Rootkit virus zero-access / trkjmp coupondropdown

[CLutter]

Het viel op dat browser pagina's onderstreepte text hadden die verwijst naar coupondropdown en een link geeft naar i.trkjmp.net.Dus zelf Combofix gedraaid, als "Run as administrator" (met Microsoft Essential uitgeschakeld). Resultaat:

2x melding Access Denied

Rootkit.zero.accces detected

Na restart herhaald en weer "Rootkit.zero.accces detected"

Daarna nogmaals geprobeerd maar zelfde resultaat

MABM gaf nog een Trojan VGE, deze gedelete.

(History: Hiervoor kon Windows Firewall niet worden gestart; herstellen van firewall reg keys hielp niet. Uiteindelijk was de oplossing om aan BFE services access right all te geven, deze weer gestart kon worden en de firewall weer werkte.)

Wie weet raad

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:34:48, on 9-11-2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19328)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\Real\RealPlayer\Update\realsched.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\System32\wpcumi.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Windows\Philips\SPC610NC\Monitor.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Users\Kees\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Free Download Manager\fdm.exe

C:\Program Files\PDFCreator\PDFCreator.exe

C:\Windows\VPro610.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [sPC610NC_Monitor] C:\Windows\Philips\SPC610NC\Monitor.exe

O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden

O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s

O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Kees\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|12.0" (User 'SYSTEEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|12.0" (User 'Default user')

O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe

O4 - Global Startup: VProperty.lnk = ?

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (file missing)

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O15 - Trusted Zone: w3.airbus.com

O15 - Trusted Zone: be.beav.com

O15 - Trusted Zone: beconnect.beav.com

O15 - Trusted Zone: beconnect3.beav.com

O15 - Trusted Zone: beconnect4.beav.com

O15 - Trusted Zone: lu0102.beav.com

O15 - Trusted Zone: http://*.beav.com

O15 - Trusted Zone: *.beconnect

O15 - Trusted Zone: *.lu0102

O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FBUGMCSPIQRIAA - Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources - C:\Users\ADMINI~1\AppData\Local\Temp\FBUGMCSPIQRIAA.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: GQKDF - Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources - C:\Users\ADMINI~1\AppData\Local\Temp\GQKDF.exe

O23 - Service: Google Updateservice (gupdate1c98ed9548e9e50) (gupdate1c98ed9548e9e50) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LXO - Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources - C:\Users\ADMINI~1\AppData\Local\Temp\LXO.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: PRMonitorService - VC - C:\Program Files\Personal Renamer\PRService1.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: PVXGK - Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources - C:\Users\ADMINI~1\AppData\Local\Temp\PVXGK.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SPE - Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources - C:\Users\ADMINI~1\AppData\Local\Temp\SPE.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 17450 bytes

[kweezie wabbit]

Ga naar start - alle programma's - bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor uitvoeren als administrator om het opdrachtprompt te openen.

Tik in: sc stop FBUGMCSPIQRIAA en druk op Enter.

Tik in: sc delete FBUGMCSPIQRIAA en druk op Enter.

Tik in: sc stop GQKDF en druk op Enter.

Tik in: sc delete GQKDF en druk op Enter

Tik in: sc stop LXO en druk op Enter.

Tik in: sc delete LXO en druk op Enter

Tik in: sc stop PVXGK en druk op Enter.

Tik in: sc delete PVXGK en druk op Enter

Tik in: sc stop SPE en druk op Enter.

Tik in: sc delete SPE en druk op Enter

Tik in exit en druk Enter.

Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie.

Klik met de rechter muisknop op de icoon van Hijackthis en kies dan voor “Run as administrator" of "Uitvoeren als administrator".

Selecteer “Do a system scan only”.

Vink alleen de items aan die hieronder zijn genoemd:

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.

Daarna zal het vragen om de computer opnieuw op te starten... Dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

[CLutter]

Services gestopt (waren niet gestart) en gedelete

Zowel MBAM als HijackThis geven geen meldingen.

1. Combofix blijft melding van ZeroAcess in TCP/IP stack melden en is niet in staat dit te verwijderen.

Onderstreepte woorden in browser pagina's komen momenteel niet voor, maar het is onduidelijk of dit echt opgelost is of alleen tijdelijk onderdrukt (gezien Combofix' s melding

2. Blijft ook nog het bijzondere feit dat er 160 Control Sets in het register zitten.

Malwarebytes Anti-Malware 1.65.1.1000

Malwarebytes : Free anti-malware download

Database version: v2012.11.10.03

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 8.0.6001.19328

Administrator :: PC_VAN_KEES [administrator]

11-11-2012 10:21:25

mbam-log-2012-11-11 (10-21-25).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 248197

Time elapsed: 46 minute(s), 42 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:10:02, on 11-11-2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19328)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\Real\RealPlayer\Update\realsched.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\System32\wpcumi.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Windows\Philips\SPC610NC\Monitor.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe

C:\Users\Kees\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Free Download Manager\fdm.exe

C:\Program Files\PDFCreator\PDFCreator.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\VPro610.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Microsoft Office\Office14\EXCEL.EXE

C:\Program Files\Windows Mail\WinMail.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\explorer.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\notepad.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [sPC610NC_Monitor] C:\Windows\Philips\SPC610NC\Monitor.exe

O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden

O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s

O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Kees\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|12.0" (User 'SYSTEEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|12.0" (User 'Default user')

O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe

O4 - Global Startup: VProperty.lnk = ?

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: Download alles met Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download met Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O15 - Trusted Zone: w3.airbus.com

O15 - Trusted Zone: be.beav.com

O15 - Trusted Zone: beconnect.beav.com

O15 - Trusted Zone: beconnect3.beav.com

O15 - Trusted Zone: beconnect4.beav.com

O15 - Trusted Zone: lu0102.beav.com

O15 - Trusted Zone: http://*.beav.com

O15 - Trusted Zone: *.beconnect

O15 - Trusted Zone: *.lu0102

O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate1c98ed9548e9e50) (gupdate1c98ed9548e9e50) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: PRMonitorService - VC - C:\Program Files\Personal Renamer\PRService1.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Trend Micro RUBotted Service (RUBotSrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 17234 bytes

[kweezie wabbit]

MBAM en HJT logjes zien er goed uit.

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Plak de inhoud van dat logje in een volgend bericht.

Maak ook een nieuw logje van combofix en plaats dat eveneens in je volgend bericht.

[CLutter]

TDSSKIller geeft geen bijzeen aantal unsigned file meldingen (lijken mij normaal)

COmbofix blijft de melding geven dat Zero Access in de TCP/IP stack zit en dat het moet restarten om te verwijderen, maar dit lijkt geen effect te hebben. Het log is niet te vinden (Combofix staat op het burobald, en er is een C:/combofix direcotory, maar geen log bestand.

NB: combofix rapport ook niet alle stappen en dat en log aangemaakt gaat worden (meldt alleen 2 keer access denied, dat rootkit gevonden is en dat er gerestart moet worden; het window blift verder leeg, dus heel anders dan in de Guide beschreven wordt)

13:25:02.0574 2512 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

13:25:04.0961 2512 ============================================================

13:25:04.0961 2512 Current date / time: 2012/11/11 13:25:04.0961

13:25:04.0961 2512 SystemInfo:

13:25:04.0961 2512

13:25:04.0961 2512 OS Version: 6.0.6002 ServicePack: 2.0

13:25:04.0961 2512 Product type: Workstation

13:25:04.0961 2512 ComputerName: PC_VAN_KEES

13:25:07.0020 2512 UserName: Administrator

13:25:07.0223 2512 Windows directory: C:\Windows

13:25:07.0223 2512 System windows directory: C:\Windows

13:25:07.0223 2512 Processor architecture: Intel x86

13:25:07.0223 2512 Number of processors: 2

13:25:07.0223 2512 Page size: 0x1000

13:25:07.0223 2512 Boot type: Normal boot

13:25:07.0223 2512 ============================================================

13:25:11.0357 2512 BG loaded

13:25:15.0897 2512 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

13:25:17.0862 2512 ============================================================

13:25:17.0862 2512 \Device\Harddisk0\DR0:

13:25:17.0878 2512 MBR partitions:

13:25:17.0878 2512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3B000, BlocksNum 0x1400000

13:25:17.0878 2512 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143B000, BlocksNum 0x110DB23A

13:25:17.0894 2512 ============================================================

13:25:18.0003 2512 D: <-> \Device\Harddisk0\DR0\Partition1

13:25:18.0128 2512 C: <-> \Device\Harddisk0\DR0\Partition2

13:25:18.0221 2512 ============================================================

13:25:18.0221 2512 Initialize success

13:25:18.0221 2512 ============================================================

13:25:33.0386 3204 ============================================================

13:25:33.0386 3204 Scan started

13:25:33.0386 3204 Mode: Manual; SigCheck; TDLFS;

13:25:33.0386 3204 ============================================================

13:25:35.0686 3204 ================ Scan system memory ========================

13:25:35.0686 3204 System memory - ok

13:25:35.0686 3204 ================ Scan services =============================

13:25:35.0998 3204 [ 2A5E5246F22530E351C9F3F2C1CD63B9 ] ABBYY.Licensing.FineReader.Professional.9.0 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

13:25:38.0854 3204 ABBYY.Licensing.FineReader.Professional.9.0 - ok

13:25:39.0135 3204 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

13:25:39.0759 3204 ACPI - ok

13:25:39.0915 3204 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

13:25:39.0993 3204 AdobeARMservice - ok

13:25:40.0273 3204 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

13:25:40.0648 3204 AdobeFlashPlayerUpdateSvc - ok

13:25:40.0897 3204 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

13:25:41.0554 3204 adp94xx - ok

13:25:41.0647 3204 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys

13:25:56.0891 3204 adpahci - ok

13:25:56.0923 3204 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

13:25:57.0547 3204 adpu160m - ok

13:25:57.0578 3204 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys

13:25:58.0124 3204 adpu320 - ok

13:25:58.0186 3204 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

13:27:04.0657 3204 AeLookupSvc - ok

13:27:04.0735 3204 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\system32\aestsrv.exe

13:27:04.0938 3204 AESTFilters - ok

13:27:05.0047 3204 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

13:27:05.0266 3204 AFD - ok

13:27:05.0375 3204 [ BE913403ED7219894B30E362FD8D4313 ] AFS C:\Windows\system32\drivers\AFS.sys

13:27:05.0500 3204 AFS ( UnsignedFile.Multi.Generic ) - warning

13:27:05.0500 3204 AFS - detected UnsignedFile.Multi.Generic (1)

13:27:05.0562 3204 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys

13:27:05.0718 3204 agp440 - ok

13:27:05.0749 3204 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

13:27:05.0905 3204 aic78xx - ok

13:27:05.0936 3204 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

13:27:06.0202 3204 ALG - ok

13:27:06.0233 3204 [ DC67A153FDB8105B25D05334B5E1D8E2 ] aliide C:\Windows\system32\drivers\aliide.sys

13:27:06.0311 3204 aliide - ok

13:27:06.0358 3204 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys

13:27:06.0560 3204 amdagp - ok

13:27:06.0592 3204 [ 835C4C3355088298A5EBD818FA31430F ] amdide C:\Windows\system32\drivers\amdide.sys

13:27:06.0670 3204 amdide - ok

13:27:06.0685 3204 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

13:27:07.0418 3204 AmdK7 - ok

13:27:07.0450 3204 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

13:27:07.0762 3204 AmdK8 - ok

13:27:07.0855 3204 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

13:27:07.0980 3204 Appinfo - ok

13:27:08.0074 3204 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:27:08.0136 3204 Apple Mobile Device - ok

13:27:08.0214 3204 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys

13:27:08.0386 3204 arc - ok

13:27:08.0448 3204 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys

13:27:08.0604 3204 arcsas - ok

13:27:08.0776 3204 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

13:27:08.0916 3204 aspnet_state - ok

13:27:08.0963 3204 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

13:27:09.0134 3204 AsyncMac - ok

13:27:09.0212 3204 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

13:27:09.0290 3204 atapi - ok

13:27:09.0368 3204 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

13:27:09.0509 3204 AudioEndpointBuilder - ok

13:27:09.0540 3204 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

13:27:09.0649 3204 Audiosrv - ok

13:27:09.0743 3204 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys

13:27:09.0914 3204 bcm4sbxp - ok

13:27:09.0992 3204 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

13:27:10.0148 3204 Beep - ok

13:27:10.0259 3204 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

13:27:10.0399 3204 BFE - ok

13:27:10.0493 3204 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll

13:27:10.0727 3204 BITS - ok

13:27:10.0742 3204 blbdrive - ok

13:27:10.0883 3204 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

13:27:10.0976 3204 Bonjour Service - ok

13:27:11.0054 3204 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

13:27:11.0163 3204 bowser - ok

13:27:11.0242 3204 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

13:27:11.0367 3204 BrFiltLo - ok

13:27:11.0398 3204 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

13:27:11.0570 3204 BrFiltUp - ok

13:27:11.0632 3204 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

13:27:11.0804 3204 Browser - ok

13:27:11.0882 3204 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

13:27:12.0210 3204 Brserid - ok

13:27:12.0241 3204 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

13:27:12.0568 3204 BrSerWdm - ok

13:27:12.0615 3204 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

13:27:12.0818 3204 BrUsbMdm - ok

13:27:12.0865 3204 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

13:27:13.0068 3204 BrUsbSer - ok

13:27:13.0146 3204 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys

13:27:13.0302 3204 BthEnum - ok

13:27:13.0380 3204 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

13:27:13.0598 3204 BTHMODEM - ok

13:27:13.0645 3204 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

13:27:13.0848 3204 BthPan - ok

13:27:13.0941 3204 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys

13:27:14.0191 3204 BTHPORT - ok

13:27:14.0238 3204 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll

13:27:14.0347 3204 BthServ - ok

13:27:14.0362 3204 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys

13:27:14.0472 3204 BTHUSB - ok

13:27:14.0581 3204 [ 4A28E7BD365377D0512B7EF8C7596D2C ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

13:27:14.0799 3204 btwaudio - ok

13:27:14.0877 3204 [ 5FFDE57253D665067B0886612817EB11 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys

13:27:15.0064 3204 btwavdt - ok

13:27:15.0111 3204 [ AB07DC8B05C31A4F95FC73019BE9DB15 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

13:27:15.0174 3204 btwrchid - ok

13:27:15.0392 3204 catchme - ok

13:27:15.0454 3204 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

13:27:15.0610 3204 cdfs - ok

13:27:15.0673 3204 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

13:27:15.0922 3204 cdrom - ok

13:27:15.0985 3204 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

13:27:16.0110 3204 CertPropSvc - ok

13:27:16.0156 3204 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys

13:27:16.0390 3204 circlass - ok

13:27:16.0468 3204 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

13:27:16.0562 3204 CLFS - ok

13:27:16.0624 3204 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:27:16.0734 3204 clr_optimization_v2.0.50727_32 - ok

13:27:16.0827 3204 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:27:17.0186 3204 clr_optimization_v4.0.30319_32 - ok

13:27:17.0264 3204 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

13:27:17.0514 3204 CmBatt - ok

13:27:17.0545 3204 [ E79CBB2195E965F6E3256E2C1B23FD1C ] cmdide C:\Windows\system32\drivers\cmdide.sys

13:27:17.0607 3204 cmdide - ok

13:27:17.0638 3204 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

13:27:17.0763 3204 Compbatt - ok

13:27:17.0779 3204 COMSysApp - ok

13:27:17.0826 3204 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

13:27:17.0904 3204 crcdisk - ok

13:27:17.0935 3204 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys

13:27:18.0138 3204 Crusoe - ok

13:27:18.0231 3204 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll

13:27:18.0340 3204 CryptSvc - ok

13:27:18.0403 3204 [ 4E08A98DBA0B1249C2EB4B191978A9A4 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys

13:27:18.0574 3204 ctxusbm - ok

13:27:18.0699 3204 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

13:27:18.0902 3204 DcomLaunch - ok

13:27:18.0949 3204 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

13:27:19.0183 3204 DfsC - ok

13:27:19.0323 3204 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

13:27:19.0448 3204 Dhcp - ok

13:27:19.0510 3204 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

13:27:19.0682 3204 disk - ok

13:27:19.0760 3204 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

13:27:19.0869 3204 Dnscache - ok

13:27:19.0932 3204 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

13:27:20.0056 3204 dot3svc - ok

13:27:20.0150 3204 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

13:27:20.0337 3204 Dot4 - ok

13:27:20.0384 3204 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

13:27:20.0509 3204 Dot4Print - ok

13:27:20.0571 3204 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

13:27:20.0712 3204 dot4usb - ok

13:27:20.0790 3204 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

13:27:20.0930 3204 DPS - ok

13:27:20.0992 3204 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

13:27:21.0102 3204 drmkaud - ok

13:27:21.0195 3204 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

13:27:21.0304 3204 DXGKrnl - ok

13:27:21.0336 3204 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys

13:27:21.0741 3204 e1express - ok

13:27:21.0804 3204 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

13:27:22.0147 3204 E1G60 - ok

13:27:22.0225 3204 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

13:27:22.0351 3204 EapHost - ok

13:27:22.0429 3204 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

13:27:22.0600 3204 Ecache - ok

13:27:22.0678 3204 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

13:27:22.0803 3204 ehRecvr - ok

13:27:22.0834 3204 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

13:27:22.0943 3204 ehSched - ok

13:27:23.0006 3204 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

13:27:23.0099 3204 ehstart - ok

13:27:23.0224 3204 [ 44996A2ADDD2DB7454F2CA40B67D8941 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys

13:27:23.0302 3204 ElbyCDIO - ok

13:27:23.0396 3204 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys

13:27:23.0567 3204 elxstor - ok

13:27:23.0645 3204 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

13:27:23.0817 3204 EMDMgmt - ok

13:27:23.0926 3204 [ 6ECEB0CE18D352AF410DD50EE13EAA9A ] epmntdrv C:\Windows\system32\epmntdrv.sys

13:27:23.0989 3204 epmntdrv ( UnsignedFile.Multi.Generic ) - warning

13:27:23.0989 3204 epmntdrv - detected UnsignedFile.Multi.Generic (1)

13:27:24.0082 3204 [ 5F779F5EDAB787F2D090C71A9051F365 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys

13:27:24.0113 3204 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning

13:27:24.0113 3204 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)

13:27:24.0160 3204 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

13:27:24.0301 3204 EventSystem - ok

13:27:24.0472 3204 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

13:27:24.0706 3204 exfat - ok

13:27:24.0831 3204 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

13:27:24.0956 3204 fastfat - ok

13:27:24.0987 3204 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

13:27:25.0221 3204 fdc - ok

13:27:25.0268 3204 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

13:27:25.0408 3204 fdPHost - ok

13:27:25.0455 3204 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

13:27:25.0673 3204 FDResPub - ok

13:27:25.0736 3204 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

13:27:25.0892 3204 FileInfo - ok

13:27:25.0939 3204 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

13:27:26.0079 3204 Filetrace - ok

13:27:26.0313 3204 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe

13:27:26.0734 3204 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning

13:27:26.0734 3204 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)

13:27:26.0781 3204 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

13:27:26.0984 3204 flpydisk - ok

13:27:27.0031 3204 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

13:27:27.0124 3204 FltMgr - ok

13:27:27.0202 3204 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

13:27:27.0327 3204 FontCache - ok

13:27:27.0421 3204 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

13:27:27.0483 3204 FontCache3.0.0.0 - ok

13:27:27.0530 3204 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

13:27:27.0655 3204 Fs_Rec - ok

13:27:27.0701 3204 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

13:27:27.0857 3204 gagp30kx - ok

13:27:27.0920 3204 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys

13:27:27.0998 3204 GEARAspiWDM - ok

13:27:28.0060 3204 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

13:27:28.0123 3204 GoogleDesktopManager-051210-111108 - ok

13:27:28.0201 3204 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

13:27:28.0388 3204 gpsvc - ok

13:27:28.0466 3204 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c98ed9548e9e50 C:\Program Files\Google\Update\GoogleUpdate.exe

13:27:28.0528 3204 gupdate1c98ed9548e9e50 - ok

13:27:28.0591 3204 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

13:27:28.0653 3204 gupdatem - ok

13:27:28.0715 3204 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

13:27:28.0793 3204 gusvc - ok

13:27:28.0871 3204 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

13:27:29.0152 3204 HdAudAddService - ok

13:27:29.0230 3204 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

13:27:29.0480 3204 HDAudBus - ok

13:27:29.0527 3204 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

13:27:29.0745 3204 HidBth - ok

13:27:29.0776 3204 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys

13:27:30.0041 3204 HidIr - ok

13:27:30.0088 3204 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll

13:27:30.0213 3204 hidserv - ok

13:27:30.0275 3204 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

13:27:30.0416 3204 HidUsb - ok

13:27:30.0494 3204 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

13:27:30.0650 3204 hkmsvc - ok

13:27:30.0712 3204 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

13:27:30.0790 3204 HpCISSs - ok

13:27:30.0946 3204 [ FCB563B0A23643E5F80B6FF1E60F610F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

13:27:31.0009 3204 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

13:27:31.0009 3204 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

13:27:31.0055 3204 [ 25E443E27165C652723A92D9BDFD4649 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

13:27:31.0133 3204 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

13:27:31.0133 3204 hpqddsvc - detected UnsignedFile.Multi.Generic (1)

13:27:31.0352 3204 [ E9E589C9AB799F52E18F057635A2B362 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys

13:27:33.0912 3204 HSF_DPV - ok

13:27:33.0959 3204 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys

13:27:34.0131 3204 HSXHWAZL - ok

13:27:34.0193 3204 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys

13:27:34.0333 3204 HTTP - ok

13:27:34.0380 3204 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys

13:27:34.0443 3204 i2omp - ok

13:27:34.0536 3204 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

13:27:34.0755 3204 i8042prt - ok

13:27:34.0817 3204 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\drivers\iastor.sys

13:27:34.0895 3204 iaStor - ok

13:27:34.0957 3204 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

13:27:35.0113 3204 iaStorV - ok

13:27:35.0238 3204 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

13:27:35.0301 3204 IDriverT ( UnsignedFile.Multi.Generic ) - warning

13:27:35.0301 3204 IDriverT - detected UnsignedFile.Multi.Generic (1)

13:27:35.0425 3204 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

13:27:35.0566 3204 idsvc - ok

13:27:35.0644 3204 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

13:27:35.0800 3204 iirsp - ok

13:27:35.0878 3204 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

13:27:36.0049 3204 IKEEXT - ok

13:27:36.0174 3204 [ 0084046C084D68E494F8CF36BCF08186 ] intelide C:\Windows\system32\DRIVERS\intelide.sys

13:27:36.0268 3204 intelide - ok

13:27:36.0346 3204 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

13:27:36.0564 3204 intelppm - ok

13:27:36.0611 3204 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

13:27:36.0751 3204 IPBusEnum - ok

13:27:36.0783 3204 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:27:36.0907 3204 IpFilterDriver - ok

13:27:36.0970 3204 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

13:27:37.0313 3204 IPMIDRV - ok

13:27:37.0344 3204 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

13:27:37.0563 3204 IPNAT - ok

13:27:37.0672 3204 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

13:27:37.0812 3204 iPod Service - ok

13:27:37.0843 3204 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

13:27:37.0968 3204 IRENUM - ok

13:27:38.0015 3204 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys

13:27:38.0155 3204 isapnp - ok

13:27:38.0233 3204 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

13:27:38.0311 3204 iScsiPrt - ok

13:27:38.0358 3204 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

13:27:38.0421 3204 iteatapi - ok

13:27:38.0467 3204 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

13:27:38.0530 3204 iteraid - ok

13:27:38.0577 3204 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

13:27:38.0670 3204 kbdclass - ok

13:27:38.0701 3204 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

13:27:38.0811 3204 kbdhid - ok

13:27:38.0873 3204 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

13:27:38.0982 3204 KeyIso - ok

13:27:39.0029 3204 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

13:27:39.0279 3204 KSecDD - ok

13:27:39.0403 3204 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

13:27:39.0591 3204 KtmRm - ok

13:27:39.0622 3204 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll

13:27:39.0731 3204 LanmanServer - ok

13:27:39.0762 3204 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

13:27:39.0871 3204 LanmanWorkstation - ok

13:27:40.0043 3204 [ 61323B88EFE90F6B144A3611B3ED1D7D ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

13:27:40.0168 3204 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - warning

13:27:40.0168 3204 Lavasoft Ad-Aware Service - detected UnsignedFile.Multi.Generic (1)

13:27:40.0246 3204 [ 6C4A3804510AD8E0F0C07B5BE3D44DDB ] Lavasoft Kernexplorer C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys

13:27:40.0308 3204 Lavasoft Kernexplorer - ok

13:27:40.0339 3204 [ 336ABE8721CBC3110F1C6426DA633417 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys

13:27:40.0542 3204 Lbd - ok

13:27:40.0590 3204 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

13:27:40.0730 3204 lltdio - ok

13:27:40.0777 3204 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

13:27:40.0933 3204 lltdsvc - ok

13:27:40.0980 3204 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

13:27:41.0183 3204 lmhosts - ok

13:27:41.0245 3204 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

13:27:41.0401 3204 LSI_FC - ok

13:27:41.0448 3204 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

13:27:41.0604 3204 LSI_SAS - ok

13:27:41.0651 3204 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

13:27:41.0729 3204 LSI_SCSI - ok

13:27:41.0791 3204 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

13:27:42.0056 3204 luafv - ok

13:27:42.0119 3204 [ 8181CEB341CBB2F7F893F85B915D5E15 ] MaVctrl C:\Windows\system32\DRIVERS\MaVc2K.sys

13:27:42.0150 3204 MaVctrl ( UnsignedFile.Multi.Generic ) - warning

13:27:42.0150 3204 MaVctrl - detected UnsignedFile.Multi.Generic (1)

13:27:42.0212 3204 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

13:27:42.0275 3204 MBAMProtector - ok

13:27:42.0431 3204 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

13:27:42.0509 3204 MBAMScheduler - ok

13:27:42.0634 3204 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

13:27:42.0743 3204 MBAMService - ok

13:27:42.0790 3204 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

13:27:42.0914 3204 Mcx2Svc - ok

13:27:42.0930 3204 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys

13:27:43.0024 3204 mdmxsdk - ok

13:27:43.0102 3204 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys

13:27:43.0164 3204 megasas - ok

13:27:43.0414 3204 MFE_RR - ok

13:27:43.0601 3204 Microsoft SharePoint Workspace Audit Service - ok

13:27:43.0632 3204 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

13:27:43.0757 3204 MMCSS - ok

13:27:43.0835 3204 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

13:27:43.0960 3204 Modem - ok

13:27:44.0022 3204 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

13:27:44.0225 3204 monitor - ok

13:27:44.0272 3204 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

13:27:44.0350 3204 mouclass - ok

13:27:44.0396 3204 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

13:27:44.0537 3204 mouhid - ok

13:27:44.0568 3204 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

13:27:44.0741 3204 MountMgr - ok

13:27:44.0819 3204 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

13:27:45.0021 3204 MpFilter - ok

13:27:45.0084 3204 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys

13:27:45.0271 3204 mpio - ok

13:27:45.0645 3204 [ A69630D039C38018689190234F866D77 ] MpKsld30ce7f4 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AD06D9E-5EDA-44EC-9E86-D54E4C95FF85}\MpKsld30ce7f4.sys

13:27:45.0786 3204 MpKsld30ce7f4 - ok

13:27:45.0848 3204 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

13:27:45.0973 3204 mpsdrv - ok

13:27:46.0098 3204 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

13:27:46.0285 3204 MpsSvc - ok

13:27:46.0363 3204 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

13:27:46.0457 3204 Mraid35x - ok

13:27:46.0503 3204 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

13:27:46.0971 3204 MRxDAV - ok

13:27:47.0299 3204 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

13:27:47.0424 3204 mrxsmb - ok

13:27:47.0486 3204 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:27:47.0595 3204 mrxsmb10 - ok

13:27:47.0627 3204 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:27:47.0751 3204 mrxsmb20 - ok

13:27:47.0798 3204 [ D420BC42A637AC3CC4F411220549C0DC ] msahci C:\Windows\system32\drivers\msahci.sys

13:27:47.0907 3204 msahci - ok

13:27:48.0063 3204 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

13:27:48.0141 3204 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning

13:27:48.0141 3204 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)

13:27:48.0188 3204 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys

13:27:48.0375 3204 msdsm - ok

13:27:48.0438 3204 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

13:27:48.0734 3204 MSDTC - ok

13:27:48.0797 3204 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

13:27:49.0062 3204 Msfs - ok

13:27:49.0233 3204 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

13:27:49.0608 3204 msisadrv - ok

13:27:49.0686 3204 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

13:27:49.0951 3204 MSiSCSI - ok

13:27:50.0013 3204 msiserver - ok

13:27:50.0154 3204 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

13:27:50.0466 3204 MSKSSRV - ok

13:27:50.0606 3204 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

13:27:50.0747 3204 MsMpSvc - ok

13:27:50.0809 3204 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

13:27:51.0199 3204 MSPCLOCK - ok

13:27:51.0261 3204 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

13:27:51.0558 3204 MSPQM - ok

13:27:51.0651 3204 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

13:27:52.0197 3204 MsRPC - ok

13:27:52.0260 3204 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

13:27:52.0400 3204 mssmbios - ok

13:27:52.0447 3204 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

13:27:52.0619 3204 MSTEE - ok

13:27:52.0665 3204 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

13:27:52.0962 3204 Mup - ok

13:27:53.0071 3204 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

13:27:53.0679 3204 napagent - ok

13:27:53.0773 3204 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

13:27:53.0913 3204 NativeWifiP - ok

13:27:54.0038 3204 [ FEF36E73E1476FDE8435144111125F3E ] NCHSSVAD C:\Windows\system32\drivers\nchssvad.sys

13:27:54.0257 3204 NCHSSVAD ( UnsignedFile.Multi.Generic ) - warning

13:27:54.0257 3204 NCHSSVAD - detected UnsignedFile.Multi.Generic (1)

13:27:54.0491 3204 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

13:27:55.0052 3204 NDIS - ok

13:27:55.0146 3204 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

13:27:55.0520 3204 NdisTapi - ok

13:27:55.0895 3204 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

13:27:56.0160 3204 Ndisuio - ok

13:27:56.0222 3204 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

13:27:56.0472 3204 NdisWan - ok

13:27:56.0503 3204 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

13:27:56.0924 3204 NDProxy - ok

13:27:57.0189 3204 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

13:27:57.0439 3204 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

13:27:57.0439 3204 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

13:27:57.0501 3204 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

13:27:57.0782 3204 NetBIOS - ok

13:27:57.0876 3204 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

13:27:58.0687 3204 netbt - ok

13:27:58.0718 3204 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

13:27:58.0921 3204 Netlogon - ok

13:27:58.0983 3204 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

13:27:59.0451 3204 Netman - ok

13:27:59.0529 3204 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

13:28:00.0153 3204 NetMsmqActivator - ok

13:28:00.0263 3204 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

13:28:00.0372 3204 NetPipeActivator - ok

13:28:00.0450 3204 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

13:28:00.0762 3204 netprofm - ok

13:28:00.0840 3204 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

13:28:00.0918 3204 NetTcpActivator - ok

13:28:00.0965 3204 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

13:28:01.0074 3204 NetTcpPortSharing - ok

13:28:01.0542 3204 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys

13:28:02.0712 3204 NETw4v32 - ok

13:28:02.0774 3204 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

13:28:02.0946 3204 nfrd960 - ok

13:28:03.0102 3204 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

13:28:03.0195 3204 NisDrv - ok

13:28:03.0523 3204 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

13:28:03.0975 3204 NisSrv - ok

13:28:04.0116 3204 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

13:28:04.0319 3204 NlaSvc - ok

13:28:04.0428 3204 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\Windows\system32\drivers\npf.sys

13:28:04.0537 3204 NPF - ok

13:28:04.0599 3204 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

13:28:04.0818 3204 Npfs - ok

13:28:04.0911 3204 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

13:28:05.0161 3204 nsi - ok

13:28:05.0270 3204 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

13:28:05.0754 3204 nsiproxy - ok

13:28:05.0879 3204 [ 53F7546E8DAEFB3A0813F5E19C4613C9 ] NSNDIS5 C:\Windows\system32\NSNDIS5.SYS

13:28:06.0035 3204 NSNDIS5 ( UnsignedFile.Multi.Generic ) - warning

13:28:06.0035 3204 NSNDIS5 - detected UnsignedFile.Multi.Generic (1)

13:28:06.0487 3204 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

13:28:09.0390 3204 Ntfs - ok

13:28:09.0561 3204 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

13:28:10.0045 3204 ntrigdigi - ok

13:28:10.0154 3204 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

13:28:10.0326 3204 Null - ok

13:28:14.0444 3204 [ 8FE5350FA6A9F0B6633AEE811C468954 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

13:28:23.0601 3204 nvlddmkm - ok

13:28:23.0695 3204 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys

13:28:23.0944 3204 nvraid - ok

13:28:24.0007 3204 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys

13:28:24.0412 3204 nvstor - ok

13:28:24.0553 3204 [ DED8F2C0070478F13C37F7BD849B83FA ] nvsvc C:\Windows\system32\nvvsvc.exe

13:28:24.0662 3204 nvsvc - ok

13:28:24.0709 3204 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

13:28:24.0912 3204 nv_agp - ok

13:28:25.0005 3204 [ 19CAC780B858822055F46C58A111723C ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys

13:28:25.0239 3204 OEM02Dev - ok

13:28:25.0302 3204 [ 86326062A90494BDD79CE383511D7D69 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys

13:28:25.0411 3204 OEM02Vfx - ok

13:28:25.0504 3204 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

13:28:25.0738 3204 ohci1394 - ok

13:28:25.0832 3204 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:28:25.0941 3204 ose - ok

13:28:26.0643 3204 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

13:28:27.0954 3204 osppsvc - ok

13:28:28.0078 3204 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

13:28:28.0234 3204 p2pimsvc - ok

13:28:28.0266 3204 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

13:28:28.0453 3204 p2psvc - ok

13:28:28.0546 3204 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

13:28:28.0640 3204 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning

13:28:28.0640 3204 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)

13:28:28.0749 3204 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

13:28:28.0983 3204 Parport - ok

13:28:29.0030 3204 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

13:28:29.0295 3204 partmgr - ok

13:28:29.0404 3204 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

13:28:29.0701 3204 Parvdm - ok

13:28:29.0779 3204 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

13:28:29.0872 3204 PcaSvc - ok

13:28:29.0935 3204 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

13:28:30.0106 3204 pci - ok

13:28:30.0153 3204 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys

13:28:30.0278 3204 pciide - ok

13:28:30.0340 3204 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

13:28:30.0793 3204 pcmcia - ok

13:28:30.0855 3204 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys

13:28:31.0417 3204 pcouffin - ok

13:28:31.0479 3204 [ 167B2FEA66DDE6925766D1A81A1AFFC0 ] PCTCore C:\Windows\system32\drivers\PCTCore.sys

13:28:32.0493 3204 PCTCore - ok

13:28:32.0618 3204 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

13:28:32.0930 3204 PEAUTH - ok

13:28:33.0211 3204 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

13:28:33.0554 3204 pla - ok

13:28:33.0632 3204 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

13:28:33.0882 3204 PlugPlay - ok

13:28:33.0944 3204 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

13:28:33.0975 3204 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

13:28:33.0975 3204 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

13:28:34.0147 3204 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

13:28:34.0287 3204 PNRPAutoReg - ok

13:28:34.0396 3204 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

13:28:34.0662 3204 PNRPsvc - ok

13:28:34.0880 3204 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

13:28:35.0036 3204 PolicyAgent - ok

13:28:35.0083 3204 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

13:28:35.0348 3204 PptpMiniport - ok

13:28:35.0426 3204 [ 11AF6ACEC505B96CFFFEA2930C7CC48B ] PRMonitorService C:\Program Files\Personal Renamer\PRService1.exe

13:28:35.0582 3204 PRMonitorService ( UnsignedFile.Multi.Generic ) - warning

13:28:35.0582 3204 PRMonitorService - detected UnsignedFile.Multi.Generic (1)

13:28:35.0613 3204 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys

13:28:35.0847 3204 Processor - ok

13:28:35.0956 3204 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

13:28:36.0081 3204 ProfSvc - ok

13:28:36.0112 3204 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

13:28:36.0206 3204 ProtectedStorage - ok

13:28:36.0253 3204 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe

13:28:36.0331 3204 ProtexisLicensing - ok

13:28:36.0378 3204 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

13:28:36.0612 3204 PSched - ok

13:28:36.0658 3204 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys

13:28:36.0814 3204 PxHelp20 - ok

13:28:37.0002 3204 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys

13:28:37.0267 3204 ql2300 - ok

13:28:37.0298 3204 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

13:28:37.0594 3204 ql40xx - ok

13:28:37.0719 3204 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

13:28:37.0828 3204 QWAVE - ok

13:28:37.0891 3204 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

13:28:38.0031 3204 QWAVEdrv - ok

13:28:38.0640 3204 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys

13:28:40.0200 3204 R300 - ok

13:28:40.0340 3204 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll

13:28:40.0418 3204 RapiMgr - ok

13:28:41.0089 3204 [ 3AF684252780CF87DC2809F85B8F7591 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys

13:28:41.0198 3204 RapportCerberus_43926 - ok

13:28:41.0354 3204 [ 78FE3AF5A10C96D4E027A2A39D126C8C ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys

13:28:41.0432 3204 RapportEI - ok

13:28:41.0494 3204 [ 99381C963C5D050DD109280926F416BC ] RapportKELL C:\Windows\system32\Drivers\RapportKELL.sys

13:28:41.0900 3204 RapportKELL - ok

13:28:41.0994 3204 [ 2E35747769F297086505138E0B0A08F3 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

13:28:42.0384 3204 RapportMgmtService - ok

13:28:42.0555 3204 [ 1C8E91FFB14D911277AC9299DF555349 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

13:28:42.0992 3204 RapportPG - ok

13:28:43.0101 3204 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

13:28:43.0444 3204 RasAcd - ok

13:28:43.0554 3204 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

13:28:43.0710 3204 RasAcd - ok

13:28:43.0772 3204 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

13:28:43.0990 3204 RasAuto - ok

13:28:44.0162 3204 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

13:28:44.0536 3204 Rasl2tp - ok

13:28:44.0630 3204 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

13:28:44.0911 3204 RasMan - ok

13:28:44.0942 3204 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

13:28:45.0160 3204 RasPppoe - ok

13:28:45.0254 3204 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

13:28:45.0535 3204 RasSstp - ok

13:28:45.0613 3204 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

13:28:46.0003 3204 rdbss - ok

13:28:46.0081 3204 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

13:28:46.0284 3204 RDPCDD - ok

13:28:46.0393 3204 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

13:28:46.0767 3204 rdpdr - ok

13:28:46.0908 3204 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

13:28:47.0096 3204 RDPENCDD - ok

13:28:47.0236 3204 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

13:28:47.0533 3204 RDPWD - ok

13:28:47.0673 3204 [ 37ECEBDD930395A9C399FB18A3C236D3 ] RegGuard C:\Windows\system32\Drivers\regguard.sys

13:28:47.0829 3204 RegGuard - ok

13:28:47.0907 3204 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

13:28:48.0080 3204 RemoteAccess - ok

13:28:48.0142 3204 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

13:28:48.0329 3204 RemoteRegistry - ok

13:28:48.0423 3204 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

13:28:48.0735 3204 RFCOMM - ok

13:28:48.0797 3204 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys

13:28:48.0906 3204 rimmptsk - ok

13:28:48.0938 3204 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys

13:28:49.0157 3204 rimsptsk - ok

13:28:49.0188 3204 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys

13:28:49.0313 3204 rismxdp - ok

13:28:49.0375 3204 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe

13:28:50.0815 3204 rpcapd - ok

13:28:50.0847 3204 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

13:28:51.0255 3204 RpcLocator - ok

13:28:51.0634 3204 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

13:28:52.0568 3204 RpcSs - ok

13:28:52.0614 3204 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

13:28:52.0844 3204 rspndr - ok

13:28:53.0134 3204 [ A0EEA6F631349D0E0B7A6CAA7E099CB0 ] RUBotSrv C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe

13:28:53.0524 3204 RUBotSrv - ok

13:28:53.0695 3204 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

13:28:53.0898 3204 SamSs - ok

13:28:54.0007 3204 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

13:28:54.0428 3204 sbp2port - ok

13:28:54.0881 3204 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

13:28:57.0299 3204 SBSDWSCService - ok

13:28:57.0658 3204 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

13:28:58.0251 3204 SCardSvr - ok

13:28:58.0548 3204 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

13:28:58.0813 3204 Schedule - ok

13:28:59.0094 3204 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

13:28:59.0328 3204 SCPolicySvc - ok

13:29:00.0313 3204 [ E8854048DFBF245F4F0B7009E49C7EF9 ] sdAuxService C:\Program Files\Spyware Doctor\pctsAuxs.exe

13:29:01.0217 3204 sdAuxService - ok

13:29:01.0654 3204 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

13:29:08.0515 3204 sdbus - ok

13:29:08.0780 3204 [ 4E28D7B4285A1B3D0EC212D9BD0FF4BF ] sdCoreService C:\Program Files\Spyware Doctor\pctsSvc.exe

13:29:10.0575 3204 sdCoreService - ok

13:29:10.0809 3204 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

13:29:11.0651 3204 SDRSVC - ok

13:29:11.0760 3204 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

13:29:12.0353 3204 secdrv - ok

13:29:12.0416 3204 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

13:29:13.0024 3204 seclogon - ok

13:29:13.0055 3204 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll

13:29:14.0397 3204 SENS - ok

13:29:14.0506 3204 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

13:29:15.0614 3204 Serenum - ok

13:29:15.0692 3204 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

13:32:02.0728 3204 Serial - ok

13:32:02.0775 3204 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

13:32:04.0272 3204 sermouse - ok

13:32:04.0506 3204 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

13:32:05.0333 3204 SessionEnv - ok

13:32:05.0926 3204 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys

13:32:06.0207 3204 sffdisk - ok

13:32:06.0300 3204 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

13:32:06.0722 3204 sffp_mmc - ok

13:32:06.0831 3204 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys

13:32:07.0252 3204 sffp_sd - ok

13:32:07.0346 3204 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

13:32:08.0032 3204 sfloppy - ok

13:32:08.0204 3204 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

13:32:08.0859 3204 SharedAccess - ok

13:32:08.0921 3204 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

13:32:09.0561 3204 ShellHWDetection - ok

13:32:09.0608 3204 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys

13:32:10.0014 3204 sisagp - ok

13:32:10.0061 3204 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

13:32:10.0311 3204 SiSRaid2 - ok

13:32:10.0404 3204 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

13:32:11.0091 3204 SiSRaid4 - ok

13:32:12.0307 3204 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

13:32:33.0516 3204 Skype C2C Service - ok

13:32:34.0077 3204 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

13:32:42.0006 3204 slsvc - ok

13:32:42.0178 3204 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

13:32:42.0583 3204 SLUINotify - ok

13:32:42.0630 3204 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

13:32:43.0051 3204 Smb - ok

13:32:43.0239 3204 [ 26BA81BA48C3D9FB292B4B60FDE849F2 ] SNMP C:\Windows\System32\snmp.exe

13:32:43.0363 3204 SNMP - ok

13:32:43.0441 3204 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

13:32:43.0535 3204 SNMPTRAP - ok

13:32:43.0644 3204 [ 06D0E7C3500310A9349CE347EA410C0B ] SPC610NC C:\Windows\system32\DRIVERS\SPC610NC.SYS

13:32:44.0003 3204 SPC610NC - ok

13:32:44.0065 3204 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

13:32:44.0159 3204 spldr - ok

13:32:44.0221 3204 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

13:32:44.0362 3204 Spooler - ok

13:32:44.0455 3204 [ 7F1B7C4D446CD3F926AF45B8C48BD593 ] sptd C:\Windows\system32\Drivers\sptd.sys

13:32:44.0455 3204 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 7F1B7C4D446CD3F926AF45B8C48BD593

13:32:44.0455 3204 sptd ( LockedFile.Multi.Generic ) - warning

13:32:44.0455 3204 sptd - detected LockedFile.Multi.Generic (1)

13:32:44.0518 3204 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

13:32:44.0565 3204 SPTISRV ( UnsignedFile.Multi.Generic ) - warning

13:32:44.0565 3204 SPTISRV - detected UnsignedFile.Multi.Generic (1)

13:32:44.0627 3204 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

13:32:44.0939 3204 srv - ok

13:32:45.0001 3204 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

13:32:45.0220 3204 srv2 - ok

13:32:45.0282 3204 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

13:32:45.0594 3204 srvnet - ok

13:32:45.0658 3204 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

13:32:45.0876 3204 SSDPSRV - ok

13:32:45.0954 3204 [ 14622AE81C72B08691EEDAABC1D4A129 ] ssm_bus C:\Windows\system32\DRIVERS\ssm_bus.sys

13:32:46.0313 3204 ssm_bus - ok

13:32:46.0391 3204 [ 43EE5E9FDA61A5E0EAC4C1DE699E6E4D ] ssm_mdfl C:\Windows\system32\DRIVERS\ssm_mdfl.sys

13:32:46.0578 3204 ssm_mdfl - ok

13:32:46.0625 3204 [ 918CFD32C7FEB174F356A0A6FAD11F4B ] ssm_mdm C:\Windows\system32\DRIVERS\ssm_mdm.sys

13:32:46.0859 3204 ssm_mdm - ok

13:32:46.0999 3204 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

13:32:47.0186 3204 SstpSvc - ok

13:32:47.0405 3204 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] STacSV C:\Windows\system32\STacSV.exe

13:32:47.0608 3204 STacSV - ok

13:32:47.0670 3204 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys

13:32:47.0732 3204 StarOpen ( UnsignedFile.Multi.Generic ) - warning

13:32:47.0732 3204 StarOpen - detected UnsignedFile.Multi.Generic (1)

13:32:47.0779 3204 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] STHDA C:\Windows\system32\drivers\stwrt.sys

13:32:48.0138 3204 STHDA - ok

13:32:48.0216 3204 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

13:32:48.0622 3204 stisvc - ok

13:32:48.0668 3204 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

13:32:48.0793 3204 swenum - ok

13:32:49.0121 3204 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

13:32:49.0511 3204 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

13:32:49.0511 3204 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

13:32:49.0589 3204 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

13:32:49.0760 3204 swprv - ok

13:32:49.0823 3204 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

13:32:49.0948 3204 Symc8xx - ok

13:32:49.0994 3204 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

13:32:50.0197 3204 Sym_hi - ok

13:32:50.0244 3204 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

13:32:50.0322 3204 Sym_u3 - ok

13:32:50.0478 3204 [ DD17B63F26430E179EF6BDEF5AC735BD ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

13:32:50.0930 3204 SynTP - ok

13:32:51.0071 3204 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

13:32:51.0601 3204 SysMain - ok

13:32:52.0351 3204 [ 968E23EC4E0AF2F107E73C733B0D7A8E ] SystemExplorerHelpService C:\Program Files\System Explorer\service\SystemExplorerService.exe

13:32:59.0266 3204 SystemExplorerHelpService - ok

13:32:59.0375 3204 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

13:32:59.0656 3204 TabletInputService - ok

13:32:59.0765 3204 [ 11D34FC869F5BDA29949FE3858380894 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys

13:32:59.0968 3204 tap0901 - ok

13:33:00.0077 3204 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys

13:33:00.0451 3204 taphss - ok

13:33:00.0561 3204 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

13:33:00.0795 3204 TapiSrv - ok

13:33:00.0873 3204 [ 27A2C318CD28CFB3EB2200FD96AF1E58 ] tapvpn C:\Windows\system32\DRIVERS\tapvpn.sys

13:33:01.0107 3204 tapvpn ( UnsignedFile.Multi.Generic ) - warning

13:33:01.0107 3204 tapvpn - detected UnsignedFile.Multi.Generic (1)

13:33:01.0169 3204 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

13:33:01.0590 3204 TBS - ok

13:33:01.0715 3204 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys

13:33:03.0136 3204 Tcpip - ok

13:33:03.0182 3204 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

13:33:03.0994 3204 Tcpip6 - ok

13:33:04.0072 3204 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

13:33:04.0165 3204 tcpipreg - ok

13:33:04.0228 3204 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

13:33:04.0462 3204 TDPIPE - ok

13:33:04.0508 3204 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

13:33:04.0805 3204 TDTCP - ok

13:33:04.0867 3204 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

13:33:05.0444 3204 tdx - ok

13:33:05.0491 3204 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

13:33:05.0912 3204 TermDD - ok

13:33:05.0959 3204 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

13:33:06.0209 3204 TermService - ok

13:33:06.0318 3204 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

13:33:06.0412 3204 Themes - ok

13:33:06.0458 3204 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

13:33:06.0677 3204 THREADORDER - ok

13:33:06.0724 3204 [ B0B3122BFF3910E0BA97014045467778 ] tifsfilter C:\Windows\system32\DRIVERS\tifsfilt.sys

13:33:07.0238 3204 tifsfilter - ok

13:33:07.0394 3204 [ 13BFE330880AC0CE8672D00AA5AFF738 ] timounter C:\Windows\system32\DRIVERS\timntr.sys

13:33:07.0769 3204 timounter - ok

13:33:07.0847 3204 [ E9C2642EC635B01F19F343DF5EB488D3 ] TotRec7 C:\Windows\system32\drivers\TotRec7.sys

13:33:08.0377 3204 TotRec7 - ok

13:33:08.0502 3204 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

13:33:08.0830 3204 TrkWks - ok

13:33:08.0893 3204 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

13:33:09.0533 3204 TrustedInstaller - ok

13:33:09.0611 3204 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

13:33:09.0876 3204 tssecsrv - ok

13:33:10.0016 3204 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

13:33:10.0297 3204 tunmp - ok

13:33:10.0391 3204 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

13:33:10.0515 3204 tunnel - ok

13:33:10.0609 3204 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

13:33:10.0952 3204 uagp35 - ok

13:33:11.0046 3204 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

13:33:11.0826 3204 udfs - ok

13:33:11.0935 3204 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

13:33:12.0295 3204 UI0Detect - ok

13:33:12.0576 3204 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

13:33:12.0950 3204 uliagpkx - ok

13:33:13.0153 3204 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys

13:33:14.0045 3204 uliahci - ok

13:33:14.0139 3204 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

13:33:14.0482 3204 UlSata - ok

13:33:14.0591 3204 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

13:33:14.0809 3204 ulsata2 - ok

13:33:14.0919 3204 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

13:33:15.0246 3204 umbus - ok

13:33:15.0371 3204 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

13:33:15.0839 3204 upnphost - ok

13:33:15.0948 3204 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys

13:33:16.0198 3204 USBAAPL - ok

13:33:16.0260 3204 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

13:33:16.0697 3204 usbccgp - ok

13:33:16.0759 3204 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

13:33:17.0259 3204 usbcir - ok

13:33:17.0337 3204 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

13:33:17.0477 3204 usbehci - ok

13:33:17.0524 3204 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

13:33:17.0945 3204 usbhub - ok

13:33:17.0992 3204 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys

13:33:18.0274 3204 usbohci - ok

13:33:18.0320 3204 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

13:33:18.0492 3204 usbprint - ok

13:33:18.0539 3204 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

13:33:18.0679 3204 usbscan - ok

13:33:18.0742 3204 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:33:19.0022 3204 USBSTOR - ok

13:33:19.0085 3204 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

13:33:19.0381 3204 usbuhci - ok

13:33:19.0428 3204 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

13:33:19.0646 3204 UxSms - ok

13:33:19.0693 3204 [ 94D73B62E458FB56C9CE60AA96D914F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys

13:33:19.0787 3204 VClone - ok

13:33:19.0849 3204 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

13:33:20.0177 3204 vds - ok

13:33:20.0224 3204 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

13:33:20.0598 3204 vga - ok

13:33:20.0645 3204 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

13:33:20.0848 3204 VgaSave - ok

13:33:20.0879 3204 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys

13:33:21.0206 3204 viaagp - ok

13:33:21.0238 3204 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys

13:33:21.0550 3204 ViaC7 - ok

13:33:21.0581 3204 [ F3B4762EB85A2AFF4999401F14C3262B ] viaide C:\Windows\system32\drivers\viaide.sys

13:33:21.0737 3204 viaide - ok

13:33:21.0784 3204 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

13:33:22.0080 3204 volmgr - ok

13:33:22.0142 3204 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

13:33:22.0751 3204 volmgrx - ok

13:33:22.0798 3204 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys

13:33:23.0406 3204 volsnap - ok

13:33:23.0484 3204 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

13:33:23.0624 3204 vsmraid - ok

13:33:23.0718 3204 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

13:33:25.0231 3204 VSS - ok

13:33:25.0356 3204 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

13:33:25.0668 3204 W32Time - ok

13:33:25.0730 3204 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

13:33:25.0996 3204 WacomPen - ok

13:33:26.0042 3204 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

13:33:26.0432 3204 Wanarp - ok

13:33:26.0464 3204 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

13:33:26.0620 3204 Wanarpv6 - ok

13:33:26.0666 3204 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll

13:33:26.0807 3204 WcesComm - ok

13:33:26.0869 3204 [ DC7F91B2ED24A738C807EA07F298928C ] wceusbsh C:\Windows\system32\DRIVERS\wceusbsh.sys

13:33:27.0072 3204 wceusbsh ( UnsignedFile.Multi.Generic ) - warning

13:33:27.0072 3204 wceusbsh - detected UnsignedFile.Multi.Generic (1)

13:33:27.0150 3204 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

13:33:27.0290 3204 wcncsvc - ok

13:33:27.0337 3204 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

13:33:27.0509 3204 WcsPlugInService - ok

13:33:27.0571 3204 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys

13:33:27.0665 3204 Wd - ok

13:33:27.0727 3204 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

13:33:28.0117 3204 Wdf01000 - ok

13:33:28.0180 3204 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

13:33:28.0446 3204 WdiServiceHost - ok

13:33:28.0477 3204 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

13:33:28.0758 3204 WdiSystemHost - ok

13:33:28.0820 3204 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

13:33:29.0117 3204 WebClient - ok

13:33:29.0163 3204 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

13:33:29.0366 3204 Wecsvc - ok

13:33:29.0413 3204 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

13:33:29.0663 3204 wercplsupport - ok

13:33:29.0725 3204 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

13:33:29.0959 3204 WerSvc - ok

13:33:30.0037 3204 [ 4DACA8F07537D4D7E3534BB99294AA26 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys

13:33:30.0505 3204 winachsf - ok

13:33:30.0614 3204 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

13:33:30.0833 3204 WinDefend - ok

13:33:30.0911 3204 WinHttpAutoProxySvc - ok

13:33:31.0020 3204 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

13:33:31.0254 3204 Winmgmt - ok

13:33:31.0379 3204 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

13:33:33.0375 3204 WinRM - ok

13:33:33.0485 3204 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys

13:33:33.0672 3204 winusb - ok

13:33:33.0765 3204 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

13:33:34.0187 3204 Wlansvc - ok

13:33:34.0687 3204 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:33:37.0481 3204 wlidsvc - ok

13:33:37.0528 3204 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

13:33:37.0715 3204 WmiAcpi - ok

13:33:37.0778 3204 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

13:33:38.0230 3204 wmiApSrv - ok

13:33:38.0324 3204 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

13:33:38.0589 3204 WMPNetworkSvc - ok

13:33:38.0651 3204 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

13:33:38.0854 3204 WPCSvc - ok

13:33:38.0901 3204 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

13:33:39.0072 3204 WPDBusEnum - ok

13:33:39.0119 3204 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

13:33:39.0478 3204 WpdUsb - ok

13:33:39.0665 3204 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

13:33:39.0930 3204 WPFFontCache_v0400 - ok

13:33:39.0977 3204 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

13:33:40.0149 3204 ws2ifsl - ok

13:33:40.0211 3204 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll

13:33:40.0383 3204 wscsvc - ok

13:33:40.0398 3204 WSearch - ok

13:33:40.0570 3204 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

13:33:41.0460 3204 wuauserv - ok

13:33:41.0523 3204 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

13:33:42.0396 3204 WUDFRd - ok

13:33:42.0459 3204 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll

13:33:42.0661 3204 wudfsvc - ok

13:33:42.0708 3204 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys

13:33:42.0817 3204 XAudio - ok

13:33:42.0911 3204 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe

13:33:43.0051 3204 XAudioService - ok

13:33:43.0192 3204 ================ Scan global ===============================

13:33:43.0223 3204 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

13:33:43.0332 3204 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

13:33:43.0488 3204 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

13:33:43.0597 3204 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

13:33:43.0613 3204 [Global] - ok

13:33:43.0613 3204 ================ Scan MBR ==================================

13:33:43.0629 3204 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

13:33:52.0506 3204 \Device\Harddisk0\DR0 - ok

13:33:52.0522 3204 ================ Scan VBR ==================================

13:33:52.0537 3204 [ AD8A63ACF15A5C2F6C2C915B4E87BB08 ] \Device\Harddisk0\DR0\Partition1

13:33:52.0537 3204 \Device\Harddisk0\DR0\Partition1 - ok

13:33:52.0584 3204 [ 6B7A17B2483BE4BF018FE23277CB224C ] \Device\Harddisk0\DR0\Partition2

13:33:52.0584 3204 \Device\Harddisk0\DR0\Partition2 - ok

13:33:52.0584 3204 ================ Scan active images ========================

13:33:52.0584 3204 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys

13:33:52.0584 3204 C:\Windows\System32\drivers\crashdmp.sys - ok

13:33:52.0615 3204 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] C:\Windows\System32\drivers\iaStor.sys

13:33:52.0615 3204 C:\Windows\System32\drivers\iaStor.sys - ok

13:33:52.0631 3204 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys

13:33:52.0631 3204 C:\Windows\System32\drivers\tunnel.sys - ok

13:33:52.0646 3204 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys

13:33:52.0646 3204 C:\Windows\System32\drivers\ks.sys - ok

13:33:52.0678 3204 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys

13:33:52.0678 3204 C:\Windows\System32\drivers\drmk.sys - ok

13:33:52.0693 3204 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys

13:33:52.0693 3204 C:\Windows\System32\drivers\portcls.sys - ok

13:33:52.0724 3204 [ E9C2642EC635B01F19F343DF5EB488D3 ] C:\Windows\System32\drivers\TotRec7.sys

13:33:52.0724 3204 C:\Windows\System32\drivers\TotRec7.sys - ok

13:33:52.0740 3204 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS

13:33:52.0740 3204 C:\Windows\System32\drivers\TUNMP.SYS - ok

13:33:52.0771 3204 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys

13:33:52.0771 3204 C:\Windows\System32\drivers\intelppm.sys - ok

13:33:52.0787 3204 [ DA9CF6C40605C43F895439D9D7B16324 ] C:\Windows\System32\drivers\nvBridge.kmd

13:33:52.0787 3204 C:\Windows\System32\drivers\nvBridge.kmd - ok

13:33:52.0802 3204 [ 8FE5350FA6A9F0B6633AEE811C468954 ] C:\Windows\System32\drivers\nvlddmkm.sys

13:33:52.0802 3204 C:\Windows\System32\drivers\nvlddmkm.sys - ok

13:33:52.0818 3204 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys

13:33:52.0818 3204 C:\Windows\System32\drivers\dxgkrnl.sys - ok

13:33:52.0849 3204 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys

13:33:52.0849 3204 C:\Windows\System32\drivers\watchdog.sys - ok

13:33:52.0865 3204 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys

13:33:52.0865 3204 C:\Windows\System32\drivers\usbport.sys - ok

13:33:52.0896 3204 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys

13:33:52.0896 3204 C:\Windows\System32\drivers\usbuhci.sys - ok

13:33:52.0912 3204 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys

13:33:52.0912 3204 C:\Windows\System32\drivers\usbehci.sys - ok

13:33:52.0927 3204 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys

13:33:52.0943 3204 C:\Windows\System32\drivers\hdaudbus.sys - ok

13:33:52.0958 3204 [ 6522DD40A5F67CED020BD81B856613FB ] C:\Windows\System32\drivers\NETw4v32.sys

13:33:52.0958 3204 C:\Windows\System32\drivers\NETw4v32.sys - ok

13:33:52.0974 3204 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] C:\Windows\System32\drivers\bcm4sbxp.sys

13:33:52.0974 3204 C:\Windows\System32\drivers\bcm4sbxp.sys - ok

13:33:53.0005 3204 [ 0349BE02F329F4F48F1D48097FD65974 ] C:\Windows\System32\drivers\1394bus.sys

13:33:53.0005 3204 C:\Windows\System32\drivers\1394bus.sys - ok

13:33:53.0021 3204 [ 6F310E890D46E246E0E261A63D9B36B4 ] C:\Windows\System32\drivers\ohci1394.sys

13:33:53.0021 3204 C:\Windows\System32\drivers\ohci1394.sys - ok

13:33:53.0036 3204 [ 8F36B54688C31EED4580129040C6A3D3 ] C:\Windows\System32\drivers\sdbus.sys

13:33:53.0052 3204 C:\Windows\System32\drivers\sdbus.sys - ok

13:33:53.0068 3204 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] C:\Windows\System32\drivers\rimmptsk.sys

13:33:53.0068 3204 C:\Windows\System32\drivers\rimmptsk.sys - ok

13:33:53.0083 3204 [ DB8EB01C58C9FADA00C70B1775278AE0 ] C:\Windows\System32\drivers\rimsptsk.sys

13:33:53.0083 3204 C:\Windows\System32\drivers\rimsptsk.sys - ok

13:33:53.0099 3204 [ 6C1F93C0760C9F79A1869D07233DF39D ] C:\Windows\System32\drivers\rixdptsk.sys

13:33:53.0099 3204 C:\Windows\System32\drivers\rixdptsk.sys - ok

13:33:53.0130 3204 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys

13:33:53.0130 3204 C:\Windows\System32\drivers\i8042prt.sys - ok

13:33:53.0146 3204 [ DD17B63F26430E179EF6BDEF5AC735BD ] C:\Windows\System32\drivers\SynTP.sys

13:33:53.0146 3204 C:\Windows\System32\drivers\SynTP.sys - ok

13:33:53.0177 3204 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys

13:33:53.0177 3204 C:\Windows\System32\drivers\usbd.sys - ok

13:33:53.0192 3204 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys

13:33:53.0192 3204 C:\Windows\System32\drivers\mouclass.sys - ok

13:33:53.0224 3204 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys

13:33:53.0224 3204 C:\Windows\System32\drivers\kbdclass.sys - ok

13:33:53.0239 3204 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys

13:33:53.0239 3204 C:\Windows\System32\drivers\cdrom.sys - ok

13:33:53.0270 3204 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\Windows\System32\drivers\CmBatt.sys

13:33:53.0270 3204 C:\Windows\System32\drivers\CmBatt.sys - ok

13:33:53.0286 3204 [ 2E7255D172DF0B8283CDFB7B433B864E ] C:\Windows\System32\drivers\wmiacpi.sys

13:33:53.0286 3204 C:\Windows\System32\drivers\wmiacpi.sys - ok

13:33:53.0317 3204 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys

13:33:53.0317 3204 C:\Windows\System32\drivers\Storport.sys - ok

13:33:53.0333 3204 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys

13:33:53.0333 3204 C:\Windows\System32\drivers\msiscsi.sys - ok

13:33:53.0348 3204 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys

13:33:53.0348 3204 C:\Windows\System32\drivers\tdi.sys - ok

13:33:53.0364 3204 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys

13:33:53.0364 3204 C:\Windows\System32\drivers\rasl2tp.sys - ok

13:33:53.0411 3204 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys

13:33:53.0411 3204 C:\Windows\System32\drivers\ndistapi.sys - ok

13:33:53.0442 3204 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys

13:33:53.0442 3204 C:\Windows\System32\drivers\ndiswan.sys - ok

13:33:53.0458 3204 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys

13:33:53.0458 3204 C:\Windows\System32\drivers\raspppoe.sys - ok

13:33:53.0489 3204 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys

13:33:53.0489 3204 C:\Windows\System32\drivers\raspptp.sys - ok

13:33:53.0504 3204 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys

13:33:53.0504 3204 C:\Windows\System32\drivers\rassstp.sys - ok

13:33:53.0521 3204 [ 5B6C11DE7E839C05248CED8825470FEF ] C:\Windows\System32\drivers\pcouffin.sys

13:33:53.0521 3204 C:\Windows\System32\drivers\pcouffin.sys - ok

13:33:53.0552 3204 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys

13:33:53.0552 3204 C:\Windows\System32\drivers\termdd.sys - ok

13:33:53.0568 3204 [ 94D73B62E458FB56C9CE60AA96D914F9 ] C:\Windows\System32\drivers\VClone.sys

13:33:53.0568 3204 C:\Windows\System32\drivers\VClone.sys - ok

13:33:53.0583 3204 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys

13:33:53.0583 3204 C:\Windows\System32\drivers\swenum.sys - ok

13:33:53.0630 3204 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys

13:33:53.0630 3204 C:\Windows\System32\drivers\mssmbios.sys - ok

13:33:53.0646 3204 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys

13:33:53.0646 3204 C:\Windows\System32\drivers\umbus.sys - ok

13:33:53.0661 3204 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys

13:33:53.0677 3204 C:\Windows\System32\drivers\usbhub.sys - ok

13:33:53.0693 3204 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys

13:33:53.0693 3204 C:\Windows\System32\drivers\ndproxy.sys - ok

13:33:53.0708 3204 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] C:\Windows\System32\drivers\stwrt.sys

13:33:53.0708 3204 C:\Windows\System32\drivers\stwrt.sys - ok

13:33:53.0739 3204 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E ] C:\Windows\System32\drivers\HSXHWAZL.sys

13:33:53.0739 3204 C:\Windows\System32\drivers\HSXHWAZL.sys - ok

13:33:53.0755 3204 [ E9E589C9AB799F52E18F057635A2B362 ] C:\Windows\System32\drivers\HSX_DPV.sys

13:33:53.0755 3204 C:\Windows\System32\drivers\HSX_DPV.sys - ok

13:33:53.0786 3204 [ 4DACA8F07537D4D7E3534BB99294AA26 ] C:\Windows\System32\drivers\HSX_CNXT.sys

13:33:53.0786 3204 C:\Windows\System32\drivers\HSX_CNXT.sys - ok

13:33:53.0802 3204 [ E13B5EA0F51BA5B1512EC671393D09BA ] C:\Windows\System32\drivers\modem.sys

13:33:53.0802 3204 C:\Windows\System32\drivers\modem.sys - ok

13:33:53.0833 3204 [ 3AF684252780CF87DC2809F85B8F7591 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys

13:33:53.0833 3204 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys - ok

13:33:53.0864 3204 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys

13:33:53.0864 3204 C:\Windows\System32\drivers\fs_rec.sys - ok

13:33:53.0895 3204 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys

13:33:53.0895 3204 C:\Windows\System32\drivers\null.sys - ok

13:33:53.0911 3204 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys

13:33:53.0911 3204 C:\Windows\System32\drivers\beep.sys - ok

13:33:53.0927 3204 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys

13:33:53.0927 3204 C:\Windows\System32\drivers\hidparse.sys - ok

13:33:53.0958 3204 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys

13:33:53.0958 3204 C:\Windows\System32\drivers\kbdhid.sys - ok

13:33:53.0989 3204 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys

13:33:53.0989 3204 C:\Windows\System32\drivers\usbccgp.sys - ok

13:33:54.0005 3204 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys

13:33:54.0005 3204 C:\Windows\System32\drivers\vga.sys - ok

13:33:54.0036 3204 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys

13:33:54.0036 3204 C:\Windows\System32\drivers\videoprt.sys - ok

13:33:54.0051 3204 [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys

13:33:54.0051 3204 C:\Windows\System32\drivers\hidclass.sys - ok

13:33:54.0083 3204 [ CCA4B519B17E23A00B826C55716809CC ] C:\Windows\System32\drivers\hidusb.sys

13:33:54.0083 3204 C:\Windows\System32\drivers\hidusb.sys - ok

13:33:54.0098 3204 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys

13:33:54.0098 3204 C:\Windows\System32\drivers\RDPCDD.sys - ok

13:33:54.0114 3204 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys

13:33:54.0114 3204 C:\Windows\System32\drivers\RDPENCDD.sys - ok

13:33:54.0129 3204 [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys

13:33:54.0129 3204 C:\Windows\System32\drivers\mouhid.sys - ok

13:33:54.0161 3204 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys

13:33:54.0161 3204 C:\Windows\System32\drivers\msfs.sys - ok

13:33:54.0176 3204 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys

13:33:54.0176 3204 C:\Windows\System32\drivers\npfs.sys - ok

13:33:54.0207 3204 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys

13:33:54.0207 3204 C:\Windows\System32\drivers\rasacd.sys - ok

13:33:54.0239 3204 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys

13:33:54.0239 3204 C:\Windows\System32\drivers\tdx.sys - ok

13:33:54.0270 3204 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys

13:33:54.0270 3204 C:\Windows\System32\drivers\netbt.sys - ok

13:33:54.0301 3204 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys

13:33:54.0301 3204 C:\Windows\System32\drivers\smb.sys - ok

13:33:54.0410 3204 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys

13:33:54.0410 3204 C:\Windows\System32\drivers\afd.sys - ok

13:33:54.0426 3204 [ E3A3CB253C0EC2494D4A61F5E43A389C ] C:\Windows\System32\drivers\ws2ifsl.sys

13:33:54.0426 3204 C:\Windows\System32\drivers\ws2ifsl.sys - ok

13:33:54.0441 3204 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys

13:33:54.0441 3204 C:\Windows\System32\drivers\pacer.sys - ok

13:33:54.0457 3204 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys

13:33:54.0457 3204 C:\Windows\System32\drivers\netbios.sys - ok

13:33:54.0488 3204 [ 306521935042FC0A6988D528643619B3 ] C:\Windows\System32\drivers\StarOpen.sys

13:33:54.0488 3204 C:\Windows\System32\drivers\StarOpen.sys - ok

13:33:54.0504 3204 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys

13:33:54.0504 3204 C:\Windows\System32\drivers\wanarp.sys - ok

13:33:54.0566 3204 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys

13:33:54.0566 3204 C:\Windows\System32\drivers\rdbss.sys - ok

13:33:54.0582 3204 [ 1C8E91FFB14D911277AC9299DF555349 ] C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

13:33:54.0582 3204 C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys - ok

13:33:54.0613 3204 [ 78FE3AF5A10C96D4E027A2A39D126C8C ] C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys

13:33:54.0613 3204 C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys - ok

13:33:54.0629 3204 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys

13:33:54.0629 3204 C:\Windows\System32\drivers\nsiproxy.sys - ok

13:33:54.0691 3204 [ A69630D039C38018689190234F866D77 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AD06D9E-5EDA-44EC-9E86-D54E4C95FF85}\MpKsld30ce7f4.sys

13:33:54.0691 3204 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AD06D9E-5EDA-44EC-9E86-D54E4C95FF85}\MpKsld30ce7f4.sys - ok

13:33:54.0722 3204 [ 44996A2ADDD2DB7454F2CA40B67D8941 ] C:\Windows\System32\drivers\ElbyCDIO.sys

13:33:54.0722 3204 C:\Windows\System32\drivers\ElbyCDIO.sys - ok

13:33:54.0769 3204 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys

13:33:54.0769 3204 C:\Windows\System32\drivers\dfsc.sys - ok

13:33:54.0800 3204 [ 4E08A98DBA0B1249C2EB4B191978A9A4 ] C:\Windows\System32\drivers\ctxusbm.sys

13:33:54.0800 3204 C:\Windows\System32\drivers\ctxusbm.sys - ok

13:33:54.0847 3204 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll

13:33:54.0847 3204 C:\Windows\System32\ntdll.dll - ok

13:33:54.0909 3204 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe

13:33:54.0909 3204 C:\Windows\System32\smss.exe - ok

13:33:54.0925 3204 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe

13:33:54.0925 3204 C:\Windows\System32\autochk.exe - ok

13:33:54.0956 3204 [ 71ABEFEDA90E159FD56937943EE745DB ] C:\Windows\System32\lsdelete.exe

13:33:54.0956 3204 C:\Windows\System32\lsdelete.exe - ok

13:33:54.0987 3204 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll

13:33:54.0987 3204 C:\Windows\System32\msctf.dll - ok

13:33:55.0003 3204 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll

13:33:55.0003 3204 C:\Windows\System32\clbcatq.dll - ok

13:33:55.0019 3204 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll

13:33:55.0034 3204 C:\Windows\System32\ws2_32.dll - ok

13:33:55.0050 3204 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll

13:33:55.0050 3204 C:\Windows\System32\msvcrt.dll - ok

13:33:55.0065 3204 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\Windows\System32\shlwapi.dll

13:33:55.0065 3204 C:\Windows\System32\shlwapi.dll - ok

13:33:55.0097 3204 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll

13:33:55.0097 3204 C:\Windows\System32\imm32.dll - ok

13:33:55.0112 3204 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll

13:33:55.0112 3204 C:\Windows\System32\lpk.dll - ok

13:33:55.0143 3204 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll

13:33:55.0143 3204 C:\Windows\System32\normaliz.dll - ok

13:33:55.0159 3204 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll

13:33:55.0159 3204 C:\Windows\System32\comdlg32.dll - ok

13:33:55.0190 3204 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll

13:33:55.0190 3204 C:\Windows\System32\ole32.dll - ok

13:33:55.0206 3204 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll

13:33:55.0206 3204 C:\Windows\System32\user32.dll - ok

13:33:55.0221 3204 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll

13:33:55.0221 3204 C:\Windows\System32\nsi.dll - ok

13:33:55.0237 3204 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll

13:33:55.0237 3204 C:\Windows\System32\shell32.dll - ok

13:33:55.0268 3204 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll

13:33:55.0268 3204 C:\Windows\System32\gdi32.dll - ok

13:33:55.0284 3204 [ 69D83FEF59F46E9EBF06E805547DB534 ] C:\Windows\System32\wininet.dll

13:33:55.0284 3204 C:\Windows\System32\wininet.dll - ok

13:33:55.0315 3204 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll

13:33:55.0315 3204 C:\Windows\System32\usp10.dll - ok

13:33:55.0331 3204 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll

13:33:55.0331 3204 C:\Windows\System32\rpcrt4.dll - ok

13:33:55.0346 3204 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll

13:33:55.0346 3204 C:\Windows\System32\Wldap32.dll - ok

13:33:55.0377 3204 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll

13:33:55.0377 3204 C:\Windows\System32\imagehlp.dll - ok

13:33:55.0393 3204 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll

13:33:55.0393 3204 C:\Windows\System32\setupapi.dll - ok

13:33:55.0409 3204 [ 58FCB40BB21F2397BA6F053A4A693D04 ] C:\Windows\System32\urlmon.dll

13:33:55.0409 3204 C:\Windows\System32\urlmon.dll - ok

13:33:55.0440 3204 [ E01CCC2789F79507CD64DBA563675F9A ] C:\Windows\System32\iertutil.dll

13:33:55.0440 3204 C:\Windows\System32\iertutil.dll - ok

13:33:55.0455 3204 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll

13:33:55.0455 3204 C:\Windows\System32\advapi32.dll - ok

13:33:55.0487 3204 [ 574B473FACAA0E91702B86578440B525 ] C:\Windows\System32\kernel32.dll

13:33:55.0487 3204 C:\Windows\System32\kernel32.dll - ok

13:33:55.0487 3204 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll

13:33:55.0487 3204 C:\Windows\System32\oleaut32.dll - ok

13:33:55.0518 3204 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll

13:33:55.0518 3204 C:\Windows\System32\comctl32.dll - ok

13:33:55.0533 3204 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll

13:33:55.0533 3204 C:\Windows\System32\psapi.dll - ok

13:33:55.0549 3204 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys

13:33:55.0549 3204 C:\Windows\System32\drivers\dxapi.sys - ok

13:33:55.0580 3204 [ 92D85E8A4129FE44A3266266AC8D151D ] C:\Windows\System32\win32k.sys

13:33:55.0580 3204 C:\Windows\System32\win32k.sys - ok

13:33:55.0596 3204 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll

13:33:55.0596 3204 C:\Windows\System32\csrsrv.dll - ok

13:33:55.0627 3204 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe

13:33:55.0627 3204 C:\Windows\System32\csrss.exe - ok

13:33:55.0643 3204 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll

13:33:55.0643 3204 C:\Windows\System32\basesrv.dll - ok

13:33:55.0674 3204 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll

13:33:55.0674 3204 C:\Windows\System32\winsrv.dll - ok

13:33:55.0689 3204 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys

13:33:55.0689 3204 C:\Windows\System32\drivers\monitor.sys - ok

13:33:55.0752 3204 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll

13:33:55.0752 3204 C:\Windows\System32\tsddd.dll - ok

13:33:55.0799 3204 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe

13:33:55.0799 3204 C:\Windows\System32\wininit.exe - ok

13:33:55.0814 3204 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll

13:33:55.0814 3204 C:\Windows\System32\userenv.dll - ok

13:33:55.0845 3204 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll

13:33:55.0845 3204 C:\Windows\System32\secur32.dll - ok

13:33:55.0908 3204 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL

13:33:55.0908 3204 C:\Windows\System32\KBDUS.DLL - ok

13:33:55.0939 3204 [ 575DA686EDB1B8C1516181ACFA1FAF7D ] C:\Windows\System32\KBDNE.DLL

13:33:55.0939 3204 C:\Windows\System32\KBDNE.DLL - ok

13:33:55.0955 3204 [ 44648ADBF7BB2D1D0F8EAE71A1E6DA71 ] C:\Windows\System32\KBDUSX.DLL

13:33:55.0955 3204 C:\Windows\System32\KBDUSX.DLL - ok

13:33:55.0986 3204 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll

13:33:55.0986 3204 C:\Windows\System32\WlS0WndH.dll - ok

13:33:56.0017 3204 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll

13:33:56.0017 3204 C:\Windows\System32\apphelp.dll - ok

13:33:56.0033 3204 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe

13:33:56.0033 3204 C:\Windows\System32\services.exe - ok

13:33:56.0048 3204 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll

13:33:56.0048 3204 C:\Windows\System32\sxs.dll - ok

13:33:56.0079 3204 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe

13:33:56.0079 3204 C:\Windows\System32\lsass.exe - ok

13:33:56.0095 3204 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll

13:33:56.0095 3204 C:\Windows\System32\cdd.dll - ok

13:33:56.0111 3204 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll

13:33:56.0111 3204 C:\Windows\System32\scesrv.dll - ok

13:33:56.0142 3204 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe

13:33:56.0142 3204 C:\Windows\System32\lsm.exe - ok

13:33:56.0157 3204 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll

13:33:56.0157 3204 C:\Windows\System32\lsasrv.dll - ok

13:33:56.0173 3204 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll

13:33:56.0173 3204 C:\Windows\System32\authz.dll - ok

13:33:56.0204 3204 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll

13:33:56.0204 3204 C:\Windows\System32\netapi32.dll - ok

13:33:56.0220 3204 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll

13:33:56.0220 3204 C:\Windows\System32\ncobjapi.dll - ok

13:33:56.0251 3204 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll

13:33:56.0251 3204 C:\Windows\System32\sysntfy.dll - ok

13:33:56.0267 3204 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll

13:33:56.0267 3204 C:\Windows\System32\wmsgapi.dll - ok

13:33:56.0282 3204 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll

13:33:56.0282 3204 C:\Windows\System32\samsrv.dll - ok

13:33:56.0298 3204 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll

13:33:56.0298 3204 C:\Windows\System32\aelupsvc.dll - ok

13:33:56.0329 3204 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll

13:33:56.0329 3204 C:\Windows\System32\cryptdll.dll - ok

13:33:56.0345 3204 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll

13:33:56.0345 3204 C:\Windows\System32\dnsapi.dll - ok

13:33:56.0376 3204 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll

13:33:56.0376 3204 C:\Windows\System32\samlib.dll - ok

13:33:56.0391 3204 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll

13:33:56.0391 3204 C:\Windows\System32\msasn1.dll - ok

13:33:56.0423 3204 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll

13:33:56.0423 3204 C:\Windows\System32\ntdsapi.dll - ok

13:33:56.0438 3204 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll

13:33:56.0438 3204 C:\Windows\System32\crypt32.dll - ok

13:33:56.0454 3204 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll

13:33:56.0454 3204 C:\Windows\System32\feclient.dll - ok

13:33:56.0485 3204 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll

13:33:56.0485 3204 C:\Windows\System32\mpr.dll - ok

13:33:56.0501 3204 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe

13:33:56.0501 3204 C:\Windows\System32\alg.exe - ok

13:33:56.0532 3204 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll

13:33:56.0532 3204 C:\Windows\System32\SLC.dll - ok

13:33:56.0547 3204 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll

13:33:56.0547 3204 C:\Windows\System32\wevtapi.dll - ok

13:33:56.0579 3204 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL

13:33:56.0579 3204 C:\Windows\System32\IPHLPAPI.DLL - ok

13:33:56.0594 3204 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll

13:33:56.0594 3204 C:\Windows\System32\dhcpcsvc.dll - ok

13:33:56.0625 3204 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll

13:33:56.0625 3204 C:\Windows\System32\dhcpcsvc6.dll - ok

13:33:56.0672 3204 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll

13:33:56.0672 3204 C:\Windows\System32\winnsi.dll - ok

13:33:56.0688 3204 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll

13:33:56.0688 3204 C:\Windows\System32\cngaudit.dll - ok

13:33:56.0703 3204 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\Windows\System32\ncrypt.dll

13:33:56.0703 3204 C:\Windows\System32\ncrypt.dll - ok

13:33:56.0735 3204 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll

13:33:56.0735 3204 C:\Windows\System32\appinfo.dll - ok

13:33:56.0750 3204 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll

13:33:56.0750 3204 C:\Windows\System32\audiosrv.dll - ok

13:33:56.0766 3204 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll

13:33:56.0781 3204 C:\Windows\System32\bcrypt.dll - ok

13:33:56.0797 3204 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll

13:33:56.0797 3204 C:\Windows\System32\qmgr.dll - ok

13:33:56.0813 3204 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll

13:33:56.0813 3204 C:\Windows\System32\credssp.dll - ok

13:33:56.0828 3204 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll

13:33:56.0828 3204 C:\Windows\System32\browser.dll - ok

13:33:56.0859 3204 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll

13:33:56.0859 3204 C:\Windows\System32\msprivs.dll - ok

13:33:56.0875 3204 [ A4C8377FA4A994E07075107DBE2E3DCE ] C:\Windows\System32\bthserv.dll

13:33:56.0875 3204 C:\Windows\System32\bthserv.dll - ok

13:33:56.0891 3204 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll

13:33:56.0891 3204 C:\Windows\System32\kerberos.dll - ok

13:33:56.0906 3204 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll

13:33:56.0922 3204 C:\Windows\System32\certprop.dll - ok

13:33:56.0937 3204 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL

13:33:56.0937 3204 C:\Windows\System32\WSHTCPIP.DLL - ok

13:33:56.0969 3204 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll

13:33:56.0969 3204 C:\Windows\System32\wship6.dll - ok

13:33:57.0000 3204 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll

13:33:57.0000 3204 C:\Windows\System32\wshqos.dll - ok

13:33:57.0015 3204 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll

13:33:57.0015 3204 C:\Windows\System32\comres.dll - ok

13:33:57.0031 3204 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll

13:33:57.0031 3204 C:\Windows\System32\nlasvc.dll - ok

13:33:57.0047 3204 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll

13:33:57.0047 3204 C:\Windows\System32\NapiNSP.dll - ok

13:33:57.0078 3204 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll

13:33:57.0078 3204 C:\Windows\System32\pnrpnsp.dll - ok

13:33:57.0093 3204 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll

13:33:57.0093 3204 C:\Windows\System32\cryptsvc.dll - ok

13:33:57.0109 3204 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll

13:33:57.0109 3204 C:\Windows\System32\oleres.dll - ok

13:33:57.0125 3204 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll

13:33:57.0125 3204 C:\Windows\System32\mswsock.dll - ok

13:33:57.0156 3204 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll

13:33:57.0156 3204 C:\Windows\System32\dot3svc.dll - ok

13:33:57.0171 3204 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll

13:33:57.0171 3204 C:\Windows\System32\msv1_0.dll - ok

13:33:57.0203 3204 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll

13:33:57.0203 3204 C:\Windows\System32\dps.dll - ok

13:33:57.0218 3204 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll

13:33:57.0218 3204 C:\Windows\System32\netlogon.dll - ok

13:33:57.0234 3204 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll

13:33:57.0234 3204 C:\Windows\System32\eapsvc.dll - ok

13:33:57.0265 3204 [ 9BE3744D295A7701EB425332014F0797 ] C:\Windows\ehome\ehrecvr.exe

13:33:57.0265 3204 C:\Windows\ehome\ehrecvr.exe - ok

13:33:57.0281 3204 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll

13:33:57.0281 3204 C:\Windows\System32\winbrand.dll - ok

13:33:57.0296 3204 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe

13:33:57.0296 3204 C:\Windows\ehome\ehsched.exe - ok

13:33:57.0327 3204 [ B44A7AC9E801C38F54F7340351313E85 ] C:\Windows\System32\atmfd.dll

13:33:57.0327 3204 C:\Windows\System32\atmfd.dll - ok

13:33:57.0343 3204 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll

13:33:57.0343 3204 C:\Windows\System32\schannel.dll - ok

13:33:57.0359 3204 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\Windows\ehome\ehstart.dll

13:33:57.0359 3204 C:\Windows\ehome\ehstart.dll - ok

13:33:57.0374 3204 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll

13:33:57.0374 3204 C:\Windows\System32\wdigest.dll - ok

13:33:57.0390 3204 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll

13:33:57.0390 3204 C:\Windows\System32\emdmgmt.dll - ok

13:33:57.0421 3204 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll

13:33:57.0421 3204 C:\Windows\System32\wevtsvc.dll - ok

13:33:57.0437 3204 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll

13:33:57.0437 3204 C:\Windows\System32\rsaenh.dll - ok

13:33:57.0468 3204 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll

13:33:57.0468 3204 C:\Windows\System32\TSpkg.dll - ok

13:33:57.0483 3204 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll

13:33:57.0483 3204 C:\Windows\System32\gpapi.dll - ok

13:33:57.0499 3204 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll

13:33:57.0499 3204 C:\Windows\System32\fdPHost.dll - ok

13:33:57.0530 3204 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll

13:33:57.0530 3204 C:\Windows\System32\FDResPub.dll - ok

13:33:57.0546 3204 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll

13:33:57.0546 3204 C:\Windows\System32\FntCache.dll - ok

13:33:57.0577 3204 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe

13:33:57.0577 3204 C:\Windows\System32\PresentationHost.exe - ok

13:33:57.0593 3204 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe

13:33:57.0593 3204 C:\Windows\System32\winlogon.exe - ok

13:33:57.0608 3204 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll

13:33:57.0608 3204 C:\Windows\System32\winsta.dll - ok

13:33:57.0624 3204 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll

13:33:57.0624 3204 C:\Windows\System32\hidserv.dll - ok

13:33:57.0655 3204 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL

13:33:57.0655 3204 C:\Windows\System32\KMSVC.DLL - ok

13:33:57.0671 3204 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll

13:33:57.0671 3204 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok

13:33:57.0702 3204 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL

13:33:57.0702 3204 C:\Windows\System32\IKEEXT.DLL - ok

13:33:57.0733 3204 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll

13:33:57.0733 3204 C:\Windows\System32\IPBusEnum.dll - ok

13:33:57.0749 3204 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll

13:33:57.0749 3204 C:\Windows\System32\rascfg.dll - ok

13:33:57.0764 3204 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll

13:33:57.0764 3204 C:\Windows\System32\keyiso.dll - ok

13:33:57.0795 3204 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll

13:33:57.0795 3204 C:\Windows\System32\srvsvc.dll - ok

13:33:57.0811 3204 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll

13:33:57.0811 3204 C:\Windows\System32\wkssvc.dll - ok

13:33:57.0842 3204 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll

13:33:57.0842 3204 C:\Windows\System32\lltdres.dll - ok

13:33:57.0858 3204 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\Windows\ehome\ehres.dll

13:33:57.0858 3204 C:\Windows\ehome\ehres.dll - ok

13:33:57.0873 3204 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll

13:33:57.0873 3204 C:\Windows\System32\lmhsvc.dll - ok

13:33:57.0889 3204 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll

13:33:57.0889 3204 C:\Windows\System32\mmcss.dll - ok

13:33:57.0920 3204 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll

13:33:57.0920 3204 C:\Windows\System32\FirewallAPI.dll - ok

13:33:57.0951 3204 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll

13:33:57.0951 3204 C:\Windows\System32\iscsidsc.dll - ok

13:33:58.0014 3204 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll

13:33:58.0014 3204 C:\Windows\System32\msimsg.dll - ok

13:33:58.0045 3204 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL

13:33:58.0045 3204 C:\Windows\System32\QAGENTRT.DLL - ok

13:33:58.0061 3204 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll

13:33:58.0061 3204 C:\Windows\System32\netman.dll - ok

13:33:58.0092 3204 [ 4EF5DF1B011B05737ECB8F0B7B171510 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll

13:33:58.0092 3204 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok

13:33:58.0107 3204 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll

13:33:58.0107 3204 C:\Windows\System32\netprof.dll - ok

13:33:58.0139 3204 [ CA461A203EF40A98C1C23DE3CBEE68B2 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll

13:33:58.0139 3204 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok

13:33:58.0154 3204 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll

13:33:58.0154 3204 C:\Windows\System32\nsisvc.dll - ok

13:33:58.0170 3204 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll

13:33:58.0170 3204 C:\Windows\System32\p2psvc.dll - ok

13:33:58.0201 3204 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll

13:33:58.0201 3204 C:\Windows\System32\pcasvc.dll - ok

13:33:58.0232 3204 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll

13:33:58.0232 3204 C:\Windows\System32\pla.dll - ok

13:33:58.0248 3204 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll

13:33:58.0248 3204 C:\Windows\System32\umpnpmgr.dll - ok

13:33:58.0279 3204 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll

13:33:58.0279 3204 C:\Windows\System32\polstore.dll - ok

13:33:58.0295 3204 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll

13:33:58.0295 3204 C:\Windows\System32\profsvc.dll - ok

13:33:58.0310 3204 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll

13:33:58.0310 3204 C:\Windows\System32\psbase.dll - ok

13:33:58.0341 3204 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll

13:33:58.0341 3204 C:\Windows\System32\qwave.dll - ok

13:33:58.0357 3204 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys

13:33:58.0357 3204 C:\Windows\System32\drivers\qwavedrv.sys - ok

13:33:58.0388 3204 [ 8F97D374AD1857E1EED85A79F29A1D3D ] C:\Windows\WindowsMobile\rapimgr.dll

13:33:58.0388 3204 C:\Windows\WindowsMobile\rapimgr.dll - ok

13:33:58.0404 3204 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll

13:33:58.0404 3204 C:\Windows\System32\rasauto.dll - ok

13:33:58.0419 3204 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll

13:33:58.0419 3204 C:\Windows\System32\rasmans.dll - ok

13:33:58.0451 3204 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll

13:33:58.0451 3204 C:\Windows\System32\sstpsvc.dll - ok

13:33:58.0466 3204 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll

13:33:58.0466 3204 C:\Windows\System32\mprdim.dll - ok

13:33:58.0497 3204 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll

13:33:58.0497 3204 C:\Windows\System32\regsvc.dll - ok

13:33:58.0513 3204 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe

13:33:58.0513 3204 C:\Windows\System32\Locator.exe - ok

13:33:58.0529 3204 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll

13:33:58.0529 3204 C:\Windows\System32\SCardSvr.dll - ok

13:33:58.0560 3204 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll

13:33:58.0560 3204 C:\Windows\System32\schedsvc.dll - ok

13:33:58.0575 3204 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll

13:33:58.0575 3204 C:\Windows\System32\sdrsvc.dll - ok

13:33:58.0607 3204 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll

13:33:58.0607 3204 C:\Windows\System32\seclogon.dll - ok

13:33:58.0623 3204 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll

13:33:58.0639 3204 C:\Windows\System32\Sens.dll - ok

13:33:58.0654 3204 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll

13:33:58.0654 3204 C:\Windows\System32\SessEnv.dll - ok

13:33:58.0670 3204 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll

13:33:58.0670 3204 C:\Windows\System32\shsvcs.dll - ok

13:33:58.0686 3204 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe

13:33:58.0686 3204 C:\Windows\System32\SLsvc.exe - ok

13:33:58.0717 3204 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll

13:33:58.0717 3204 C:\Windows\System32\SLUINotify.dll - ok

13:33:58.0748 3204 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll

13:33:58.0748 3204 C:\Windows\System32\tcpipcfg.dll - ok

13:33:58.0764 3204 [ 26BA81BA48C3D9FB292B4B60FDE849F2 ] C:\Windows\System32\snmp.exe

13:33:58.0764 3204 C:\Windows\System32\snmp.exe - ok

13:33:58.0779 3204 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe

13:33:58.0779 3204 C:\Windows\System32\snmptrap.exe - ok

13:33:58.0810 3204 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe

13:33:58.0810 3204 C:\Windows\System32\spoolsv.exe - ok

13:33:58.0826 3204 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll

13:33:58.0826 3204 C:\Windows\System32\ssdpsrv.dll - ok

13:33:58.0857 3204 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll

13:33:58.0857 3204 C:\Windows\System32\wiaservc.dll - ok

13:33:58.0873 3204 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll

13:33:58.0873 3204 C:\Windows\System32\sysmain.dll - ok

13:33:58.0904 3204 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll

13:33:58.0904 3204 C:\Windows\System32\TabSvc.dll - ok

13:33:58.0920 3204 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll

13:33:58.0920 3204 C:\Windows\System32\tapisrv.dll - ok

13:33:58.0935 3204 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll

13:33:58.0935 3204 C:\Windows\System32\tbssvc.dll - ok

13:33:58.0966 3204 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll

13:33:58.0966 3204 C:\Windows\System32\termsrv.dll - ok

13:33:58.0982 3204 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll

13:33:58.0982 3204 C:\Windows\System32\trkwks.dll - ok

13:33:58.0998 3204 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe

13:33:58.0998 3204 C:\Windows\servicing\TrustedInstaller.exe - ok

13:33:59.0029 3204 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe

13:33:59.0029 3204 C:\Windows\System32\UI0Detect.exe - ok

13:33:59.0044 3204 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll

13:33:59.0044 3204 C:\Windows\System32\upnphost.dll - ok

13:33:59.0138 3204 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe

13:33:59.0138 3204 C:\Windows\System32\dwm.exe - ok

13:33:59.0154 3204 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe

13:33:59.0154 3204 C:\Windows\System32\vds.exe - ok

13:33:59.0216 3204 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe

13:33:59.0216 3204 C:\Windows\System32\VSSVC.exe - ok

13:33:59.0247 3204 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll

13:33:59.0247 3204 C:\Windows\System32\w32time.dll - ok

13:33:59.0278 3204 [ 59E19BD13C3BDB857646B9E436BA27F7 ] C:\Windows\WindowsMobile\wcescomm.dll

13:33:59.0278 3204 C:\Windows\WindowsMobile\wcescomm.dll - ok

13:33:59.0356 3204 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll

13:33:59.0356 3204 C:\Windows\System32\wcncsvc.dll - ok

13:33:59.0403 3204 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll

13:33:59.0403 3204 C:\Windows\System32\WcsPlugInService.dll - ok

13:33:59.0512 3204 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll

13:33:59.0512 3204 C:\Windows\System32\wdi.dll - ok

13:33:59.0512 3204 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll

13:33:59.0512 3204 C:\Windows\System32\WebClnt.dll - ok

13:33:59.0528 3204 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll

13:33:59.0528 3204 C:\Windows\System32\wecsvc.dll - ok

13:33:59.0668 3204 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll

13:33:59.0668 3204 C:\Windows\System32\wercplsupport.dll - ok

13:33:59.0684 3204 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll

13:33:59.0684 3204 C:\Windows\System32\wersvc.dll - ok

13:33:59.0840 3204 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll

13:33:59.0840 3204 C:\Windows\System32\winhttp.dll - ok

13:33:59.0856 3204 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll

13:33:59.0856 3204 C:\Windows\System32\WsmSvc.dll - ok

13:33:59.0980 3204 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll

13:33:59.0980 3204 C:\Windows\System32\wlansvc.dll - ok

13:33:59.0996 3204 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe

13:33:59.0996 3204 C:\Windows\System32\wbem\WmiApSrv.exe - ok

13:34:00.0121 3204 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe

13:34:00.0121 3204 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

13:34:00.0152 3204 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll

13:34:00.0152 3204 C:\Windows\System32\wpcsvc.dll - ok

13:34:00.0168 3204 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll

13:34:00.0168 3204 C:\Windows\System32\wpdbusenum.dll - ok

13:34:00.0183 3204 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

13:34:00.0183 3204 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok

13:34:00.0214 3204 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll

13:34:00.0214 3204 C:\Windows\System32\wscsvc.dll - ok

13:34:00.0230 3204 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll

13:34:00.0230 3204 C:\Windows\System32\wuaueng.dll - ok

13:34:00.0246 3204 [ 575A4190D989F64732119E4114045A4F ] C:\Windows\System32\WUDFSvc.dll

13:34:00.0246 3204 C:\Windows\System32\WUDFSvc.dll - ok

13:34:00.0277 3204 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll

13:34:00.0277 3204 C:\Windows\System32\scecli.dll - ok

13:34:00.0292 3204 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe

13:34:00.0292 3204 C:\Windows\System32\svchost.exe - ok

13:34:00.0324 3204 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll

13:34:00.0324 3204 C:\Windows\System32\ntmarta.dll - ok

13:34:00.0339 3204 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll

13:34:00.0339 3204 C:\Windows\System32\powrprof.dll - ok

13:34:00.0370 3204 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys

13:34:00.0370 3204 C:\Windows\System32\drivers\luafv.sys - ok

13:34:00.0386 3204 [ 500D089CE760D83DA2B6CBA681AA9949 ] C:\Windows\System32\drivers\mbam.sys

13:34:00.0386 3204 C:\Windows\System32\drivers\mbam.sys - ok

13:34:00.0402 3204 [ B0B3122BFF3910E0BA97014045467778 ] C:\Windows\System32\drivers\tifsfilt.sys

13:34:00.0402 3204 C:\Windows\System32\drivers\tifsfilt.sys - ok

13:34:00.0417 3204 [ DED8F2C0070478F13C37F7BD849B83FA ] C:\Windows\System32\nvvsvc.exe

13:34:00.0417 3204 C:\Windows\System32\nvvsvc.exe - ok

13:34:00.0448 3204 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

13:34:00.0448 3204 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok

13:34:00.0464 3204 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll

13:34:00.0464 3204 C:\Windows\System32\rpcss.dll - ok

13:34:00.0495 3204 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll

13:34:00.0495 3204 C:\Windows\System32\version.dll - ok

13:34:00.0511 3204 [ DD1D685D387A8AC666BA3B7539C774E8 ] C:\Windows\System32\wpclsp.dll

13:34:00.0511 3204 C:\Windows\System32\wpclsp.dll - ok

13:34:00.0542 3204 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe

13:34:00.0542 3204 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok

13:34:00.0573 3204 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll

13:34:00.0573 3204 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok

13:34:00.0589 3204 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll

13:34:00.0589 3204 C:\Windows\System32\wtsapi32.dll - ok

13:34:00.0620 3204 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll

13:34:00.0620 3204 C:\Program Files\Microsoft Security Client\MpClient.dll - ok

13:34:00.0651 3204 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe

13:34:00.0651 3204 C:\Windows\System32\LogonUI.exe - ok

13:34:00.0667 3204 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll

13:34:00.0667 3204 C:\Windows\System32\wintrust.dll - ok

13:34:00.0682 3204 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll

13:34:00.0682 3204 C:\Windows\System32\authui.dll - ok

13:34:00.0714 3204 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll

13:34:00.0714 3204 C:\Windows\System32\msimg32.dll - ok

13:34:00.0729 3204 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll

13:34:00.0729 3204 C:\Windows\System32\uxtheme.dll - ok

13:34:00.0760 3204 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll

13:34:00.0760 3204 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok

13:34:00.0792 3204 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll

13:34:00.0792 3204 C:\Windows\System32\duser.dll - ok

13:34:00.0807 3204 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll

13:34:00.0807 3204 C:\Windows\System32\xmllite.dll - ok

13:34:00.0823 3204 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll

13:34:00.0838 3204 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

13:34:00.0854 3204 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll

13:34:00.0854 3204 C:\Windows\System32\shgina.dll - ok

13:34:00.0870 3204 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll

13:34:00.0870 3204 C:\Windows\System32\rasplap.dll - ok

13:34:00.0901 3204 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll

13:34:00.0901 3204 C:\Windows\System32\rasapi32.dll - ok

13:34:00.0916 3204 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll

13:34:00.0916 3204 C:\Windows\System32\rasman.dll - ok

13:34:00.0932 3204 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll

13:34:00.0932 3204 C:\Windows\System32\tapi32.dll - ok

13:34:00.0963 3204 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll

13:34:00.0963 3204 C:\Windows\System32\rtutils.dll - ok

13:34:00.0979 3204 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll

13:34:00.0979 3204 C:\Windows\System32\winmm.dll - ok

13:34:01.0026 3204 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll

13:34:01.0026 3204 C:\Windows\System32\oleacc.dll - ok

13:34:01.0057 3204 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll

13:34:01.0057 3204 C:\Windows\System32\WinSCard.dll - ok

13:34:01.0072 3204 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll

13:34:01.0072 3204 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok

13:34:01.0119 3204 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll

13:34:01.0119 3204 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok

13:34:01.0150 3204 [ 2E35747769F297086505138E0B0A08F3 ] C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

13:34:01.0150 3204 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe - ok

13:34:01.0166 3204 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll

13:34:01.0166 3204 C:\Windows\System32\shacct.dll - ok

13:34:01.0182 3204 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll

13:34:01.0182 3204 C:\Windows\System32\propsys.dll - ok

13:34:01.0197 3204 [ 32ADB3934ADA31B10E0AD12F0A562809 ] C:\Program Files\Trusteer\Rapport\bin\RapportUtil.dll

13:34:01.0213 3204 C:\Program Files\Trusteer\Rapport\bin\RapportUtil.dll - ok

13:34:01.0213 3204 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\Program Files\Trusteer\Rapport\bin\msvcr80.dll

13:34:01.0213 3204 C:\Program Files\Trusteer\Rapport\bin\msvcr80.dll - ok

13:34:01.0244 3204 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll

13:34:01.0244 3204 C:\Windows\System32\avrt.dll - ok

13:34:01.0275 3204 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\Program Files\Trusteer\Rapport\bin\msvcp80.dll

13:34:01.0275 3204 C:\Program Files\Trusteer\Rapport\bin\msvcp80.dll - ok

13:34:01.0291 3204 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll

13:34:01.0291 3204 C:\Windows\System32\wsock32.dll - ok

13:34:01.0322 3204 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll

13:34:01.0322 3204 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok

13:34:01.0338 3204 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\System32\fltLib.dll

13:34:01.0338 3204 C:\Windows\System32\fltLib.dll - ok

13:34:01.0353 3204 [ 00A0231FCA55C815853B957767E34B02 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll

13:34:01.0353 3204 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok

13:34:01.0384 3204 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll

13:34:01.0384 3204 C:\Windows\System32\msi.dll - ok

13:34:01.0400 3204 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] C:\Windows\System32\drivers\MpFilter.sys

13:34:01.0400 3204 C:\Windows\System32\drivers\MpFilter.sys - ok

13:34:01.0431 3204 [ 2EF4E53ACB0DF0B34091335BB26C2BC2 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll

13:34:01.0431 3204 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok

13:34:01.0462 3204 [ AEFD5E1D91B86AB41D9705600303F34E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AD06D9E-5EDA-44EC-9E86-D54E4C95FF85}\mpengine.dll

13:34:01.0462 3204 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AD06D9E-5EDA-44EC-9E86-D54E4C95FF85}\mpengine.dll - ok

13:34:01.0478 3204 [ 244C631BE2F7F36EAD9DDAEED95AA298 ] C:\Windows\System32\ntkrnlpa.exe

13:34:01.0478 3204 C:\Windows\System32\ntkrnlpa.exe - ok

13:34:01.0494 3204 [ AFCE3F44A93C8EA2CCDEDD9414702772 ] C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll.data

13:34:01.0494 3204 C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll.data - ok

13:34:01.0525 3204 [ AFCE3F44A93C8EA2CCDEDD9414702772 ] C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll

13:34:01.0525 3204 C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll - ok

13:34:01.0540 3204 [ 531DBD7CAA810AF906850CF6BF49F8B1 ] C:\Program Files\Trusteer\Rapport\bin\rookscom.dll.data

13:34:01.0540 3204 C:\Program Files\Trusteer\Rapport\bin\rookscom.dll.data - ok

13:34:01.0572 3204 [ 531DBD7CAA810AF906850CF6BF49F8B1 ] C:\Program Files\Trusteer\Rapport\bin\rookscom.dll

13:34:01.0572 3204 C:\Program Files\Trusteer\Rapport\bin\rookscom.dll - ok

13:34:01.0587 3204 [ EE185EFA3A499B11FDC07BD41A5A57F1 ] C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll.data

13:34:01.0587 3204 C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll.data - ok

13:34:01.0603 3204 [ EE185EFA3A499B11FDC07BD41A5A57F1 ] C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll

13:34:01.0603 3204 C:\Program Files\Trusteer\Rapport\bin\rooksdol.dll - ok

13:34:01.0634 3204 [ 5DB99BBD7A50F2A45A5118D9532064C4 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll

13:34:01.0634 3204 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll - ok

13:34:01.0635 3204 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll

13:34:01.0635 3204 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll - ok

13:34:01.0682 3204 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll

13:34:01.0682 3204 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll - ok

13:34:01.0697 3204 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll

13:34:01.0697 3204 C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll - ok

13:34:01.0729 3204 [ 29820425D7B6407793C8C0ACB9622FF0 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll

13:34:01.0729 3204 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll - ok

13:34:01.0760 3204 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll

13:34:01.0760 3204 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll - ok

13:34:01.0822 3204 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll

13:34:01.0822 3204 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll - ok

13:34:01.0853 3204 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll

13:34:02.0368 3204 C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll - ok

13:34:02.0368 3204 [ 378C296F78EBC17E57C6CF96CD024D59 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus.dll

13:34:02.0368 3204 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus.dll - ok

13:34:02.0399 3204 [ 630593EFBD859E48C5E180AB23DC1065 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll

13:34:02.0399 3204 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll - ok

13:34:02.0415 3204 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll

13:34:02.0415 3204 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll - ok

13:34:02.0462 3204 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll

13:34:02.0462 3204 C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll - ok

13:34:02.0477 3204 [ 5BEB722294C6A21BBE79E816F4E933DA ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll

13:34:02.0477 3204 C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll - ok

13:34:02.0509 3204 [ B7AB636643F405839CB3D1684145651C ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll

13:34:02.0509 3204 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll - ok

13:34:02.0524 3204 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll

13:34:02.0524 3204 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll - ok

13:34:02.0555 3204 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll

13:34:02.0555 3204 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll - ok

13:34:02.0571 3204 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll

13:34:02.0571 3204 C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll - ok

13:34:02.0587 3204 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe

13:34:02.0587 3204 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok

13:34:02.0602 3204 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll

13:34:02.0602 3204 C:\Windows\System32\wscapi.dll - ok

13:34:02.0633 3204 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll

13:34:02.0633 3204 C:\Windows\System32\cabinet.dll - ok

13:34:02.0649 3204 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll

13:34:02.0649 3204 C:\Windows\System32\p2pcollab.dll - ok

13:34:02.0681 3204 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll

13:34:02.0681 3204 C:\Windows\System32\slwga.dll - ok

13:34:02.0697 3204 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll

13:34:02.0697 3204 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok

13:34:02.0728 3204 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll

13:34:02.0728 3204 C:\Windows\System32\MMDevAPI.dll - ok

13:34:02.0744 3204 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll

13:34:02.0744 3204 C:\Windows\System32\adtschema.dll - ok

13:34:02.0759 3204 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys

13:34:02.0759 3204 C:\Windows\System32\drivers\fltMgr.sys - ok

13:34:02.0790 3204 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll

13:34:02.0790 3204 C:\Windows\System32\ci.dll - ok

13:34:02.0822 3204 [ 97FEF831AB90BEE128C9AF390E243F80 ] C:\Windows\System32\drivers\drmkaud.sys

13:34:02.0822 3204 C:\Windows\System32\drivers\drmkaud.sys - ok

13:34:02.0822 3204 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL

13:34:02.0822 3204 C:\Windows\System32\PSHED.DLL - ok

13:34:02.0853 3204 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll

13:34:02.0853 3204 C:\Windows\System32\winrnr.dll - ok

13:34:02.0868 3204 [ EFA80360111D8D179E39E314A49C9ED4 ] C:\Windows\System32\wshbth.dll

13:34:02.0868 3204 C:\Windows\System32\wshbth.dll - ok

13:34:02.0884 3204 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll

13:34:02.0884 3204 C:\Program Files\Bonjour\mdnsNSP.dll - ok

13:34:02.0915 3204 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll

13:34:02.0915 3204 C:\Windows\System32\rasadhlp.dll - ok

13:34:03.0024 3204 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe

13:34:03.0024 3204 C:\Windows\System32\audiodg.exe - ok

13:34:03.0040 3204 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll

13:34:03.0040 3204 C:\Windows\System32\gpsvc.dll - ok

13:34:03.0071 3204 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll

13:34:03.0071 3204 C:\Windows\System32\nlaapi.dll - ok

13:34:03.0087 3204 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll

13:34:03.0087 3204 C:\Windows\System32\atl.dll - ok

13:34:03.0118 3204 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll

13:34:03.0118 3204 C:\Windows\System32\es.dll - ok

13:34:03.0134 3204 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll

13:34:03.0134 3204 C:\Windows\System32\WindowsCodecs.dll - ok

13:34:03.0149 3204 [ A127CB549CD8A456FBC53B0077277BEA ] C:\Windows\System32\nvsvc.dll

13:34:03.0149 3204 C:\Windows\System32\nvsvc.dll - ok

13:34:03.0180 3204 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll

13:34:03.0180 3204 C:\Windows\System32\hid.dll - ok

13:34:03.0196 3204 [ 307F96C1C6FF6541CEDEF5BD1FF2C30B ] C:\Windows\System32\nvapi.dll

13:34:03.0196 3204 C:\Windows\System32\nvapi.dll - ok

13:34:03.0212 3204 [ 441947B1D93B1594701D358CE1505E90 ] C:\Windows\System32\nvsvcr.dll

13:34:03.0212 3204 C:\Windows\System32\nvsvcr.dll - ok

13:34:03.0243 3204 [ 010BE20C4542753A81A85117E0B23767 ] C:\Windows\System32\nvcpl.dll

13:34:03.0243 3204 C:\Windows\System32\nvcpl.dll - ok

13:34:03.0258 3204 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv

13:34:03.0258 3204 C:\Windows\System32\winspool.drv - ok

13:34:03.0274 3204 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll

13:34:03.0274 3204 C:\Windows\System32\uxsms.dll - ok

13:34:03.0305 3204 [ 399BB52AD0668472717498E97CF28341 ] C:\Windows\System32\WUDFPlatform.dll

13:34:03.0305 3204 C:\Windows\System32\WUDFPlatform.dll - ok

13:34:03.0321 3204 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys

13:34:03.0321 3204 C:\Windows\System32\drivers\lltdio.sys - ok

13:34:03.0336 3204 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys

13:34:03.0336 3204 C:\Windows\System32\drivers\nwifi.sys - ok

13:34:03.0352 3204 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys

13:34:03.0352 3204 C:\Windows\System32\drivers\ndisuio.sys - ok

13:34:03.0383 3204 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys

13:34:03.0383 3204 C:\Windows\System32\drivers\rspndr.sys - ok

13:34:03.0399 3204 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys

13:34:03.0399 3204 C:\Windows\System32\drivers\spsys.sys - ok

13:34:03.0414 3204 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll

13:34:03.0414 3204 C:\Windows\System32\dnsrslvr.dll - ok

13:34:03.0446 3204 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll

13:34:03.0446 3204 C:\Windows\System32\eapphost.dll - ok

13:34:03.0461 3204 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll

13:34:03.0461 3204 C:\Windows\System32\rastls.dll - ok

13:34:03.0492 3204 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll

13:34:03.0492 3204 C:\Windows\System32\raschap.dll - ok

13:34:03.0508 3204 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll

13:34:03.0508 3204 C:\Windows\System32\umb.dll - ok

13:34:03.0524 3204 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll

13:34:03.0524 3204 C:\Windows\System32\wlanmsm.dll - ok

13:34:03.0539 3204 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll

13:34:03.0539 3204 C:\Windows\System32\wlansec.dll - ok

13:34:03.0570 3204 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll

13:34:03.0570 3204 C:\Windows\System32\onex.dll - ok

13:34:03.0586 3204 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll

13:34:03.0586 3204 C:\Windows\System32\eappprxy.dll - ok

13:34:03.0602 3204 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll

13:34:03.0602 3204 C:\Windows\System32\eappcfg.dll - ok

13:34:03.0617 3204 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll

13:34:03.0617 3204 C:\Windows\System32\wlgpclnt.dll - ok

13:34:03.0648 3204 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll

13:34:03.0648 3204 C:\Windows\System32\l2gpstore.dll - ok

13:34:03.0664 3204 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll

13:34:03.0664 3204 C:\Windows\System32\wlanutil.dll - ok

13:34:03.0695 3204 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll

13:34:03.0695 3204 C:\Windows\System32\msxml6.dll - ok

13:34:03.0711 3204 [ 61323B88EFE90F6B144A3611B3ED1D7D ] C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

13:34:03.0711 3204 C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe - ok

13:34:03.0742 3204 [ 2627252460E3CAEB4E207923E578ADB1 ] C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll

13:34:03.0742 3204 C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll - ok

13:34:03.0758 3204 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

13:34:03.0758 3204 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

13:34:03.0789 3204 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

13:34:03.0789 3204 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

13:34:03.0836 3204 [ 6FD5AE56199BE236D6766FBB41AB5955 ] C:\Program Files\Lavasoft\Ad-Aware\Resources.dll

13:34:03.0836 3204 C:\Program Files\Lavasoft\Ad-Aware\Resources.dll - ok

13:34:03.0836 3204 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe

13:34:03.0836 3204 C:\Windows\System32\rundll32.exe - ok

13:34:03.0882 3204 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll

13:34:03.0882 3204 C:\Windows\System32\shimeng.dll - ok

13:34:03.0898 3204 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll

13:34:03.0898 3204 C:\Windows\AppPatch\AcLayers.dll - ok

13:34:03.0914 3204 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll

13:34:03.0914 3204 C:\Windows\System32\ktmw32.dll - ok

13:34:04.0054 3204 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll

13:34:04.0054 3204 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok

13:34:04.0101 3204 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll

13:34:04.0101 3204 C:\Windows\System32\taskcomp.dll - ok

13:34:04.0132 3204 [ F870AA3E254628EBEAFE754108D664DE ] C:\Windows\System32\drivers\http.sys

13:34:04.0132 3204 C:\Windows\System32\drivers\http.sys - ok

13:34:04.0163 3204 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll

13:34:04.0163 3204 C:\Windows\System32\dssenh.dll - ok

13:34:04.0179 3204 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll

13:34:04.0179 3204 C:\Windows\System32\netcfgx.dll - ok

13:34:04.0194 3204 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll

13:34:04.0194 3204 C:\Windows\System32\SensApi.dll - ok

13:34:04.0210 3204 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll

13:34:04.0210 3204 C:\Windows\System32\spoolss.dll - ok

13:34:04.0241 3204 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys

13:34:04.0241 3204 C:\Windows\System32\drivers\srvnet.sys - ok

13:34:04.0272 3204 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL

13:34:04.0272 3204 C:\Windows\System32\BFE.DLL - ok

13:34:04.0288 3204 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll

13:34:04.0288 3204 C:\Windows\System32\wiarpc.dll - ok

13:34:04.0304 3204 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL

13:34:04.0304 3204 C:\Windows\System32\FWPUCLNT.DLL - ok

13:34:04.0335 3204 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe

13:34:04.0335 3204 C:\Windows\System32\dllhost.exe - ok

13:34:04.0350 3204 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys

13:34:04.0350 3204 C:\Windows\System32\drivers\bowser.sys - ok

13:34:04.0382 3204 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll

13:34:04.0382 3204 C:\Windows\System32\taskschd.dll - ok

13:34:04.0428 3204 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys

13:34:04.0428 3204 C:\Windows\System32\drivers\mpsdrv.sys - ok

13:34:04.0444 3204 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys

13:34:04.0444 3204 C:\Windows\System32\drivers\mrxsmb.sys - ok

13:34:04.0460 3204 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll

13:34:04.0460 3204 C:\Windows\System32\MPSSVC.dll - ok

13:34:04.0475 3204 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys

13:34:04.0475 3204 C:\Windows\System32\drivers\mrxsmb10.sys - ok

13:34:04.0506 3204 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys

13:34:04.0506 3204 C:\Windows\System32\drivers\mrxsmb20.sys - ok

13:34:04.0522 3204 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys

13:34:04.0522 3204 C:\Windows\System32\drivers\srv2.sys - ok

13:34:04.0553 3204 [ 813FEAFC2103493DB0AA1A930762A03C ] C:\Program Files\Lavasoft\Ad-Aware\lavalicense.dll

13:34:04.0553 3204 C:\Program Files\Lavasoft\Ad-Aware\lavalicense.dll - ok

13:34:04.0569 3204 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe

13:34:04.0569 3204 C:\Windows\System32\AtBroker.exe - ok

13:34:04.0600 3204 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll

13:34:04.0600 3204 C:\Windows\System32\wfapigp.dll - ok

13:34:04.0616 3204 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B ] C:\Windows\WindowsMobile\wmdcBase.exe

13:34:04.0616 3204 C:\Windows\WindowsMobile\wmdcBase.exe - ok

13:34:04.0662 3204 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe

13:34:04.0662 3204 C:\Windows\System32\userinit.exe - ok

13:34:04.0662 3204 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll

13:34:04.0662 3204 C:\Windows\System32\dwmapi.dll - ok

13:34:04.0694 3204 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe

13:34:04.0694 3204 C:\Windows\System32\plasrv.exe - ok

13:34:04.0694 3204 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe

13:34:04.0694 3204 C:\Windows\explorer.exe - ok

13:34:04.0725 3204 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll

13:34:04.0725 3204 C:\Windows\System32\dwmredir.dll - ok

13:34:04.0726 3204 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll

13:34:04.0726 3204 C:\Windows\System32\milcore.dll - ok

13:34:04.0757 3204 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll

13:34:04.0757 3204 C:\Windows\System32\shdocvw.dll - ok

13:34:04.0788 3204 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll

13:34:04.0788 3204 C:\Windows\System32\browseui.dll - ok

13:34:04.0804 3204 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll

13:34:04.0804 3204 C:\Windows\System32\d3d9.dll - ok

13:34:04.0819 3204 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll

13:34:04.0819 3204 C:\Windows\System32\d3d8thk.dll - ok

13:34:04.0851 3204 [ 55AE74EFC3600D12C4ECB247DB10D67E ] C:\Windows\System32\nvd3dum.dll

13:34:04.0851 3204 C:\Windows\System32\nvd3dum.dll - ok

13:34:04.0882 3204 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll

13:34:04.0882 3204 C:\Windows\System32\wbem\wbemprox.dll - ok

13:34:04.0897 3204 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll

13:34:04.0897 3204 C:\Windows\System32\wbemcomn.dll - ok

13:34:04.0929 3204 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll

13:34:04.0929 3204 C:\Windows\System32\EhStorShell.dll - ok

13:34:04.0944 3204 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll

13:34:04.0944 3204 C:\Windows\System32\uDWM.dll - ok

13:34:04.0960 3204 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

13:34:04.0960 3204 C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL - ok

13:34:04.0975 3204 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll

13:34:04.0975 3204 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok

13:34:05.0007 3204 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe

13:34:05.0007 3204 C:\Windows\System32\taskeng.exe - ok

13:34:05.0022 3204 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF

13:34:05.0022 3204 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok

13:34:05.0085 3204 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys

13:34:05.0085 3204 C:\Windows\System32\drivers\srv.sys - ok

13:34:05.0131 3204 [ E196C69817A50C2F0CBC0AEE8468D6D2 ] C:\PROGRA~1\MICROS~3\Office14\1043\GrooveIntlResource.dll

13:34:05.0131 3204 C:\PROGRA~1\MICROS~3\Office14\1043\GrooveIntlResource.dll - ok

13:34:05.0147 3204 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll

13:34:05.0147 3204 C:\Windows\System32\imageres.dll - ok

13:34:05.0178 3204 [ 999E1DA0A55A602B9B58C6E306BD010D ] C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

13:34:05.0178 3204 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe - ok

13:34:05.0194 3204 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll

13:34:05.0194 3204 C:\Windows\System32\IconCodecService.dll - ok

13:34:05.0209 3204 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe

13:34:05.0209 3204 C:\Windows\System32\runonce.exe - ok

13:34:05.0225 3204 [ 893E0152D1EA2748E1B0772FBE8127D0 ] C:\Program Files\Trusteer\Rapport\bin\js32.dll

13:34:05.0225 3204 C:\Program Files\Trusteer\Rapport\bin\js32.dll - ok

13:34:05.0256 3204 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe

13:34:05.0256 3204 C:\Windows\System32\cmd.exe - ok

13:34:05.0272 3204 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll

13:34:05.0272 3204 C:\Windows\System32\localspl.dll - ok

13:34:05.0287 3204 [ 6080A176D09435FC8E6E800996656E18 ] C:\Windows\System32\conime.exe

13:34:05.0287 3204 C:\Windows\System32\conime.exe - ok

13:34:05.0319 3204 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll

13:34:05.0319 3204 C:\Windows\System32\sfc.dll - ok

13:34:05.0334 3204 [ BA7488EA536BCDD2F551A075BBE62C76 ] C:\Windows\System32\ieframe.dll

13:34:05.0334 3204 C:\Windows\System32\ieframe.dll - ok

13:34:05.0365 3204 [ 7EE1622A8C253689140658670853498B ] C:\Windows\System32\custmon32.dll

13:34:05.0365 3204 C:\Windows\System32\custmon32.dll - ok

13:34:05.0381 3204 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\Windows\System32\mdimon.dll

13:34:05.0381 3204 C:\Windows\System32\mdimon.dll - ok

13:34:05.0397 3204 [ 6FE5C4B61EC85D746ADFA9FFF8C2AC58 ] C:\Windows\System32\HPZ3LLHN.DLL

13:34:05.0397 3204 C:\Windows\System32\HPZ3LLHN.DLL - ok

13:34:05.0428 3204 [ AF238673651EFC0226EA74239B502A6F ] C:\Windows\System32\pdf995mon.dll

13:34:05.0428 3204 C:\Windows\System32\pdf995mon.dll - ok

13:34:05.0443 3204 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll

13:34:05.0443 3204 C:\Windows\System32\netmsg.dll - ok

13:34:05.0459 3204 [ 311DD38026D11290DAEF00A11FC41C0D ] C:\Windows\System32\pdfcmnnt.dll

13:34:05.0459 3204 C:\Windows\System32\pdfcmnnt.dll - ok

13:34:05.0475 3204 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll

13:34:05.0475 3204 C:\Windows\System32\sscore.dll - ok

13:34:05.0506 3204 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll

13:34:05.0506 3204 C:\Windows\System32\clusapi.dll - ok

13:34:05.0521 3204 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll

13:34:05.0521 3204 C:\Windows\System32\tcpmon.dll - ok

13:34:05.0537 3204 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll

13:34:05.0537 3204 C:\Windows\System32\activeds.dll - ok

13:34:05.0568 3204 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll

13:34:05.0568 3204 C:\Windows\System32\adsldpc.dll - ok

13:34:05.0584 3204 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll

13:34:05.0584 3204 C:\Windows\System32\credui.dll - ok

13:34:05.0615 3204 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll

13:34:05.0615 3204 C:\Windows\System32\snmpapi.dll - ok

13:34:05.0631 3204 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll

13:34:05.0631 3204 C:\Windows\System32\resutils.dll - ok

13:34:05.0646 3204 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll

13:34:05.0646 3204 C:\Windows\System32\wsnmp32.dll - ok

13:34:05.0677 3204 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll

13:34:05.0677 3204 C:\Windows\System32\tcpmib.dll - ok

13:34:05.0693 3204 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll

13:34:05.0693 3204 C:\Windows\System32\mgmtapi.dll - ok

13:34:05.0724 3204 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll

13:34:05.0724 3204 C:\Windows\System32\usbmon.dll - ok

13:34:05.0740 3204 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll

13:34:05.0740 3204 C:\Windows\System32\TSChannel.dll - ok

13:34:05.0755 3204 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll

13:34:05.0755 3204 C:\Windows\System32\WSDMon.dll - ok

13:34:05.0771 3204 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll

13:34:05.0771 3204 C:\Windows\System32\WSDApi.dll - ok

13:34:05.0802 3204 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\Windows\System32\httpapi.dll

13:34:05.0802 3204 C:\Windows\System32\httpapi.dll - ok

13:34:05.0818 3204 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll

13:34:05.0818 3204 C:\Windows\System32\cfgmgr32.dll - ok

13:34:05.0833 3204 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll

13:34:05.0833 3204 C:\Windows\System32\fundisc.dll - ok

13:34:05.0865 3204 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll

13:34:05.0865 3204 C:\Windows\System32\msxml3.dll - ok

13:34:05.0880 3204 [ 801DECF3A583C270E5C398FCD082E3DD ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL

13:34:05.0880 3204 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok

13:34:05.0911 3204 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll

13:34:05.0911 3204 C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll - ok

13:34:05.0943 3204 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll

13:34:05.0943 3204 C:\Windows\System32\win32spl.dll - ok

13:34:05.0958 3204 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll

13:34:05.0958 3204 C:\Windows\System32\netrap.dll - ok

13:34:05.0974 3204 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll

13:34:05.0989 3204 C:\Windows\System32\printcom.dll - ok

13:34:06.0005 3204 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll

13:34:06.0005 3204 C:\Windows\System32\inetpp.dll - ok

13:34:06.0021 3204 [ 626A24ED1228580B9518C01930936DF9 ] C:\Program Files\Google\Update\GoogleUpdate.exe

13:34:06.0021 3204 C:\Program Files\Google\Update\GoogleUpdate.exe - ok

13:34:06.0067 3204 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll

13:34:06.0067 3204 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok

13:34:06.0083 3204 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys

13:34:06.0083 3204 C:\Windows\System32\drivers\parport.sys - ok

13:34:06.0099 3204 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll

13:34:06.0099 3204 C:\Windows\System32\cscapi.dll - ok

13:34:06.0130 3204 [ 8181CEB341CBB2F7F893F85B915D5E15 ] C:\Windows\System32\drivers\MaVc2K.sys

13:34:06.0130 3204 C:\Windows\System32\drivers\MaVc2K.sys - ok

13:34:06.0145 3204 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll

13:34:06.0145 3204 C:\Windows\System32\HotStartUserAgent.dll - ok

13:34:06.0177 3204 [ 2A5E5246F22530E351C9F3F2C1CD63B9 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

13:34:06.0177 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe - ok

13:34:06.0192 3204 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll

13:34:06.0192 3204 C:\Windows\System32\dbghelp.dll - ok

13:34:06.0223 3204 [ D412AC27FE3C9F8BC19741DAC0E0329D ] C:\Program Files\Real\RealUpgrade\realupgrade.exe

13:34:06.0223 3204 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok

13:34:06.0255 3204 [ 6B103C18E38990FBA05F12B0945C09E8 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\FineObj.dll

13:34:06.0255 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\FineObj.dll - ok

13:34:06.0270 3204 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll

13:34:06.0270 3204 C:\Windows\System32\PlaySndSrv.dll - ok

13:34:06.0286 3204 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\msvcr71.dll

13:34:06.0286 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\msvcr71.dll - ok

13:34:06.0317 3204 [ ABC3F5E31F233A0431C31DFF920294A5 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\FineNet.dll

13:34:06.0317 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\FineNet.dll - ok

13:34:06.0333 3204 [ 54A5FCDA2AD64B55B52A38A61B9A05FD ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\AbbyyZlib.dll

13:34:06.0333 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\AbbyyZlib.dll - ok

13:34:06.0364 3204 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll

13:34:06.0364 3204 C:\Windows\System32\MsCtfMonitor.dll - ok

13:34:06.0379 3204 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll

13:34:06.0379 3204 C:\Windows\System32\msutb.dll - ok

13:34:06.0395 3204 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL

13:34:06.0395 3204 C:\Windows\System32\QAGENT.DLL - ok

13:34:06.0426 3204 [ 4B0F767D32896BCAC490F2DF97856CC5 ] C:\Program Files\Trusteer\Rapport\bin\RapportKoan.dll

13:34:06.0426 3204 C:\Program Files\Trusteer\Rapport\bin\RapportKoan.dll - ok

13:34:06.0442 3204 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL

13:34:06.0442 3204 C:\Windows\System32\QUTIL.DLL - ok

13:34:06.0473 3204 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll

13:34:06.0473 3204 C:\Windows\System32\TMM.dll - ok

13:34:06.0489 3204 [ 2EF6E3ECF4DF9FBEFFA3CF3D255B36E7 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensingShared.dll

13:34:06.0489 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensingShared.dll - ok

13:34:06.0520 3204 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe

13:34:06.0520 3204 C:\Program Files\Windows Calendar\WinCal.exe - ok

13:34:06.0535 3204 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\Program Files\Trusteer\Rapport\bin\atl80.dll

13:34:06.0535 3204 C:\Program Files\Trusteer\Rapport\bin\atl80.dll - ok

13:34:06.0551 3204 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll

13:34:06.0551 3204 C:\Windows\System32\shfolder.dll - ok

13:34:06.0567 3204 [ B7346EBD420B052FD58F9A19D0F48E48 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing0.dll

13:34:06.0567 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing0.dll - ok

13:34:06.0598 3204 [ EC9B420801D3D7F82388267D13D0F89B ] C:\Windows\System32\OGAEXEC.exe

13:34:06.0598 3204 C:\Windows\System32\OGAEXEC.exe - ok

13:34:06.0613 3204 [ 506D5162725DBE5DBE095F5CE33D0C82 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing1.dll

13:34:06.0613 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing1.dll - ok

13:34:06.0645 3204 [ 8B6B796D91F3AD260A365D8BFB278B34 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing13.dll

13:34:06.0645 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing13.dll - ok

13:34:06.0660 3204 [ 0C97E4787B87ACD1E627635F53A68C9E ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing14.dll

13:34:06.0660 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing14.dll - ok

13:34:06.0691 3204 [ 9369CDFDE26049EE04E8995627ED71A8 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan3.dll

13:34:06.0691 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan3.dll - ok

13:34:06.0707 3204 [ 3D40F16544A3FCE29C016010EC594EB2 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing15.dll

13:34:06.0707 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing15.dll - ok

13:34:06.0738 3204 [ B6CF7E2F2C8D15D65628F47E361AED7D ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing16.dll

13:34:06.0738 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing16.dll - ok

13:34:06.0754 3204 [ 52D48F7293B4BFAA058D37BB1FD4CE87 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing17.dll

13:34:06.0754 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing17.dll - ok

13:34:06.0786 3204 [ 22473352223C32C3C7D48DADD12AC85A ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan35.dll

13:34:06.0786 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan35.dll - ok

13:34:06.0802 3204 [ 161998B1DDCF299D1B6DBFCC6116C076 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing18.dll

13:34:06.0802 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing18.dll - ok

13:34:06.0833 3204 [ BFB3DF26B3ACFD645BBAAD17E7BC5338 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing19.dll

13:34:06.0833 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing19.dll - ok

13:34:06.0848 3204 [ 4F022FA417400EDC1380B9C4A1A9E2ED ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan36.dll

13:34:06.0848 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan36.dll - ok

13:34:06.0880 3204 [ 000F38912371F7FC662A6DCD2FA2B503 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing2.dll

13:34:06.0880 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing2.dll - ok

13:34:06.0895 3204 [ 8573B924B22F6680367DF8B9C575EFEA ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing20.dll

13:34:06.0895 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing20.dll - ok

13:34:06.0926 3204 [ 590DEC0DE423DA05C54D96A95552D4AE ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing23.dll

13:34:06.0926 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing23.dll - ok

13:34:06.0958 3204 [ 84DA9AC7C21A33987955E31587E6F057 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan4.dll

13:34:06.0958 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan4.dll - ok

13:34:06.0973 3204 [ EB20AD8074C97236135205554697D04D ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing24.dll

13:34:06.0973 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing24.dll - ok

13:34:07.0004 3204 [ 55D3FECED08C3E69A47A5395EA1B65C5 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing3.dll

13:34:07.0004 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing3.dll - ok

13:34:07.0036 3204 [ 28203B22C4BE38DC706719823AAE54F5 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing4.dll

13:34:07.0036 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing4.dll - ok

13:34:07.0051 3204 [ 85C31E02BC3F105C16BFC0896BE6E17F ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan5.dll

13:34:07.0051 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan5.dll - ok

13:34:07.0098 3204 [ 75283C0D4709390BA2BA981891D5F375 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing5.dll

13:34:07.0098 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing5.dll - ok

13:34:07.0114 3204 [ 5F1DD6DAF7B8BB13C6A0043D1CF1BD12 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing6.dll

13:34:07.0129 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing6.dll - ok

13:34:07.0145 3204 [ BA0E5284B08954C2A389593424E1FFEE ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan6.dll

13:34:07.0145 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan6.dll - ok

13:34:07.0176 3204 [ 12517C9BB249B072A3179C786A0DD32F ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll

13:34:07.0176 3204 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok

13:34:07.0192 3204 [ C5133C4E23945079CCD6BD87E9C661AB ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing7.dll

13:34:07.0192 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing7.dll - ok

13:34:07.0223 3204 [ B07D87D64D99433613E3972A24CF1ED5 ] C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing9.dll

13:34:07.0223 3204 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\ProductLicensing9.dll - ok

13:34:07.0238 3204 [ F59C1CD6686C724E43BBA5E7A39A887A ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan7.dll

13:34:07.0238 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan7.dll - ok

13:34:07.0285 3204 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv

13:34:07.0285 3204 C:\Windows\System32\wdmaud.drv - ok

13:34:07.0301 3204 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Administrator\AppData\Local\Temp\27239ECD-BC3F-4F25-BA03-5A5C1BC233FB.exe

13:34:07.0301 3204 C:\Users\Administrator\AppData\Local\Temp\27239ECD-BC3F-4F25-BA03-5A5C1BC233FB.exe - ok

13:34:07.0332 3204 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll

13:34:07.0332 3204 C:\Windows\System32\ksuser.dll - ok

13:34:07.0348 3204 [ BBA2854E009F340D06AD52861365E5F8 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan8.dll

13:34:07.0348 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan8.dll - ok

13:34:07.0363 3204 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

13:34:07.0363 3204 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

13:34:07.0379 3204 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll

13:34:07.0379 3204 C:\Windows\System32\AudioSes.dll - ok

13:34:07.0410 3204 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll

13:34:07.0410 3204 C:\Windows\System32\AudioEng.dll - ok

13:34:07.0426 3204 [ 5678B41BE52B593080ABD3D2198724C6 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan9.dll

13:34:07.0426 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan9.dll - ok

13:34:07.0457 3204 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll

13:34:07.0457 3204 C:\Windows\System32\sfc_os.dll - ok

13:34:07.0472 3204 [ B5D1A5B24F164046A156AC4159EA2639 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan10.dll

13:34:07.0472 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan10.dll - ok

13:34:07.0504 3204 [ C8FD77CB239A21BFE686A6B319E086A0 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan11.dll

13:34:07.0504 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan11.dll - ok

13:34:07.0519 3204 [ 3F9B5B23240415936476A5A653C4C2F7 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan12.dll

13:34:07.0519 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan12.dll - ok

13:34:07.0535 3204 [ 906171762AC9BFE8C94310749DE2B7A6 ] C:\Windows\System32\iedkcs32.dll

13:34:07.0535 3204 C:\Windows\System32\iedkcs32.dll - ok

13:34:07.0582 3204 [ 0D2C490BA3BEFEC1ED1D8365DA361273 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan13.dll

13:34:07.0582 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan13.dll - ok

13:34:07.0597 3204 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl

13:34:07.0597 3204 C:\Windows\System32\timedate.cpl - ok

13:34:07.0628 3204 [ 24AD954BAA05D0D93146FE7535EA2C7B ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan14.dll

13:34:07.0628 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan14.dll - ok

13:34:07.0644 3204 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll

13:34:07.0644 3204 C:\Windows\System32\actxprxy.dll - ok

13:34:07.0706 3204 [ 96A9ECCCCBB40B4972CE481BA830A898 ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan15.dll

13:34:07.0706 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan15.dll - ok

13:34:07.0753 3204 [ DA6B828A6C4D0C4A2DE14B64FB0418DF ] C:\Program Files\Trusteer\Rapport\bin\RapportTanzan16.dll

13:34:07.0753 3204 C:\Program Files\Trusteer\Rapport\bin\RapportTanzan16.dll - ok

13:34:07.0831 3204 [ D503463C309AAB25FAA2D670C238316B ] C:\Program Files\Trusteer\Rapport\bin\RapportNikko.dll

13:34:07.0831 3204 C:\Program Files\Trusteer\Rapport\bin\RapportNikko.dll - ok

13:34:07.0847 3204 [ 7D5A8BD7548FB8EE039F3F3B45B1FCC8 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll

13:34:07.0847 3204 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok

13:34:07.0862 3204 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll

13:34:07.0862 3204 C:\Windows\System32\mstask.dll - ok

13:34:07.0878 3204 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll

13:34:07.0878 3204 C:\Windows\System32\msshsq.dll - ok

13:34:07.0909 3204 [ 9D221287C2E1198BE10E4C2299B6F7FD ] C:\Windows\System32\mshtml.dll

13:34:07.0909 3204 C:\Windows\System32\mshtml.dll - ok

13:34:07.0925 3204 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv

13:34:07.0925 3204 C:\Windows\System32\msacm32.drv - ok

13:34:07.0940 3204 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll

13:34:07.0940 3204 C:\Windows\System32\NaturalLanguage6.dll - ok

13:34:07.0972 3204 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll

13:34:07.0972 3204 C:\Windows\System32\msacm32.dll - ok

13:34:08.0018 3204 [ AE93569C876F787925DCFF467E644312 ] C:\Windows\System32\NlsData0013.dll

13:34:08.0018 3204 C:\Windows\System32\NlsData0013.dll - ok

13:34:08.0034 3204 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll

13:34:08.0034 3204 C:\Windows\System32\midimap.dll - ok

13:34:08.0065 3204 [ B8555E85CACF4F3F70C6462FD85DD884 ] C:\Windows\System32\NlsLexicons0013.dll

13:34:08.0065 3204 C:\Windows\System32\NlsLexicons0013.dll - ok

13:34:08.0096 3204 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

13:34:08.0096 3204 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

13:34:08.0128 3204 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll

13:34:08.0128 3204 C:\Windows\System32\linkinfo.dll - ok

13:34:08.0159 3204 [ EF1142512BEC12F1C2C87735DA1755BE ] C:\Windows\System32\AEstSrv.exe

13:34:08.0159 3204 C:\Windows\System32\AEstSrv.exe - ok

13:34:08.0159 3204 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:34:08.0159 3204 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

13:34:08.0190 3204 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

13:34:08.0190 3204 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

13:34:08.0206 3204 [ C6FD3425B1ADD739B95DC4D661FF4DD3 ] C:\Windows\System32\PresentationSettings.exe

13:34:08.0206 3204 C:\Windows\System32\PresentationSettings.exe - ok

13:34:08.0237 3204 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

13:34:08.0237 3204 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

13:34:08.0252 3204 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

13:34:08.0252 3204 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

13:34:08.0284 3204 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

13:34:08.0284 3204 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

13:34:08.0315 3204 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

13:34:08.0315 3204 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

13:34:08.0346 3204 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

13:34:08.0346 3204 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

13:34:08.0362 3204 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

13:34:08.0362 3204 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok

13:34:08.0393 3204 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

13:34:08.0393 3204 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

13:34:08.0424 3204 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll

13:34:08.0424 3204 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok

13:34:08.0440 3204 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll

13:34:08.0440 3204 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

13:34:08.0471 3204 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll

13:34:08.0471 3204 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok

13:34:08.0486 3204 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

13:34:08.0486 3204 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok

13:34:08.0549 3204 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

13:34:08.0549 3204 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

13:34:08.0580 3204 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll

13:34:08.0580 3204 C:\Windows\System32\dnssd.dll - ok

13:34:08.0596 3204 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe

13:34:08.0596 3204 C:\Program Files\Bonjour\mDNSResponder.exe - ok

13:34:08.0611 3204 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\68196254.sys

13:34:08.0627 3204 C:\Windows\System32\drivers\68196254.sys - ok

13:34:08.0642 3204 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll

13:34:08.0642 3204 C:\Windows\System32\cryptnet.dll - ok

13:34:08.0658 3204 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll

13:34:08.0658 3204 C:\Windows\System32\msiltcfg.dll - ok

13:34:08.0689 3204 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll

13:34:08.0689 3204 C:\Windows\System32\vssapi.dll - ok

13:34:08.0705 3204 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll

13:34:08.0705 3204 C:\Windows\System32\vsstrace.dll - ok

13:34:08.0720 3204 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

13:34:08.0720 3204 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

13:34:08.0752 3204 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

13:34:08.0752 3204 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok

13:34:08.0767 3204 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

13:34:08.0767 3204 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

13:34:08.0799 3204 [ 77784A2BD5912A4EC6284255865526BC ] C:\Windows\System32\Faultrep.dll

13:34:08.0799 3204 C:\Windows\System32\Faultrep.dll - ok

13:34:08.0815 3204 [ 54138A36D9680FEFD036DB1187CE2DBB ] C:\Windows\ehome\ehtrace.dll

13:34:08.0815 3204 C:\Windows\ehome\ehtrace.dll - ok

13:34:08.0846 3204 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

13:34:08.0846 3204 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

13:34:08.0862 3204 [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\Windows\System32\wermgr.exe

13:34:08.0862 3204 C:\Windows\System32\wermgr.exe - ok

13:34:08.0877 3204 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

13:34:08.0877 3204 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok

13:34:08.0909 3204 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe

13:34:08.0909 3204 C:\Windows\System32\control.exe - ok

13:34:08.0924 3204 [ 941486AB385556BF6A62342F8CA15BD8 ] C:\Windows\System32\accessibilitycpl.dll

13:34:08.0924 3204 C:\Windows\System32\accessibilitycpl.dll - ok

13:34:08.0940 3204 [ E47C854A28A81F2939F42CBE9FEA994C ] C:\Windows\System32\Magnify.exe

13:34:08.0940 3204 C:\Windows\System32\Magnify.exe - ok

13:34:08.0955 3204 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll

13:34:08.0955 3204 C:\Windows\System32\wer.dll - ok

13:34:08.0987 3204 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll

13:34:08.0987 3204 C:\Windows\System32\thumbcache.dll - ok

13:34:09.0018 3204 [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\Windows\System32\Narrator.exe

13:34:09.0018 3204 C:\Windows\System32\Narrator.exe - ok

13:34:09.0049 3204 [ A73731A0B0A165907799E9AFB461F856 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe

13:34:09.0049 3204 C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok

13:34:09.0065 3204 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll

13:34:09.0065 3204 C:\Windows\System32\networkexplorer.dll - ok

13:34:09.0096 3204 [ 877F2939794EBA4F3D1BB967007E99E8 ] C:\Windows\System32\osk.exe

13:34:09.0096 3204 C:\Windows\System32\osk.exe - ok

13:34:09.0111 3204 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll

13:34:09.0111 3204 C:\Windows\System32\riched20.dll - ok

13:34:09.0143 3204 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe

13:34:09.0143 3204 C:\Program Files\Microsoft Security Client\msseces.exe - ok

13:34:09.0174 3204 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe

13:34:09.0189 3204 C:\Program Files\Microsoft Office\Office14\BCSSync.exe - ok

13:34:09.0205 3204 [ C456658AF90F42BE3CDF1048F9CDB5CA ] C:\Windows\System32\wpcumi.exe

13:34:09.0205 3204 C:\Windows\System32\wpcumi.exe - ok

13:34:09.0221 3204 [ F40E80C04475731C6ED5D19C48E45E3C ] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

13:34:09.0221 3204 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe - ok

13:34:09.0236 3204 [ BF899F57858B8C6F162D9EEB2370641C ] C:\Windows\System32\wercon.exe

13:34:09.0236 3204 C:\Windows\System32\wercon.exe - ok

13:34:09.0252 3204 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll

13:34:09.0252 3204 C:\Windows\System32\esent.dll - ok

13:34:09.0283 3204 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

13:34:09.0283 3204 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok

13:34:09.0299 3204 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll

13:34:09.0299 3204 C:\Windows\System32\wdscore.dll - ok

13:34:09.0314 3204 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll

13:34:09.0330 3204 C:\Windows\System32\ntshrui.dll - ok

13:34:09.0345 3204 [ 25E443E27165C652723A92D9BDFD4649 ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

13:34:09.0345 3204 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok

13:34:09.0361 3204 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll

13:34:09.0361 3204 C:\Windows\System32\ExplorerFrame.dll - ok

13:34:09.0392 3204 [ 62C265C38769B864CB25B4BCF62DF6C3 ] C:\Windows\System32\drivers\ipfltdrv.sys

13:34:09.0392 3204 C:\Windows\System32\drivers\ipfltdrv.sys - ok

13:34:09.0408 3204 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

13:34:09.0408 3204 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok

13:34:09.0439 3204 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll

13:34:09.0439 3204 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok

13:34:09.0455 3204 [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys

13:34:09.0455 3204 C:\Windows\System32\drivers\fastfat.sys - ok

13:34:09.0470 3204 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll

13:34:09.0470 3204 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok

13:34:09.0501 3204 [ 818E33AC9B6CCB0CC3BBA6CCF155E243 ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll

13:34:09.0501 3204 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok

13:34:09.0517 3204 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

13:34:09.0517 3204 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok

13:34:09.0548 3204 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll

13:34:09.0548 3204 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok

13:34:09.0564 3204 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll

13:34:09.0564 3204 C:\Windows\System32\stobject.dll - ok

13:34:09.0579 3204 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys

13:34:09.0579 3204 C:\Windows\System32\drivers\mdmxsdk.sys - ok

13:34:09.0611 3204 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll

13:34:09.0611 3204 C:\Windows\System32\batmeter.dll - ok

13:34:09.0626 3204 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] C:\Windows\System32\drivers\NisDrvWFP.sys

13:34:09.0626 3204 C:\Windows\System32\drivers\NisDrvWFP.sys - ok

13:34:09.0657 3204 [ 72334F906C2E2B002CDD2FF9022FD957 ] C:\Windows\Philips\SPC610NC\Monitor.exe

13:34:09.0657 3204 C:\Windows\Philips\SPC610NC\Monitor.exe - ok

13:34:09.0689 3204 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] C:\Windows\System32\drivers\npf.sys

13:34:09.0689 3204 C:\Windows\System32\drivers\npf.sys - ok

13:34:09.0751 3204 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] C:\Windows\System32\HPZinw12.dll

13:34:09.0751 3204 C:\Windows\System32\HPZinw12.dll - ok

13:34:09.0767 3204 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys

13:34:09.0767 3204 C:\Windows\System32\drivers\PEAuth.sys - ok

13:34:09.0783 3204 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll

13:34:09.0783 3204 C:\Windows\System32\mscoree.dll - ok

13:34:09.0814 3204 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll

13:34:09.0814 3204 C:\Windows\System32\ncsi.dll - ok

13:34:09.0830 3204 ============================================================

13:34:09.0830 3204 Scan finished

13:34:09.0830 3204 ============================================================

13:34:09.0892 3196 Detected object count: 22

13:34:09.0892 3196 Actual detected object count: 22

13:35:36.0075 3196 AFS ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0075 3196 AFS ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0075 3196 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0075 3196 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0091 3196 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0091 3196 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0091 3196 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0091 3196 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0106 3196 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0106 3196 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0122 3196 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0122 3196 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0122 3196 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0122 3196 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0138 3196 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0138 3196 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0138 3196 MaVctrl ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0138 3196 MaVctrl ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0153 3196 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0153 3196 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0153 3196 NCHSSVAD ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0153 3196 NCHSSVAD ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0169 3196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0169 3196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0184 3196 NSNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0184 3196 NSNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0184 3196 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0184 3196 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0200 3196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0200 3196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0200 3196 PRMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0200 3196 PRMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0216 3196 sptd ( LockedFile.Multi.Generic ) - skipped by user

13:35:36.0216 3196 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

13:35:36.0216 3196 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0216 3196 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0231 3196 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0231 3196 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0231 3196 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0231 3196 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0247 3196 tapvpn ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0247 3196 tapvpn ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:35:36.0247 3196 wceusbsh ( UnsignedFile.Multi.Generic ) - skipped by user

13:35:36.0247 3196 wceusbsh ( UnsignedFile.Multi.Generic ) - User select action: Skip

Combofix: helaas; kan geen log bestand vinden

[kweezie wabbit]

Download AdwCleaner by Xplode naar je bureaublad.

• Sluit alle openstaande vensters.
  
• Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  
• Voor XP: Gewoon dubbelklikken op AdwCleaner.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht