.0375 0x0d40 C:\WINDOWS\system32\msxml3.dll - ok</p><p>11:03:44.0390 0x0d40 [ A1EA582E8B94AE00C14FFACCE4D19E60, 8105AEE7DD563120EC90C500B14A540033599097D2C6635772D18D5981768443 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{1A8A5614-6199-49E3-8A1B-06CEA730CF8B}.exe</p><p>11:03:44.0390 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{1A8A5614-6199-49E3-8A1B-06CEA730CF8B}.exe - ok</p><p>11:03:44.0421 0x0d40 [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll</p><p>11:03:44.0421 0x0d40 C:\WINDOWS\system32\msutb.dll - ok</p><p>11:03:44.0453 0x0d40 [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe</p><p>11:03:44.0453 0x0d40 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok</p><p>11:03:44.0484 0x0d40 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll</p><p>11:03:44.0484 0x0d40 C:\WINDOWS\system32\ntshrui.dll - ok</p><p>11:03:44.0562 0x0d40 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe</p><p>11:03:44.0562 0x0d40 C:\WINDOWS\system32\verclsid.exe - ok</p><p>11:03:44.0593 0x0d40 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll</p><p>11:03:44.0593 0x0d40 C:\WINDOWS\system32\linkinfo.dll - ok</p><p>11:03:44.0640 0x0d40 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll</p><p>11:03:44.0640 0x0d40 C:\WINDOWS\system32\wbem\cimwin32.dll - ok</p><p>11:03:44.0703 0x0d40 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll</p><p>11:03:44.0703 0x0d40 C:\WINDOWS\system32\wbem\framedyn.dll - ok</p><p>11:03:44.0765 0x0d40 [ 013A269E7AF8B01FF20B384FEEBFFDA5, 9815034A03EB20CD87F0007DE701CE85215DDA450AFE67AE9EAFFF71F7B4D4DD ] C:\WINDOWS\RTHDCPL.exe</p><p>11:03:44.0765 0x0d40 C:\WINDOWS\RTHDCPL.exe - ok</p><p>11:03:44.0796 0x0d40 [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE</p><p>11:03:44.0796 0x0d40 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE - ok</p><p>11:03:44.0828 0x0d40 [ 1B17E09C1223F6D17336D2DD7A1AF4F4, 06DFAD95007532CCF46D593EEDC2474936614AEDCEA7BF983E36DAD22F850B08 ] C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE</p><p>11:03:44.0828 0x0d40 C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE - ok</p><p>11:03:44.0859 0x0d40 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll</p><p>11:03:44.0859 0x0d40 C:\WINDOWS\system32\dsound.dll - ok</p><p>11:03:44.0890 0x0d40 [ 22D71D1DB6FC789A1CE8AC6963580259, DD5307A108936AAE840F973F7F718A6954E173D4E210A375C75DB644B2162CFD ] C:\WINDOWS\system32\hhctrl.ocx</p><p>11:03:44.0890 0x0d40 C:\WINDOWS\system32\hhctrl.ocx - ok</p><p>11:03:44.0921 0x0d40 [ 7BBE4CF421AECC7F0226EDD75F12079F, 8E78FC5E0657DB066F9EBAADEA9AFECB1AAA570DD9C08C7ED42116704D2E379D ] C:\WINDOWS\ime\imjp8_1\imjpmig.exe</p><p>11:03:44.0921 0x0d40 C:\WINDOWS\ime\imjp8_1\imjpmig.exe - ok</p><p>11:03:45.0000 0x0d40 [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll</p><p>11:03:45.0000 0x0d40 C:\WINDOWS\system32\upnp.dll - ok</p><p>11:03:45.0046 0x0d40 [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll</p><p>11:03:45.0046 0x0d40 C:\WINDOWS\system32\ssdpapi.dll - ok</p><p>11:03:45.0125 0x0d40 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] C:\WINDOWS\system32\drivers\http.sys</p><p>11:03:45.0125 0x0d40 C:\WINDOWS\system32\drivers\http.sys - ok</p><p>11:03:45.0156 0x0d40 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] C:\WINDOWS\system32\ssdpsrv.dll</p><p>11:03:45.0156 0x0d40 C:\WINDOWS\system32\ssdpsrv.dll - ok</p><p>11:03:45.0187 0x0d40 [ 6E1CF6B65639884BBDA7991D394F980E, 8C0EAC38ACF4F64CD77C9AD52D8E9DA94B5D8ED5C711611B47D5D3A46EA9AE94 ] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe</p><p>11:03:45.0187 0x0d40 C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe - ok</p><p>11:03:45.0234 0x0d40 [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll</p><p>11:03:45.0234 0x0d40 C:\WINDOWS\system32\security.dll - ok</p><p>11:03:45.0265 0x0d40 [ 0DACD368DB252F5E10886824524353A7, F216B345E5795EF67279D3B16DFD636DE0038619D4E263B860C9A9C247648638 ] C:\WINDOWS\system32\wnicapi.dll</p><p>11:03:45.0265 0x0d40 C:\WINDOWS\system32\wnicapi.dll - ok</p><p>11:03:45.0296 0x0d40 [ 886CC0E3DC1636ED5F2DB157F3ED790B, A6A09EC3FE110887026D937E1919286518474B63B930C968EB1C645CE10E272D ] C:\Program Files\D-Link\DWA-140 revB\ANIOApi.dll</p><p>11:03:45.0296 0x0d40 C:\Program Files\D-Link\DWA-140 revB\ANIOApi.dll - ok</p><p>11:03:45.0328 0x0d40 [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll</p><p>11:03:45.0328 0x0d40 C:\WINDOWS\system32\mfc42.dll - ok</p><p>11:03:45.0359 0x0d40 [ 297ED2C21509D6B6F41EAAEE9CDC34B2, B0B5A7B3035B2EF75D45AC9A6A05AFF483EB75B22F6B7F3A14AFB6D6C4DF5286 ] C:\WINDOWS\system32\wlanapp.dll</p><p>11:03:45.0359 0x0d40 C:\WINDOWS\system32\wlanapp.dll - ok</p><p>11:03:45.0375 0x0d40 [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe</p><p>11:03:45.0375 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok</p><p>11:03:45.0390 0x0d40 [ 0B467F470CC9918FDCEEDCFD7DC4D697, 87C8BCC4DFF318FC393A8C0FB0B82CCC9DA83EC0F5811CF303F3AC265A575578 ] C:\WINDOWS\system32\oledlg.dll</p><p>11:03:45.0390 0x0d40 C:\WINDOWS\system32\oledlg.dll - ok</p><p>11:03:45.0406 0x0d40 [ 5652F6CE1D9E9D8068B9D29BC21B5409, 807A8B8FD8CCFC04409E1D64947FE35F847F194FF6FC09CCCF66F274F2A994C6 ] C:\WINDOWS\system32\olepro32.dll</p><p>11:03:45.0406 0x0d40 C:\WINDOWS\system32\olepro32.dll - ok</p><p>11:03:45.0437 0x0d40 [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\WINDOWS\system32\msvcp100.dll</p><p>11:03:45.0437 0x0d40 C:\WINDOWS\system32\msvcp100.dll - ok</p><p>11:03:45.0484 0x0d40 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll</p><p>11:03:45.0484 0x0d40 C:\WINDOWS\system32\msvcr100.dll - ok</p><p>11:03:45.0500 0x0d40 [ F25BDB64996625C4B014F26572DEB647, 955E8D51E1F2B0B02790B07C0BAAE719A5FF457A745069E125F0B942E4479E63 ] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe</p><p>11:03:45.0500 0x0d40 C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe - ok</p><p>11:03:45.0656 0x0d40 [ 465FD8B39411D4A84A2B0DBF94B073E0, 5886C80B52B90C2A103792AB1C9662E60DAB07FDBF4963547D145AC4C24C993C ] C:\WINDOWS\system32\webcheck.dll</p><p>11:03:45.0656 0x0d40 C:\WINDOWS\system32\webcheck.dll - ok</p><p>11:03:45.0687 0x0d40 [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll</p><p>11:03:45.0687 0x0d40 C:\WINDOWS\system32\stobject.dll - ok</p><p>11:03:45.0781 0x0d40 [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll</p><p>11:03:45.0781 0x0d40 C:\WINDOWS\system32\batmeter.dll - ok</p><p>11:03:45.0812 0x0d40 [ 045E228F71C31901084B64BE59093499, BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ] C:\WINDOWS\system32\WPDShServiceObj.dll</p><p>11:03:45.0812 0x0d40 C:\WINDOWS\system32\WPDShServiceObj.dll - ok</p><p>11:03:45.0890 0x0d40 [ 29158B1DC3F86D4B0D6A127FE586ADFF, 03C17FA518200CE5C53AED55C5AF22D0A2D483110FB1E7EA6F990C56936570E6 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll</p><p>11:03:45.0890 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok</p><p>11:03:45.0921 0x0d40 [ E26E6A97B94304F78B3A2D85C6056CC2, A4D678729145E9A9E561564B4E15AA67DD8103153BCAA2DD38084E43E33D0D00 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll</p><p>11:03:45.0921 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok</p><p>11:03:45.0984 0x0d40 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{9A56266E-730D-4B36-9C00-9CD5BDFE2046}.tmp</p><p>11:03:45.0984 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{9A56266E-730D-4B36-9C00-9CD5BDFE2046}.tmp - ok</p><p>11:03:46.0093 0x0d40 [ 461299398E15909598B7002B3FAABCE8, 1965E672088268C91848A100D77A6CD6E689589185B528DD9E0907ED1AD60771 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll</p><p>11:03:46.0093 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok</p><p>11:03:46.0156 0x0d40 [ 8B4CBBA1EA526830C7F97E7822E2493A, 1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ] C:\WINDOWS\Alcmtr.exe</p><p>11:03:46.0156 0x0d40 C:\WINDOWS\Alcmtr.exe - ok</p><p>11:03:46.0171 0x0d40 [ 538A270F35A713C360B7ED4168BB7521, 47D8784C811FCADD1E78A907AF56D3D0FA5ABE9AC7DA7CB41AF60D304CAA06BA ] C:\WINDOWS\system32\mydocs.dll</p><p>11:03:46.0171 0x0d40 C:\WINDOWS\system32\mydocs.dll - ok</p><p>11:03:46.0171 0x0d40 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] C:\WINDOWS\system32\imapi.exe</p><p>11:03:46.0171 0x0d40 C:\WINDOWS\system32\imapi.exe - ok</p><p>11:03:46.0203 0x0d40 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{32F99342-C432-4019-A027-AECB4FD00760}.tmp</p><p>11:03:46.0203 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{32F99342-C432-4019-A027-AECB4FD00760}.tmp - ok</p><p>11:03:46.0265 0x0d40 [ EA6C35EBF9F3ED65724E1D65F09E6E7F, D39DD2D98277B0136C47E3C762E76EB12D6BDB79151F673E681B7EA49EBC6A6F ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll</p><p>11:03:46.0265 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok</p><p>11:03:46.0296 0x0d40 [ 8EAEB0ED23A98DE0F0C812D756E47CE9, D49AB526C0B0356AB1F778E3B6AFC4D148742942F8561C9C4C2183A649661A86 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll</p><p>11:03:46.0296 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok</p><p>11:03:46.0359 0x0d40 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{0B53D33B-5E2B-4078-9659-DDAC4CC20D4A}.tmp</p><p>11:03:46.0359 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{0B53D33B-5E2B-4078-9659-DDAC4CC20D4A}.tmp - ok</p><p>11:03:46.0437 0x0d40 [ 5760B2B5BAA3449C045B6FA222205F60, AC566245868530F6A8F80BEA9C6AB532DB2280F280CA4889C09BCCA9D057C1D4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll</p><p>11:03:46.0437 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok</p><p>11:03:46.0484 0x0d40 [ BCE7DD8098CE6DD28EE2B0D5D5028B47, C48E1E455A0C6FC351CA2A8938C78D6D278B753FA7A621628B4E843C3A8F02FE ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll</p><p>11:03:46.0484 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok</p><p>11:03:46.0546 0x0d40 [ 69B16C7B7746BA5C642FC05B3561FC73, 0DECEB6B1B7A2DD1F13133AC7328FF420DAD4610CEE1FA7466E8E0F6BAA39116 ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe</p><p>11:03:46.0546 0x0d40 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok</p><p>11:03:46.0593 0x0d40 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{CA66E5C7-D1CC-4DA0-B292-643796175AD6}.tmp</p><p>11:03:46.0593 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{CA66E5C7-D1CC-4DA0-B292-643796175AD6}.tmp - ok</p><p>11:03:46.0640 0x0d40 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll</p><p>11:03:46.0640 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok</p><p>11:03:46.0656 0x0d40 [ 922563953E405AA9762F90778B711F77, 3DD35372DFC79F309BF419E9BF0043D1B1E00EDC47DCFF4D669416BDD5B094C5 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll</p><p>11:03:46.0656 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok</p><p>11:03:46.0671 0x0d40 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{67A9DD2D-1A6C-4E14-B134-F354572FFD84}.tmp</p><p>11:03:46.0671 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{67A9DD2D-1A6C-4E14-B134-F354572FFD84}.tmp - ok</p><p>11:03:46.0718 0x0d40 [ C8DFF085326DC2D20FB4EA6AFFF8536D, A4346989B810B3A9431D613EB8E356FF66730DAA79732F26EB367E4E75AFED95 ] C:\WINDOWS\system32\ANIWZCS2.dll</p><p>11:03:46.0718 0x0d40 C:\WINDOWS\system32\ANIWZCS2.dll - ok</p><p>11:03:46.0750 0x0d40 [ 54023DF1A9A7D481B4762B09ECCA330F, 271B46804B2E944B7ABF707939CB498AE78B0EE6DDCE318E26BE0C7BA826DFA3 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt49.dll</p><p>11:03:46.0750 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\icudt49.dll - ok</p><p>11:03:46.0781 0x0d40 [ 886CC0E3DC1636ED5F2DB157F3ED790B, A6A09EC3FE110887026D937E1919286518474B63B930C968EB1C645CE10E272D ] C:\WINDOWS\system32\ANIOApi.dll</p><p>11:03:46.0781 0x0d40 C:\WINDOWS\system32\ANIOApi.dll - ok</p><p>11:03:46.0828 0x0d40 [ 22358578CB321F3325496A3723029409, 44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ] C:\WINDOWS\system32\PortableDeviceTypes.dll</p><p>11:03:46.0828 0x0d40 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok</p><p>11:03:46.0875 0x0d40 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{E835EC23-0126-4F0C-ADFD-A14B761CA1FC}.tmp</p><p>11:03:46.0875 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{E835EC23-0126-4F0C-ADFD-A14B761CA1FC}.tmp - ok</p><p>11:03:46.0968 0x0d40 [ 7FBE43046EFDF24FC9375024E4D02AC9, DE041A464BA8FA7155F4F0781F29540D144D95CABC5713A71F2792C3369801D5 ] C:\Program Files\QuickTime\qttask.exe</p><p>11:03:46.0968 0x0d40 C:\Program Files\QuickTime\qttask.exe - ok</p><p>11:03:47.0015 0x0d40 [ 9D45B2201D0ECF9F42136C7B99DEB8B2, 0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ] C:\WINDOWS\system32\PortableDeviceApi.dll</p><p>11:03:47.0015 0x0d40 C:\WINDOWS\system32\PortableDeviceApi.dll - ok</p><p>11:03:47.0125 0x0d40 [ 585992D78B671AAA075C02241309795D, 0EE3E35534899C41CFED686BDBA80B5AEC1BDB0173222D8BC7E69CFA277CBE32 ] C:\WINDOWS\system32\msvcirt.dll</p><p>11:03:47.0125 0x0d40 C:\WINDOWS\system32\msvcirt.dll - ok</p><p>11:03:47.0281 0x0d40 [ C730F70351D950DDA7388C9A9763CF54, 7A9D265E4D2F76EF131D01C2EE1CDC19A8E5FDCAF97649CC562E8114B92D411F ] C:\WINDOWS\system32\wbem\wmipcima.dll</p><p>11:03:47.0281 0x0d40 C:\WINDOWS\system32\wbem\wmipcima.dll - ok</p><p>11:03:47.0312 0x0d40 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{6CE172F4-7AA1-4B89-92DE-5FCDE21DD8D7}.tmp</p><p>11:03:47.0312 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{6CE172F4-7AA1-4B89-92DE-5FCDE21DD8D7}.tmp - ok</p><p>11:03:47.0359 0x0d40 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{B379D207-D8B8-4AFC-A680-54801D6655AF}.tmp</p><p>11:03:47.0359 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{B379D207-D8B8-4AFC-A680-54801D6655AF}.tmp - ok</p><p>11:03:47.0406 0x0d40 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe</p><p>11:03:47.0406 0x0d40 C:\WINDOWS\system32\ctfmon.exe - ok</p><p>11:03:47.0421 0x0d40 [ E1946CF6A39ACDE3A62AB2053FBE3EB7, F9C9A7EB63C8E740A43198E7863D42BA80B9CEF5AC5CFCCC38EDC684864C3F46 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll</p><p>11:03:47.0421 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok</p><p>11:03:47.0468 0x0d40 [ 6BDF91038CB78269B8063617597A6D4F, 737C43E4208B3C1ACD56951B0A24F2F762158B2344405099779F8F1DF69B2548 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll</p><p>11:03:47.0468 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok</p><p>11:03:47.0515 0x0d40 [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\SPTIP.dll</p><p>11:03:47.0515 0x0d40 C:\WINDOWS\ime\SPTIP.dll - ok</p><p>11:03:47.0578 0x0d40 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{0FB446F2-4670-4552-8972-677A706F11E3}.tmp</p><p>11:03:47.0578 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{0FB446F2-4670-4552-8972-677A706F11E3}.tmp - ok</p><p>11:03:47.0640 0x0d40 [ 2EC5693E2EE393F3A97BBB6C46D67779, 68CCECB20B55247B0DC2EF720FA8905CD039D91002D7450293BE585DF926462B ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll</p><p>11:03:47.0640 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok</p><p>11:03:47.0687 0x0d40 [ 4EDB186C455CDEADA24A708AAB884AE3, 836B3176A4A1B57F89D5B950BDA2F6C6F785899ED54632D8CF35DF55B364DB81 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll</p><p>11:03:47.0687 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok</p><p>11:03:47.0781 0x0d40 [ 57A6362D71B5003C48EE21F2DBB624B1, E6480D1F219BF3F8E7AC8347A8C50E48632B7BBC9618EEB36DAEA1079AA770B5 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll</p><p>11:03:47.0781 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok</p><p>11:03:47.0859 0x0d40 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{517CB306-EC79-410A-B001-6F0FBBD03D75}.tmp</p><p>11:03:47.0859 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{517CB306-EC79-410A-B001-6F0FBBD03D75}.tmp - ok</p><p>11:03:47.0875 0x0d40 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9, F64DEF5213CC6E96DD62125A3D44522200F66FF6A2CBA198096484F61D1C088B ] C:\WINDOWS\system32\ksuser.dll</p><p>11:03:47.0875 0x0d40 C:\WINDOWS\system32\ksuser.dll - ok</p><p>11:03:47.0906 0x0d40 [ 401A8C0BE0BAA7D7A470F0942244152D, EC21ED13E526617697CD8E6D79FC706CBDA0AF36C02C05B39E8603B217E406BC ] C:\WINDOWS\system32\rasdlg.dll</p><p>11:03:47.0906 0x0d40 C:\WINDOWS\system32\rasdlg.dll - ok</p><p>11:03:47.0937 0x0d40 [ 940DF3F813B798D3C1F612983A7E50EA, 3351CF883E5C419AB427E440EC0E9187CDB319B3064336ECA19F0F56778728A6 ] C:\WINDOWS\system32\odSupp_M.dll</p><p>11:03:47.0937 0x0d40 C:\WINDOWS\system32\odSupp_M.dll - ok</p><p>11:03:48.0015 0x0d40 [ 90A9B542C9300E540864D9FE1C42A130, ED37C93384E8E589DEC6517F28981ED3D045B56EEE31F992B2C2661FEE8DEFBA ] C:\WINDOWS\system32\fxsst.dll</p><p>11:03:48.0015 0x0d40 C:\WINDOWS\system32\fxsst.dll - ok</p><p>11:03:48.0078 0x0d40 [ B48E7B4C95CCE0C6C0C3F7B1A97FBC8F, E3B0CEBA4408D1F4DC26ED63F746C330A6D42D057EB6AF12E1C88C956C37412A ] C:\WINDOWS\system32\wzcdlg.dll</p><p>11:03:48.0078 0x0d40 C:\WINDOWS\system32\wzcdlg.dll - ok</p><p>11:03:48.0093 0x0d40 ================ Scan generic autorun ======================</p><p>11:03:48.0156 0x0d40 WZCSLDR2 - ok</p><p>11:03:53.0562 0x0d40 [ 013A269E7AF8B01FF20B384FEEBFFDA5, 9815034A03EB20CD87F0007DE701CE85215DDA450AFE67AE9EAFFF71F7B4D4DD ] C:\WINDOWS\RTHDCPL.EXE</p><p>11:03:57.0843 0x0d40 RTHDCPL - ok</p><p>11:03:58.0109 0x0d40 [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE</p><p>11:03:58.0125 0x0d40 PHIME2002ASync - ok</p><p>11:03:58.0234 0x0d40 [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE</p><p>11:03:58.0250 0x0d40 PHIME2002A - ok</p><p>11:03:58.0312 0x0d40 [ 1B17E09C1223F6D17336D2DD7A1AF4F4, 06DFAD95007532CCF46D593EEDC2474936614AEDCEA7BF983E36DAD22F850B08 ] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe</p><p>11:03:58.0312 0x0d40 MSPY2002 - ok</p><p>11:03:58.0421 0x0d40 [ 7BBE4CF421AECC7F0226EDD75F12079F, 8E78FC5E0657DB066F9EBAADEA9AFECB1AAA570DD9C08C7ED42116704D2E379D ] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE</p><p>11:03:58.0437 0x0d40 IMJPMIG8.1 - ok</p><p>11:03:58.0843 0x0d40 [ 6E1CF6B65639884BBDA7991D394F980E, 8C0EAC38ACF4F64CD77C9AD52D8E9DA94B5D8ED5C711611B47D5D3A46EA9AE94 ] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe</p><p>11:03:58.0937 0x0d40 D-Link D-Link RangeBooster N DWA-140 - ok</p><p>11:03:59.0046 0x0d40 [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe</p><p>11:03:59.0046 0x0d40 APSDaemon - ok</p><p>11:03:59.0140 0x0d40 [ F25BDB64996625C4B014F26572DEB647, 955E8D51E1F2B0B02790B07C0BAAE719A5FF457A745069E125F0B942E4479E63 ] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe</p><p>11:03:59.0140 0x0d40 ANIWZCS2Service - ok</p><p>11:03:59.0203 0x0d40 [ 8B4CBBA1EA526830C7F97E7822E2493A, 1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ] C:\WINDOWS\ALCMTR.EXE</p><p>11:03:59.0203 0x0d40 Alcmtr - ok</p><p>11:03:59.0265 0x0d40 [ 69B16C7B7746BA5C642FC05B3561FC73, 0DECEB6B1B7A2DD1F13133AC7328FF420DAD4610CEE1FA7466E8E0F6BAA39116 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe</p><p>11:03:59.0265 0x0d40 Adobe Reader Speed Launcher - ok</p><p>11:03:59.0421 0x0d40 [ 7FBE43046EFDF24FC9375024E4D02AC9, DE041A464BA8FA7155F4F0781F29540D144D95CABC5713A71F2792C3369801D5 ] C:\Program Files\QuickTime\qttask.exe</p><p>11:03:59.0421 0x0d40 QuickTime Task - ok</p><p>11:03:59.0500 0x0d40 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe</p><p>11:03:59.0500 0x0d40 ctfmon.exe - ok</p><p>11:03:59.0500 0x0d40 Waiting for KSN requests completion. In queue: 12</p><p>11:04:00.0656 0x0d40 Win FW state via NFM: disabled</p><p>11:04:00.0968 0x0d40 ============================================================</p><p>11:04:00.0968 0x0d40 Scan finished</p><p>11:04:00.0968 0x0d40 ============================================================</p><p>11:04:00.0984 0x0d38 Detected object count: 1</p><p>11:04:00.0984 0x0d38 Actual detected object count: 1</p><p>11:05:26.0281 0x0d38 \Device\Harddisk0\DR0\Partition1 - copied to quarantine</p><p>11:05:26.0375 0x0d38 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot</p><p>11:05:26.0406 0x0d38 \Device\Harddisk0\DR0\Partition1 - ok</p><p>11:05:26.0406 0x0d38 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure </p><p>11:05:28.0609 0x0d38 KLMD registered as C:\WINDOWS\system32\drivers\02460740.sys</p><p>11:05:36.0640 0x0228 Deinitialize success</p><p></p><p></p><p>and here is the FRST scan.</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2014 01</p><p>Ran by JW (administrator) on JUSTIN on 21-12-2014 11:09:19</p><p>Running from C:\Documents and Settings\JW\Desktop</p><p>Loaded Profile: JW (Available profiles: JW)</p><p>Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)</p><p>Internet Explorer Version 7</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe</p><p>(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe</p><p>(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe</p><p>(D-Link Corp.) C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe</p><p>(Wireless Service) C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe</p><p>(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe</p><p>(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [WZCSLDR2] => C:\Program Files\D-Link\DWA-140 revB\WZCSLDR2.exe</p><p>HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16862720 2008-05-16] (Realtek Semiconductor Corp.)</p><p>HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)</p><p>HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)</p><p>HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()</p><p>HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)</p><p>HKLM\...\Run: [D-Link D-Link RangeBooster N DWA-140] => C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.)</p><p>HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)</p><p>HKLM\...\Run: [ANIWZCS2Service] => C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service)</p><p>HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)</p><p>HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)</p><p>HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [282624 2007-04-27] (Apple Inc.)</p><p>HKU\S-1-5-21-3723271197-3957454863-557728558-1005\...\MountPoints2: {905bd734-a42b-11e1-8f14-001d72b8b401} - I:\LaunchU3.exe -a</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=0&o=xph&d=0112&m=el1300g" target="_blank">http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=0&o=xph&d=0112&m=el1300g</a></p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm</p><p>HKU\S-1-5-21-3723271197-3957454863-557728558-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = <a href="http://www.google.com/ie" target="_blank">http://www.google.com/ie</a></p><p>HKU\S-1-5-21-3723271197-3957454863-557728558-1005\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = <a href="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" target="_blank">http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8</a></p><p>HKU\S-1-5-21-3723271197-3957454863-557728558-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=0&o=xph&d=0112&m=el1300g" target="_blank">http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=0&o=xph&d=0112&m=el1300g</a></p><p>SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = <a href="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW" target="_blank">http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW</a></p><p>SearchScopes: HKU\S-1-5-21-3723271197-3957454863-557728558-1005 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = <a href="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW" target="_blank">http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW</a></p><p>BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)</p><p>BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)</p><p>BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)</p><p>BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)</p><p>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab</a></p><p>DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab</a></p><p>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab</a></p><p>Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)</p><p>Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)</p><p>Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)</p><p>Hosts: 127.0.0.1 localhost</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.254</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Documents and Settings\JW\Application Data\Mozilla\Firefox\Profiles\xwkj47g7.default</p><p>FF DefaultSearchEngine: Google</p><p>FF SelectedSearchEngine: Google</p><p>FF Homepage: hxxp://<a href="http://www.google.com/" target="_blank">www.google.com/</a></p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()</p><p>FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)</p><p>FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)</p><p>FF HKLM\...\Firefox\Extensions: [<a href="mailto:smartwebprinting@hp.com">smartwebprinting@hp.com</a>] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3</p><p>FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-31]</p><p>FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension</p><p>FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-03]</p><p>FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5</p><p>FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-06]</p><p>FF HKU\S-1-5-21-3723271197-3957454863-557728558-1005\...\Firefox\Extensions: [<a href="mailto:smartwebprinting@hp.com">smartwebprinting@hp.com</a>] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3</p><p>FF Extension: No Name - {23fcfd51-4958-4f00-80a3-ae97e717ed8b} [Not Found]</p><p></p><p>Chrome: </p><p>=======</p><p>CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-06]</p><p></p><p>========================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S4 ANIWConnService; C:\WINDOWS\system32\ANIWConnService.exe [151552 2009-07-07] () [File not signed]</p><p>S4 ANIWZCSdService; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [102400 2009-08-21] (Wireless Service) [File not signed]</p><p>S4 ETService; C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576 2008-07-16] () [File not signed]</p><p>R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [File not signed]</p><p>S2 PEVSystemStart; C:\ComboFix\SWREG.3XE [518144 2000-08-30] (SteelWerX) [File not signed]</p><p>R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [File not signed]</p><p>S4 Norton Internet Security; "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1</p><p>S4 SophosVirusRemovalTool; C:\Program Files\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [X]</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R1 A2DDA; C:\EEK\BIN\a2ddax86.sys [22056 2014-12-18] (Emsisoft GmbH)</p><p>S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation)</p><p>R2 ANIO; C:\WINDOWS\system32\ANIO.SYS [29411 2009-02-09] () [File not signed]</p><p>S3 cleanhlp; C:\EEK\bin\cleanhlp32.sys [50200 2014-12-18] (Emsisoft GmbH)</p><p>S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [35992 2014-12-19] ()</p><p>R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2009-08-05] (HP)</p><p>R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2009-08-05] (HP)</p><p>R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-08-05] (HP)</p><p>S3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54016 2008-01-28] (NVIDIA Corporation)</p><p>R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-01-28] (NVIDIA Corporation)</p><p>R3 rt2870; C:\WINDOWS\System32\DRIVERS\Drt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.)</p><p>U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [35064 2014-12-19] ()</p><p>S3 int15.sys; \??\c:\acernb\int15.sys [X]</p><p>S3 NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [X]</p><p>S3 NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [X]</p><p>U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)</p><p>S1 SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS [X]</p><p>S1 SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [X]</p><p>U3 TlntSvr; No ImagePath</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-12-21 11:09 - 2014-12-21 11:09 - 00000000 ____D () C:\Documents and Settings\JW\Desktop\FRST-OlderVersion</p><p>2014-12-21 11:05 - 2014-12-21 11:05 - 00000000 ____D () C:\TDSSKiller_Quarantine</p><p>2014-12-21 10:52 - 2014-12-21 10:53 - 04187592 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\JW\Desktop\tdsskiller.exe</p><p>2014-12-20 14:32 - 2014-12-20 14:32 - 00022574 _____ () C:\Documents and Settings\JW\Desktop\Addition.txt</p><p>2014-12-20 14:31 - 2014-12-21 11:10 - 00011470 _____ () C:\Documents and Settings\JW\Desktop\FRST.txt</p><p>2014-12-20 14:15 - 2014-12-21 11:09 - 01113600 _____ (Farbar) C:\Documents and Settings\JW\Desktop\FRST.exe</p><p>2014-12-19 12:27 - 2014-12-19 12:29 - 00000000 ___SD () C:\ComboFix</p><p>2014-12-19 12:03 - 2014-12-19 12:03 - 00035992 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys</p><p>2014-12-19 01:05 - 2014-12-19 01:05 - 00000639 _____ () C:\Documents and Settings\JW\Desktop\Start Emsisoft Emergency Kit.lnk</p><p>2014-12-19 01:04 - 2014-12-19 01:06 - 00000000 ____D () C:\EEK</p><p>2014-12-19 00:53 - 2014-12-19 00:53 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys</p><p>2014-12-19 00:53 - 2014-12-19 00:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller</p><p>2014-12-18 23:40 - 2014-12-20 11:00 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-12-18 23:40 - 2014-12-18 23:40 - 00000779 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-12-18 23:40 - 2014-12-18 23:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2014-12-18 23:39 - 2014-12-20 11:00 - 00054232 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys</p><p>2014-12-18 23:39 - 2014-12-18 23:40 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware</p><p>2014-12-18 23:39 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys</p><p>2014-12-18 12:36 - 2014-12-18 22:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro</p><p>2014-12-18 12:22 - 2014-12-19 12:13 - 00002404 _____ () C:\Documents and Settings\JW\Desktop\Rkill.txt</p><p>2014-12-18 12:18 - 2014-08-29 14:11 - 00000211 _____ () C:\Boot.bak</p><p>2014-12-18 12:18 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr</p><p>2014-12-18 12:17 - 2014-12-18 12:18 - 00000000 ____D () C:\cmdcons</p><p>2014-12-18 12:11 - 2014-12-18 12:11 - 00000000 ____D () C:\Qoobox</p><p>2014-12-18 12:11 - 2011-06-26 00:45 - 00256000 _____ () C:\WINDOWS\PEV.exe</p><p>2014-12-18 12:11 - 2010-11-07 11:20 - 00208896 _____ () C:\WINDOWS\MBR.exe</p><p>2014-12-18 12:11 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe</p><p>2014-12-18 12:11 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe</p><p>2014-12-18 12:11 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe</p><p>2014-12-18 12:11 - 2000-08-30 18:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe</p><p>2014-12-18 12:11 - 2000-08-30 18:00 - 00098816 _____ () C:\WINDOWS\sed.exe</p><p>2014-12-18 12:11 - 2000-08-30 18:00 - 00080412 _____ () C:\WINDOWS\grep.exe</p><p>2014-12-18 12:11 - 2000-08-30 18:00 - 00068096 _____ () C:\WINDOWS\zip.exe</p><p>2014-12-18 12:10 - 2014-12-18 12:10 - 00000000 ____D () C:\WINDOWS\erdnt</p><p>2014-12-18 12:04 - 2014-12-18 12:05 - 162702208 _____ () C:\Documents and Settings\JW\Desktop\EmsisoftEmergencyKit.exe</p><p>2014-12-18 11:58 - 2014-12-18 11:59 - 10284408 _____ (SurfRight B.V.) C:\Documents and Settings\JW\Desktop\HitmanPro.exe</p><p>2014-12-18 11:54 - 2014-12-18 11:54 - 15201368 _____ () C:\Documents and Settings\JW\Desktop\RogueKiller.exe</p><p>2014-12-18 11:51 - 2014-12-18 11:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Documents and Settings\JW\Desktop\mbam-setup-2.0.4.1028.exe</p><p>2014-12-18 11:47 - 2014-12-18 11:47 - 01940728 _____ (Bleeping Computer, LLC) C:\Documents and Settings\JW\Desktop\iExplore.exe</p><p>2014-12-18 11:46 - 2014-12-18 11:46 - 05601641 ____R (Swearware) C:\Documents and Settings\JW\Desktop\ComboFix.exe</p><p>2014-12-16 09:56 - 2014-12-16 09:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-12-21 11:10 - 2012-01-31 18:38 - 00000000 ____D () C:\Documents and Settings\JW\Local Settings\Temp</p><p>2014-12-21 11:10 - 2009-04-05 00:31 - 01529377 _____ () C:\WINDOWS\WindowsUpdate.log</p><p>2014-12-21 11:09 - 2014-08-28 16:00 - 00000000 ____D () C:\FRST</p><p>2014-12-21 11:08 - 2014-04-01 09:27 - 00003284 _____ () C:\WINDOWS\system32\ANIWZCS{CDC36A6F-EAFC-428B-8888-3A9296B22B5F}</p><p>2014-12-21 11:08 - 2014-04-01 09:26 - 00000003 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME{CDC36A6F-EAFC-428B-8888-3A9296B22B5F}</p><p>2014-12-21 11:07 - 2014-03-20 08:23 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job</p><p>2014-12-21 11:07 - 2009-04-05 00:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT</p><p>2014-12-21 11:07 - 2009-04-04 16:29 - 00000159 _____ () C:\WINDOWS\wiadebug.log</p><p>2014-12-21 11:07 - 2009-04-04 16:29 - 00000050 _____ () C:\WINDOWS\wiaservc.log</p><p>2014-12-21 11:06 - 2009-04-05 00:34 - 00032608 _____ () C:\WINDOWS\SchedLgU.Txt</p><p>2014-12-21 11:05 - 2012-01-31 18:38 - 00000178 ___SH () C:\Documents and Settings\JW\ntuser.ini</p><p>2014-12-21 11:05 - 2009-04-04 16:26 - 00511902 _____ () C:\WINDOWS\system32\PerfStringBackup.INI</p><p>2014-12-21 10:31 - 2012-03-31 22:38 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job</p><p>2014-12-20 16:41 - 2012-01-31 19:21 - 00529856 _____ () C:\WINDOWS\setupapi.log</p><p>2014-12-20 14:16 - 2014-08-28 20:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)</p><p>2014-12-20 14:05 - 2014-08-28 20:03 - 00000000 ____D () C:\Documents and Settings\JW\Desktop\mbar</p><p>2014-12-18 22:53 - 2012-01-31 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP</p><p>2014-12-18 22:53 - 2012-01-31 19:26 - 00001712 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log</p><p>2014-12-18 12:18 - 2009-04-05 00:20 - 00000327 __RSH () C:\boot.ini</p><p>2014-12-18 11:41 - 2014-09-23 12:55 - 00054156 ____H () C:\WINDOWS\QTFont.qfn</p><p>2014-12-17 23:04 - 2009-04-05 00:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help</p><p>2014-12-17 22:52 - 2013-07-20 08:20 - 00000000 ____D () C:\WINDOWS\system32\MRT</p><p>2014-12-17 22:10 - 2012-02-03 13:28 - 109818608 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe</p><p>2014-12-16 09:58 - 2012-01-31 18:38 - 00000000 ____D () C:\Documents and Settings\JW</p><p>2014-12-16 09:58 - 2009-04-05 00:34 - 00000000 __SHD () C:\Documents and Settings\NetworkService</p><p>2014-12-16 09:58 - 2009-04-05 00:34 - 00000000 __SHD () C:\Documents and Settings\LocalService</p><p>2014-12-16 09:58 - 2009-04-05 00:30 - 00000000 ____D () C:\WINDOWS\Registration</p><p>2014-12-16 09:56 - 2012-05-01 22:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service</p><p>2014-12-16 09:40 - 2009-04-05 00:18 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl</p><p>2014-12-09 10:53 - 2012-12-16 11:46 - 00000000 ____D () C:\Documents and Settings\JW\Desktop\Credentials</p><p>2014-12-08 17:11 - 2014-03-20 08:23 - 00000210 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job</p><p>2014-12-06 11:33 - 2012-01-31 19:53 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job</p><p>2014-11-25 21:28 - 2014-08-07 10:26 - 00000000 ____D () C:\Documents and Settings\JW\Desktop\Scrambler</p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Documents and Settings\JW\Local Settings\Temp\dllnt_dump.dll</p><p>C:\Documents and Settings\JW\Local Settings\Temp\hpzmsi01.exe</p><p>C:\Documents and Settings\JW\Local Settings\Temp\hpzscr01.EXE</p><p>C:\Documents and Settings\JW\Local Settings\Temp\{5C17079D-8C30-4ED2-8FD7-812598FEC987}.exe</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\WINDOWS\explorer.exe => File is digitally signed</p><p>C:\WINDOWS\system32\winlogon.exe => File is digitally signed</p><p>C:\WINDOWS\system32\svchost.exe => File is digitally signed</p><p>C:\WINDOWS\system32\services.exe => File is digitally signed</p><p>C:\WINDOWS\system32\User32.dll => File is digitally signed</p><p>C:\WINDOWS\system32\userinit.exe => File is digitally signed</p><p>C:\WINDOWS\system32\rpcss.dll => File is digitally signed</p><p>C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p>==================== End Of Log ============================</p><p></p><p></p><p>I'm not sure if you wanted the Addition.txt, but here it is too.</p><p></p><p>Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-12-2014</p><p>Ran by JW at 2014-12-20 14:32:49</p><p>Running from C:\Documents and Settings\JW\Desktop</p><p>Boot Mode: Safe Mode (with Networking)</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden</p><p>Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)</p><p>Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden</p><p>Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)</p><p>Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)</p><p>Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)</p><p>Agere Systems PCI-SV92EX Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)</p><p>ANIO Service (HKLM\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version: - )</p><p>ANIWZCS2 Service (HKLM\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - )</p><p>Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)</p><p>Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)</p><p>BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden</p><p>Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)</p><p>D110 (Version: 140.0.283.000 - Hewlett-Packard) Hidden</p><p>Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden</p><p>DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)</p><p>D-Link RangeBooster N DWA-140 (HKLM\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version: - D-Link)</p><p>eMachines Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3005 - Acer Incorporated)</p><p>GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden</p><p>HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)</p><p>HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)</p><p>HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)</p><p>HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP)</p><p>HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)</p><p>HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)</p><p>HP Update (HKLM\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)</p><p>HPAppStudio (Version: 140.0.95.000 - Hewlett-Packard) Hidden</p><p>HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)</p><p>Java(TM) 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)</p><p>Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden</p><p>Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)</p><p>MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)</p><p>Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)</p><p>Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)</p><p>Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)</p><p>Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)</p><p>Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)</p><p>Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)</p><p>Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)</p><p>Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)</p><p>MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden</p><p>MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)</p><p>Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden</p><p>NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )</p><p>PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)</p><p>PS_AIO_07_D110_SW_Min (Version: 140.0.142.000 - Hewlett-Packard) Hidden</p><p>QuickTime (HKLM\...\{08094E03-AFE4-4853-9D31-6D0743DF5328}) (Version: 7.1.6.200 - Apple Computer, Inc.)</p><p>QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden</p><p>Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5628 - Realtek Semiconductor Corp.)</p><p>Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden</p><p>Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden</p><p>SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden</p><p>SolutionCenter (Version: 140.0.214.000 - Hewlett-Packard) Hidden</p><p>Status (Version: 140.0.256.000 - Hewlett-Packard) Hidden</p><p>Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden</p><p>TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)</p><p>VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden</p><p>Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)</p><p>WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden</p><p>WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden</p><p>Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)</p><p>Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)</p><p>Windows Live Sync (HKLM\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)</p><p>Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)</p><p>Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )</p><p>Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )</p><p></p><p>==================== Custom CLSID (selected items): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p></p><p></p><p>==================== Restore Points =========================</p><p></p><p>19-09-2014 14:52:01 System Checkpoint</p><p>21-09-2014 11:11:32 System Checkpoint</p><p>22-09-2014 11:46:44 System Checkpoint</p><p>23-09-2014 13:50:01 System Checkpoint</p><p>24-09-2014 14:45:17 System Checkpoint</p><p>25-09-2014 15:45:19 System Checkpoint</p><p>27-09-2014 11:47:36 System Checkpoint</p><p>28-09-2014 12:39:52 System Checkpoint</p><p>29-09-2014 13:39:40 System Checkpoint</p><p>01-10-2014 09:35:19 System Checkpoint</p><p>02-10-2014 11:05:52 System Checkpoint</p><p>03-10-2014 13:49:37 System Checkpoint</p><p>06-10-2014 10:05:05 System Checkpoint</p><p>07-10-2014 19:54:53 System Checkpoint</p><p>09-10-2014 10:27:18 System Checkpoint</p><p>10-10-2014 11:36:19 System Checkpoint</p><p>11-10-2014 11:43:04 System Checkpoint</p><p>12-10-2014 12:43:04 System Checkpoint</p><p>13-10-2014 13:26:05 System Checkpoint</p><p>15-10-2014 11:31:18 System Checkpoint</p><p>16-10-2014 02:01:01 Software Distribution Service 3.0</p><p>17-10-2014 02:55:48 System Checkpoint</p><p>23-10-2014 09:54:28 Restore Operation</p><p>27-10-2014 10:50:28 Software Distribution Service 3.0</p><p>27-10-2014 11:08:52 Software Distribution Service 3.0</p><p>27-10-2014 16:38:21 Restore Operation</p><p>28-10-2014 09:15:37 Software Distribution Service 3.0</p><p>29-10-2014 09:59:30 System Checkpoint</p><p>30-10-2014 13:53:05 System Checkpoint</p><p>01-11-2014 12:53:30 System Checkpoint</p><p>02-11-2014 13:27:26 System Checkpoint</p><p>03-11-2014 14:28:38 System Checkpoint</p><p>05-11-2014 12:42:14 System Checkpoint</p><p>06-11-2014 13:08:34 System Checkpoint</p><p>07-11-2014 14:25:20 System Checkpoint</p><p>09-11-2014 14:07:10 System Checkpoint</p><p>10-11-2014 15:13:51 System Checkpoint</p><p>11-11-2014 16:10:42 System Checkpoint</p><p>12-11-2014 03:01:33 Software Distribution Service 3.0</p><p>13-11-2014 03:08:21 System Checkpoint</p><p>14-11-2014 11:25:01 System Checkpoint</p><p>15-11-2014 12:04:03 System Checkpoint</p><p>16-11-2014 20:49:45 System Checkpoint</p><p>18-11-2014 11:00:22 System Checkpoint</p><p>19-11-2014 11:50:56 System Checkpoint</p><p>20-11-2014 12:19:24 System Checkpoint</p><p>21-11-2014 13:07:36 System Checkpoint</p><p>22-11-2014 12:13:52 Restore Operation</p><p>24-11-2014 07:31:09 System Checkpoint</p><p>25-11-2014 10:18:17 System Checkpoint</p><p>26-11-2014 10:21:10 System Checkpoint</p><p>27-11-2014 11:21:05 System Checkpoint</p><p>28-11-2014 12:36:25 System Checkpoint</p><p>29-11-2014 13:21:08 System Checkpoint</p><p>30-11-2014 14:21:05 System Checkpoint</p><p>01-12-2014 15:25:32 System Checkpoint</p><p>02-12-2014 16:21:06 System Checkpoint</p><p>03-12-2014 17:21:22 System Checkpoint</p><p>05-12-2014 16:40:28 System Checkpoint</p><p>08-12-2014 09:59:17 System Checkpoint</p><p>09-12-2014 10:17:24 System Checkpoint</p><p>10-12-2014 12:42:54 Restore Operation</p><p>16-12-2014 09:42:52 Software Distribution Service 3.0</p><p>16-12-2014 09:50:41 Restore Operation</p><p>17-12-2014 21:03:05 Malwarebytes Anti-Rootkit Restore Point</p><p>17-12-2014 22:07:16 Software Distribution Service 3.0</p><p>17-12-2014 23:23:43 Malwarebytes Anti-Rootkit Restore Point</p><p>18-12-2014 22:52:27 Removed HiJackThis</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-04-05 00:18 - 2014-12-19 01:00 - 00000768 ____A C:\WINDOWS\system32\Drivers\etc\hosts</p><p>127.0.0.1 localhost</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p></p><p>(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)</p><p></p><p>Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe</p><p>Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe</p><p>Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p>AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\Temp:0B4227B4</p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"</p><p></p><p>==================== EXE Association (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup</p><p>MSCONFIG\startupfolder: C:^Documents and Settings^JW^Start Menu^Programs^Startup^ZooskMessenger.lnk => C:\WINDOWS\pss\ZooskMessenger.lnkStartup</p><p>MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe</p><p>MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW</p><p>MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe</p><p>MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"</p><p>MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime</p><p></p><p>========================= Accounts: ==========================</p><p></p><p>Administrator (S-1-5-21-3723271197-3957454863-557728558-500 - Administrator - Enabled)</p><p>Guest (S-1-5-21-3723271197-3957454863-557728558-501 - Limited - Disabled)</p><p>HelpAssistant (S-1-5-21-3723271197-3957454863-557728558-1004 - Limited - Disabled)</p><p>JW (S-1-5-21-3723271197-3957454863-557728558-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\JW</p><p>SUPPORT_388945a0 (S-1-5-21-3723271197-3957454863-557728558-1002 - Limited - Disabled)</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (12/18/2014 05:05:27 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x00013c4b.</p><p>Processing media-specific event for [wzcsldr2.exe!ws!]</p><p></p><p>Error: (11/17/2014 00:57:21 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x000170c6.</p><p>Processing media-specific event for [wzcsldr2.exe!ws!]</p><p></p><p>Error: (11/15/2014 00:52:53 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x00013e3b.</p><p>Processing media-specific event for [wzcsldr2.exe!ws!]</p><p></p><p>Error: (11/13/2014 01:36:13 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x000170c6.</p><p>Processing media-specific event for [wzcsldr2.exe!ws!]</p><p></p><p>Error: (10/13/2014 01:35:19 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x000117b5.</p><p>Processing media-specific event for [wzcsldr2.exe!ws!]</p><p></p><p>Error: (10/03/2014 04:49:40 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x000178e8.</p><p>Processing media-specific event for [wzcsldr2.exe!ws!]</p><p></p><p>Error: (09/13/2014 10:17:33 AM) (Source: ESENT) (EventID: 455) (User: )</p><p>Description: wuaueng.dll (1756) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.</p><p></p><p>Error: (09/13/2014 10:17:33 AM) (Source: ESENT) (EventID: 489) (User: )</p><p>Description: wuauclt (1756) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).</p><p></p><p>Error: (09/13/2014 10:17:23 AM) (Source: ESENT) (EventID: 455) (User: )</p><p>Description: wuaueng.dll (1756) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.</p><p></p><p>Error: (09/13/2014 10:17:22 AM) (Source: ESENT) (EventID: 489) (User: )</p><p>Description: wuauclt (1756) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (12/20/2014 02:31:22 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)</p><p>Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""</p><p>in order to run the server:</p><p>{1BE1F766-5536-11D1-B726-00C04FB926AF}</p><p></p><p>Error: (12/20/2014 02:18:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>Fips</p><p>Processor</p><p>SRTSP</p><p>SRTSPX</p><p></p><p>Error: (12/20/2014 02:07:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>SRTSP</p><p>SRTSPX</p><p></p><p>Error: (12/20/2014 02:05:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)</p><p>Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""</p><p>in order to run the server:</p><p>{1BE1F766-5536-11D1-B726-00C04FB926AF}</p><p></p><p>Error: (12/20/2014 10:57:31 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)</p><p>Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""</p><p>in order to run the server:</p><p>{1BE1F766-5536-11D1-B726-00C04FB926AF}</p><p></p><p>Error: (12/19/2014 06:40:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>Fips</p><p>Processor</p><p>SRTSP</p><p>SRTSPX</p><p></p><p>Error: (12/19/2014 00:18:59 PM) (Source: DCOM) (EventID: 10010) (User: JUSTIN)</p><p>Description: The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.</p><p></p><p>Error: (12/19/2014 00:03:39 PM) (Source: 0) (EventID: 9) (User: )</p><p>Description: \Device\Ide\IdePort4</p><p></p><p>Error: (12/19/2014 00:03:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>SRTSP</p><p>SRTSPX</p><p></p><p>Error: (12/19/2014 00:01:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)</p><p>Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""</p><p>in order to run the server:</p><p>{1BE1F766-5536-11D1-B726-00C04FB926AF}</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p></p><p>==================== Memory info =========================== </p><p></p><p>Processor: AMD Athlon(tm) Processor 2650e</p><p>Percentage of memory in use: 22%</p><p>Total physical RAM: 894.32 MB</p><p>Available physical RAM: 694.72 MB</p><p>Total Pagefile: 2171.47 MB</p><p>Available Pagefile: 2079.05 MB</p><p>Total Virtual: 2047.88 MB</p><p>Available Virtual: 1939.78 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (OS) (Fixed) (Total:139.04 GB) (Free:100.82 GB) NTFS ==>[Drive with boot components (Windows XP)]</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 43A90CE8)</p><p>Partition 1: (Not Active) - (Size=10 GB) - (Type=12)</p><p>Partition 2: (Active) - (Size=139 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=10 MB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="Jwill1919, post: 318833, member: 32096"] Ok, here are the latest results. I'm still unable to open and use Firefox, the system just won't let me... 11:01:57.0000 0x06dc TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20 11:01:57.0171 0x06dc ============================================================ 11:01:57.0171 0x06dc Current date / time: 2014/12/21 11:01:57.0171 11:01:57.0171 0x06dc SystemInfo: 11:01:57.0171 0x06dc 11:01:57.0171 0x06dc OS Version: 5.1.2600 ServicePack: 3.0 11:01:57.0171 0x06dc Product type: Workstation 11:01:57.0171 0x06dc ComputerName: JUSTIN 11:01:57.0171 0x06dc UserName: JW 11:01:57.0171 0x06dc Windows directory: C:\WINDOWS 11:01:57.0328 0x06dc System windows directory: C:\WINDOWS 11:01:57.0328 0x06dc Processor architecture: Intel x86 11:01:57.0328 0x06dc Number of processors: 1 11:01:57.0328 0x06dc Page size: 0x1000 11:01:57.0328 0x06dc Boot type: Normal boot 11:01:57.0328 0x06dc ============================================================ 11:01:57.0328 0x06dc BG loaded 11:01:58.0640 0x06dc System UUID: {81D3F674-931D-82DB-D38F-56C914F3BD50} 11:02:05.0828 0x06dc Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000044 11:02:05.0859 0x06dc ============================================================ 11:02:05.0859 0x06dc \Device\Harddisk0\DR0: 11:02:05.0859 0x06dc MBR partitions: 11:02:05.0859 0x06dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x11614400 11:02:05.0859 0x06dc ============================================================ 11:02:05.0953 0x06dc C: <-> \Device\Harddisk0\DR0\Partition1 11:02:05.0953 0x06dc ============================================================ 11:02:05.0953 0x06dc Initialize success 11:02:05.0953 0x06dc ============================================================ 11:02:41.0812 0x0d40 ============================================================ 11:02:41.0828 0x0d40 Scan started 11:02:41.0828 0x0d40 Mode: Manual; 11:02:41.0828 0x0d40 ============================================================ 11:02:41.0828 0x0d40 KSN ping started 11:02:42.0203 0x0d40 KSN ping finished: true 11:02:45.0453 0x0d40 ================ Scan system memory ======================== 11:02:45.0453 0x0d40 System memory - ok 11:02:45.0468 0x0d40 ================ Scan services ============================= 11:02:45.0546 0x0d40 [ B0CC0B50441372157F31C4C023D43A3E, A0FCC03588C06E42D3B8465AC7D0F7A909E8CABEEE3C82B3CBD68F150D7692EE ] A2DDA C:\EEK\BIN\a2ddax86.sys 11:02:45.0546 0x0d40 A2DDA - ok 11:02:45.0890 0x0d40 Abiosdsk - ok 11:02:45.0937 0x0d40 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 11:02:45.0937 0x0d40 abp480n5 - ok 11:02:46.0015 0x0d40 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 11:02:46.0046 0x0d40 ACPI - ok 11:02:46.0078 0x0d40 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 11:02:46.0078 0x0d40 ACPIEC - ok 11:02:46.0187 0x0d40 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 11:02:46.0234 0x0d40 AdobeFlashPlayerUpdateSvc - ok 11:02:46.0312 0x0d40 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys 11:02:46.0328 0x0d40 adpu160m - ok 11:02:46.0375 0x0d40 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys 11:02:46.0375 0x0d40 aec - ok 11:02:46.0453 0x0d40 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys 11:02:46.0453 0x0d40 AFD - ok 11:02:46.0500 0x0d40 [ 8ED60797908FD394EEE0D6949F493224, E07C471050F8D13F0BE52BC2CF88BA0EB8612B4957C43FF16B90197C57738C99 ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe 11:02:46.0500 0x0d40 AgereModemAudio - ok 11:02:46.0718 0x0d40 [ BAF68DCBA949633DF0C16D37AF2A2351, 85BE7F87685BF3BF1B8CE8CD79A9DA44E3B611F712A5C1EDA6AF45EE1A933C0B ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 11:02:46.0765 0x0d40 AgereSoftModem - ok 11:02:46.0812 0x0d40 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys 11:02:46.0812 0x0d40 agp440 - ok 11:02:46.0843 0x0d40 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 11:02:46.0843 0x0d40 agpCPQ - ok 11:02:46.0875 0x0d40 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys 11:02:46.0875 0x0d40 Aha154x - ok 11:02:46.0890 0x0d40 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys 11:02:46.0906 0x0d40 aic78u2 - ok 11:02:46.0921 0x0d40 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys 11:02:46.0937 0x0d40 aic78xx - ok 11:02:46.0984 0x0d40 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 11:02:46.0984 0x0d40 Alerter - ok 11:02:47.0015 0x0d40 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe 11:02:47.0015 0x0d40 ALG - ok 11:02:47.0046 0x0d40 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 11:02:47.0046 0x0d40 AliIde - ok 11:02:47.0093 0x0d40 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys 11:02:47.0109 0x0d40 alim1541 - ok 11:02:47.0140 0x0d40 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys 11:02:47.0140 0x0d40 amdagp - ok 11:02:47.0156 0x0d40 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys 11:02:47.0171 0x0d40 amsint - ok 11:02:47.0203 0x0d40 [ 2953A157A783BFC06F42F99FEFA5EB07, 90236C68F46FA25F6C0561A38CAE7BEB2E35281AF33B3779BC52CDA0F73018CC ] ANIO C:\WINDOWS\system32\ANIO.SYS 11:02:47.0203 0x0d40 ANIO - ok 11:02:47.0265 0x0d40 [ 3C417A392EC51E601AC55B5E196549E7, 913228A695B92F2EB597960E88E4D0A4CD117E08BC3BE714926E9EA71B7081E9 ] ANIWConnService C:\WINDOWS\system32\ANIWConnService.exe 11:02:47.0296 0x0d40 ANIWConnService - ok 11:02:47.0359 0x0d40 [ 495874EB368DCBACB56591B5DCB7336F, 59148D49E23AA0CE338CE82999ED1B9F8C8771AB980A7FF5095CC94D81840CA9 ] ANIWZCSdService C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe 11:02:47.0406 0x0d40 ANIWZCSdService - ok 11:02:47.0468 0x0d40 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 11:02:47.0468 0x0d40 Apple Mobile Device - ok 11:02:47.0500 0x0d40 AppMgmt - ok 11:02:47.0546 0x0d40 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys 11:02:47.0546 0x0d40 asc - ok 11:02:47.0578 0x0d40 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys 11:02:47.0578 0x0d40 asc3350p - ok 11:02:47.0593 0x0d40 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys 11:02:47.0593 0x0d40 asc3550 - ok 11:02:47.0718 0x0d40 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 11:02:47.0750 0x0d40 aspnet_state - ok 11:02:47.0765 0x0d40 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 11:02:47.0781 0x0d40 AsyncMac - ok 11:02:47.0906 0x0d40 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 11:02:47.0906 0x0d40 atapi - ok 11:02:47.0937 0x0d40 Atdisk - ok 11:02:47.0984 0x0d40 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 11:02:47.0984 0x0d40 Atmarpc - ok 11:02:48.0078 0x0d40 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 11:02:48.0078 0x0d40 AudioSrv - ok 11:02:48.0125 0x0d40 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 11:02:48.0125 0x0d40 audstub - ok 11:02:48.0171 0x0d40 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys 11:02:48.0171 0x0d40 Beep - ok 11:02:48.0281 0x0d40 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll 11:02:48.0375 0x0d40 BITS - ok 11:02:48.0484 0x0d40 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 11:02:48.0546 0x0d40 Bonjour Service - ok 11:02:48.0609 0x0d40 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll 11:02:48.0609 0x0d40 Browser - ok 11:02:48.0656 0x0d40 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 11:02:48.0656 0x0d40 cbidf - ok 11:02:48.0671 0x0d40 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 11:02:48.0671 0x0d40 cbidf2k - ok 11:02:48.0718 0x0d40 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 11:02:48.0718 0x0d40 cd20xrnt - ok 11:02:48.0734 0x0d40 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 11:02:48.0734 0x0d40 Cdaudio - ok 11:02:48.0765 0x0d40 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 11:02:48.0765 0x0d40 Cdfs - ok 11:02:48.0812 0x0d40 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 11:02:48.0812 0x0d40 Cdrom - ok 11:02:48.0828 0x0d40 Changer - ok 11:02:48.0875 0x0d40 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe 11:02:48.0890 0x0d40 CiSvc - ok 11:02:48.0921 0x0d40 [ DBC8CDAFC84E96E894C3BAAED9B30F47, A25CDF4BBF8227878D3CBB8E74904A43751EC4E98DFEBFE4CBD3953890A170F9 ] cleanhlp C:\EEK\bin\cleanhlp32.sys 11:02:48.0937 0x0d40 cleanhlp - ok 11:02:48.0968 0x0d40 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 11:02:48.0968 0x0d40 ClipSrv - ok 11:02:49.0015 0x0d40 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:02:49.0093 0x0d40 clr_optimization_v2.0.50727_32 - ok 11:02:49.0156 0x0d40 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys 11:02:49.0156 0x0d40 CmdIde - ok 11:02:49.0171 0x0d40 COMSysApp - ok 11:02:49.0187 0x0d40 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys 11:02:49.0203 0x0d40 Cpqarray - ok 11:02:49.0234 0x0d40 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 11:02:49.0250 0x0d40 CryptSvc - ok 11:02:49.0312 0x0d40 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 11:02:49.0343 0x0d40 dac2w2k - ok 11:02:49.0359 0x0d40 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys 11:02:49.0359 0x0d40 dac960nt - ok 11:02:49.0468 0x0d40 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 11:02:49.0484 0x0d40 DcomLaunch - ok 11:02:49.0546 0x0d40 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 11:02:49.0546 0x0d40 Dhcp - ok 11:02:49.0593 0x0d40 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 11:02:49.0609 0x0d40 Disk - ok 11:02:49.0609 0x0d40 dmadmin - ok 11:02:49.0781 0x0d40 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 11:02:49.0921 0x0d40 dmboot - ok 11:02:49.0984 0x0d40 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys 11:02:50.0062 0x0d40 dmio - ok 11:02:50.0281 0x0d40 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys 11:02:50.0281 0x0d40 dmload - ok 11:02:50.0312 0x0d40 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll 11:02:50.0312 0x0d40 dmserver - ok 11:02:50.0359 0x0d40 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 11:02:50.0359 0x0d40 DMusic - ok 11:02:50.0406 0x0d40 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 11:02:50.0421 0x0d40 Dnscache - ok 11:02:50.0468 0x0d40 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 11:02:50.0515 0x0d40 Dot3svc - ok 11:02:50.0546 0x0d40 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys 11:02:50.0546 0x0d40 dpti2o - ok 11:02:50.0593 0x0d40 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 11:02:50.0593 0x0d40 drmkaud - ok 11:02:50.0625 0x0d40 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll 11:02:50.0640 0x0d40 EapHost - ok 11:02:50.0671 0x0d40 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll 11:02:50.0671 0x0d40 ERSvc - ok 11:02:50.0781 0x0d40 [ 23112102BC2A8FE44B8AC44A05BDF4C3, F986F92C8D60531E3652ADB4767709531C444CE51B55F638E8B898B3C274C47F ] ETService C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe 11:02:50.0781 0x0d40 ETService - ok 11:02:50.0843 0x0d40 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe 11:02:50.0890 0x0d40 Eventlog - ok 11:02:50.0968 0x0d40 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll 11:02:50.0984 0x0d40 EventSystem - ok 11:02:51.0046 0x0d40 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 11:02:51.0078 0x0d40 Fastfat - ok 11:02:51.0125 0x0d40 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 11:02:51.0140 0x0d40 FastUserSwitchingCompatibility - ok 11:02:51.0218 0x0d40 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe 11:02:51.0234 0x0d40 Fax - ok 11:02:51.0250 0x0d40 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 11:02:51.0250 0x0d40 Fdc - ok 11:02:51.0312 0x0d40 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys 11:02:51.0312 0x0d40 Fips - ok 11:02:51.0328 0x0d40 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 11:02:51.0328 0x0d40 Flpydisk - ok 11:02:51.0375 0x0d40 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 11:02:51.0406 0x0d40 FltMgr - ok 11:02:51.0500 0x0d40 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 11:02:51.0515 0x0d40 FontCache3.0.0.0 - ok 11:02:51.0562 0x0d40 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 11:02:51.0562 0x0d40 Fs_Rec - ok 11:02:51.0609 0x0d40 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 11:02:51.0625 0x0d40 Ftdisk - ok 11:02:51.0671 0x0d40 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 11:02:51.0671 0x0d40 GEARAspiWDM - ok 11:02:51.0718 0x0d40 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 11:02:51.0718 0x0d40 Gpc - ok 11:02:51.0765 0x0d40 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 11:02:51.0781 0x0d40 HDAudBus - ok 11:02:51.0875 0x0d40 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 11:02:51.0875 0x0d40 helpsvc - ok 11:02:51.0906 0x0d40 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll 11:02:51.0921 0x0d40 HidServ - ok 11:02:51.0968 0x0d40 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 11:02:51.0968 0x0d40 hidusb - ok 11:02:52.0000 0x0d40 [ B3635FD088BA2F6F03A276A961BE6ED2, 119E3283E9101031883A1742BD904672C84DD6971F4DE42932B4B798B02C86D4 ] hitmanpro37 C:\WINDOWS\system32\drivers\hitmanpro37.sys 11:02:52.0015 0x0d40 hitmanpro37 - ok 11:02:52.0031 0x0d40 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 11:02:52.0062 0x0d40 hkmsvc - ok 11:02:52.0093 0x0d40 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys 11:02:52.0093 0x0d40 hpn - ok 11:02:52.0234 0x0d40 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 11:02:52.0250 0x0d40 hpqcxs08 - ok 11:02:52.0328 0x0d40 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 11:02:52.0343 0x0d40 hpqddsvc - ok 11:02:52.0484 0x0d40 [ A04F4AC48895774A2CF9D1C9EAAACEF0, 012F10DE086C3551D75716EF1F6DCC477C8C1E776267D9FC4073BEADAFD37C9C ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 11:02:52.0500 0x0d40 HPSLPSVC - ok 11:02:52.0578 0x0d40 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys 11:02:52.0593 0x0d40 HPZid412 - ok 11:02:52.0640 0x0d40 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 11:02:52.0640 0x0d40 HPZipr12 - ok 11:02:52.0687 0x0d40 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys 11:02:52.0687 0x0d40 HPZius12 - ok 11:02:52.0812 0x0d40 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 11:02:52.0828 0x0d40 HTTP - ok 11:02:52.0859 0x0d40 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 11:02:52.0906 0x0d40 HTTPFilter - ok 11:02:53.0000 0x0d40 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys 11:02:53.0000 0x0d40 i2omgmt - ok 11:02:53.0031 0x0d40 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys 11:02:53.0046 0x0d40 i2omp - ok 11:02:53.0078 0x0d40 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 11:02:53.0093 0x0d40 i8042prt - ok 11:02:53.0546 0x0d40 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 11:02:54.0062 0x0d40 idsvc - ok 11:02:54.0109 0x0d40 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 11:02:54.0109 0x0d40 Imapi - ok 11:02:54.0234 0x0d40 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe 11:02:54.0234 0x0d40 ImapiService - ok 11:02:54.0296 0x0d40 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys 11:02:54.0328 0x0d40 ini910u - ok 11:02:54.0421 0x0d40 [ C6E5276C00EBDEB096BB5EF4B797D1B6, 2620D2F7B5242E9DD0217FB4E0CBACF1DB8AB1B92187AD2847904948E1ABFEC1 ] int15 C:\WINDOWS\system32\drivers\int15.sys 11:02:54.0421 0x0d40 int15 - ok 11:02:54.0437 0x0d40 int15.sys - ok 11:02:56.0062 0x0d40 [ 19AFBB8427CE65042599555E578170DF, 2EC8FA208CF3DD93934B85E1DB99469D390A33CC23D4F2D4ADB523C8BFFF8D10 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 11:02:56.0250 0x0d40 IntcAzAudAddService - ok 11:02:56.0343 0x0d40 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 11:02:56.0406 0x0d40 IntelIde - ok 11:02:56.0515 0x0d40 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 11:02:56.0531 0x0d40 Ip6Fw - ok 11:02:56.0593 0x0d40 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 11:02:56.0625 0x0d40 IpFilterDriver - ok 11:02:56.0671 0x0d40 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 11:02:56.0687 0x0d40 IpInIp - ok 11:02:56.0765 0x0d40 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 11:02:56.0765 0x0d40 IpNat - ok 11:02:56.0906 0x0d40 [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 11:02:57.0046 0x0d40 iPod Service - ok 11:02:57.0125 0x0d40 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 11:02:57.0125 0x0d40 IPSec - ok 11:02:57.0156 0x0d40 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 11:02:57.0156 0x0d40 IRENUM - ok 11:02:57.0203 0x0d40 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 11:02:57.0203 0x0d40 isapnp - ok 11:02:57.0234 0x0d40 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 11:02:57.0234 0x0d40 Kbdclass - ok 11:02:57.0250 0x0d40 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 11:02:57.0250 0x0d40 kbdhid - ok 11:02:57.0312 0x0d40 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 11:02:57.0359 0x0d40 kmixer - ok 11:02:57.0406 0x0d40 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 11:02:57.0484 0x0d40 KSecDD - ok 11:02:57.0578 0x0d40 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 11:02:57.0578 0x0d40 LanmanServer - ok 11:02:57.0687 0x0d40 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 11:02:57.0703 0x0d40 lanmanworkstation - ok 11:02:57.0718 0x0d40 lbrtfdc - ok 11:02:57.0843 0x0d40 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 11:02:57.0843 0x0d40 LmHosts - ok 11:02:57.0890 0x0d40 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll 11:02:57.0921 0x0d40 Messenger - ok 11:02:57.0984 0x0d40 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 11:02:57.0984 0x0d40 mnmdd - ok 11:02:58.0031 0x0d40 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 11:02:58.0062 0x0d40 mnmsrvc - ok 11:02:58.0125 0x0d40 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys 11:02:58.0140 0x0d40 Modem - ok 11:02:58.0171 0x0d40 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 11:02:58.0187 0x0d40 Mouclass - ok 11:02:58.0203 0x0d40 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 11:02:58.0203 0x0d40 mouhid - ok 11:02:58.0250 0x0d40 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 11:02:58.0265 0x0d40 MountMgr - ok 11:02:58.0421 0x0d40 [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 11:02:58.0531 0x0d40 MozillaMaintenance - ok 11:02:58.0593 0x0d40 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys 11:02:58.0609 0x0d40 mraid35x - ok 11:02:58.0796 0x0d40 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 11:02:58.0828 0x0d40 MRxDAV - ok 11:02:58.0984 0x0d40 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 11:02:59.0046 0x0d40 MRxSmb - ok 11:02:59.0140 0x0d40 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe 11:02:59.0187 0x0d40 MSDTC - ok 11:02:59.0234 0x0d40 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 11:02:59.0234 0x0d40 Msfs - ok 11:02:59.0265 0x0d40 MSIServer - ok 11:02:59.0296 0x0d40 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 11:02:59.0312 0x0d40 MSKSSRV - ok 11:02:59.0343 0x0d40 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 11:02:59.0359 0x0d40 MSPCLOCK - ok 11:02:59.0390 0x0d40 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 11:02:59.0406 0x0d40 MSPQM - ok 11:02:59.0453 0x0d40 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 11:02:59.0453 0x0d40 mssmbios - ok 11:02:59.0515 0x0d40 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 11:02:59.0546 0x0d40 Mup - ok 11:02:59.0625 0x0d40 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll 11:02:59.0718 0x0d40 napagent - ok 11:02:59.0984 0x0d40 NAVENG - ok 11:02:59.0984 0x0d40 NAVEX15 - ok 11:03:00.0062 0x0d40 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 11:03:00.0109 0x0d40 NDIS - ok 11:03:00.0156 0x0d40 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 11:03:00.0156 0x0d40 NdisTapi - ok 11:03:00.0218 0x0d40 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 11:03:00.0218 0x0d40 Ndisuio - ok 11:03:00.0406 0x0d40 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 11:03:00.0406 0x0d40 NdisWan - ok 11:03:00.0500 0x0d40 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 11:03:00.0500 0x0d40 NDProxy - ok 11:03:00.0562 0x0d40 [ 80B7A96F908DA13617E7E6832C5C6A64, 08B81AFE120B8064B6E001BDF424168305D55F38AE2071300F57C8EA32BEAE56 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 11:03:00.0562 0x0d40 Net Driver HPZ12 - ok 11:03:00.0625 0x0d40 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 11:03:00.0625 0x0d40 NetBIOS - ok 11:03:00.0765 0x0d40 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 11:03:00.0765 0x0d40 NetBT - ok 11:03:00.0843 0x0d40 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe 11:03:00.0875 0x0d40 NetDDE - ok 11:03:00.0953 0x0d40 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 11:03:00.0968 0x0d40 NetDDEdsdm - ok 11:03:01.0156 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe 11:03:01.0156 0x0d40 Netlogon - ok 11:03:01.0406 0x0d40 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll 11:03:01.0406 0x0d40 Netman - ok 11:03:01.0531 0x0d40 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 11:03:01.0578 0x0d40 NetTcpPortSharing - ok 11:03:01.0656 0x0d40 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll 11:03:01.0671 0x0d40 Nla - ok 11:03:01.0687 0x0d40 Norton Internet Security - ok 11:03:01.0734 0x0d40 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 11:03:01.0734 0x0d40 Npfs - ok 11:03:01.0859 0x0d40 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 11:03:01.0984 0x0d40 Ntfs - ok 11:03:02.0000 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 11:03:02.0015 0x0d40 NtLmSsp - ok 11:03:02.0125 0x0d40 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 11:03:02.0421 0x0d40 NtmsSvc - ok 11:03:02.0500 0x0d40 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys 11:03:02.0515 0x0d40 Null - ok 11:03:06.0265 0x0d40 [ 7C56F3FD65B2BDB315CA3605A5392D7B, 1C33B2723BBD958FE06D71B6AC5C54DF1F46491C292749FE0DB8577BF056A765 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 11:03:06.0812 0x0d40 nv - ok 11:03:06.0921 0x0d40 [ 45BA510DB13A0496DB1CD16826519E03, AE6B736B243E789927EE06ACF3C3E059B68C8D72281C8F4940090E31908E9D4C ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 11:03:06.0953 0x0d40 NVENETFD - ok 11:03:07.0015 0x0d40 [ 57CBDB934FB1AFB7E03B413D151A6152, 2FC08150CB2F16EEE906E07E1462D2289E0E4CE56331F2AA9DD96392D8A9D670 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 11:03:07.0031 0x0d40 nvnetbus - ok 11:03:07.0109 0x0d40 [ 7E5B3BE5DCD54BBB44B0C7DB7BD3EC8F, 540C18DA16E8463F373ACA931C911CCEA09781A56156D125804BBF9D6B6CEFDD ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 11:03:07.0156 0x0d40 NVSvc - ok 11:03:07.0328 0x0d40 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 11:03:07.0406 0x0d40 NwlnkFlt - ok 11:03:07.0484 0x0d40 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 11:03:07.0500 0x0d40 NwlnkFwd - ok 11:03:07.0890 0x0d40 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 11:03:07.0968 0x0d40 odserv - ok 11:03:08.0046 0x0d40 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:03:08.0125 0x0d40 ose - ok 11:03:08.0203 0x0d40 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys 11:03:08.0218 0x0d40 Parport - ok 11:03:08.0265 0x0d40 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 11:03:08.0296 0x0d40 PartMgr - ok 11:03:08.0328 0x0d40 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 11:03:08.0359 0x0d40 ParVdm - ok 11:03:08.0375 0x0d40 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 11:03:08.0390 0x0d40 PCI - ok 11:03:08.0406 0x0d40 PCIDump - ok 11:03:08.0437 0x0d40 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 11:03:08.0468 0x0d40 PCIIde - ok 11:03:08.0703 0x0d40 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 11:03:08.0734 0x0d40 Pcmcia - ok 11:03:08.0750 0x0d40 PDCOMP - ok 11:03:08.0937 0x0d40 PDFRAME - ok 11:03:08.0968 0x0d40 PDRELI - ok 11:03:08.0984 0x0d40 PDRFRAME - ok 11:03:09.0062 0x0d40 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys 11:03:09.0078 0x0d40 perc2 - ok 11:03:09.0109 0x0d40 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys 11:03:09.0109 0x0d40 perc2hib - ok 11:03:09.0593 0x0d40 [ F042EE4C8D66248D9B86DCF52ABAE416, AE0F5CC54E4B133DF66A54572A7CE52FAFF11F8FD0CAEAB088AAD3699D6EC924 ] PEVSystemStart C:\ComboFix\pev.3XE 11:03:09.0609 0x0d40 PEVSystemStart - ok 11:03:09.0656 0x0d40 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe 11:03:09.0656 0x0d40 PlugPlay - ok 11:03:09.0734 0x0d40 [ 0C155C5D8942B3CBCF9506A9D376B9AD, 37F4878548DD7063CA31FB21D6955A45C25F648C332A736DA84DEA5AAE7486AF ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 11:03:09.0750 0x0d40 Pml Driver HPZ12 - ok 11:03:09.0765 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 11:03:09.0781 0x0d40 PolicyAgent - ok 11:03:09.0875 0x0d40 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 11:03:09.0875 0x0d40 PptpMiniport - ok 11:03:09.0906 0x0d40 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 11:03:09.0906 0x0d40 Processor - ok 11:03:09.0937 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 11:03:09.0937 0x0d40 ProtectedStorage - ok 11:03:09.0968 0x0d40 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 11:03:09.0968 0x0d40 PSched - ok 11:03:10.0000 0x0d40 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 11:03:10.0000 0x0d40 Ptilink - ok 11:03:10.0046 0x0d40 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys 11:03:10.0062 0x0d40 ql1080 - ok 11:03:10.0109 0x0d40 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 11:03:10.0125 0x0d40 Ql10wnt - ok 11:03:10.0156 0x0d40 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys 11:03:10.0171 0x0d40 ql12160 - ok 11:03:10.0187 0x0d40 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys 11:03:10.0203 0x0d40 ql1240 - ok 11:03:10.0218 0x0d40 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys 11:03:10.0250 0x0d40 ql1280 - ok 11:03:10.0265 0x0d40 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 11:03:10.0265 0x0d40 RasAcd - ok 11:03:10.0343 0x0d40 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll 11:03:10.0359 0x0d40 RasAuto - ok 11:03:10.0390 0x0d40 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 11:03:10.0390 0x0d40 Rasl2tp - ok 11:03:10.0468 0x0d40 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll 11:03:10.0484 0x0d40 RasMan - ok 11:03:10.0500 0x0d40 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 11:03:10.0500 0x0d40 RasPppoe - ok 11:03:10.0531 0x0d40 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 11:03:10.0531 0x0d40 Raspti - ok 11:03:10.0609 0x0d40 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 11:03:10.0625 0x0d40 Rdbss - ok 11:03:10.0656 0x0d40 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 11:03:10.0656 0x0d40 RDPCDD - ok 11:03:10.0750 0x0d40 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 11:03:10.0796 0x0d40 rdpdr - ok 11:03:10.0890 0x0d40 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 11:03:10.0921 0x0d40 RDPWD - ok 11:03:11.0046 0x0d40 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 11:03:11.0125 0x0d40 RDSessMgr - ok 11:03:11.0171 0x0d40 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 11:03:11.0171 0x0d40 redbook - ok 11:03:11.0250 0x0d40 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 11:03:11.0281 0x0d40 RemoteAccess - ok 11:03:11.0328 0x0d40 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe 11:03:11.0359 0x0d40 RpcLocator - ok 11:03:11.0500 0x0d40 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll 11:03:11.0515 0x0d40 RpcSs - ok 11:03:11.0734 0x0d40 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe 11:03:11.0796 0x0d40 RSVP - ok 11:03:12.0031 0x0d40 [ 84BEAF4A13A36CB9BB0663DF9089CEA2, FAD68F354491E90C81854815A363174440893729856032DB6B6254BEB1A1F856 ] rt2870 C:\WINDOWS\system32\DRIVERS\Drt2870.sys 11:03:12.0046 0x0d40 rt2870 - ok 11:03:12.0078 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe 11:03:12.0078 0x0d40 SamSs - ok 11:03:12.0187 0x0d40 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 11:03:12.0250 0x0d40 SCardSvr - ok 11:03:12.0328 0x0d40 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll 11:03:12.0343 0x0d40 Schedule - ok 11:03:12.0421 0x0d40 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 11:03:12.0468 0x0d40 Secdrv - ok 11:03:12.0546 0x0d40 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll 11:03:12.0546 0x0d40 seclogon - ok 11:03:12.0593 0x0d40 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll 11:03:12.0593 0x0d40 SENS - ok 11:03:12.0656 0x0d40 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys 11:03:12.0656 0x0d40 Serial - ok 11:03:12.0828 0x0d40 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 11:03:12.0828 0x0d40 Sfloppy - ok 11:03:12.0968 0x0d40 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 11:03:12.0984 0x0d40 SharedAccess - ok 11:03:13.0046 0x0d40 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 11:03:13.0046 0x0d40 ShellHWDetection - ok 11:03:13.0078 0x0d40 Simbad - ok 11:03:13.0140 0x0d40 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys 11:03:13.0187 0x0d40 sisagp - ok 11:03:13.0203 0x0d40 SophosVirusRemovalTool - ok 11:03:13.0250 0x0d40 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys 11:03:13.0265 0x0d40 Sparrow - ok 11:03:13.0296 0x0d40 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys 11:03:13.0296 0x0d40 splitter - ok 11:03:13.0390 0x0d40 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe 11:03:13.0390 0x0d40 Spooler - ok 11:03:13.0437 0x0d40 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 11:03:13.0453 0x0d40 sr - ok 11:03:13.0546 0x0d40 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll 11:03:13.0562 0x0d40 srservice - ok 11:03:13.0562 0x0d40 SRTSP - ok 11:03:13.0593 0x0d40 SRTSPX - ok 11:03:13.0703 0x0d40 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 11:03:13.0734 0x0d40 Srv - ok 11:03:13.0843 0x0d40 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 11:03:13.0843 0x0d40 SSDPSRV - ok 11:03:13.0968 0x0d40 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll 11:03:13.0984 0x0d40 stisvc - ok 11:03:14.0031 0x0d40 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 11:03:14.0031 0x0d40 swenum - ok 11:03:14.0062 0x0d40 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 11:03:14.0078 0x0d40 swmidi - ok 11:03:14.0093 0x0d40 SwPrv - ok 11:03:14.0156 0x0d40 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys 11:03:14.0156 0x0d40 symc810 - ok 11:03:14.0203 0x0d40 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys 11:03:14.0203 0x0d40 symc8xx - ok 11:03:14.0265 0x0d40 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys 11:03:14.0281 0x0d40 sym_hi - ok 11:03:14.0312 0x0d40 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys 11:03:14.0328 0x0d40 sym_u3 - ok 11:03:14.0390 0x0d40 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 11:03:14.0390 0x0d40 sysaudio - ok 11:03:14.0453 0x0d40 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 11:03:14.0484 0x0d40 SysmonLog - ok 11:03:14.0593 0x0d40 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 11:03:14.0593 0x0d40 TapiSrv - ok 11:03:14.0718 0x0d40 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 11:03:14.0812 0x0d40 Tcpip - ok 11:03:14.0890 0x0d40 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 11:03:14.0906 0x0d40 TDPIPE - ok 11:03:14.0937 0x0d40 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 11:03:14.0953 0x0d40 TDTCP - ok 11:03:15.0031 0x0d40 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 11:03:15.0031 0x0d40 TermDD - ok 11:03:15.0125 0x0d40 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll 11:03:15.0140 0x0d40 TermService - ok 11:03:15.0187 0x0d40 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll 11:03:15.0203 0x0d40 Themes - ok 11:03:15.0250 0x0d40 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys 11:03:15.0265 0x0d40 TosIde - ok 11:03:15.0343 0x0d40 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll 11:03:15.0343 0x0d40 TrkWks - ok 11:03:15.0421 0x0d40 [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys 11:03:15.0453 0x0d40 TrueSight - ok 11:03:15.0500 0x0d40 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 11:03:15.0531 0x0d40 Udfs - ok 11:03:15.0593 0x0d40 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys 11:03:15.0671 0x0d40 ultra - ok 11:03:15.0812 0x0d40 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 11:03:15.0828 0x0d40 Update - ok 11:03:15.0937 0x0d40 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll 11:03:16.0015 0x0d40 upnphost - ok 11:03:16.0046 0x0d40 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe 11:03:16.0046 0x0d40 UPS - ok 11:03:16.0093 0x0d40 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 11:03:16.0109 0x0d40 USBAAPL - ok 11:03:16.0203 0x0d40 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 11:03:16.0203 0x0d40 usbccgp - ok 11:03:16.0234 0x0d40 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 11:03:16.0234 0x0d40 usbehci - ok 11:03:16.0312 0x0d40 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 11:03:16.0312 0x0d40 usbhub - ok 11:03:16.0343 0x0d40 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 11:03:16.0343 0x0d40 usbohci - ok 11:03:16.0406 0x0d40 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 11:03:16.0406 0x0d40 usbprint - ok 11:03:16.0468 0x0d40 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 11:03:16.0468 0x0d40 usbscan - ok 11:03:16.0515 0x0d40 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 11:03:16.0531 0x0d40 USBSTOR - ok 11:03:16.0578 0x0d40 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 11:03:16.0578 0x0d40 VgaSave - ok 11:03:16.0609 0x0d40 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys 11:03:16.0625 0x0d40 viaagp - ok 11:03:16.0671 0x0d40 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 11:03:16.0687 0x0d40 ViaIde - ok 11:03:16.0734 0x0d40 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 11:03:16.0750 0x0d40 VolSnap - ok 11:03:16.0859 0x0d40 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe 11:03:16.0937 0x0d40 VSS - ok 11:03:17.0000 0x0d40 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll 11:03:17.0015 0x0d40 W32Time - ok 11:03:17.0062 0x0d40 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 11:03:17.0062 0x0d40 Wanarp - ok 11:03:17.0062 0x0d40 WDICA - ok 11:03:17.0156 0x0d40 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 11:03:17.0156 0x0d40 wdmaud - ok 11:03:17.0203 0x0d40 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll 11:03:17.0218 0x0d40 WebClient - ok 11:03:17.0421 0x0d40 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 11:03:17.0421 0x0d40 winmgmt - ok 11:03:17.0953 0x0d40 [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:03:18.0390 0x0d40 wlidsvc - ok 11:03:18.0578 0x0d40 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 11:03:18.0625 0x0d40 WmdmPmSN - ok 11:03:18.0859 0x0d40 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 11:03:18.0875 0x0d40 WmiAcpi - ok 11:03:19.0015 0x0d40 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 11:03:19.0109 0x0d40 WmiApSrv - ok 11:03:19.0578 0x0d40 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 11:03:20.0109 0x0d40 WMPNetworkSvc - ok 11:03:20.0218 0x0d40 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 11:03:20.0218 0x0d40 WS2IFSL - ok 11:03:20.0343 0x0d40 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 11:03:20.0343 0x0d40 wscsvc - ok 11:03:20.0421 0x0d40 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll 11:03:20.0421 0x0d40 wuauserv - ok 11:03:20.0531 0x0d40 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 11:03:20.0562 0x0d40 WudfPf - ok 11:03:20.0593 0x0d40 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 11:03:20.0609 0x0d40 WudfRd - ok 11:03:20.0671 0x0d40 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 11:03:20.0734 0x0d40 WudfSvc - ok 11:03:20.0921 0x0d40 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 11:03:20.0953 0x0d40 WZCSVC - ok 11:03:21.0015 0x0d40 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll 11:03:21.0078 0x0d40 xmlprov - ok 11:03:21.0109 0x0d40 ================ Scan global =============================== 11:03:21.0171 0x0d40 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll 11:03:21.0250 0x0d40 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll 11:03:21.0343 0x0d40 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll 11:03:21.0406 0x0d40 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe 11:03:21.0421 0x0d40 [ Global ] - ok 11:03:21.0421 0x0d40 ================ Scan MBR ================================== 11:03:21.0453 0x0d40 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 11:03:27.0484 0x0d40 \Device\Harddisk0\DR0 - ok 11:03:27.0484 0x0d40 ================ Scan VBR ================================== 11:03:27.0531 0x0d40 [ 5393A4AF0797DC1BAEC7A5353AE5F840 ] \Device\Harddisk0\DR0\Partition1 11:03:27.0625 0x0d40 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 ) 11:03:27.0625 0x0d40 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected 11:03:28.0078 0x0d40 ================ Scan active images ======================== 11:03:28.0093 0x0d40 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] C:\WINDOWS\system32\drivers\processr.sys 11:03:28.0093 0x0d40 C:\WINDOWS\system32\drivers\processr.sys - ok 11:03:28.0156 0x0d40 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] C:\WINDOWS\system32\drivers\wmiacpi.sys 11:03:28.0156 0x0d40 C:\WINDOWS\system32\drivers\wmiacpi.sys - ok 11:03:28.0187 0x0d40 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys 11:03:28.0187 0x0d40 C:\WINDOWS\system32\drivers\i8042prt.sys - ok 11:03:28.0203 0x0d40 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys 11:03:28.0203 0x0d40 C:\WINDOWS\system32\drivers\kbdclass.sys - ok 11:03:28.0218 0x0d40 [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys 11:03:28.0218 0x0d40 C:\WINDOWS\system32\drivers\usbport.sys - ok 11:03:28.0250 0x0d40 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] C:\WINDOWS\system32\drivers\usbohci.sys 11:03:28.0250 0x0d40 C:\WINDOWS\system32\drivers\usbohci.sys - ok 11:03:28.0265 0x0d40 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys 11:03:28.0265 0x0d40 C:\WINDOWS\system32\drivers\usbehci.sys - ok 11:03:28.0281 0x0d40 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys 11:03:28.0281 0x0d40 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok 11:03:28.0296 0x0d40 [ F0C9DED56439020A56FEC577E1151C52, C548CF128732A100C73AAF50B80A32E8593A72312EBC1C824840895542BBF4B0 ] C:\WINDOWS\system32\drivers\nvnrm.sys 11:03:28.0296 0x0d40 C:\WINDOWS\system32\drivers\nvnrm.sys - ok 11:03:28.0296 0x0d40 [ 57CBDB934FB1AFB7E03B413D151A6152, 2FC08150CB2F16EEE906E07E1462D2289E0E4CE56331F2AA9DD96392D8A9D670 ] C:\WINDOWS\system32\drivers\nvnetbus.sys 11:03:28.0296 0x0d40 C:\WINDOWS\system32\drivers\nvnetbus.sys - ok 11:03:28.0312 0x0d40 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] C:\WINDOWS\system32\drivers\cdrom.sys 11:03:28.0312 0x0d40 C:\WINDOWS\system32\drivers\cdrom.sys - ok 11:03:28.0343 0x0d40 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys 11:03:28.0343 0x0d40 C:\WINDOWS\system32\drivers\imapi.sys - ok 11:03:28.0343 0x0d40 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys 11:03:28.0343 0x0d40 C:\WINDOWS\system32\drivers\ks.sys - ok 11:03:28.0359 0x0d40 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys 11:03:28.0359 0x0d40 C:\WINDOWS\system32\drivers\redbook.sys - ok 11:03:28.0375 0x0d40 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys 11:03:28.0375 0x0d40 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok 11:03:28.0406 0x0d40 [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys 11:03:28.0406 0x0d40 C:\WINDOWS\system32\drivers\usbd.sys - ok 11:03:28.0421 0x0d40 [ BAF68DCBA949633DF0C16D37AF2A2351, 85BE7F87685BF3BF1B8CE8CD79A9DA44E3B611F712A5C1EDA6AF45EE1A933C0B ] C:\WINDOWS\system32\drivers\AGRSM.sys 11:03:28.0421 0x0d40 C:\WINDOWS\system32\drivers\AGRSM.sys - ok 11:03:28.0437 0x0d40 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] C:\WINDOWS\system32\drivers\modem.sys 11:03:28.0437 0x0d40 C:\WINDOWS\system32\drivers\modem.sys - ok 11:03:28.0453 0x0d40 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys 11:03:28.0453 0x0d40 C:\WINDOWS\system32\drivers\videoprt.sys - ok 11:03:28.0468 0x0d40 [ 7C56F3FD65B2BDB315CA3605A5392D7B, 1C33B2723BBD958FE06D71B6AC5C54DF1F46491C292749FE0DB8577BF056A765 ] C:\WINDOWS\system32\drivers\nv4_mini.sys 11:03:28.0468 0x0d40 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok 11:03:28.0468 0x0d40 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys 11:03:28.0468 0x0d40 C:\WINDOWS\system32\drivers\audstub.sys - ok 11:03:28.0484 0x0d40 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys 11:03:28.0484 0x0d40 C:\WINDOWS\system32\drivers\ndistapi.sys - ok 11:03:28.0546 0x0d40 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys 11:03:28.0546 0x0d40 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok 11:03:28.0625 0x0d40 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys 11:03:28.0625 0x0d40 C:\WINDOWS\system32\drivers\ndiswan.sys - ok 11:03:28.0656 0x0d40 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys 11:03:28.0656 0x0d40 C:\WINDOWS\system32\drivers\raspppoe.sys - ok 11:03:28.0687 0x0d40 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys 11:03:28.0687 0x0d40 C:\WINDOWS\system32\drivers\tdi.sys - ok 11:03:28.0718 0x0d40 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys 11:03:28.0718 0x0d40 C:\WINDOWS\system32\drivers\raspptp.sys - ok 11:03:28.0750 0x0d40 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys 11:03:28.0750 0x0d40 C:\WINDOWS\system32\drivers\msgpc.sys - ok 11:03:28.0765 0x0d40 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys 11:03:28.0765 0x0d40 C:\WINDOWS\system32\drivers\psched.sys - ok 11:03:28.0796 0x0d40 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys 11:03:28.0796 0x0d40 C:\WINDOWS\system32\drivers\ptilink.sys - ok 11:03:28.0812 0x0d40 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys 11:03:28.0812 0x0d40 C:\WINDOWS\system32\drivers\raspti.sys - ok 11:03:28.0875 0x0d40 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys 11:03:28.0875 0x0d40 C:\WINDOWS\system32\drivers\mouclass.sys - ok 11:03:28.0890 0x0d40 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys 11:03:28.0890 0x0d40 C:\WINDOWS\system32\drivers\termdd.sys - ok 11:03:28.0921 0x0d40 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys 11:03:28.0921 0x0d40 C:\WINDOWS\system32\drivers\swenum.sys - ok 11:03:29.0000 0x0d40 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys 11:03:29.0000 0x0d40 C:\WINDOWS\system32\drivers\update.sys - ok 11:03:29.0015 0x0d40 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys 11:03:29.0015 0x0d40 C:\WINDOWS\system32\drivers\mssmbios.sys - ok 11:03:29.0031 0x0d40 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys 11:03:29.0031 0x0d40 C:\WINDOWS\system32\drivers\ndproxy.sys - ok 11:03:29.0078 0x0d40 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys 11:03:29.0078 0x0d40 C:\WINDOWS\system32\drivers\usbhub.sys - ok 11:03:29.0140 0x0d40 [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys 11:03:29.0140 0x0d40 C:\WINDOWS\system32\drivers\drmk.sys - ok 11:03:29.0171 0x0d40 [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys 11:03:29.0171 0x0d40 C:\WINDOWS\system32\drivers\portcls.sys - ok 11:03:29.0203 0x0d40 [ 19AFBB8427CE65042599555E578170DF, 2EC8FA208CF3DD93934B85E1DB99469D390A33CC23D4F2D4ADB523C8BFFF8D10 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys 11:03:29.0203 0x0d40 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok 11:03:29.0234 0x0d40 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys 11:03:29.0234 0x0d40 C:\WINDOWS\system32\drivers\fdc.sys - ok 11:03:29.0250 0x0d40 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys 11:03:29.0250 0x0d40 C:\WINDOWS\system32\drivers\flpydisk.sys - ok 11:03:29.0265 0x0d40 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys 11:03:29.0265 0x0d40 C:\WINDOWS\system32\drivers\sfloppy.sys - ok 11:03:29.0296 0x0d40 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys 11:03:29.0296 0x0d40 C:\WINDOWS\system32\drivers\cdaudio.sys - ok 11:03:29.0312 0x0d40 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys 11:03:29.0312 0x0d40 C:\WINDOWS\system32\drivers\fs_rec.sys - ok 11:03:29.0421 0x0d40 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] C:\WINDOWS\system32\drivers\i2omgmt.sys 11:03:29.0421 0x0d40 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok 11:03:29.0562 0x0d40 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys 11:03:29.0562 0x0d40 C:\WINDOWS\system32\drivers\beep.sys - ok 11:03:29.0593 0x0d40 [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys 11:03:29.0593 0x0d40 C:\WINDOWS\system32\drivers\hidparse.sys - ok 11:03:29.0640 0x0d40 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys 11:03:29.0640 0x0d40 C:\WINDOWS\system32\drivers\kbdhid.sys - ok 11:03:29.0656 0x0d40 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys 11:03:29.0656 0x0d40 C:\WINDOWS\system32\drivers\vga.sys - ok 11:03:29.0687 0x0d40 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys 11:03:29.0687 0x0d40 C:\WINDOWS\system32\drivers\mnmdd.sys - ok 11:03:29.0718 0x0d40 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys 11:03:29.0718 0x0d40 C:\WINDOWS\system32\drivers\msfs.sys - ok 11:03:29.0734 0x0d40 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys 11:03:29.0734 0x0d40 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok 11:03:29.0796 0x0d40 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys 11:03:29.0796 0x0d40 C:\WINDOWS\system32\drivers\npfs.sys - ok 11:03:29.0828 0x0d40 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys 11:03:29.0828 0x0d40 C:\WINDOWS\system32\drivers\rasacd.sys - ok 11:03:29.0843 0x0d40 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys 11:03:29.0843 0x0d40 C:\WINDOWS\system32\drivers\ipsec.sys - ok 11:03:29.0906 0x0d40 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys 11:03:29.0906 0x0d40 C:\WINDOWS\system32\drivers\tcpip.sys - ok 11:03:30.0031 0x0d40 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys 11:03:30.0031 0x0d40 C:\WINDOWS\system32\drivers\netbt.sys - ok 11:03:30.0062 0x0d40 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys 11:03:30.0062 0x0d40 C:\WINDOWS\system32\drivers\ipnat.sys - ok 11:03:30.0171 0x0d40 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys 11:03:30.0171 0x0d40 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok 11:03:30.0437 0x0d40 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys 11:03:30.0437 0x0d40 C:\WINDOWS\system32\drivers\afd.sys - ok 11:03:30.0453 0x0d40 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys 11:03:30.0453 0x0d40 C:\WINDOWS\system32\drivers\netbios.sys - ok 11:03:30.0578 0x0d40 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys 11:03:30.0578 0x0d40 C:\WINDOWS\system32\drivers\rdbss.sys - ok 11:03:30.0687 0x0d40 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys 11:03:30.0687 0x0d40 C:\WINDOWS\system32\drivers\wanarp.sys - ok 11:03:30.0703 0x0d40 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys 11:03:30.0703 0x0d40 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok 11:03:30.0765 0x0d40 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys 11:03:30.0765 0x0d40 C:\WINDOWS\system32\drivers\fips.sys - ok 11:03:30.0859 0x0d40 [ B0CC0B50441372157F31C4C023D43A3E, A0FCC03588C06E42D3B8465AC7D0F7A909E8CABEEE3C82B3CBD68F150D7692EE ] C:\EEK\bin\a2ddax86.sys 11:03:30.0859 0x0d40 C:\EEK\bin\a2ddax86.sys - ok 11:03:31.0078 0x0d40 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] C:\WINDOWS\system32\drivers\usbccgp.sys 11:03:31.0078 0x0d40 C:\WINDOWS\system32\drivers\usbccgp.sys - ok 11:03:31.0234 0x0d40 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe 11:03:31.0234 0x0d40 C:\WINDOWS\system32\smss.exe - ok 11:03:31.0281 0x0d40 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll 11:03:31.0281 0x0d40 C:\WINDOWS\system32\ntdll.dll - ok 11:03:31.0406 0x0d40 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe 11:03:31.0406 0x0d40 C:\WINDOWS\system32\autochk.exe - ok 11:03:31.0453 0x0d40 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll 11:03:31.0453 0x0d40 C:\WINDOWS\system32\sfcfiles.dll - ok 11:03:31.0531 0x0d40 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys 11:03:31.0531 0x0d40 C:\WINDOWS\system32\drivers\cdfs.sys - ok 11:03:31.0718 0x0d40 [ 84BEAF4A13A36CB9BB0663DF9089CEA2, FAD68F354491E90C81854815A363174440893729856032DB6B6254BEB1A1F856 ] C:\WINDOWS\system32\drivers\Drt2870.sys 11:03:31.0718 0x0d40 C:\WINDOWS\system32\drivers\Drt2870.sys - ok 11:03:31.0781 0x0d40 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] C:\WINDOWS\system32\drivers\USBSTOR.SYS 11:03:31.0781 0x0d40 C:\WINDOWS\system32\drivers\USBSTOR.SYS - ok 11:03:31.0906 0x0d40 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys 11:03:31.0906 0x0d40 C:\WINDOWS\system32\drivers\hidclass.sys - ok 11:03:31.0921 0x0d40 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys 11:03:31.0921 0x0d40 C:\WINDOWS\system32\drivers\hidusb.sys - ok 11:03:31.0937 0x0d40 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] C:\WINDOWS\system32\drivers\usbscan.sys 11:03:31.0937 0x0d40 C:\WINDOWS\system32\drivers\usbscan.sys - ok 11:03:31.0953 0x0d40 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] C:\WINDOWS\system32\drivers\HPZius12.sys 11:03:31.0953 0x0d40 C:\WINDOWS\system32\drivers\HPZius12.sys - ok 11:03:32.0000 0x0d40 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] C:\WINDOWS\system32\drivers\usbprint.sys 11:03:32.0000 0x0d40 C:\WINDOWS\system32\drivers\usbprint.sys - ok 11:03:32.0062 0x0d40 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys 11:03:32.0062 0x0d40 C:\WINDOWS\system32\drivers\mouhid.sys - ok 11:03:32.0156 0x0d40 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] C:\WINDOWS\system32\drivers\HPZid412.sys 11:03:32.0156 0x0d40 C:\WINDOWS\system32\drivers\HPZid412.sys - ok 11:03:32.0187 0x0d40 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] C:\WINDOWS\system32\drivers\HPZipr12.sys 11:03:32.0187 0x0d40 C:\WINDOWS\system32\drivers\HPZipr12.sys - ok 11:03:32.0203 0x0d40 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys 11:03:32.0203 0x0d40 C:\WINDOWS\system32\drivers\atapi.sys - ok 11:03:32.0218 0x0d40 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys 11:03:32.0218 0x0d40 C:\WINDOWS\system32\drivers\wmilib.sys - ok 11:03:32.0281 0x0d40 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys 11:03:32.0281 0x0d40 C:\WINDOWS\system32\drivers\dxapi.sys - ok 11:03:32.0312 0x0d40 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys 11:03:32.0312 0x0d40 C:\WINDOWS\system32\watchdog.sys - ok 11:03:32.0343 0x0d40 [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys 11:03:32.0343 0x0d40 C:\WINDOWS\system32\win32k.sys - ok 11:03:32.0375 0x0d40 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll 11:03:32.0375 0x0d40 C:\WINDOWS\system32\basesrv.dll - ok 11:03:32.0390 0x0d40 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll 11:03:32.0390 0x0d40 C:\WINDOWS\system32\csrsrv.dll - ok 11:03:32.0484 0x0d40 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe 11:03:32.0484 0x0d40 C:\WINDOWS\system32\csrss.exe - ok 11:03:32.0500 0x0d40 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll 11:03:32.0500 0x0d40 C:\WINDOWS\system32\winsrv.dll - ok 11:03:32.0578 0x0d40 [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll 11:03:32.0578 0x0d40 C:\WINDOWS\system32\gdi32.dll - ok 11:03:32.0609 0x0d40 [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll 11:03:32.0609 0x0d40 C:\WINDOWS\system32\kernel32.dll - ok 11:03:32.0640 0x0d40 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll 11:03:32.0640 0x0d40 C:\WINDOWS\system32\user32.dll - ok 11:03:32.0671 0x0d40 [ 012DF358CEBAA23ACB26D82077820817, FEDD177BD4F0EB589E23AEE20FA9492FA4824478B34B46377C43E3A12F8A96D8 ] C:\WINDOWS\system32\lpk.dll 11:03:32.0671 0x0d40 C:\WINDOWS\system32\lpk.dll - ok 11:03:32.0718 0x0d40 [ 1D845821F5ADB076831DE4C2818F858B, 5F1F18042E6B16BC149F2B0F22ECE3D3668E846C843F016D33C9E6C60E2D64C6 ] C:\WINDOWS\system32\usp10.dll 11:03:32.0718 0x0d40 C:\WINDOWS\system32\usp10.dll - ok 11:03:32.0734 0x0d40 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll 11:03:32.0734 0x0d40 C:\WINDOWS\system32\advapi32.dll - ok 11:03:32.0750 0x0d40 [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll 11:03:32.0750 0x0d40 C:\WINDOWS\system32\rpcrt4.dll - ok 11:03:32.0781 0x0d40 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll 11:03:32.0781 0x0d40 C:\WINDOWS\system32\secur32.dll - ok 11:03:32.0812 0x0d40 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys 11:03:32.0812 0x0d40 C:\WINDOWS\system32\drivers\dxg.sys - ok 11:03:32.0828 0x0d40 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys 11:03:32.0828 0x0d40 C:\WINDOWS\system32\drivers\dxgthk.sys - ok 11:03:32.0859 0x0d40 [ 02EF59B043D03C5A75B66B75520CBEDF, 59F1C09971664004290F00DC02C7A0760BC07F2457B4A200ADACD490A1E6D324 ] C:\WINDOWS\system32\nv4_disp.dll 11:03:32.0859 0x0d40 C:\WINDOWS\system32\nv4_disp.dll - ok 11:03:32.0890 0x0d40 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll 11:03:32.0890 0x0d40 C:\WINDOWS\system32\vga.dll - ok 11:03:32.0906 0x0d40 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe 11:03:32.0906 0x0d40 C:\WINDOWS\system32\winlogon.exe - ok 11:03:32.0953 0x0d40 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll 11:03:32.0953 0x0d40 C:\WINDOWS\system32\authz.dll - ok 11:03:33.0000 0x0d40 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll 11:03:33.0000 0x0d40 C:\WINDOWS\system32\msvcrt.dll - ok 11:03:33.0078 0x0d40 [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll 11:03:33.0078 0x0d40 C:\WINDOWS\system32\crypt32.dll - ok 11:03:33.0234 0x0d40 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll 11:03:33.0234 0x0d40 C:\WINDOWS\system32\msasn1.dll - ok 11:03:33.0296 0x0d40 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll 11:03:33.0296 0x0d40 C:\WINDOWS\system32\nddeapi.dll - ok 11:03:33.0328 0x0d40 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll 11:03:33.0328 0x0d40 C:\WINDOWS\system32\netapi32.dll - ok 11:03:33.0359 0x0d40 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll 11:03:33.0359 0x0d40 C:\WINDOWS\system32\profmap.dll - ok 11:03:33.0390 0x0d40 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll 11:03:33.0390 0x0d40 C:\WINDOWS\system32\userenv.dll - ok 11:03:33.0437 0x0d40 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll 11:03:33.0437 0x0d40 C:\WINDOWS\system32\psapi.dll - ok 11:03:33.0500 0x0d40 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll 11:03:33.0500 0x0d40 C:\WINDOWS\system32\regapi.dll - ok 11:03:33.0546 0x0d40 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll 11:03:33.0546 0x0d40 C:\WINDOWS\system32\setupapi.dll - ok 11:03:33.0578 0x0d40 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll 11:03:33.0578 0x0d40 C:\WINDOWS\system32\version.dll - ok 11:03:33.0593 0x0d40 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll 11:03:33.0593 0x0d40 C:\WINDOWS\system32\winsta.dll - ok 11:03:33.0625 0x0d40 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll 11:03:33.0625 0x0d40 C:\WINDOWS\system32\wintrust.dll - ok 11:03:33.0703 0x0d40 [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll 11:03:33.0703 0x0d40 C:\WINDOWS\system32\imagehlp.dll - ok 11:03:33.0750 0x0d40 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll 11:03:33.0750 0x0d40 C:\WINDOWS\system32\ws2_32.dll - ok 11:03:33.0781 0x0d40 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll 11:03:33.0781 0x0d40 C:\WINDOWS\system32\imm32.dll - ok 11:03:33.0796 0x0d40 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll 11:03:33.0796 0x0d40 C:\WINDOWS\system32\ws2help.dll - ok 11:03:33.0828 0x0d40 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll 11:03:33.0828 0x0d40 C:\WINDOWS\system32\kbdus.dll - ok 11:03:33.0937 0x0d40 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll 11:03:33.0937 0x0d40 C:\WINDOWS\system32\msgina.dll - ok 11:03:34.0015 0x0d40 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll 11:03:34.0015 0x0d40 C:\WINDOWS\system32\comctl32.dll - ok 11:03:34.0093 0x0d40 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll 11:03:34.0093 0x0d40 C:\WINDOWS\system32\odbc32.dll - ok 11:03:34.0203 0x0d40 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll 11:03:34.0203 0x0d40 C:\WINDOWS\system32\comdlg32.dll - ok 11:03:34.0250 0x0d40 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll 11:03:34.0250 0x0d40 C:\WINDOWS\system32\shell32.dll - ok 11:03:34.0281 0x0d40 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll 11:03:34.0281 0x0d40 C:\WINDOWS\system32\shlwapi.dll - ok 11:03:34.0406 0x0d40 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll 11:03:34.0406 0x0d40 C:\WINDOWS\system32\sxs.dll - ok 11:03:34.0468 0x0d40 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 11:03:34.0468 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok 11:03:34.0515 0x0d40 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll 11:03:34.0515 0x0d40 C:\WINDOWS\system32\odbcint.dll - ok 11:03:34.0562 0x0d40 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll 11:03:34.0562 0x0d40 C:\WINDOWS\system32\shsvcs.dll - ok 11:03:34.0609 0x0d40 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll 11:03:34.0609 0x0d40 C:\WINDOWS\system32\sfc.dll - ok 11:03:34.0671 0x0d40 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll 11:03:34.0671 0x0d40 C:\WINDOWS\system32\sfc_os.dll - ok 11:03:34.0765 0x0d40 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll 11:03:34.0765 0x0d40 C:\WINDOWS\system32\ole32.dll - ok 11:03:35.0031 0x0d40 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll 11:03:35.0031 0x0d40 C:\WINDOWS\system32\apphelp.dll - ok 11:03:35.0125 0x0d40 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe 11:03:35.0125 0x0d40 C:\WINDOWS\system32\lsass.exe - ok 11:03:35.0187 0x0d40 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe 11:03:35.0187 0x0d40 C:\WINDOWS\system32\services.exe - ok 11:03:35.0203 0x0d40 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll 11:03:35.0203 0x0d40 C:\WINDOWS\system32\lsasrv.dll - ok 11:03:35.0343 0x0d40 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll 11:03:35.0343 0x0d40 C:\WINDOWS\system32\ncobjapi.dll - ok 11:03:35.0359 0x0d40 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll 11:03:35.0359 0x0d40 C:\WINDOWS\system32\msvcp60.dll - ok 11:03:35.0390 0x0d40 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll 11:03:35.0390 0x0d40 C:\WINDOWS\system32\mpr.dll - ok 11:03:35.0453 0x0d40 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll 11:03:35.0453 0x0d40 C:\WINDOWS\system32\scesrv.dll - ok 11:03:35.0468 0x0d40 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll 11:03:35.0468 0x0d40 C:\WINDOWS\system32\ntdsapi.dll - ok 11:03:35.0500 0x0d40 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll 11:03:35.0500 0x0d40 C:\WINDOWS\system32\dnsapi.dll - ok 11:03:35.0515 0x0d40 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll 11:03:35.0531 0x0d40 C:\WINDOWS\system32\umpnpmgr.dll - ok 11:03:35.0578 0x0d40 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll 11:03:35.0578 0x0d40 C:\WINDOWS\system32\wldap32.dll - ok 11:03:35.0609 0x0d40 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll 11:03:35.0609 0x0d40 C:\WINDOWS\system32\samlib.dll - ok 11:03:35.0640 0x0d40 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll 11:03:35.0640 0x0d40 C:\WINDOWS\system32\samsrv.dll - ok 11:03:35.0656 0x0d40 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll 11:03:35.0656 0x0d40 C:\WINDOWS\system32\shimeng.dll - ok 11:03:35.0671 0x0d40 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\AcAdProc.dll 11:03:35.0671 0x0d40 C:\WINDOWS\AppPatch\AcAdProc.dll - ok 11:03:35.0687 0x0d40 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll 11:03:35.0687 0x0d40 C:\WINDOWS\system32\cryptdll.dll - ok 11:03:35.0750 0x0d40 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\AcGenral.dll 11:03:35.0750 0x0d40 C:\WINDOWS\AppPatch\AcGenral.dll - ok 11:03:35.0781 0x0d40 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll 11:03:35.0781 0x0d40 C:\WINDOWS\system32\winmm.dll - ok 11:03:35.0812 0x0d40 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll 11:03:35.0812 0x0d40 C:\WINDOWS\system32\oleaut32.dll - ok 11:03:35.0843 0x0d40 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll 11:03:35.0843 0x0d40 C:\WINDOWS\system32\msacm32.dll - ok 11:03:35.0875 0x0d40 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll 11:03:35.0875 0x0d40 C:\WINDOWS\system32\uxtheme.dll - ok 11:03:35.0890 0x0d40 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll 11:03:35.0890 0x0d40 C:\WINDOWS\system32\msapsspc.dll - ok 11:03:35.0937 0x0d40 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll 11:03:35.0937 0x0d40 C:\WINDOWS\system32\msvcrt40.dll - ok 11:03:35.0953 0x0d40 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll 11:03:35.0953 0x0d40 C:\WINDOWS\system32\schannel.dll - ok 11:03:35.0968 0x0d40 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll 11:03:35.0968 0x0d40 C:\WINDOWS\system32\digest.dll - ok 11:03:36.0000 0x0d40 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll 11:03:36.0000 0x0d40 C:\WINDOWS\system32\msnsspc.dll - ok 11:03:36.0015 0x0d40 [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\MSCTFIME.IME 11:03:36.0015 0x0d40 C:\WINDOWS\system32\MSCTFIME.IME - ok 11:03:36.0046 0x0d40 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll 11:03:36.0046 0x0d40 C:\WINDOWS\system32\msprivs.dll - ok 11:03:36.0062 0x0d40 [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll 11:03:36.0062 0x0d40 C:\WINDOWS\system32\atmfd.dll - ok 11:03:36.0078 0x0d40 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll 11:03:36.0078 0x0d40 C:\WINDOWS\system32\kerberos.dll - ok 11:03:36.0093 0x0d40 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll 11:03:36.0093 0x0d40 C:\WINDOWS\system32\msv1_0.dll - ok 11:03:36.0125 0x0d40 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll 11:03:36.0125 0x0d40 C:\WINDOWS\system32\iphlpapi.dll - ok 11:03:36.0125 0x0d40 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll 11:03:36.0125 0x0d40 C:\WINDOWS\system32\netlogon.dll - ok 11:03:36.0156 0x0d40 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll 11:03:36.0156 0x0d40 C:\WINDOWS\system32\w32time.dll - ok 11:03:36.0171 0x0d40 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll 11:03:36.0171 0x0d40 C:\WINDOWS\system32\wdigest.dll - ok 11:03:36.0187 0x0d40 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll 11:03:36.0187 0x0d40 C:\WINDOWS\system32\rsaenh.dll - ok 11:03:36.0203 0x0d40 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll 11:03:36.0203 0x0d40 C:\WINDOWS\system32\winscard.dll - ok 11:03:36.0218 0x0d40 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll 11:03:36.0218 0x0d40 C:\WINDOWS\system32\wtsapi32.dll - ok 11:03:36.0234 0x0d40 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll 11:03:36.0234 0x0d40 C:\WINDOWS\system32\scecli.dll - ok 11:03:36.0250 0x0d40 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe 11:03:36.0250 0x0d40 C:\WINDOWS\system32\svchost.exe - ok 11:03:36.0265 0x0d40 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll 11:03:36.0265 0x0d40 C:\WINDOWS\system32\ntmarta.dll - ok 11:03:36.0281 0x0d40 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll 11:03:36.0281 0x0d40 C:\WINDOWS\system32\rpcss.dll - ok 11:03:36.0281 0x0d40 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll 11:03:36.0281 0x0d40 C:\WINDOWS\system32\xpsp2res.dll - ok 11:03:36.0296 0x0d40 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll 11:03:36.0296 0x0d40 C:\WINDOWS\system32\eventlog.dll - ok 11:03:36.0312 0x0d40 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll 11:03:36.0312 0x0d40 C:\WINDOWS\system32\mswsock.dll - ok 11:03:36.0328 0x0d40 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll 11:03:36.0328 0x0d40 C:\WINDOWS\system32\hnetcfg.dll - ok 11:03:36.0328 0x0d40 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll 11:03:36.0328 0x0d40 C:\WINDOWS\system32\wshtcpip.dll - ok 11:03:36.0359 0x0d40 [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files\Bonjour\mdnsNSP.dll 11:03:36.0359 0x0d40 C:\Program Files\Bonjour\mdnsNSP.dll - ok 11:03:36.0390 0x0d40 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll 11:03:36.0390 0x0d40 C:\WINDOWS\system32\winrnr.dll - ok 11:03:36.0421 0x0d40 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll 11:03:36.0421 0x0d40 C:\WINDOWS\system32\rasadhlp.dll - ok 11:03:36.0453 0x0d40 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe 11:03:36.0453 0x0d40 C:\WINDOWS\system32\logonui.exe - ok 11:03:36.0468 0x0d40 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll 11:03:36.0468 0x0d40 C:\WINDOWS\system32\cscdll.dll - ok 11:03:36.0500 0x0d40 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys 11:03:36.0500 0x0d40 C:\WINDOWS\system32\drivers\ndisuio.sys - ok 11:03:36.0531 0x0d40 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll 11:03:36.0531 0x0d40 C:\WINDOWS\system32\duser.dll - ok 11:03:36.0546 0x0d40 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll 11:03:36.0546 0x0d40 C:\WINDOWS\system32\dimsntfy.dll - ok 11:03:36.0562 0x0d40 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll 11:03:36.0562 0x0d40 C:\WINDOWS\system32\wlnotify.dll - ok 11:03:36.0593 0x0d40 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv 11:03:36.0593 0x0d40 C:\WINDOWS\system32\winspool.drv - ok 11:03:36.0640 0x0d40 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll 11:03:36.0640 0x0d40 C:\WINDOWS\system32\msimg32.dll - ok 11:03:36.0734 0x0d40 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll 11:03:36.0734 0x0d40 C:\WINDOWS\system32\oleacc.dll - ok 11:03:36.0750 0x0d40 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll 11:03:36.0750 0x0d40 C:\WINDOWS\system32\dhcpcsvc.dll - ok 11:03:36.0765 0x0d40 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll 11:03:36.0765 0x0d40 C:\WINDOWS\system32\dnsrslvr.dll - ok 11:03:36.0781 0x0d40 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll 11:03:36.0781 0x0d40 C:\WINDOWS\system32\clbcatq.dll - ok 11:03:36.0796 0x0d40 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll 11:03:36.0796 0x0d40 C:\WINDOWS\system32\comres.dll - ok 11:03:36.0812 0x0d40 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll 11:03:36.0812 0x0d40 C:\WINDOWS\system32\lmhsvc.dll - ok 11:03:36.0859 0x0d40 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll 11:03:36.0859 0x0d40 C:\WINDOWS\system32\wzcsvc.dll - ok 11:03:36.0875 0x0d40 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll 11:03:36.0875 0x0d40 C:\WINDOWS\system32\shgina.dll - ok 11:03:36.0890 0x0d40 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll 11:03:36.0890 0x0d40 C:\WINDOWS\system32\rtutils.dll - ok 11:03:36.0921 0x0d40 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll 11:03:36.0921 0x0d40 C:\WINDOWS\system32\wmi.dll - ok 11:03:36.0953 0x0d40 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll 11:03:36.0953 0x0d40 C:\WINDOWS\system32\eapolqec.dll - ok 11:03:36.0984 0x0d40 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll 11:03:36.0984 0x0d40 C:\WINDOWS\system32\atl.dll - ok 11:03:37.0000 0x0d40 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll 11:03:37.0000 0x0d40 C:\WINDOWS\system32\qutil.dll - ok 11:03:37.0015 0x0d40 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll 11:03:37.0015 0x0d40 C:\WINDOWS\system32\dot3api.dll - ok 11:03:37.0031 0x0d40 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll 11:03:37.0031 0x0d40 C:\WINDOWS\system32\esent.dll - ok 11:03:37.0062 0x0d40 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll 11:03:37.0062 0x0d40 C:\WINDOWS\system32\cscui.dll - ok 11:03:37.0093 0x0d40 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll 11:03:37.0093 0x0d40 C:\WINDOWS\system32\powrprof.dll - ok 11:03:37.0140 0x0d40 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837, 78FEB881B5F1C90AD13DD69BB8C95CDF60C84E127871916D1EE8A938849E6282 ] C:\WINDOWS\system32\dpcdll.dll 11:03:37.0140 0x0d40 C:\WINDOWS\system32\dpcdll.dll - ok 11:03:37.0187 0x0d40 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll 11:03:37.0187 0x0d40 C:\WINDOWS\system32\rastls.dll - ok 11:03:37.0250 0x0d40 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe 11:03:37.0250 0x0d40 C:\WINDOWS\system32\userinit.exe - ok 11:03:37.0250 0x0d40 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll 11:03:37.0250 0x0d40 C:\WINDOWS\system32\cryptui.dll - ok 11:03:37.0281 0x0d40 [ 9F20FEF7F8B411165174CEC20583462A, 9511FA64CF8D03A69FEACDFBAF53211A5EC7E069C313C875E1962E97D283A0A5 ] C:\WINDOWS\system32\wininet.dll 11:03:37.0281 0x0d40 C:\WINDOWS\system32\wininet.dll - ok 11:03:37.0312 0x0d40 [ 94F96C1648D5F8E4375BF64D404C74BB, FE789E83436302DC0C9D0B1D0E9B0F8A546A9BD9693F3EB64C0B4F4159DCE379 ] C:\WINDOWS\system32\iertutil.dll 11:03:37.0312 0x0d40 C:\WINDOWS\system32\iertutil.dll - ok 11:03:37.0328 0x0d40 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll 11:03:37.0328 0x0d40 C:\WINDOWS\system32\normaliz.dll - ok 11:03:37.0343 0x0d40 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll 11:03:37.0343 0x0d40 C:\WINDOWS\system32\mprapi.dll - ok 11:03:37.0359 0x0d40 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll 11:03:37.0359 0x0d40 C:\WINDOWS\system32\activeds.dll - ok 11:03:37.0375 0x0d40 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll 11:03:37.0375 0x0d40 C:\WINDOWS\system32\adsldpc.dll - ok 11:03:37.0390 0x0d40 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll 11:03:37.0390 0x0d40 C:\WINDOWS\system32\rasapi32.dll - ok 11:03:37.0437 0x0d40 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe 11:03:37.0437 0x0d40 C:\WINDOWS\explorer.exe - ok 11:03:37.0468 0x0d40 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll 11:03:37.0468 0x0d40 C:\WINDOWS\system32\rasman.dll - ok 11:03:37.0531 0x0d40 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll 11:03:37.0531 0x0d40 C:\WINDOWS\system32\tapi32.dll - ok 11:03:37.0546 0x0d40 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll 11:03:37.0546 0x0d40 C:\WINDOWS\system32\riched20.dll - ok 11:03:37.0578 0x0d40 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll 11:03:37.0578 0x0d40 C:\WINDOWS\system32\browseui.dll - ok 11:03:37.0609 0x0d40 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll 11:03:37.0609 0x0d40 C:\WINDOWS\system32\raschap.dll - ok 11:03:37.0671 0x0d40 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll 11:03:37.0671 0x0d40 C:\WINDOWS\system32\netman.dll - ok 11:03:37.0687 0x0d40 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll 11:03:37.0687 0x0d40 C:\WINDOWS\system32\shdocvw.dll - ok 11:03:37.0718 0x0d40 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll 11:03:37.0718 0x0d40 C:\WINDOWS\system32\netshell.dll - ok 11:03:37.0734 0x0d40 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll 11:03:37.0734 0x0d40 C:\WINDOWS\system32\credui.dll - ok 11:03:37.0765 0x0d40 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll 11:03:37.0765 0x0d40 C:\WINDOWS\system32\dot3dlg.dll - ok 11:03:37.0781 0x0d40 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll 11:03:37.0781 0x0d40 C:\WINDOWS\system32\onex.dll - ok 11:03:37.0796 0x0d40 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll 11:03:37.0796 0x0d40 C:\WINDOWS\system32\eappcfg.dll - ok 11:03:37.0828 0x0d40 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll 11:03:37.0828 0x0d40 C:\WINDOWS\system32\eappprxy.dll - ok 11:03:37.0859 0x0d40 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll 11:03:37.0859 0x0d40 C:\WINDOWS\system32\wzcsapi.dll - ok 11:03:37.0875 0x0d40 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl 11:03:37.0875 0x0d40 C:\WINDOWS\system32\desk.cpl - ok 11:03:37.0984 0x0d40 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll 11:03:37.0984 0x0d40 C:\WINDOWS\system32\themeui.dll - ok 11:03:38.0109 0x0d40 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll 11:03:38.0109 0x0d40 C:\WINDOWS\system32\schedsvc.dll - ok 11:03:38.0359 0x0d40 [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll 11:03:38.0359 0x0d40 C:\WINDOWS\system32\msidle.dll - ok 11:03:38.0437 0x0d40 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe 11:03:38.0437 0x0d40 C:\WINDOWS\system32\spoolsv.exe - ok 11:03:38.0468 0x0d40 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll 11:03:38.0468 0x0d40 C:\WINDOWS\system32\audiosrv.dll - ok 11:03:38.0609 0x0d40 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll 11:03:38.0609 0x0d40 C:\WINDOWS\system32\wkssvc.dll - ok 11:03:38.0687 0x0d40 [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll 11:03:38.0687 0x0d40 C:\WINDOWS\system32\actxprxy.dll - ok 11:03:38.0781 0x0d40 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys 11:03:38.0781 0x0d40 C:\WINDOWS\system32\drivers\mrxdav.sys - ok 11:03:38.0812 0x0d40 [ C0D4312262C7B1A46AADB8418B85D8FA, 7614A88F0C811E6D78D8B481D64DA986A7E1CE786CC1BEC02968303EEEB8103B ] C:\WINDOWS\system32\urlmon.dll 11:03:38.0812 0x0d40 C:\WINDOWS\system32\urlmon.dll - ok 11:03:38.0875 0x0d40 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll 11:03:38.0875 0x0d40 C:\WINDOWS\system32\webclnt.dll - ok 11:03:38.0968 0x0d40 [ E16B687057603A249DA9271E9727CDB0, 0537DF45574FB17A1B8AD2AF0D571A9622B5A0A4D631F98ED115988FF075189E ] C:\WINDOWS\system32\ieframe.dll 11:03:38.0968 0x0d40 C:\WINDOWS\system32\ieframe.dll - ok 11:03:39.0093 0x0d40 [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe 11:03:39.0093 0x0d40 C:\WINDOWS\system32\cmd.exe - ok 11:03:39.0156 0x0d40 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys 11:03:39.0156 0x0d40 C:\WINDOWS\system32\drivers\parport.sys - ok 11:03:39.0171 0x0d40 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll 11:03:39.0171 0x0d40 C:\WINDOWS\system32\mlang.dll - ok 11:03:39.0187 0x0d40 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys 11:03:39.0187 0x0d40 C:\WINDOWS\system32\drivers\serial.sys - ok 11:03:39.0218 0x0d40 [ 566382CA5F2C41FEAEEEFAC908F1EB92, FF25ACB5CC757F6D7FE8724EDAC16A36332406AF39745C45858AB24CAF24AC48 ] C:\WINDOWS\system32\xmlprovi.dll 11:03:39.0218 0x0d40 C:\WINDOWS\system32\xmlprovi.dll - ok 11:03:39.0234 0x0d40 [ 2953A157A783BFC06F42F99FEFA5EB07, 90236C68F46FA25F6C0561A38CAE7BEB2E35281AF33B3779BC52CDA0F73018CC ] C:\WINDOWS\system32\ANIO.sys 11:03:39.0234 0x0d40 C:\WINDOWS\system32\ANIO.sys - ok 11:03:39.0281 0x0d40 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll 11:03:39.0281 0x0d40 C:\WINDOWS\system32\cryptsvc.dll - ok 11:03:39.0453 0x0d40 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys 11:03:39.0453 0x0d40 C:\WINDOWS\system32\drivers\wdmaud.sys - ok 11:03:39.0578 0x0d40 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv 11:03:39.0578 0x0d40 C:\WINDOWS\system32\wdmaud.drv - ok 11:03:39.0656 0x0d40 [ FE2571A8C9FFAB1D45502D6B0BF472AA, 1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ] C:\WINDOWS\system32\xp_eos.exe 11:03:39.0656 0x0d40 C:\WINDOWS\system32\xp_eos.exe - ok 11:03:39.0718 0x0d40 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys 11:03:39.0718 0x0d40 C:\WINDOWS\system32\drivers\sysaudio.sys - ok 11:03:39.0734 0x0d40 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys 11:03:39.0734 0x0d40 C:\WINDOWS\system32\drivers\aec.sys - ok 11:03:39.0765 0x0d40 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys 11:03:39.0765 0x0d40 C:\WINDOWS\system32\drivers\splitter.sys - ok 11:03:39.0796 0x0d40 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll 11:03:39.0796 0x0d40 C:\WINDOWS\system32\certcli.dll - ok 11:03:39.0843 0x0d40 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys 11:03:39.0843 0x0d40 C:\WINDOWS\system32\drivers\swmidi.sys - ok 11:03:39.0921 0x0d40 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll 11:03:39.0921 0x0d40 C:\WINDOWS\system32\ersvc.dll - ok 11:03:39.0937 0x0d40 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\DMusic.sys 11:03:39.0937 0x0d40 C:\WINDOWS\system32\drivers\DMusic.sys - ok 11:03:39.0953 0x0d40 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys 11:03:39.0953 0x0d40 C:\WINDOWS\system32\drivers\kmixer.sys - ok 11:03:39.0968 0x0d40 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll 11:03:39.0968 0x0d40 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok 11:03:39.0984 0x0d40 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll 11:03:39.0984 0x0d40 C:\WINDOWS\system32\es.dll - ok 11:03:39.0984 0x0d40 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys 11:03:39.0984 0x0d40 C:\WINDOWS\system32\drivers\drmkaud.sys - ok 11:03:40.0031 0x0d40 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] C:\WINDOWS\system32\hidserv.dll 11:03:40.0031 0x0d40 C:\WINDOWS\system32\hidserv.dll - ok 11:03:40.0062 0x0d40 [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll 11:03:40.0062 0x0d40 C:\WINDOWS\system32\hid.dll - ok 11:03:40.0078 0x0d40 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 11:03:40.0078 0x0d40 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok 11:03:40.0109 0x0d40 [ 2A6B16AAD88A449B9E124FBF2D308E07, 0320AC1DD22095E56ED53D25262E5E80F11877D7C40EB33A8C07DFD8BDC02F7E ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll 11:03:40.0109 0x0d40 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok 11:03:40.0140 0x0d40 [ A04F4AC48895774A2CF9D1C9EAAACEF0, 012F10DE086C3551D75716EF1F6DCC477C8C1E776267D9FC4073BEADAFD37C9C ] C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 11:03:40.0140 0x0d40 C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL - ok 11:03:40.0156 0x0d40 [ C6E5276C00EBDEB096BB5EF4B797D1B6, 2620D2F7B5242E9DD0217FB4E0CBACF1DB8AB1B92187AD2847904948E1ABFEC1 ] C:\WINDOWS\system32\drivers\int15.sys 11:03:40.0156 0x0d40 C:\WINDOWS\system32\drivers\int15.sys - ok 11:03:40.0218 0x0d40 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll 11:03:40.0218 0x0d40 C:\WINDOWS\system32\srvsvc.dll - ok 11:03:40.0343 0x0d40 [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv 11:03:40.0343 0x0d40 C:\WINDOWS\system32\msacm32.drv - ok 11:03:40.0359 0x0d40 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll 11:03:40.0359 0x0d40 C:\WINDOWS\system32\netmsg.dll - ok 11:03:40.0437 0x0d40 [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll 11:03:40.0437 0x0d40 C:\WINDOWS\system32\midimap.dll - ok 11:03:40.0656 0x0d40 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll 11:03:40.0656 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok 11:03:40.0718 0x0d40 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys 11:03:40.0718 0x0d40 C:\WINDOWS\system32\drivers\srv.sys - ok 11:03:40.0828 0x0d40 [ 80B7A96F908DA13617E7E6832C5C6A64, 08B81AFE120B8064B6E001BDF424168305D55F38AE2071300F57C8EA32BEAE56 ] C:\WINDOWS\system32\HPZinw12.dll 11:03:40.0828 0x0d40 C:\WINDOWS\system32\HPZinw12.dll - ok 11:03:40.0921 0x0d40 [ F042EE4C8D66248D9B86DCF52ABAE416, AE0F5CC54E4B133DF66A54572A7CE52FAFF11F8FD0CAEAB088AAD3699D6EC924 ] C:\ComboFix\pev.3XE 11:03:40.0921 0x0d40 C:\ComboFix\pev.3XE - ok 11:03:40.0968 0x0d40 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll 11:03:40.0968 0x0d40 C:\WINDOWS\system32\wsock32.dll - ok 11:03:41.0031 0x0d40 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll 11:03:41.0031 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok 11:03:41.0062 0x0d40 [ ABC6379205DE2618851C4FCBF72112EB, 22E7528E56DFFAA26CFE722994655686C90824B13EB51184ABFE44D4E95D473F ] C:\ComboFix\hidec.3XE 11:03:41.0062 0x0d40 C:\ComboFix\hidec.3XE - ok 11:03:41.0093 0x0d40 [ 0C155C5D8942B3CBCF9506A9D376B9AD, 37F4878548DD7063CA31FB21D6955A45C25F648C332A736DA84DEA5AAE7486AF ] C:\WINDOWS\system32\HPZipm12.dll 11:03:41.0093 0x0d40 C:\WINDOWS\system32\HPZipm12.dll - ok 11:03:41.0109 0x0d40 [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll 11:03:41.0109 0x0d40 C:\WINDOWS\system32\ipsecsvc.dll - ok 11:03:41.0140 0x0d40 [ A46842C9B0C567A5A9584E83A163560C, 715C24BF2BFDFB50C5B9BFF41B7CC2728D6986AF97EDEEB1F1DF0C35D673AD98 ] C:\ComboFix\swreg.3XE 11:03:41.0140 0x0d40 C:\ComboFix\swreg.3XE - ok 11:03:41.0156 0x0d40 [ 584C4DA856450CB22EBBE7A68CC6250F, 56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ] C:\WINDOWS\system32\oakley.dll 11:03:41.0156 0x0d40 C:\WINDOWS\system32\oakley.dll - ok 11:03:41.0187 0x0d40 [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll 11:03:41.0187 0x0d40 C:\WINDOWS\system32\psbase.dll - ok 11:03:41.0203 0x0d40 [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll 11:03:41.0203 0x0d40 C:\WINDOWS\system32\pstorsvc.dll - ok 11:03:41.0218 0x0d40 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll 11:03:41.0218 0x0d40 C:\WINDOWS\system32\winipsec.dll - ok 11:03:41.0250 0x0d40 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll 11:03:41.0250 0x0d40 C:\WINDOWS\system32\dssenh.dll - ok 11:03:41.0265 0x0d40 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll 11:03:41.0265 0x0d40 C:\WINDOWS\system32\seclogon.dll - ok 11:03:41.0281 0x0d40 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll 11:03:41.0281 0x0d40 C:\WINDOWS\system32\sens.dll - ok 11:03:41.0312 0x0d40 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll 11:03:41.0312 0x0d40 C:\WINDOWS\system32\srsvc.dll - ok 11:03:41.0343 0x0d40 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] C:\WINDOWS\system32\wiaservc.dll 11:03:41.0343 0x0d40 C:\WINDOWS\system32\wiaservc.dll - ok 11:03:41.0390 0x0d40 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll 11:03:41.0390 0x0d40 C:\WINDOWS\system32\trkwks.dll - ok 11:03:41.0406 0x0d40 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll 11:03:41.0406 0x0d40 C:\WINDOWS\system32\cfgmgr32.dll - ok 11:03:41.0437 0x0d40 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] C:\WINDOWS\system32\tapisrv.dll 11:03:41.0437 0x0d40 C:\WINDOWS\system32\tapisrv.dll - ok 11:03:41.0453 0x0d40 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll 11:03:41.0453 0x0d40 C:\WINDOWS\system32\mscms.dll - ok 11:03:41.0484 0x0d40 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll 11:03:41.0484 0x0d40 C:\WINDOWS\system32\wbem\wmisvc.dll - ok 11:03:41.0531 0x0d40 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll 11:03:41.0531 0x0d40 C:\WINDOWS\system32\vssapi.dll - ok 11:03:41.0562 0x0d40 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll 11:03:41.0562 0x0d40 C:\WINDOWS\system32\browser.dll - ok 11:03:41.0593 0x0d40 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll 11:03:41.0593 0x0d40 C:\WINDOWS\system32\wuauserv.dll - ok 11:03:41.0625 0x0d40 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] C:\WINDOWS\system32\fxssvc.exe 11:03:41.0625 0x0d40 C:\WINDOWS\system32\fxssvc.exe - ok 11:03:41.0640 0x0d40 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll 11:03:41.0640 0x0d40 C:\WINDOWS\system32\wuaueng.dll - ok 11:03:41.0671 0x0d40 [ BDB83C844EDEC9BD01A94750D2C38DDF, B18B9E9B9EE74143153CA2479BF7FC9A5528DB4023FA085D0DA5E9B8795C7428 ] C:\WINDOWS\system32\fxsevent.dll 11:03:41.0671 0x0d40 C:\WINDOWS\system32\fxsevent.dll - ok 11:03:41.0703 0x0d40 [ 1144EF6B4BB72E33B41912AE1AE4F97A, 75144F64352D0A426F7171487F733BA85786D3279C18E741F06484440CA0BC19 ] C:\WINDOWS\system32\fxstiff.dll 11:03:41.0703 0x0d40 C:\WINDOWS\system32\fxstiff.dll - ok 11:03:41.0703 0x0d40 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll 11:03:41.0703 0x0d40 C:\WINDOWS\system32\winhttp.dll - ok 11:03:41.0750 0x0d40 [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll 11:03:41.0750 0x0d40 C:\WINDOWS\system32\cabinet.dll - ok 11:03:41.0781 0x0d40 [ 0329D0A4F230094B669A87BB3B85606E, F9A45480E1433B55123DD56327B5777EEF0013BB1693818C28D3D6EFC29D50B4 ] C:\WINDOWS\system32\fxsapi.dll 11:03:41.0781 0x0d40 C:\WINDOWS\system32\fxsapi.dll - ok 11:03:41.0796 0x0d40 [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll 11:03:41.0796 0x0d40 C:\WINDOWS\system32\mspatcha.dll - ok 11:03:41.0812 0x0d40 [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll 11:03:41.0812 0x0d40 C:\WINDOWS\system32\wups.dll - ok 11:03:41.0828 0x0d40 [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll 11:03:41.0828 0x0d40 C:\WINDOWS\system32\spoolss.dll - ok 11:03:41.0859 0x0d40 [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll 11:03:41.0859 0x0d40 C:\WINDOWS\system32\wups2.dll - ok 11:03:41.0875 0x0d40 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll 11:03:41.0875 0x0d40 C:\WINDOWS\system32\cryptnet.dll - ok 11:03:41.0906 0x0d40 [ 5B7D974F49ADECFFFEDFD2C7C2AC0894, 5B433968D0BFCE26E5991EE529C127AA8D9F84B5ACBB85DAAD3F26B58682E5E9 ] C:\WINDOWS\system32\hposwia_p04a.dll 11:03:41.0906 0x0d40 C:\WINDOWS\system32\hposwia_p04a.dll - ok 11:03:41.0937 0x0d40 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll 11:03:41.0937 0x0d40 C:\WINDOWS\system32\wscsvc.dll - ok 11:03:41.0953 0x0d40 [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll 11:03:41.0953 0x0d40 C:\WINDOWS\system32\localspl.dll - ok 11:03:42.0000 0x0d40 [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll 11:03:42.0000 0x0d40 C:\WINDOWS\system32\cnbjmon.dll - ok 11:03:42.0046 0x0d40 [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll 11:03:42.0046 0x0d40 C:\WINDOWS\system32\msi.dll - ok 11:03:42.0078 0x0d40 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll 11:03:42.0078 0x0d40 C:\WINDOWS\system32\sensapi.dll - ok 11:03:42.0109 0x0d40 [ 8FA382B5A54DC35875A067C84FBD6240, AA6E58E8AC7DB92A8B915BD25D183775FBA69A6E23CD7226F9557102B94C3777 ] C:\WINDOWS\system32\hpf3l101.dll 11:03:42.0109 0x0d40 C:\WINDOWS\system32\hpf3l101.dll - ok 11:03:42.0140 0x0d40 [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll 11:03:42.0140 0x0d40 C:\WINDOWS\system32\comsvcs.dll - ok 11:03:42.0171 0x0d40 [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll 11:03:42.0171 0x0d40 C:\WINDOWS\system32\colbact.dll - ok 11:03:42.0203 0x0d40 [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll 11:03:42.0203 0x0d40 C:\WINDOWS\system32\mtxclu.dll - ok 11:03:42.0218 0x0d40 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll 11:03:42.0218 0x0d40 C:\WINDOWS\system32\clusapi.dll - ok 11:03:42.0234 0x0d40 [ CC6292CA575E851E5B74BF8883AB967A, 40DB13B96395FC753C4BC70C32A1845002DDD613955589F8EE0BF7E049A43779 ] C:\WINDOWS\system32\fxsmon.dll 11:03:42.0234 0x0d40 C:\WINDOWS\system32\fxsmon.dll - ok 11:03:42.0265 0x0d40 [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll 11:03:42.0265 0x0d40 C:\WINDOWS\system32\pjlmon.dll - ok 11:03:42.0296 0x0d40 [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll 11:03:42.0296 0x0d40 C:\WINDOWS\system32\resutils.dll - ok 11:03:42.0343 0x0d40 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll 11:03:42.0343 0x0d40 C:\WINDOWS\system32\ipnathlp.dll - ok 11:03:42.0359 0x0d40 [ 2C6786656869093C521337D6AC813BC6, 111C4873DDEC20E8DB08B69A73B91D6213883C025DEB49AEB9D4C7B9818F65FC ] C:\WINDOWS\system32\Primomonnt.dll 11:03:42.0359 0x0d40 C:\WINDOWS\system32\Primomonnt.dll - ok 11:03:42.0375 0x0d40 [ C52CE534397E1D3A442FB4C88A3CBE42, 4289052A24780CEEE9C96290B47FDD596B7D4426F776BB7B2ACCBB6E01B41E52 ] C:\WINDOWS\system32\msonpmon.dll 11:03:42.0375 0x0d40 C:\WINDOWS\system32\msonpmon.dll - ok 11:03:42.0500 0x0d40 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll 11:03:42.0500 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok 11:03:42.0562 0x0d40 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll 11:03:42.0562 0x0d40 C:\WINDOWS\system32\wbem\wbemprox.dll - ok 11:03:42.0578 0x0d40 [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll 11:03:42.0578 0x0d40 C:\WINDOWS\system32\tcpmon.dll - ok 11:03:42.0593 0x0d40 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll 11:03:42.0593 0x0d40 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok 11:03:42.0609 0x0d40 [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll 11:03:42.0609 0x0d40 C:\WINDOWS\system32\usbmon.dll - ok 11:03:42.0625 0x0d40 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll 11:03:42.0625 0x0d40 C:\WINDOWS\system32\wbem\wbemcore.dll - ok 11:03:42.0656 0x0d40 [ 549443507E0A4D38EA7160927FA8AE5E, 88E1B4039ED42B3F53670D0D085F076060E505AB4FC785FBCFB55D99C1A4B961 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp101.dll 11:03:42.0656 0x0d40 C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp101.dll - ok 11:03:42.0687 0x0d40 [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll 11:03:42.0687 0x0d40 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok 11:03:42.0718 0x0d40 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll 11:03:42.0718 0x0d40 C:\WINDOWS\system32\wbem\esscli.dll - ok 11:03:42.0765 0x0d40 [ F348280907B38FDBDB3CEF55D456E149, 526A1A46491401EA9BA241ADA76A610E8D98831F8D2C82712B931B481EA5529E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll 11:03:42.0765 0x0d40 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok 11:03:42.0812 0x0d40 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll 11:03:42.0812 0x0d40 C:\WINDOWS\system32\win32spl.dll - ok 11:03:42.0843 0x0d40 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll 11:03:42.0843 0x0d40 C:\WINDOWS\system32\netrap.dll - ok 11:03:42.0953 0x0d40 [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll 11:03:42.0953 0x0d40 C:\WINDOWS\system32\inetpp.dll - ok 11:03:42.0984 0x0d40 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll 11:03:42.0984 0x0d40 C:\WINDOWS\system32\wbem\fastprox.dll - ok 11:03:43.0031 0x0d40 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll 11:03:43.0031 0x0d40 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok 11:03:43.0078 0x0d40 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll 11:03:43.0078 0x0d40 C:\WINDOWS\system32\shfolder.dll - ok 11:03:43.0140 0x0d40 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll 11:03:43.0140 0x0d40 C:\WINDOWS\system32\wbem\wmiutils.dll - ok 11:03:43.0156 0x0d40 [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe 11:03:43.0156 0x0d40 C:\WINDOWS\system32\wuauclt.exe - ok 11:03:43.0187 0x0d40 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll 11:03:43.0187 0x0d40 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok 11:03:43.0218 0x0d40 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll 11:03:43.0218 0x0d40 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok 11:03:43.0296 0x0d40 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll 11:03:43.0296 0x0d40 C:\WINDOWS\system32\wbem\wbemess.dll - ok 11:03:43.0343 0x0d40 [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\WINDOWS\system32\wuapi.dll 11:03:43.0343 0x0d40 C:\WINDOWS\system32\wuapi.dll - ok 11:03:43.0390 0x0d40 [ 0CE5F8AE9C371A965D17E3F2ED134809, 22627A1E9A5B7068E2A783B5D218D530E2CCB26021333C097B4FF922400367FC ] C:\WINDOWS\system32\fxst30.dll 11:03:43.0390 0x0d40 C:\WINDOWS\system32\fxst30.dll - ok 11:03:43.0437 0x0d40 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll 11:03:43.0437 0x0d40 C:\WINDOWS\system32\wbem\ncprov.dll - ok 11:03:43.0500 0x0d40 [ 2D583E2844FDD592D1629EB6B10E5702, 94F211492B347190275E8584D9CBDC900D636505A484AA3D624E89812C8AE28B ] C:\WINDOWS\system32\fxsroute.dll 11:03:43.0500 0x0d40 C:\WINDOWS\system32\fxsroute.dll - ok 11:03:43.0546 0x0d40 [ AACE07FE34FADDDF973CE068A6424957, A14DC612762F56EE3CF9FBDF58E9476400F2CD9513319AD90E3818B2DB9F4580 ] C:\WINDOWS\system32\unimdm.tsp 11:03:43.0546 0x0d40 C:\WINDOWS\system32\unimdm.tsp - ok 11:03:43.0546 0x0d40 [ 995252FCC4692B5B97EE17D596C9386E, E0EC754ADC0976BCF88C4777E788A67844428DF0B828D8EE7B8A039C763DFFDD ] C:\WINDOWS\system32\uniplat.dll 11:03:43.0546 0x0d40 C:\WINDOWS\system32\uniplat.dll - ok 11:03:43.0562 0x0d40 [ 19AE6CBA05B9005698A6DEDCC88F202E, 047016D4989FB1460BE11C0C22E10858E3D6598EBA31C98B8489413C1A350A9C ] C:\WINDOWS\system32\unimdmat.dll 11:03:43.0562 0x0d40 C:\WINDOWS\system32\unimdmat.dll - ok 11:03:43.0578 0x0d40 [ FE4A73CDBC882A19D070F1C01586E81A, EAF450BA7E168EA41EAA7556E14CBDFCF1B96D7E57A17EC20C3BECFDA9FDFD9A ] C:\WINDOWS\system32\modemui.dll 11:03:43.0578 0x0d40 C:\WINDOWS\system32\modemui.dll - ok 11:03:43.0593 0x0d40 [ 76EC97C5068D3D9FAA7774B0F659D31A, 4E2EF0DC0B05187A6154D4D672B7530E14103D7D1EDF1BDE960F9B988B5EC41F ] C:\WINDOWS\system32\kmddsp.tsp 11:03:43.0593 0x0d40 C:\WINDOWS\system32\kmddsp.tsp - ok 11:03:43.0609 0x0d40 [ 4589963D84F2984FA5949A72162BA4F4, BC927EC7D0EBDBD2B4780D892D41739840DD31B0FF8C79013014925F52860808 ] C:\WINDOWS\system32\ndptsp.tsp 11:03:43.0609 0x0d40 C:\WINDOWS\system32\ndptsp.tsp - ok 11:03:43.0625 0x0d40 [ 8BC2B02DC11C98D14CEE43B8E8393FF3, 1314C33E2E5F11B361CF1E88884B2A9862F8BAB1C498F48DC4C49ACDB28D4732 ] C:\WINDOWS\system32\h323.tsp 11:03:43.0625 0x0d40 C:\WINDOWS\system32\h323.tsp - ok 11:03:43.0656 0x0d40 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8, 7E3A0204FCDD5DFFB3B352451232DD86F8298F83918533D874C122A2EF29081B ] C:\WINDOWS\system32\ipconf.tsp 11:03:43.0656 0x0d40 C:\WINDOWS\system32\ipconf.tsp - ok 11:03:43.0687 0x0d40 [ 6B552ED3BEE5AA3C4560478FF779BA98, 1778F0B7200F93EB255E1F215BB5FBEAA0DBF63BC60B286D76120F8A787995C4 ] C:\WINDOWS\system32\hidphone.tsp 11:03:43.0687 0x0d40 C:\WINDOWS\system32\hidphone.tsp - ok 11:03:43.0687 0x0d40 [ 60655EF9F253944D9BA644BC6A480944, 35B277D05A5E804E325B5CD3C3AC1A75E9E54907E50384BFA0B8215F435B8490 ] C:\Program Files\Internet Explorer\iexplore.exe 11:03:43.0687 0x0d40 C:\Program Files\Internet Explorer\iexplore.exe - ok 11:03:43.0781 0x0d40 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll 11:03:43.0781 0x0d40 C:\WINDOWS\system32\wbem\wbemcons.dll - ok 11:03:43.0828 0x0d40 [ AF8841FEF8DE40D36E77C6662843EDAE, E7FAE0E448B7123CE4BBD20D5EBFCD8690F6902D7007C39733658EAD65A0A1DE ] C:\WINDOWS\AppPatch\aclayers.dll 11:03:43.0828 0x0d40 C:\WINDOWS\AppPatch\aclayers.dll - ok 11:03:43.0843 0x0d40 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll 11:03:43.0843 0x0d40 C:\WINDOWS\system32\termsrv.dll - ok 11:03:43.0875 0x0d40 [ 2523016B69F2D222DD2ED1CA532B2016, 2CD617CB80FA91A22517084BEDB819A496F645367A487B31DDC65B0F2BDA6D63 ] C:\WINDOWS\system32\mshtml.dll 11:03:43.0875 0x0d40 C:\WINDOWS\system32\mshtml.dll - ok 11:03:43.0890 0x0d40 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll 11:03:43.0890 0x0d40 C:\WINDOWS\system32\icaapi.dll - ok 11:03:43.0921 0x0d40 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll 11:03:43.0921 0x0d40 C:\WINDOWS\system32\mstlsapi.dll - ok 11:03:43.0984 0x0d40 [ 87B27E19DC5B4F8F3FEF061A155977B9, F76296565DA5471564F6146189AE392E1FB62A71BB61863AE860223873F6E2CF ] C:\WINDOWS\system32\msls31.dll 11:03:43.0984 0x0d40 C:\WINDOWS\system32\msls31.dll - ok 11:03:44.0015 0x0d40 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 11:03:44.0015 0x0d40 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok 11:03:44.0046 0x0d40 [ FCA8CD0A6FB5048224EB3EFDCD51DF0A, 4E3F9A2ACF21162042FD514121EC7FD6231501386E3295E1C9AAE933C9BFB580 ] C:\WINDOWS\system32\ieapfltr.dll 11:03:44.0046 0x0d40 C:\WINDOWS\system32\ieapfltr.dll - ok 11:03:44.0078 0x0d40 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] C:\WINDOWS\system32\alg.exe 11:03:44.0078 0x0d40 C:\WINDOWS\system32\alg.exe - ok 11:03:44.0078 0x0d40 [ E11457C66FDD966EE415FBBC6D9BE643, 9CAF889C740D79F56F1CE817DA7C8F2BAEE740212B578DAC509EA2C8BA2D790E ] C:\WINDOWS\system32\MSIMTF.dll 11:03:44.0078 0x0d40 C:\WINDOWS\system32\MSIMTF.dll - ok 11:03:44.0093 0x0d40 [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\MSCTF.dll 11:03:44.0093 0x0d40 C:\WINDOWS\system32\MSCTF.dll - ok 11:03:44.0125 0x0d40 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll 11:03:44.0125 0x0d40 C:\WINDOWS\system32\rasmans.dll - ok 11:03:44.0140 0x0d40 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll 11:03:44.0140 0x0d40 C:\WINDOWS\system32\netcfgx.dll - ok 11:03:44.0156 0x0d40 [ 5F7692CEC90E2E9AA32CD58321E234B8, 0F76BD005B6FC51EE8B2D167C5E792947F8A8FF1A4FBC7F9CB3572BEAFC12639 ] C:\WINDOWS\system32\rastapi.dll 11:03:44.0156 0x0d40 C:\WINDOWS\system32\rastapi.dll - ok 11:03:44.0187 0x0d40 [ D0545A010ED2259A740C8414899A938F, 5E6FD116C6F65241A075E4469C5AD1967B8D66DE11E223F7A3F00139FB0160C3 ] C:\WINDOWS\system32\rasppp.dll 11:03:44.0187 0x0d40 C:\WINDOWS\system32\rasppp.dll - ok 11:03:44.0218 0x0d40 [ B464BD425D5D09ABE4192234D1577B22, DF7333CAF299A18DEA43ACEF0A6D8C3F79918D1B3FCE437FDED6B54F95C106B9 ] C:\WINDOWS\system32\ntlsapi.dll 11:03:44.0218 0x0d40 C:\WINDOWS\system32\ntlsapi.dll - ok 11:03:44.0234 0x0d40 [ A655C88AA555BB8EF8957BD29408827F, 6CD48D32D1DFF68FEED5CC20D0DE12729101381EB8A6774408566C14E0B18FFB ] C:\WINDOWS\system32\rasqec.dll 11:03:44.0234 0x0d40 C:\WINDOWS\system32\rasqec.dll - ok 11:03:44.0281 0x0d40 [ F92E1076C42FCD6DB3D72D8CFE9816D5, 94135ACF2D9426BB78E4522429120B03D94B541422C277B9ACA31410874A464C ] C:\WINDOWS\system32\wscntfy.exe 11:03:44.0281 0x0d40 C:\WINDOWS\system32\wscntfy.exe - ok 11:03:44.0312 0x0d40 [ F7B098A08EFCF4AB4247264C0AC225D2, 7F5FB938F006E11239B319A23EBDFD7C21B528C49B37826D91A883EC01BCEAD3 ] C:\WINDOWS\system32\jscript.dll 11:03:44.0312 0x0d40 C:\WINDOWS\system32\jscript.dll - ok 11:03:44.0343 0x0d40 [ 277A5F9EAF1C88F9AC760C46D259CD3F, 92C7DC64B83B0E447A0DBCBDA793E3C912B6F5F77F409B218CF34C11D3445C13 ] C:\WINDOWS\system32\imgutil.dll 11:03:44.0343 0x0d40 C:\WINDOWS\system32\imgutil.dll - ok 11:03:44.0343 0x0d40 [ 33F9AECBCCDBE739C1FDCE879B621530, 8F9C49CF46A36476CE091A65F779334D163443501C3B97B599AB22D94E11F94F ] C:\WINDOWS\system32\pngfilt.dll 11:03:44.0343 0x0d40 C:\WINDOWS\system32\pngfilt.dll - ok 11:03:44.0359 0x0d40 [ 0B3C45D5E09D4F9FA312BC3196598B3F, BF8B8A7F962DF08AD5A43D0176766D994B231478F4B95937AAD9E5237A42BF7A ] C:\WINDOWS\system32\mshtmled.dll 11:03:44.0359 0x0d40 C:\WINDOWS\system32\mshtmled.dll - ok 11:03:44.0375 0x0d40 [ 03A02D5A2D50198BDF6C62AF209438D0, 7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ] C:\WINDOWS\system32\msxml3.dll 11:03:44.0375 0x0d40 C:\WINDOWS\system32\msxml3.dll - ok 11:03:44.0390 0x0d40 [ A1EA582E8B94AE00C14FFACCE4D19E60, 8105AEE7DD563120EC90C500B14A540033599097D2C6635772D18D5981768443 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{1A8A5614-6199-49E3-8A1B-06CEA730CF8B}.exe 11:03:44.0390 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{1A8A5614-6199-49E3-8A1B-06CEA730CF8B}.exe - ok 11:03:44.0421 0x0d40 [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll 11:03:44.0421 0x0d40 C:\WINDOWS\system32\msutb.dll - ok 11:03:44.0453 0x0d40 [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe 11:03:44.0453 0x0d40 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok 11:03:44.0484 0x0d40 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll 11:03:44.0484 0x0d40 C:\WINDOWS\system32\ntshrui.dll - ok 11:03:44.0562 0x0d40 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe 11:03:44.0562 0x0d40 C:\WINDOWS\system32\verclsid.exe - ok 11:03:44.0593 0x0d40 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll 11:03:44.0593 0x0d40 C:\WINDOWS\system32\linkinfo.dll - ok 11:03:44.0640 0x0d40 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll 11:03:44.0640 0x0d40 C:\WINDOWS\system32\wbem\cimwin32.dll - ok 11:03:44.0703 0x0d40 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll 11:03:44.0703 0x0d40 C:\WINDOWS\system32\wbem\framedyn.dll - ok 11:03:44.0765 0x0d40 [ 013A269E7AF8B01FF20B384FEEBFFDA5, 9815034A03EB20CD87F0007DE701CE85215DDA450AFE67AE9EAFFF71F7B4D4DD ] C:\WINDOWS\RTHDCPL.exe 11:03:44.0765 0x0d40 C:\WINDOWS\RTHDCPL.exe - ok 11:03:44.0796 0x0d40 [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE 11:03:44.0796 0x0d40 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE - ok 11:03:44.0828 0x0d40 [ 1B17E09C1223F6D17336D2DD7A1AF4F4, 06DFAD95007532CCF46D593EEDC2474936614AEDCEA7BF983E36DAD22F850B08 ] C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE 11:03:44.0828 0x0d40 C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE - ok 11:03:44.0859 0x0d40 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll 11:03:44.0859 0x0d40 C:\WINDOWS\system32\dsound.dll - ok 11:03:44.0890 0x0d40 [ 22D71D1DB6FC789A1CE8AC6963580259, DD5307A108936AAE840F973F7F718A6954E173D4E210A375C75DB644B2162CFD ] C:\WINDOWS\system32\hhctrl.ocx 11:03:44.0890 0x0d40 C:\WINDOWS\system32\hhctrl.ocx - ok 11:03:44.0921 0x0d40 [ 7BBE4CF421AECC7F0226EDD75F12079F, 8E78FC5E0657DB066F9EBAADEA9AFECB1AAA570DD9C08C7ED42116704D2E379D ] C:\WINDOWS\ime\imjp8_1\imjpmig.exe 11:03:44.0921 0x0d40 C:\WINDOWS\ime\imjp8_1\imjpmig.exe - ok 11:03:45.0000 0x0d40 [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll 11:03:45.0000 0x0d40 C:\WINDOWS\system32\upnp.dll - ok 11:03:45.0046 0x0d40 [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll 11:03:45.0046 0x0d40 C:\WINDOWS\system32\ssdpapi.dll - ok 11:03:45.0125 0x0d40 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] C:\WINDOWS\system32\drivers\http.sys 11:03:45.0125 0x0d40 C:\WINDOWS\system32\drivers\http.sys - ok 11:03:45.0156 0x0d40 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] C:\WINDOWS\system32\ssdpsrv.dll 11:03:45.0156 0x0d40 C:\WINDOWS\system32\ssdpsrv.dll - ok 11:03:45.0187 0x0d40 [ 6E1CF6B65639884BBDA7991D394F980E, 8C0EAC38ACF4F64CD77C9AD52D8E9DA94B5D8ED5C711611B47D5D3A46EA9AE94 ] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe 11:03:45.0187 0x0d40 C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe - ok 11:03:45.0234 0x0d40 [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll 11:03:45.0234 0x0d40 C:\WINDOWS\system32\security.dll - ok 11:03:45.0265 0x0d40 [ 0DACD368DB252F5E10886824524353A7, F216B345E5795EF67279D3B16DFD636DE0038619D4E263B860C9A9C247648638 ] C:\WINDOWS\system32\wnicapi.dll 11:03:45.0265 0x0d40 C:\WINDOWS\system32\wnicapi.dll - ok 11:03:45.0296 0x0d40 [ 886CC0E3DC1636ED5F2DB157F3ED790B, A6A09EC3FE110887026D937E1919286518474B63B930C968EB1C645CE10E272D ] C:\Program Files\D-Link\DWA-140 revB\ANIOApi.dll 11:03:45.0296 0x0d40 C:\Program Files\D-Link\DWA-140 revB\ANIOApi.dll - ok 11:03:45.0328 0x0d40 [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll 11:03:45.0328 0x0d40 C:\WINDOWS\system32\mfc42.dll - ok 11:03:45.0359 0x0d40 [ 297ED2C21509D6B6F41EAAEE9CDC34B2, B0B5A7B3035B2EF75D45AC9A6A05AFF483EB75B22F6B7F3A14AFB6D6C4DF5286 ] C:\WINDOWS\system32\wlanapp.dll 11:03:45.0359 0x0d40 C:\WINDOWS\system32\wlanapp.dll - ok 11:03:45.0375 0x0d40 [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe 11:03:45.0375 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok 11:03:45.0390 0x0d40 [ 0B467F470CC9918FDCEEDCFD7DC4D697, 87C8BCC4DFF318FC393A8C0FB0B82CCC9DA83EC0F5811CF303F3AC265A575578 ] C:\WINDOWS\system32\oledlg.dll 11:03:45.0390 0x0d40 C:\WINDOWS\system32\oledlg.dll - ok 11:03:45.0406 0x0d40 [ 5652F6CE1D9E9D8068B9D29BC21B5409, 807A8B8FD8CCFC04409E1D64947FE35F847F194FF6FC09CCCF66F274F2A994C6 ] C:\WINDOWS\system32\olepro32.dll 11:03:45.0406 0x0d40 C:\WINDOWS\system32\olepro32.dll - ok 11:03:45.0437 0x0d40 [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\WINDOWS\system32\msvcp100.dll 11:03:45.0437 0x0d40 C:\WINDOWS\system32\msvcp100.dll - ok 11:03:45.0484 0x0d40 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll 11:03:45.0484 0x0d40 C:\WINDOWS\system32\msvcr100.dll - ok 11:03:45.0500 0x0d40 [ F25BDB64996625C4B014F26572DEB647, 955E8D51E1F2B0B02790B07C0BAAE719A5FF457A745069E125F0B942E4479E63 ] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe 11:03:45.0500 0x0d40 C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe - ok 11:03:45.0656 0x0d40 [ 465FD8B39411D4A84A2B0DBF94B073E0, 5886C80B52B90C2A103792AB1C9662E60DAB07FDBF4963547D145AC4C24C993C ] C:\WINDOWS\system32\webcheck.dll 11:03:45.0656 0x0d40 C:\WINDOWS\system32\webcheck.dll - ok 11:03:45.0687 0x0d40 [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll 11:03:45.0687 0x0d40 C:\WINDOWS\system32\stobject.dll - ok 11:03:45.0781 0x0d40 [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll 11:03:45.0781 0x0d40 C:\WINDOWS\system32\batmeter.dll - ok 11:03:45.0812 0x0d40 [ 045E228F71C31901084B64BE59093499, BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ] C:\WINDOWS\system32\WPDShServiceObj.dll 11:03:45.0812 0x0d40 C:\WINDOWS\system32\WPDShServiceObj.dll - ok 11:03:45.0890 0x0d40 [ 29158B1DC3F86D4B0D6A127FE586ADFF, 03C17FA518200CE5C53AED55C5AF22D0A2D483110FB1E7EA6F990C56936570E6 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll 11:03:45.0890 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok 11:03:45.0921 0x0d40 [ E26E6A97B94304F78B3A2D85C6056CC2, A4D678729145E9A9E561564B4E15AA67DD8103153BCAA2DD38084E43E33D0D00 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll 11:03:45.0921 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok 11:03:45.0984 0x0d40 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{9A56266E-730D-4B36-9C00-9CD5BDFE2046}.tmp 11:03:45.0984 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{9A56266E-730D-4B36-9C00-9CD5BDFE2046}.tmp - ok 11:03:46.0093 0x0d40 [ 461299398E15909598B7002B3FAABCE8, 1965E672088268C91848A100D77A6CD6E689589185B528DD9E0907ED1AD60771 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll 11:03:46.0093 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok 11:03:46.0156 0x0d40 [ 8B4CBBA1EA526830C7F97E7822E2493A, 1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ] C:\WINDOWS\Alcmtr.exe 11:03:46.0156 0x0d40 C:\WINDOWS\Alcmtr.exe - ok 11:03:46.0171 0x0d40 [ 538A270F35A713C360B7ED4168BB7521, 47D8784C811FCADD1E78A907AF56D3D0FA5ABE9AC7DA7CB41AF60D304CAA06BA ] C:\WINDOWS\system32\mydocs.dll 11:03:46.0171 0x0d40 C:\WINDOWS\system32\mydocs.dll - ok 11:03:46.0171 0x0d40 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] C:\WINDOWS\system32\imapi.exe 11:03:46.0171 0x0d40 C:\WINDOWS\system32\imapi.exe - ok 11:03:46.0203 0x0d40 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{32F99342-C432-4019-A027-AECB4FD00760}.tmp 11:03:46.0203 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{32F99342-C432-4019-A027-AECB4FD00760}.tmp - ok 11:03:46.0265 0x0d40 [ EA6C35EBF9F3ED65724E1D65F09E6E7F, D39DD2D98277B0136C47E3C762E76EB12D6BDB79151F673E681B7EA49EBC6A6F ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll 11:03:46.0265 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok 11:03:46.0296 0x0d40 [ 8EAEB0ED23A98DE0F0C812D756E47CE9, D49AB526C0B0356AB1F778E3B6AFC4D148742942F8561C9C4C2183A649661A86 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll 11:03:46.0296 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok 11:03:46.0359 0x0d40 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{0B53D33B-5E2B-4078-9659-DDAC4CC20D4A}.tmp 11:03:46.0359 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{0B53D33B-5E2B-4078-9659-DDAC4CC20D4A}.tmp - ok 11:03:46.0437 0x0d40 [ 5760B2B5BAA3449C045B6FA222205F60, AC566245868530F6A8F80BEA9C6AB532DB2280F280CA4889C09BCCA9D057C1D4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll 11:03:46.0437 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok 11:03:46.0484 0x0d40 [ BCE7DD8098CE6DD28EE2B0D5D5028B47, C48E1E455A0C6FC351CA2A8938C78D6D278B753FA7A621628B4E843C3A8F02FE ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll 11:03:46.0484 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok 11:03:46.0546 0x0d40 [ 69B16C7B7746BA5C642FC05B3561FC73, 0DECEB6B1B7A2DD1F13133AC7328FF420DAD4610CEE1FA7466E8E0F6BAA39116 ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe 11:03:46.0546 0x0d40 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok 11:03:46.0593 0x0d40 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{CA66E5C7-D1CC-4DA0-B292-643796175AD6}.tmp 11:03:46.0593 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{CA66E5C7-D1CC-4DA0-B292-643796175AD6}.tmp - ok 11:03:46.0640 0x0d40 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll 11:03:46.0640 0x0d40 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok 11:03:46.0656 0x0d40 [ 922563953E405AA9762F90778B711F77, 3DD35372DFC79F309BF419E9BF0043D1B1E00EDC47DCFF4D669416BDD5B094C5 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll 11:03:46.0656 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok 11:03:46.0671 0x0d40 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{67A9DD2D-1A6C-4E14-B134-F354572FFD84}.tmp 11:03:46.0671 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{67A9DD2D-1A6C-4E14-B134-F354572FFD84}.tmp - ok 11:03:46.0718 0x0d40 [ C8DFF085326DC2D20FB4EA6AFFF8536D, A4346989B810B3A9431D613EB8E356FF66730DAA79732F26EB367E4E75AFED95 ] C:\WINDOWS\system32\ANIWZCS2.dll 11:03:46.0718 0x0d40 C:\WINDOWS\system32\ANIWZCS2.dll - ok 11:03:46.0750 0x0d40 [ 54023DF1A9A7D481B4762B09ECCA330F, 271B46804B2E944B7ABF707939CB498AE78B0EE6DDCE318E26BE0C7BA826DFA3 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt49.dll 11:03:46.0750 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\icudt49.dll - ok 11:03:46.0781 0x0d40 [ 886CC0E3DC1636ED5F2DB157F3ED790B, A6A09EC3FE110887026D937E1919286518474B63B930C968EB1C645CE10E272D ] C:\WINDOWS\system32\ANIOApi.dll 11:03:46.0781 0x0d40 C:\WINDOWS\system32\ANIOApi.dll - ok 11:03:46.0828 0x0d40 [ 22358578CB321F3325496A3723029409, 44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ] C:\WINDOWS\system32\PortableDeviceTypes.dll 11:03:46.0828 0x0d40 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok 11:03:46.0875 0x0d40 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{E835EC23-0126-4F0C-ADFD-A14B761CA1FC}.tmp 11:03:46.0875 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{E835EC23-0126-4F0C-ADFD-A14B761CA1FC}.tmp - ok 11:03:46.0968 0x0d40 [ 7FBE43046EFDF24FC9375024E4D02AC9, DE041A464BA8FA7155F4F0781F29540D144D95CABC5713A71F2792C3369801D5 ] C:\Program Files\QuickTime\qttask.exe 11:03:46.0968 0x0d40 C:\Program Files\QuickTime\qttask.exe - ok 11:03:47.0015 0x0d40 [ 9D45B2201D0ECF9F42136C7B99DEB8B2, 0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ] C:\WINDOWS\system32\PortableDeviceApi.dll 11:03:47.0015 0x0d40 C:\WINDOWS\system32\PortableDeviceApi.dll - ok 11:03:47.0125 0x0d40 [ 585992D78B671AAA075C02241309795D, 0EE3E35534899C41CFED686BDBA80B5AEC1BDB0173222D8BC7E69CFA277CBE32 ] C:\WINDOWS\system32\msvcirt.dll 11:03:47.0125 0x0d40 C:\WINDOWS\system32\msvcirt.dll - ok 11:03:47.0281 0x0d40 [ C730F70351D950DDA7388C9A9763CF54, 7A9D265E4D2F76EF131D01C2EE1CDC19A8E5FDCAF97649CC562E8114B92D411F ] C:\WINDOWS\system32\wbem\wmipcima.dll 11:03:47.0281 0x0d40 C:\WINDOWS\system32\wbem\wmipcima.dll - ok 11:03:47.0312 0x0d40 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{6CE172F4-7AA1-4B89-92DE-5FCDE21DD8D7}.tmp 11:03:47.0312 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{6CE172F4-7AA1-4B89-92DE-5FCDE21DD8D7}.tmp - ok 11:03:47.0359 0x0d40 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{B379D207-D8B8-4AFC-A680-54801D6655AF}.tmp 11:03:47.0359 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{B379D207-D8B8-4AFC-A680-54801D6655AF}.tmp - ok 11:03:47.0406 0x0d40 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe 11:03:47.0406 0x0d40 C:\WINDOWS\system32\ctfmon.exe - ok 11:03:47.0421 0x0d40 [ E1946CF6A39ACDE3A62AB2053FBE3EB7, F9C9A7EB63C8E740A43198E7863D42BA80B9CEF5AC5CFCCC38EDC684864C3F46 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll 11:03:47.0421 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok 11:03:47.0468 0x0d40 [ 6BDF91038CB78269B8063617597A6D4F, 737C43E4208B3C1ACD56951B0A24F2F762158B2344405099779F8F1DF69B2548 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll 11:03:47.0468 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok 11:03:47.0515 0x0d40 [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\SPTIP.dll 11:03:47.0515 0x0d40 C:\WINDOWS\ime\SPTIP.dll - ok 11:03:47.0578 0x0d40 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{0FB446F2-4670-4552-8972-677A706F11E3}.tmp 11:03:47.0578 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{0FB446F2-4670-4552-8972-677A706F11E3}.tmp - ok 11:03:47.0640 0x0d40 [ 2EC5693E2EE393F3A97BBB6C46D67779, 68CCECB20B55247B0DC2EF720FA8905CD039D91002D7450293BE585DF926462B ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll 11:03:47.0640 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok 11:03:47.0687 0x0d40 [ 4EDB186C455CDEADA24A708AAB884AE3, 836B3176A4A1B57F89D5B950BDA2F6C6F785899ED54632D8CF35DF55B364DB81 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 11:03:47.0687 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok 11:03:47.0781 0x0d40 [ 57A6362D71B5003C48EE21F2DBB624B1, E6480D1F219BF3F8E7AC8347A8C50E48632B7BBC9618EEB36DAEA1079AA770B5 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll 11:03:47.0781 0x0d40 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok 11:03:47.0859 0x0d40 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{517CB306-EC79-410A-B001-6F0FBBD03D75}.tmp 11:03:47.0859 0x0d40 C:\DOCUME~1\JW\LOCALS~1\Temp\{B6F7E562-55C8-49DB-8A83-A76D45140BEC}\{517CB306-EC79-410A-B001-6F0FBBD03D75}.tmp - ok 11:03:47.0875 0x0d40 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9, F64DEF5213CC6E96DD62125A3D44522200F66FF6A2CBA198096484F61D1C088B ] C:\WINDOWS\system32\ksuser.dll 11:03:47.0875 0x0d40 C:\WINDOWS\system32\ksuser.dll - ok 11:03:47.0906 0x0d40 [ 401A8C0BE0BAA7D7A470F0942244152D, EC21ED13E526617697CD8E6D79FC706CBDA0AF36C02C05B39E8603B217E406BC ] C:\WINDOWS\system32\rasdlg.dll 11:03:47.0906 0x0d40 C:\WINDOWS\system32\rasdlg.dll - ok 11:03:47.0937 0x0d40 [ 940DF3F813B798D3C1F612983A7E50EA, 3351CF883E5C419AB427E440EC0E9187CDB319B3064336ECA19F0F56778728A6 ] C:\WINDOWS\system32\odSupp_M.dll 11:03:47.0937 0x0d40 C:\WINDOWS\system32\odSupp_M.dll - ok 11:03:48.0015 0x0d40 [ 90A9B542C9300E540864D9FE1C42A130, ED37C93384E8E589DEC6517F28981ED3D045B56EEE31F992B2C2661FEE8DEFBA ] C:\WINDOWS\system32\fxsst.dll 11:03:48.0015 0x0d40 C:\WINDOWS\system32\fxsst.dll - ok 11:03:48.0078 0x0d40 [ B48E7B4C95CCE0C6C0C3F7B1A97FBC8F, E3B0CEBA4408D1F4DC26ED63F746C330A6D42D057EB6AF12E1C88C956C37412A ] C:\WINDOWS\system32\wzcdlg.dll 11:03:48.0078 0x0d40 C:\WINDOWS\system32\wzcdlg.dll - ok 11:03:48.0093 0x0d40 ================ Scan generic autorun ====================== 11:03:48.0156 0x0d40 WZCSLDR2 - ok 11:03:53.0562 0x0d40 [ 013A269E7AF8B01FF20B384FEEBFFDA5, 9815034A03EB20CD87F0007DE701CE85215DDA450AFE67AE9EAFFF71F7B4D4DD ] C:\WINDOWS\RTHDCPL.EXE 11:03:57.0843 0x0d40 RTHDCPL - ok 11:03:58.0109 0x0d40 [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE 11:03:58.0125 0x0d40 PHIME2002ASync - ok 11:03:58.0234 0x0d40 [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE 11:03:58.0250 0x0d40 PHIME2002A - ok 11:03:58.0312 0x0d40 [ 1B17E09C1223F6D17336D2DD7A1AF4F4, 06DFAD95007532CCF46D593EEDC2474936614AEDCEA7BF983E36DAD22F850B08 ] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe 11:03:58.0312 0x0d40 MSPY2002 - ok 11:03:58.0421 0x0d40 [ 7BBE4CF421AECC7F0226EDD75F12079F, 8E78FC5E0657DB066F9EBAADEA9AFECB1AAA570DD9C08C7ED42116704D2E379D ] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE 11:03:58.0437 0x0d40 IMJPMIG8.1 - ok 11:03:58.0843 0x0d40 [ 6E1CF6B65639884BBDA7991D394F980E, 8C0EAC38ACF4F64CD77C9AD52D8E9DA94B5D8ED5C711611B47D5D3A46EA9AE94 ] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe 11:03:58.0937 0x0d40 D-Link D-Link RangeBooster N DWA-140 - ok 11:03:59.0046 0x0d40 [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe 11:03:59.0046 0x0d40 APSDaemon - ok 11:03:59.0140 0x0d40 [ F25BDB64996625C4B014F26572DEB647, 955E8D51E1F2B0B02790B07C0BAAE719A5FF457A745069E125F0B942E4479E63 ] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe 11:03:59.0140 0x0d40 ANIWZCS2Service - ok 11:03:59.0203 0x0d40 [ 8B4CBBA1EA526830C7F97E7822E2493A, 1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ] C:\WINDOWS\ALCMTR.EXE 11:03:59.0203 0x0d40 Alcmtr - ok 11:03:59.0265 0x0d40 [ 69B16C7B7746BA5C642FC05B3561FC73, 0DECEB6B1B7A2DD1F13133AC7328FF420DAD4610CEE1FA7466E8E0F6BAA39116 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe 11:03:59.0265 0x0d40 Adobe Reader Speed Launcher - ok 11:03:59.0421 0x0d40 [ 7FBE43046EFDF24FC9375024E4D02AC9, DE041A464BA8FA7155F4F0781F29540D144D95CABC5713A71F2792C3369801D5 ] C:\Program Files\QuickTime\qttask.exe 11:03:59.0421 0x0d40 QuickTime Task - ok 11:03:59.0500 0x0d40 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe 11:03:59.0500 0x0d40 ctfmon.exe - ok 11:03:59.0500 0x0d40 Waiting for KSN requests completion. In queue: 12 11:04:00.0656 0x0d40 Win FW state via NFM: disabled 11:04:00.0968 0x0d40 ============================================================ 11:04:00.0968 0x0d40 Scan finished 11:04:00.0968 0x0d40 ============================================================ 11:04:00.0984 0x0d38 Detected object count: 1 11:04:00.0984 0x0d38 Actual detected object count: 1 11:05:26.0281 0x0d38 \Device\Harddisk0\DR0\Partition1 - copied to quarantine 11:05:26.0375 0x0d38 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot 11:05:26.0406 0x0d38 \Device\Harddisk0\DR0\Partition1 - ok 11:05:26.0406 0x0d38 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure 11:05:28.0609 0x0d38 KLMD registered as C:\WINDOWS\system32\drivers\02460740.sys 11:05:36.0640 0x0228 Deinitialize success and here is the FRST scan. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2014 01 Ran by JW (administrator) on JUSTIN on 21-12-2014 11:09:19 Running from C:\Documents and Settings\JW\Desktop Loaded Profile: JW (Available profiles: JW) Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 7 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (D-Link Corp.) C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe (Wireless Service) C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe (Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [WZCSLDR2] => C:\Program Files\D-Link\DWA-140 revB\WZCSLDR2.exe HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16862720 2008-05-16] (Realtek Semiconductor Corp.) HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation) HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation) HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] () HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation) HKLM\...\Run: [D-Link D-Link RangeBooster N DWA-140] => C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM\...\Run: [ANIWZCS2Service] => C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [282624 2007-04-27] (Apple Inc.) HKU\S-1-5-21-3723271197-3957454863-557728558-1005\...\MountPoints2: {905bd734-a42b-11e1-8f14-001d72b8b401} - I:\LaunchU3.exe -a ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=0&o=xph&d=0112&m=el1300g[/url] HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-3723271197-3957454863-557728558-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://www.google.com/ie[/url] HKU\S-1-5-21-3723271197-3957454863-557728558-1005\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [url]http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8[/url] HKU\S-1-5-21-3723271197-3957454863-557728558-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=0&o=xph&d=0112&m=el1300g[/url] SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = [url]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW[/url] SearchScopes: HKU\S-1-5-21-3723271197-3957454863-557728558-1005 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = [url]http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW[/url] BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[/url] DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[/url] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[/url] Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Documents and Settings\JW\Application Data\Mozilla\Firefox\Profiles\xwkj47g7.default FF DefaultSearchEngine: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://[url="http://www.google.com/"]www.google.com/[/url] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF HKLM\...\Firefox\Extensions: [[email]smartwebprinting@hp.com[/email]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-31] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-03] FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-06] FF HKU\S-1-5-21-3723271197-3957454863-557728558-1005\...\Firefox\Extensions: [[email]smartwebprinting@hp.com[/email]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: No Name - {23fcfd51-4958-4f00-80a3-ae97e717ed8b} [Not Found] Chrome: ======= CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-06] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ANIWConnService; C:\WINDOWS\system32\ANIWConnService.exe [151552 2009-07-07] () [File not signed] S4 ANIWZCSdService; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [102400 2009-08-21] (Wireless Service) [File not signed] S4 ETService; C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576 2008-07-16] () [File not signed] R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [File not signed] S2 PEVSystemStart; C:\ComboFix\SWREG.3XE [518144 2000-08-30] (SteelWerX) [File not signed] R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [File not signed] S4 Norton Internet Security; "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 S4 SophosVirusRemovalTool; C:\Program Files\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 A2DDA; C:\EEK\BIN\a2ddax86.sys [22056 2014-12-18] (Emsisoft GmbH) S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation) R2 ANIO; C:\WINDOWS\system32\ANIO.SYS [29411 2009-02-09] () [File not signed] S3 cleanhlp; C:\EEK\bin\cleanhlp32.sys [50200 2014-12-18] (Emsisoft GmbH) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [35992 2014-12-19] () R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2009-08-05] (HP) R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2009-08-05] (HP) R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-08-05] (HP) S3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54016 2008-01-28] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-01-28] (NVIDIA Corporation) R3 rt2870; C:\WINDOWS\System32\DRIVERS\Drt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.) U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [35064 2014-12-19] () S3 int15.sys; \??\c:\acernb\int15.sys [X] S3 NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [X] S3 NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) S1 SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS [X] S1 SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [X] U3 TlntSvr; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-21 11:09 - 2014-12-21 11:09 - 00000000 ____D () C:\Documents and Settings\JW\Desktop\FRST-OlderVersion 2014-12-21 11:05 - 2014-12-21 11:05 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-12-21 10:52 - 2014-12-21 10:53 - 04187592 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\JW\Desktop\tdsskiller.exe 2014-12-20 14:32 - 2014-12-20 14:32 - 00022574 _____ () C:\Documents and Settings\JW\Desktop\Addition.txt 2014-12-20 14:31 - 2014-12-21 11:10 - 00011470 _____ () C:\Documents and Settings\JW\Desktop\FRST.txt 2014-12-20 14:15 - 2014-12-21 11:09 - 01113600 _____ (Farbar) C:\Documents and Settings\JW\Desktop\FRST.exe 2014-12-19 12:27 - 2014-12-19 12:29 - 00000000 ___SD () C:\ComboFix 2014-12-19 12:03 - 2014-12-19 12:03 - 00035992 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2014-12-19 01:05 - 2014-12-19 01:05 - 00000639 _____ () C:\Documents and Settings\JW\Desktop\Start Emsisoft Emergency Kit.lnk 2014-12-19 01:04 - 2014-12-19 01:06 - 00000000 ____D () C:\EEK 2014-12-19 00:53 - 2014-12-19 00:53 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys 2014-12-19 00:53 - 2014-12-19 00:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller 2014-12-18 23:40 - 2014-12-20 11:00 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-12-18 23:40 - 2014-12-18 23:40 - 00000779 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2014-12-18 23:40 - 2014-12-18 23:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2014-12-18 23:39 - 2014-12-20 11:00 - 00054232 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-18 23:39 - 2014-12-18 23:40 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-12-18 23:39 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-12-18 12:36 - 2014-12-18 22:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro 2014-12-18 12:22 - 2014-12-19 12:13 - 00002404 _____ () C:\Documents and Settings\JW\Desktop\Rkill.txt 2014-12-18 12:18 - 2014-08-29 14:11 - 00000211 _____ () C:\Boot.bak 2014-12-18 12:18 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr 2014-12-18 12:17 - 2014-12-18 12:18 - 00000000 ____D () C:\cmdcons 2014-12-18 12:11 - 2014-12-18 12:11 - 00000000 ____D () C:\Qoobox 2014-12-18 12:11 - 2011-06-26 00:45 - 00256000 _____ () C:\WINDOWS\PEV.exe 2014-12-18 12:11 - 2010-11-07 11:20 - 00208896 _____ () C:\WINDOWS\MBR.exe 2014-12-18 12:11 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2014-12-18 12:11 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2014-12-18 12:11 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2014-12-18 12:11 - 2000-08-30 18:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2014-12-18 12:11 - 2000-08-30 18:00 - 00098816 _____ () C:\WINDOWS\sed.exe 2014-12-18 12:11 - 2000-08-30 18:00 - 00080412 _____ () C:\WINDOWS\grep.exe 2014-12-18 12:11 - 2000-08-30 18:00 - 00068096 _____ () C:\WINDOWS\zip.exe 2014-12-18 12:10 - 2014-12-18 12:10 - 00000000 ____D () C:\WINDOWS\erdnt 2014-12-18 12:04 - 2014-12-18 12:05 - 162702208 _____ () C:\Documents and Settings\JW\Desktop\EmsisoftEmergencyKit.exe 2014-12-18 11:58 - 2014-12-18 11:59 - 10284408 _____ (SurfRight B.V.) C:\Documents and Settings\JW\Desktop\HitmanPro.exe 2014-12-18 11:54 - 2014-12-18 11:54 - 15201368 _____ () C:\Documents and Settings\JW\Desktop\RogueKiller.exe 2014-12-18 11:51 - 2014-12-18 11:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Documents and Settings\JW\Desktop\mbam-setup-2.0.4.1028.exe 2014-12-18 11:47 - 2014-12-18 11:47 - 01940728 _____ (Bleeping Computer, LLC) C:\Documents and Settings\JW\Desktop\iExplore.exe 2014-12-18 11:46 - 2014-12-18 11:46 - 05601641 ____R (Swearware) C:\Documents and Settings\JW\Desktop\ComboFix.exe 2014-12-16 09:56 - 2014-12-16 09:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-21 11:10 - 2012-01-31 18:38 - 00000000 ____D () C:\Documents and Settings\JW\Local Settings\Temp 2014-12-21 11:10 - 2009-04-05 00:31 - 01529377 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-21 11:09 - 2014-08-28 16:00 - 00000000 ____D () C:\FRST 2014-12-21 11:08 - 2014-04-01 09:27 - 00003284 _____ () C:\WINDOWS\system32\ANIWZCS{CDC36A6F-EAFC-428B-8888-3A9296B22B5F} 2014-12-21 11:08 - 2014-04-01 09:26 - 00000003 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME{CDC36A6F-EAFC-428B-8888-3A9296B22B5F} 2014-12-21 11:07 - 2014-03-20 08:23 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2014-12-21 11:07 - 2009-04-05 00:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-12-21 11:07 - 2009-04-04 16:29 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-12-21 11:07 - 2009-04-04 16:29 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-12-21 11:06 - 2009-04-05 00:34 - 00032608 _____ () C:\WINDOWS\SchedLgU.Txt 2014-12-21 11:05 - 2012-01-31 18:38 - 00000178 ___SH () C:\Documents and Settings\JW\ntuser.ini 2014-12-21 11:05 - 2009-04-04 16:26 - 00511902 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-21 10:31 - 2012-03-31 22:38 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-20 16:41 - 2012-01-31 19:21 - 00529856 _____ () C:\WINDOWS\setupapi.log 2014-12-20 14:16 - 2014-08-28 20:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) 2014-12-20 14:05 - 2014-08-28 20:03 - 00000000 ____D () C:\Documents and Settings\JW\Desktop\mbar 2014-12-18 22:53 - 2012-01-31 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP 2014-12-18 22:53 - 2012-01-31 19:26 - 00001712 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log 2014-12-18 12:18 - 2009-04-05 00:20 - 00000327 __RSH () C:\boot.ini 2014-12-18 11:41 - 2014-09-23 12:55 - 00054156 ____H () C:\WINDOWS\QTFont.qfn 2014-12-17 23:04 - 2009-04-05 00:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help 2014-12-17 22:52 - 2013-07-20 08:20 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-12-17 22:10 - 2012-02-03 13:28 - 109818608 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-12-16 09:58 - 2012-01-31 18:38 - 00000000 ____D () C:\Documents and Settings\JW 2014-12-16 09:58 - 2009-04-05 00:34 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2014-12-16 09:58 - 2009-04-05 00:34 - 00000000 __SHD () C:\Documents and Settings\LocalService 2014-12-16 09:58 - 2009-04-05 00:30 - 00000000 ____D () C:\WINDOWS\Registration 2014-12-16 09:56 - 2012-05-01 22:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-12-16 09:40 - 2009-04-05 00:18 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl 2014-12-09 10:53 - 2012-12-16 11:46 - 00000000 ____D () C:\Documents and Settings\JW\Desktop\Credentials 2014-12-08 17:11 - 2014-03-20 08:23 - 00000210 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2014-12-06 11:33 - 2012-01-31 19:53 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2014-11-25 21:28 - 2014-08-07 10:26 - 00000000 ____D () C:\Documents and Settings\JW\Desktop\Scrambler Some content of TEMP: ==================== C:\Documents and Settings\JW\Local Settings\Temp\dllnt_dump.dll C:\Documents and Settings\JW\Local Settings\Temp\hpzmsi01.exe C:\Documents and Settings\JW\Local Settings\Temp\hpzscr01.EXE C:\Documents and Settings\JW\Local Settings\Temp\{5C17079D-8C30-4ED2-8FD7-812598FEC987}.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ I'm not sure if you wanted the Addition.txt, but here it is too. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-12-2014 Ran by JW at 2014-12-20 14:32:49 Running from C:\Documents and Settings\JW\Desktop Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated) Agere Systems PCI-SV92EX Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems) ANIO Service (HKLM\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version: - ) ANIWZCS2 Service (HKLM\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - ) Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) D110 (Version: 140.0.283.000 - Hewlett-Packard) Hidden Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC) D-Link RangeBooster N DWA-140 (HKLM\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version: - D-Link) eMachines Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3005 - Acer Incorporated) GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard) HPAppStudio (Version: 140.0.95.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.) Java(TM) 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.) Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - ) PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software) PS_AIO_07_D110_SW_Min (Version: 140.0.142.000 - Hewlett-Packard) Hidden QuickTime (HKLM\...\{08094E03-AFE4-4853-9D31-6D0743DF5328}) (Version: 7.1.6.200 - Apple Computer, Inc.) QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5628 - Realtek Semiconductor Corp.) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 140.0.214.000 - Hewlett-Packard) Hidden Status (Version: 140.0.256.000 - Hewlett-Packard) Hidden Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live Sync (HKLM\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 19-09-2014 14:52:01 System Checkpoint 21-09-2014 11:11:32 System Checkpoint 22-09-2014 11:46:44 System Checkpoint 23-09-2014 13:50:01 System Checkpoint 24-09-2014 14:45:17 System Checkpoint 25-09-2014 15:45:19 System Checkpoint 27-09-2014 11:47:36 System Checkpoint 28-09-2014 12:39:52 System Checkpoint 29-09-2014 13:39:40 System Checkpoint 01-10-2014 09:35:19 System Checkpoint 02-10-2014 11:05:52 System Checkpoint 03-10-2014 13:49:37 System Checkpoint 06-10-2014 10:05:05 System Checkpoint 07-10-2014 19:54:53 System Checkpoint 09-10-2014 10:27:18 System Checkpoint 10-10-2014 11:36:19 System Checkpoint 11-10-2014 11:43:04 System Checkpoint 12-10-2014 12:43:04 System Checkpoint 13-10-2014 13:26:05 System Checkpoint 15-10-2014 11:31:18 System Checkpoint 16-10-2014 02:01:01 Software Distribution Service 3.0 17-10-2014 02:55:48 System Checkpoint 23-10-2014 09:54:28 Restore Operation 27-10-2014 10:50:28 Software Distribution Service 3.0 27-10-2014 11:08:52 Software Distribution Service 3.0 27-10-2014 16:38:21 Restore Operation 28-10-2014 09:15:37 Software Distribution Service 3.0 29-10-2014 09:59:30 System Checkpoint 30-10-2014 13:53:05 System Checkpoint 01-11-2014 12:53:30 System Checkpoint 02-11-2014 13:27:26 System Checkpoint 03-11-2014 14:28:38 System Checkpoint 05-11-2014 12:42:14 System Checkpoint 06-11-2014 13:08:34 System Checkpoint 07-11-2014 14:25:20 System Checkpoint 09-11-2014 14:07:10 System Checkpoint 10-11-2014 15:13:51 System Checkpoint 11-11-2014 16:10:42 System Checkpoint 12-11-2014 03:01:33 Software Distribution Service 3.0 13-11-2014 03:08:21 System Checkpoint 14-11-2014 11:25:01 System Checkpoint 15-11-2014 12:04:03 System Checkpoint 16-11-2014 20:49:45 System Checkpoint 18-11-2014 11:00:22 System Checkpoint 19-11-2014 11:50:56 System Checkpoint 20-11-2014 12:19:24 System Checkpoint 21-11-2014 13:07:36 System Checkpoint 22-11-2014 12:13:52 Restore Operation 24-11-2014 07:31:09 System Checkpoint 25-11-2014 10:18:17 System Checkpoint 26-11-2014 10:21:10 System Checkpoint 27-11-2014 11:21:05 System Checkpoint 28-11-2014 12:36:25 System Checkpoint 29-11-2014 13:21:08 System Checkpoint 30-11-2014 14:21:05 System Checkpoint 01-12-2014 15:25:32 System Checkpoint 02-12-2014 16:21:06 System Checkpoint 03-12-2014 17:21:22 System Checkpoint 05-12-2014 16:40:28 System Checkpoint 08-12-2014 09:59:17 System Checkpoint 09-12-2014 10:17:24 System Checkpoint 10-12-2014 12:42:54 Restore Operation 16-12-2014 09:42:52 Software Distribution Service 3.0 16-12-2014 09:50:41 Restore Operation 17-12-2014 21:03:05 Malwarebytes Anti-Rootkit Restore Point 17-12-2014 22:07:16 Software Distribution Service 3.0 17-12-2014 23:23:43 Malwarebytes Anti-Rootkit Restore Point 18-12-2014 22:52:27 Removed HiJackThis ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-04-05 00:18 - 2014-12-19 01:00 - 00000768 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe ==================== Loaded Modules (whitelisted) ============= ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\Temp:0B4227B4 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^JW^Start Menu^Programs^Startup^ZooskMessenger.lnk => C:\WINDOWS\pss\ZooskMessenger.lnkStartup MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime ========================= Accounts: ========================== Administrator (S-1-5-21-3723271197-3957454863-557728558-500 - Administrator - Enabled) Guest (S-1-5-21-3723271197-3957454863-557728558-501 - Limited - Disabled) HelpAssistant (S-1-5-21-3723271197-3957454863-557728558-1004 - Limited - Disabled) JW (S-1-5-21-3723271197-3957454863-557728558-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\JW SUPPORT_388945a0 (S-1-5-21-3723271197-3957454863-557728558-1002 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/18/2014 05:05:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x00013c4b. Processing media-specific event for [wzcsldr2.exe!ws!] Error: (11/17/2014 00:57:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x000170c6. Processing media-specific event for [wzcsldr2.exe!ws!] Error: (11/15/2014 00:52:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x00013e3b. Processing media-specific event for [wzcsldr2.exe!ws!] Error: (11/13/2014 01:36:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x000170c6. Processing media-specific event for [wzcsldr2.exe!ws!] Error: (10/13/2014 01:35:19 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x000117b5. Processing media-specific event for [wzcsldr2.exe!ws!] Error: (10/03/2014 04:49:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application wzcsldr2.exe, version 1.0.14.9283, faulting module wlanapp.dll, version 1.1.10.707, fault address 0x000178e8. Processing media-specific event for [wzcsldr2.exe!ws!] Error: (09/13/2014 10:17:33 AM) (Source: ESENT) (EventID: 455) (User: ) Description: wuaueng.dll (1756) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (09/13/2014 10:17:33 AM) (Source: ESENT) (EventID: 489) (User: ) Description: wuauclt (1756) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). Error: (09/13/2014 10:17:23 AM) (Source: ESENT) (EventID: 455) (User: ) Description: wuaueng.dll (1756) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Error: (09/13/2014 10:17:22 AM) (Source: ESENT) (EventID: 489) (User: ) Description: wuauclt (1756) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8). System errors: ============= Error: (12/20/2014 02:31:22 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (12/20/2014 02:18:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: Fips Processor SRTSP SRTSPX Error: (12/20/2014 02:07:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: SRTSP SRTSPX Error: (12/20/2014 02:05:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (12/20/2014 10:57:31 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (12/19/2014 06:40:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: Fips Processor SRTSP SRTSPX Error: (12/19/2014 00:18:59 PM) (Source: DCOM) (EventID: 10010) (User: JUSTIN) Description: The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout. Error: (12/19/2014 00:03:39 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort4 Error: (12/19/2014 00:03:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: SRTSP SRTSPX Error: (12/19/2014 00:01:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: AMD Athlon(tm) Processor 2650e Percentage of memory in use: 22% Total physical RAM: 894.32 MB Available physical RAM: 694.72 MB Total Pagefile: 2171.47 MB Available Pagefile: 2079.05 MB Total Virtual: 2047.88 MB Available Virtual: 1939.78 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:139.04 GB) (Free:100.82 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 43A90CE8) Partition 1: (Not Active) - (Size=10 GB) - (Type=12) Partition 2: (Active) - (Size=139 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=10 MB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3 ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top