Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect and Unable to Start Security Center


  • This topic is locked This topic is locked
16 replies to this topic

#1 dav43

dav43

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 04 January 2013 - 04:50 PM

Hello,

With regard to my post here: http://www.bleepingcomputer.com/forums/topic480643.html/page__gopid__2938747#entry2938747

Google has been intermittently redirecting over the past week, and I have been unable to open Action Center.
Any attempts to do this through services.msc are automatically disabled.
Repeated attempts lead to the error 1058.

The previous post contains the logs for TDSS, SecurityCheck, Farbar ServiceScanner and Mini Toolbox.

As requested, here is my DDS log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.5.0
Run by David at 21:42:31 on 2013-01-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8094.5994 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Microsoft Security Essentials *Enabled/Outdated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Microsoft Security Essentials *Enabled/Outdated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Conexant\SA3\CxUtilSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Program Files\BOINC\boinctray.exe
C:\Program Files\Conexant\SA3\SmartAudio3.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\David\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\David\AppData\Roaming\Spotify\spotify.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\splwow64.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20130103203859.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Spotify Web Helper] "C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [googletalk] C:\Users\David\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
StartupFolder: C:\Users\David\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\StartUp\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 10.0.1.1
TCP: Interfaces\{8BCFA04B-34EB-4DFD-AD9C-96C05AA5E5EA} : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{8BCFA04B-34EB-4DFD-AD9C-96C05AA5E5EA}\F475C4 : DHCPNameServer = 192.76.34.141
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20130103203859.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [AdobeAAMUpdater-1.0] c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe
x64-Run: [boincmgr] "C:\Program Files\BOINC\boincmgr.exe" /a /s
x64-Run: [boinctray] "C:\Program Files\BOINC\boinctray.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\opzqdi5a.default-1354722464255\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\David\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\David\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\David\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-03 20:38; {D19CA586-DD6C-4a0a-96F8-14644F340D60}; C:\Program Files (x86)\Common Files\McAfee\SystemCore
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-5-23 31872]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-5-23 16152]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 771096]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 339776]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2012-11-23 17720]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-5-23 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-2-22 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-2-22 1104208]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]
R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-5-23 109184]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-23 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-11 627936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-17 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-17 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-17 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-5-23 241016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-5-23 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-5-23 177680]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-5 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-5 1369624]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-5-23 363800]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-2-22 1304912]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-11-30 94720]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-30 747008]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 69672]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-7-6 176000]
R3 ETD;Dell Touchpad;C:\Windows\System32\drivers\ETD.sys [2012-5-23 202024]
R3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-1 196440]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-2-14 60928]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-5-23 331264]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-5-23 14658688]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-5-23 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-5-23 787736]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-26 25496]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 515528]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-5-23 313448]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-23 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 CSIScanner;CSIScanner;"C:\Program Files\Prevx\prevx.exe" /service --> C:\Program Files\Prevx\prevx.exe [?]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-5 168384]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-26 34200]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-5-23 224704]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 106112]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-23 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-23 30208]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-6 1255736]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-17 201304]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-01-12 21:17:14 62976 ----a-w- C:\Windows\SysWow64\PxSecure.dll-225187
2013-01-12 15:09:53 388096 ----a-r- C:\Users\David\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-12 15:09:53 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-01-12 14:21:21 -------- d-----w- C:\Program Files\Enigma Software Group
2013-01-12 14:20:09 -------- d-----w- C:\Windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-12 14:20:07 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-01-12 13:00:40 -------- d-----w- C:\Program Files (x86)\ESET
2013-01-04 00:53:19 -------- d-----w- C:\Users\David\AppData\Local\DellUI
2013-01-04 00:46:52 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-25 23:08:03 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-12-25 23:07:55 -------- d-----w- C:\Program Files\iPod
2012-12-25 23:07:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-25 23:07:54 -------- d-----w- C:\Program Files\iTunes
2012-12-25 23:07:54 -------- d-----w- C:\Program Files (x86)\iTunes
2012-12-25 23:03:47 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-25 23:03:47 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-25 23:03:47 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-25 23:03:47 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-25 23:03:47 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-25 23:03:47 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-25 23:03:46 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-24 14:19:57 -------- d-----w- C:\ProgramData\BOINC
2012-12-24 14:19:57 -------- d-----w- C:\Program Files\BOINC
2012-12-24 14:19:21 -------- d-----w- C:\Windows\Downloaded Installations
2012-12-21 23:37:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 23:37:01 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 23:37:01 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 23:37:01 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 11:06:33 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
.
==================== Find3M ====================
.
2012-12-14 16:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-26 21:57:25 126976 --sha-r- C:\Windows\SysWow64\tzutil4.dll
2012-11-23 11:02:18 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-11-23 11:02:18 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-11-23 11:02:18 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-11-23 11:02:18 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-23 11:02:18 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-11-23 11:02:18 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-23 11:02:18 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-11-23 11:02:18 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-11-23 11:02:18 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 06:40:24 69672 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-11-09 06:37:42 339776 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-11-09 06:37:30 177680 ----a-w- C:\Windows\System32\mfevtps.exe
2012-11-09 06:36:40 10288 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-11-09 06:36:30 106112 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-11-09 06:35:50 771096 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2012-11-09 06:34:58 515528 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-11-09 06:34:18 309400 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-11-09 06:33:58 178840 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-25 03:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 03:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
.
============= FINISH: 21:42:52.51 ===============

The DDS attach.txt file is also included here.

Any help would be much appreciated.

Regards, dav43

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:24 AM

Posted 04 January 2013 - 05:05 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 04 January 2013 - 06:05 PM

Thank you for your prompt reply.


SecurityCheck log:

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 7 Update 5
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.4.402.265 Flash Player out of Date!
Adobe Reader 10.1.3 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````



AdwCleaner log:

# AdwCleaner v2.104 - Logfile created 01/12/2013 at 22:52:23
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : David - MINNOW
# Boot Mode : Normal
# Running from : C:\Users\David\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Tarma Installer

***** [Registry] *****

Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97g9crbx.default\prefs.js

[OK] File is clean.

File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\opzqdi5a.default-1354722464255\prefs.js

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\opzqdi5a.default-1354722464255\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1240 octets] - [12/01/2013 22:51:00]
AdwCleaner[R2].txt - [1300 octets] - [12/01/2013 22:51:24]
AdwCleaner[S2].txt - [1349 octets] - [12/01/2013 22:52:23]

########## EOF - C:\AdwCleaner[S2].txt - [1409 octets] ##########



RogueKiller report:


RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : David [Admin rights]
Mode : Scan -- Date : 01/12/2013 22:56:52

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MQ01ABD100 +++++
--- User ---
[MBR] 06c903e934b6f94a6463921f59c029d4
[BSP] 45bf22ab2a3085e5424b26498d862153 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 20286 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41627648 | Size: 913062 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1911578624 | Size: 20480 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_01122013_02d2256.txt >>
RKreport[1]_S_01122013_02d2256.txt




A second RogueKiller report (not sure which one is which):



RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : David [Admin rights]
Mode : Remove -- Date : 01/12/2013 22:57:17

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MQ01ABD100 +++++
--- User ---
[MBR] 06c903e934b6f94a6463921f59c029d4
[BSP] 45bf22ab2a3085e5424b26498d862153 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 20286 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41627648 | Size: 913062 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1911578624 | Size: 20480 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_01122013_02d2257.txt >>
RKreport[1]_S_01122013_02d2256.txt ; RKreport[2]_D_01122013_02d2257.txt



A third RogueKiller report:



RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : David [Admin rights]
Mode : Scan -- Date : 01/12/2013 22:57:25

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MQ01ABD100 +++++
--- User ---
[MBR] 06c903e934b6f94a6463921f59c029d4
[BSP] 45bf22ab2a3085e5424b26498d862153 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 20286 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41627648 | Size: 913062 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1911578624 | Size: 20480 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_S_01122013_02d2257.txt >>
RKreport[1]_S_01122013_02d2256.txt ; RKreport[2]_D_01122013_02d2257.txt ; RKreport[3]_S_01122013_02d2257.txt



Many thanks for your help in advance.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:24 AM

Posted 04 January 2013 - 06:12 PM

Hello dav43

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 04 January 2013 - 06:54 PM

Here's my ComboFix Log:

ComboFix 13-01-04.03 - David 12/01/2013 23:37:54.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8094.6169 [GMT 0:00]
Running from: c:\users\David\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Microsoft Security Essentials *Enabled/Outdated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Microsoft Security Essentials *Enabled/Outdated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-12-12 to 2013-01-12 )))))))))))))))))))))))))))))))
.
.
2013-01-12 23:42 . 2013-01-12 23:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-12 23:23 . 2013-01-12 23:23 -------- d-----w- c:\users\David\AppData\Local\VirtualStore
2013-01-12 15:09 . 2013-01-12 15:09 388096 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-12 15:09 . 2013-01-12 15:09 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-12 14:21 . 2013-01-12 14:21 -------- d-----w- c:\program files\Enigma Software Group
2013-01-12 14:20 . 2013-01-12 15:11 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-12 14:20 . 2013-01-12 14:20 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-01-12 13:00 . 2013-01-12 13:00 -------- d-----w- c:\program files (x86)\ESET
2013-01-04 00:53 . 2013-01-04 00:53 -------- d-----w- c:\users\David\AppData\Local\DellUI
2012-12-25 23:08 . 2012-08-21 13:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-25 23:07 . 2012-12-25 23:07 -------- d-----w- c:\program files\iPod
2012-12-25 23:07 . 2012-12-25 23:08 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-25 23:07 . 2012-12-25 23:08 -------- d-----w- c:\program files\iTunes
2012-12-25 23:07 . 2012-12-25 23:08 -------- d-----w- c:\program files (x86)\iTunes
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-25 23:03 . 2012-12-25 23:03 -------- d-----w- c:\program files (x86)\QuickTime
2012-12-24 14:19 . 2012-12-25 12:27 -------- d-----w- c:\programdata\BOINC
2012-12-24 14:19 . 2012-12-24 18:52 -------- d-----w- c:\program files\BOINC
2012-12-24 14:19 . 2012-12-24 14:19 -------- d-----w- c:\windows\Downloaded Installations
2012-12-21 23:37 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 23:37 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 23:37 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-21 23:37 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 11:06 . 2012-12-14 11:06 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-12-14 11:06 . 2012-12-14 11:06 -------- d-----w- c:\users\Default\AppData\Local\Microsoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 16:49 . 2012-12-05 15:29 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-14 11:50 . 2012-07-07 16:13 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-23 11:03 . 2012-11-23 11:03 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2012-11-23 11:03 . 2012-11-23 11:03 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-23 11:03 . 2012-11-23 11:03 5773824 ----a-w- c:\windows\system32\mstscax.dll
2012-11-23 11:03 . 2012-11-23 11:03 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-11-23 11:03 . 2012-11-23 11:03 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-11-23 11:03 . 2012-11-23 11:03 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2012-11-23 11:03 . 2012-11-23 11:03 44032 ----a-w- c:\windows\system32\tsgqec.dll
2012-11-23 11:03 . 2012-11-23 11:03 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-23 11:03 . 2012-11-23 11:03 384000 ----a-w- c:\windows\system32\wksprt.exe
2012-11-23 11:03 . 2012-11-23 11:03 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2012-11-23 11:03 . 2012-11-23 11:03 322560 ----a-w- c:\windows\system32\aaclient.dll
2012-11-23 11:03 . 2012-11-23 11:03 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-23 11:03 . 2012-11-23 11:03 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-23 11:03 . 2012-11-23 11:03 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2012-11-23 11:03 . 2012-11-23 11:03 243200 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-23 11:03 . 2012-11-23 11:03 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2012-11-23 11:03 . 2012-11-23 11:03 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-23 11:03 . 2012-11-23 11:03 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2012-11-23 11:03 . 2012-11-23 11:03 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2012-11-23 11:03 . 2012-11-23 11:03 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2012-11-23 11:03 . 2012-11-23 11:03 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-23 11:03 . 2012-11-23 11:03 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-23 11:03 . 2012-11-23 11:03 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-23 11:03 . 2012-11-23 11:03 1123840 ----a-w- c:\windows\system32\mstsc.exe
2012-11-23 11:03 . 2012-11-23 11:03 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2012-11-23 11:02 . 2012-11-23 11:02 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-23 11:02 . 2012-11-23 11:02 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-23 11:02 . 2012-11-23 11:02 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-23 11:02 . 2012-11-23 11:02 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-23 11:02 . 2012-11-23 11:02 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-23 11:02 . 2012-11-23 11:02 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-23 11:02 . 2012-11-23 11:02 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-23 11:02 . 2012-11-23 11:02 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-23 11:02 . 2012-11-23 11:02 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-22 03:26 . 2012-12-13 11:49 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-11-09 06:40 . 2011-03-13 16:20 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-11-09 06:37 . 2011-03-13 16:20 339776 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2012-11-09 06:37 . 2012-05-23 12:29 177680 ----a-w- c:\windows\system32\mfevtps.exe
2012-11-09 06:36 . 2012-05-23 12:29 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-11-09 06:36 . 2011-03-13 16:20 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-11-09 06:35 . 2011-03-13 16:20 771096 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-11-09 06:34 . 2011-03-13 16:20 515528 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-11-09 06:34 . 2011-03-13 16:20 309400 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-11-09 06:33 . 2011-03-13 16:20 178840 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-11-09 05:45 . 2012-12-13 11:50 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 11:50 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-13 11:49 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 11:49 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-25 03:12 . 2012-10-25 03:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 03:12 . 2012-10-25 03:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-20 09:57 . 2012-10-20 09:57 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 08:38 . 2012-11-28 09:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 09:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 09:39 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-23 1199576]
"googletalk"="c:\users\David\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-12-17 59872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-17 291608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-09 636032]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-11-03 957440]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-08-12 520330]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"hpqSRMon"="c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe" [2008-07-22 150528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
.
c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-01-21 363800]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-22 1304912]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-26 34200]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-03-08 224704]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-11-09 106112]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-23 30208]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-06 1255736]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-02-01 31872]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-01-28 16152]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-11-09 339776]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-09 235520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-22 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-22 1104208]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
S2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe [2011-10-11 109184]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-01-11 627936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-11-09 177680]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-11-30 94720]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-30 747008]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-09 69672]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-06-16 176000]
S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys [2012-01-17 202024]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-02-14 60928]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2012-01-19 14658688]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-28 356120]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-28 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-09 515528]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2012-02-01 313448]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-29 646248]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 20:26]
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 20:26]
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2201163004-2604224164-1350092110-1000Core.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 12:50]
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2201163004-2604224164-1350092110-1000UA.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 12:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-01-17 2895656]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2011-09-08 1628288]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-02-17 177936]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-22 11406608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-19 440600]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-11-03 2190704]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" [2010-07-29 497648]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2012-05-15 5860016]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2012-05-15 70832]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.1.1
FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\opzqdi5a.default-1354722464255\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mfeavfk01]
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{7DB2D5A0-7241-4E79-B68D-6309F01C5231}"=hex:51,66,7a,6c,4c,1d,38,12,ce,d6,a1,
79,73,3c,17,0b,c9,9b,20,49,f5,42,16,25
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:92,8d,ad,80,64,c9,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b0,51,f9,43,19,08,cd,45,9d,db,2f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b0,51,f9,43,19,08,cd,45,9d,db,2f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2013-01-12 23:46:48 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-12 23:46
ComboFix2.txt 2013-01-03 11:08
.
Pre-Run: 886,536,294,400 bytes free
Post-Run: 886,337,073,152 bytes free
.
- - End Of File - - 866B589BE950C66880DE07F738F138E3



The Security Center still cannot be started yet.

Regards, dav43

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:24 AM

Posted 04 January 2013 - 06:58 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 04 January 2013 - 07:12 PM

Here is the second log:

ComboFix 13-01-04.03 - David 13/01/2013 0:04.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8094.6196 [GMT 0:00]
Running from: c:\users\David\Desktop\ComboFix.exe
Command switches used :: c:\users\David\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-12-13 to 2013-01-13 )))))))))))))))))))))))))))))))
.
.
2013-01-13 00:09 . 2013-01-13 00:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-12 23:23 . 2013-01-12 23:23 -------- d-----w- c:\users\David\AppData\Local\VirtualStore
2013-01-12 15:09 . 2013-01-12 15:09 388096 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-12 15:09 . 2013-01-12 15:09 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-12 14:21 . 2013-01-12 14:21 -------- d-----w- c:\program files\Enigma Software Group
2013-01-12 14:20 . 2013-01-12 15:11 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-12 14:20 . 2013-01-12 14:20 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-01-12 13:00 . 2013-01-12 13:00 -------- d-----w- c:\program files (x86)\ESET
2013-01-04 00:53 . 2013-01-04 00:53 -------- d-----w- c:\users\David\AppData\Local\DellUI
2012-12-25 23:08 . 2012-08-21 13:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-25 23:07 . 2012-12-25 23:07 -------- d-----w- c:\program files\iPod
2012-12-25 23:07 . 2012-12-25 23:08 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-25 23:07 . 2012-12-25 23:08 -------- d-----w- c:\program files\iTunes
2012-12-25 23:07 . 2012-12-25 23:08 -------- d-----w- c:\program files (x86)\iTunes
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-25 23:03 . 2012-12-25 23:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-25 23:03 . 2012-12-25 23:03 -------- d-----w- c:\program files (x86)\QuickTime
2012-12-24 14:19 . 2012-12-25 12:27 -------- d-----w- c:\programdata\BOINC
2012-12-24 14:19 . 2012-12-24 18:52 -------- d-----w- c:\program files\BOINC
2012-12-24 14:19 . 2012-12-24 14:19 -------- d-----w- c:\windows\Downloaded Installations
2012-12-21 23:37 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 23:37 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 23:37 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-21 23:37 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 11:06 . 2012-12-14 11:06 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-12-14 11:06 . 2012-12-14 11:06 -------- d-----w- c:\users\Default\AppData\Local\Microsoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 16:49 . 2012-12-05 15:29 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-14 11:50 . 2012-07-07 16:13 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-23 11:03 . 2012-11-23 11:03 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2012-11-23 11:03 . 2012-11-23 11:03 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-23 11:03 . 2012-11-23 11:03 5773824 ----a-w- c:\windows\system32\mstscax.dll
2012-11-23 11:03 . 2012-11-23 11:03 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-11-23 11:03 . 2012-11-23 11:03 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-11-23 11:03 . 2012-11-23 11:03 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2012-11-23 11:03 . 2012-11-23 11:03 44032 ----a-w- c:\windows\system32\tsgqec.dll
2012-11-23 11:03 . 2012-11-23 11:03 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-23 11:03 . 2012-11-23 11:03 384000 ----a-w- c:\windows\system32\wksprt.exe
2012-11-23 11:03 . 2012-11-23 11:03 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2012-11-23 11:03 . 2012-11-23 11:03 322560 ----a-w- c:\windows\system32\aaclient.dll
2012-11-23 11:03 . 2012-11-23 11:03 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-23 11:03 . 2012-11-23 11:03 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-23 11:03 . 2012-11-23 11:03 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2012-11-23 11:03 . 2012-11-23 11:03 243200 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-23 11:03 . 2012-11-23 11:03 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2012-11-23 11:03 . 2012-11-23 11:03 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-23 11:03 . 2012-11-23 11:03 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2012-11-23 11:03 . 2012-11-23 11:03 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2012-11-23 11:03 . 2012-11-23 11:03 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2012-11-23 11:03 . 2012-11-23 11:03 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-23 11:03 . 2012-11-23 11:03 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-23 11:03 . 2012-11-23 11:03 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-23 11:03 . 2012-11-23 11:03 1123840 ----a-w- c:\windows\system32\mstsc.exe
2012-11-23 11:03 . 2012-11-23 11:03 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2012-11-23 11:02 . 2012-11-23 11:02 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-23 11:02 . 2012-11-23 11:02 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-23 11:02 . 2012-11-23 11:02 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-23 11:02 . 2012-11-23 11:02 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-23 11:02 . 2012-11-23 11:02 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-23 11:02 . 2012-11-23 11:02 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-23 11:02 . 2012-11-23 11:02 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-23 11:02 . 2012-11-23 11:02 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-23 11:02 . 2012-11-23 11:02 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-22 03:26 . 2012-12-13 11:49 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-11-09 06:40 . 2011-03-13 16:20 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-11-09 06:37 . 2011-03-13 16:20 339776 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2012-11-09 06:37 . 2012-05-23 12:29 177680 ----a-w- c:\windows\system32\mfevtps.exe
2012-11-09 06:36 . 2012-05-23 12:29 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-11-09 06:36 . 2011-03-13 16:20 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-11-09 06:35 . 2011-03-13 16:20 771096 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-11-09 06:34 . 2011-03-13 16:20 515528 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-11-09 06:34 . 2011-03-13 16:20 309400 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-11-09 06:33 . 2011-03-13 16:20 178840 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-11-09 05:45 . 2012-12-13 11:50 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 11:50 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-13 11:49 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 11:49 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-25 03:12 . 2012-10-25 03:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 03:12 . 2012-10-25 03:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-20 09:57 . 2012-10-20 09:57 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 08:38 . 2012-11-28 09:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 09:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 09:39 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-23 1199576]
"googletalk"="c:\users\David\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-12-17 59872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-17 291608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-09 636032]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-11-03 957440]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-08-12 520330]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"hpqSRMon"="c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe" [2008-07-22 150528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
.
c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-26 34200]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-03-08 224704]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-11-09 106112]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-23 30208]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-06 1255736]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-02-01 31872]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-01-28 16152]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-11-09 339776]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-09 235520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-22 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-22 1104208]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
S2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe [2011-10-11 109184]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-01-11 627936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-11-09 177680]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-01-21 363800]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-22 1304912]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-11-30 94720]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-30 747008]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-09 69672]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-06-16 176000]
S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys [2012-01-17 202024]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-02-14 60928]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2012-01-19 14658688]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-28 356120]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-28 787736]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-09 515528]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2012-02-01 313448]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-29 646248]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 20:26]
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 20:26]
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2201163004-2604224164-1350092110-1000Core.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 12:50]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2201163004-2604224164-1350092110-1000UA.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 12:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-01-17 2895656]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2011-09-08 1628288]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-02-17 177936]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-22 11406608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-19 440600]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-11-03 2190704]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" [2010-07-29 497648]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2012-05-15 5860016]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2012-05-15 70832]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.1.1
FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\opzqdi5a.default-1354722464255\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{7DB2D5A0-7241-4E79-B68D-6309F01C5231}"=hex:51,66,7a,6c,4c,1d,38,12,ce,d6,a1,
79,73,3c,17,0b,c9,9b,20,49,f5,42,16,25
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:92,8d,ad,80,64,c9,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b0,51,f9,43,19,08,cd,45,9d,db,2f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b0,51,f9,43,19,08,cd,45,9d,db,2f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-13 00:10:37
ComboFix-quarantined-files.txt 2013-01-13 00:10
ComboFix2.txt 2013-01-12 23:46
ComboFix3.txt 2013-01-03 11:08
.
Pre-Run: 886,428,372,992 bytes free
Post-Run: 886,349,545,472 bytes free
.
- - End Of File - - F78B231E5752B9F1C3E32453BE612311


Still cannot run Security Center.

Regards, dav43

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:24 AM

Posted 04 January 2013 - 07:30 PM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 05 January 2013 - 06:10 AM

TDSSKiller log part 1:

00:40:01.0539 4824 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:40:01.0664 4824 ============================================================
00:40:01.0664 4824 Current date / time: 2013/01/05 00:40:01.0664
00:40:01.0664 4824 SystemInfo:
00:40:01.0664 4824
00:40:01.0664 4824 OS Version: 6.1.7601 ServicePack: 1.0
00:40:01.0664 4824 Product type: Workstation
00:40:01.0679 4824 ComputerName: MINNOW
00:40:01.0679 4824 UserName: David
00:40:01.0679 4824 Windows directory: C:\Windows
00:40:01.0679 4824 System windows directory: C:\Windows
00:40:01.0679 4824 Running under WOW64
00:40:01.0679 4824 Processor architecture: Intel x64
00:40:01.0679 4824 Number of processors: 8
00:40:01.0679 4824 Page size: 0x1000
00:40:01.0679 4824 Boot type: Normal boot
00:40:01.0679 4824 ============================================================
00:40:02.0163 4824 BG loaded
00:40:02.0693 4824 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:40:02.0693 4824 ============================================================
00:40:02.0693 4824 \Device\Harddisk0\DR0:
00:40:02.0693 4824 MBR partitions:
00:40:02.0693 4824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x279F000
00:40:02.0693 4824 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27B3000, BlocksNum 0x6F753000
00:40:02.0725 4824 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x6, StartLBA 0x71F06800, BlocksNum 0x27FF800
00:40:02.0725 4824 ============================================================
00:40:02.0771 4824 C: <-> \Device\Harddisk0\DR0\Partition2
00:40:02.0803 4824 ============================================================
00:40:02.0803 4824 Initialize success
00:40:02.0803 4824 ============================================================
00:41:57.0060 7124 ============================================================
00:41:57.0060 7124 Scan started
00:41:57.0060 7124 Mode: Manual; SigCheck; TDLFS;
00:41:57.0061 7124 ============================================================
00:41:57.0886 7124 ================ Scan system memory ========================
00:41:57.0886 7124 System memory - ok
00:41:57.0887 7124 ================ Scan services =============================
00:41:58.0402 7124 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:41:58.0583 7124 1394ohci - ok
00:41:58.0605 7124 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:41:58.0630 7124 ACPI - ok
00:41:58.0662 7124 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:41:58.0744 7124 AcpiPmi - ok
00:41:58.0845 7124 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:41:58.0865 7124 AdobeARMservice - ok
00:41:58.0883 7124 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:41:58.0899 7124 adp94xx - ok
00:41:58.0924 7124 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:41:58.0953 7124 adpahci - ok
00:41:58.0971 7124 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:41:58.0983 7124 adpu320 - ok
00:41:59.0005 7124 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:41:59.0162 7124 AeLookupSvc - ok
00:41:59.0191 7124 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:41:59.0259 7124 AFD - ok
00:41:59.0279 7124 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:41:59.0302 7124 agp440 - ok
00:41:59.0334 7124 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:41:59.0376 7124 ALG - ok
00:41:59.0392 7124 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:41:59.0409 7124 aliide - ok
00:41:59.0441 7124 [ 2AED9A422EA1574C7D7EF9359A417718 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:41:59.0559 7124 AMD External Events Utility - ok
00:41:59.0592 7124 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:41:59.0610 7124 amdide - ok
00:41:59.0629 7124 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
00:41:59.0667 7124 AmdK8 - ok
00:41:59.0853 7124 [ BFA5E854959D5546D8834CA61F4AD075 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:41:59.0970 7124 amdkmdag - ok
00:41:59.0985 7124 [ 92D664FFFCD9E742FB25254F7F458D88 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
00:42:00.0015 7124 amdkmdap - ok
00:42:00.0040 7124 [ 554FB0F28C411FB1EAFD4EA46A8CAAA4 ] amdkmpfd C:\Windows\system32\DRIVERS\amdkmpfd.sys
00:42:00.0053 7124 amdkmpfd - ok
00:42:00.0081 7124 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
00:42:00.0120 7124 AmdPPM - ok
00:42:00.0140 7124 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:42:00.0163 7124 amdsata - ok
00:42:00.0182 7124 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
00:42:00.0203 7124 amdsbs - ok
00:42:00.0220 7124 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:42:00.0229 7124 amdxata - ok
00:42:00.0253 7124 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
00:42:00.0289 7124 AMPPAL - ok
00:42:00.0297 7124 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
00:42:00.0312 7124 AMPPALP - ok
00:42:00.0398 7124 [ AB6E5B9333101E414D8F04BC570064F1 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
00:42:00.0429 7124 AMPPALR3 - ok
00:42:00.0449 7124 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:42:00.0619 7124 AppID - ok
00:42:00.0651 7124 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:42:00.0708 7124 AppIDSvc - ok
00:42:00.0720 7124 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:42:00.0760 7124 Appinfo - ok
00:42:00.0816 7124 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:42:00.0837 7124 Apple Mobile Device - ok
00:42:00.0858 7124 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
00:42:00.0868 7124 arc - ok
00:42:00.0896 7124 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:42:00.0907 7124 arcsas - ok
00:42:01.0005 7124 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:42:01.0056 7124 aspnet_state - ok
00:42:01.0070 7124 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:42:01.0129 7124 AsyncMac - ok
00:42:01.0165 7124 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:42:01.0175 7124 atapi - ok
00:42:01.0212 7124 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:42:01.0297 7124 AudioEndpointBuilder - ok
00:42:01.0320 7124 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:42:01.0351 7124 AudioSrv - ok
00:42:01.0370 7124 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:42:01.0442 7124 AxInstSV - ok
00:42:01.0474 7124 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
00:42:01.0501 7124 b06bdrv - ok
00:42:01.0517 7124 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:42:01.0563 7124 b57nd60a - ok
00:42:01.0597 7124 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:42:01.0635 7124 BDESVC - ok
00:42:01.0647 7124 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:42:01.0700 7124 Beep - ok
00:42:01.0728 7124 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
00:42:01.0772 7124 BFE - ok
00:42:01.0813 7124 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
00:42:01.0894 7124 BITS - ok
00:42:01.0931 7124 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:42:01.0972 7124 blbdrive - ok
00:42:02.0062 7124 [ A52EA1D8C2900055323C93DDB252A3DA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
00:42:02.0087 7124 Bluetooth Device Monitor - ok
00:42:02.0110 7124 [ 091210450CA7CED08F360D9D7FEC5D11 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
00:42:02.0130 7124 Bluetooth Media Service - ok
00:42:02.0153 7124 [ 392450754E17FF778CBC5B9D20583AD1 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
00:42:02.0171 7124 Bluetooth OBEX Service - ok
00:42:02.0209 7124 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:42:02.0230 7124 Bonjour Service - ok
00:42:02.0250 7124 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:42:02.0281 7124 bowser - ok
00:42:02.0299 7124 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
00:42:02.0329 7124 BrFiltLo - ok
00:42:02.0346 7124 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
00:42:02.0365 7124 BrFiltUp - ok
00:42:02.0380 7124 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
00:42:02.0442 7124 BridgeMP - ok
00:42:02.0477 7124 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:42:02.0505 7124 Browser - ok
00:42:02.0524 7124 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:42:02.0551 7124 Brserid - ok
00:42:02.0582 7124 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:42:02.0617 7124 BrSerWdm - ok
00:42:02.0632 7124 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:42:02.0673 7124 BrUsbMdm - ok
00:42:02.0677 7124 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:42:02.0697 7124 BrUsbSer - ok
00:42:02.0715 7124 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
00:42:02.0768 7124 BthEnum - ok
00:42:02.0783 7124 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:42:02.0825 7124 BTHMODEM - ok
00:42:02.0851 7124 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:42:02.0888 7124 BthPan - ok
00:42:02.0923 7124 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
00:42:02.0959 7124 BTHPORT - ok
00:42:03.0003 7124 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:42:03.0072 7124 bthserv - ok
00:42:03.0092 7124 [ 588762F716C2B7A2054AFBC3D58E5C21 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
00:42:03.0101 7124 BTHSSecurityMgr - ok
00:42:03.0133 7124 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
00:42:03.0166 7124 BTHUSB - ok
00:42:03.0192 7124 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
00:42:03.0236 7124 btmaux - ok
00:42:03.0267 7124 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
00:42:03.0334 7124 btmhsf - ok
00:42:03.0339 7124 catchme - ok
00:42:03.0354 7124 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:42:03.0402 7124 cdfs - ok
00:42:03.0424 7124 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:42:03.0447 7124 cdrom - ok
00:42:03.0469 7124 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:42:03.0524 7124 CertPropSvc - ok
00:42:03.0554 7124 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
00:42:03.0564 7124 cfwids - ok
00:42:03.0575 7124 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
00:42:03.0599 7124 circlass - ok
00:42:03.0631 7124 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:42:03.0657 7124 CLFS - ok
00:42:03.0711 7124 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:42:03.0732 7124 clr_optimization_v2.0.50727_32 - ok
00:42:03.0766 7124 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:42:03.0787 7124 clr_optimization_v2.0.50727_64 - ok
00:42:03.0831 7124 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:42:03.0900 7124 clr_optimization_v4.0.30319_32 - ok
00:42:03.0921 7124 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:42:04.0002 7124 clr_optimization_v4.0.30319_64 - ok
00:42:04.0027 7124 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:42:04.0064 7124 CmBatt - ok
00:42:04.0077 7124 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:42:04.0091 7124 cmdide - ok
00:42:04.0125 7124 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
00:42:04.0156 7124 CNG - ok
00:42:04.0200 7124 [ 97238AC8006C14EAF80E374D3B81C2B3 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
00:42:04.0225 7124 CnxtHdAudService - ok
00:42:04.0248 7124 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:42:04.0258 7124 Compbatt - ok
00:42:04.0267 7124 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:42:04.0298 7124 CompositeBus - ok
00:42:04.0301 7124 COMSysApp - ok
00:42:04.0385 7124 [ B2EAE4CD1E2F338101D9D4AF39F3D4F3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
00:42:04.0425 7124 cphs - ok
00:42:04.0444 7124 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:42:04.0463 7124 crcdisk - ok
00:42:04.0496 7124 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:42:04.0529 7124 CryptSvc - ok
00:42:04.0572 7124 [ DF214BFF646880D0EB31BDC86136B29B ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
00:42:04.0597 7124 CtClsFlt - ok
00:42:04.0639 7124 [ 9A59DF2CA690019FEA3B265D5A7EB619 ] CxUtilSvc C:\Program Files\Conexant\SA3\CxUtilSvc.exe
00:42:04.0658 7124 CxUtilSvc - ok
00:42:04.0693 7124 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:42:04.0745 7124 DcomLaunch - ok
00:42:04.0782 7124 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:42:04.0848 7124 defragsvc - ok
00:42:04.0859 7124 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:42:04.0893 7124 DfsC - ok
00:42:04.0911 7124 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:42:04.0955 7124 Dhcp - ok
00:42:04.0992 7124 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:42:05.0057 7124 discache - ok
00:42:05.0074 7124 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
00:42:05.0083 7124 Disk - ok
00:42:05.0116 7124 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:42:05.0136 7124 Dnscache - ok
00:42:05.0172 7124 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:42:05.0242 7124 dot3svc - ok
00:42:05.0270 7124 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
00:42:05.0307 7124 Dot4 - ok
00:42:05.0323 7124 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
00:42:05.0354 7124 Dot4Print - ok
00:42:05.0369 7124 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
00:42:05.0396 7124 dot4usb - ok
00:42:05.0420 7124 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:42:05.0477 7124 DPS - ok
00:42:05.0512 7124 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:42:05.0548 7124 drmkaud - ok
00:42:05.0594 7124 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:42:05.0624 7124 DXGKrnl - ok
00:42:05.0646 7124 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:42:05.0690 7124 EapHost - ok
00:42:05.0755 7124 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
00:42:05.0846 7124 ebdrv - ok
00:42:05.0879 7124 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:42:05.0916 7124 EFS - ok
00:42:05.0968 7124 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:42:06.0035 7124 ehRecvr - ok
00:42:06.0054 7124 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:42:06.0079 7124 ehSched - ok
00:42:06.0118 7124 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:42:06.0157 7124 elxstor - ok
00:42:06.0168 7124 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:42:06.0205 7124 ErrDev - ok
00:42:06.0250 7124 esgiguard - ok
00:42:06.0281 7124 [ 9F819F324CC4141FAFD5F44B0EAFB1C2 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
00:42:06.0306 7124 ETD - ok
00:42:06.0340 7124 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:42:06.0400 7124 EventSystem - ok
00:42:06.0459 7124 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:42:06.0487 7124 EvtEng - ok
00:42:06.0502 7124 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:42:06.0531 7124 exfat - ok
00:42:06.0560 7124 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:42:06.0618 7124 fastfat - ok
00:42:06.0654 7124 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:42:06.0679 7124 Fax - ok
00:42:06.0693 7124 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
00:42:06.0718 7124 fdc - ok
00:42:06.0756 7124 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:42:06.0799 7124 fdPHost - ok
00:42:06.0808 7124 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:42:06.0852 7124 FDResPub - ok
00:42:06.0885 7124 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:42:06.0906 7124 FileInfo - ok
00:42:06.0925 7124 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:42:06.0962 7124 Filetrace - ok
00:42:06.0979 7124 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
00:42:06.0990 7124 flpydisk - ok
00:42:07.0011 7124 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:42:07.0023 7124 FltMgr - ok
00:42:07.0058 7124 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:42:07.0104 7124 FontCache - ok
00:42:07.0142 7124 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:42:07.0150 7124 FontCache3.0.0.0 - ok
00:42:07.0165 7124 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:42:07.0175 7124 FsDepends - ok
00:42:07.0197 7124 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:42:07.0206 7124 Fs_Rec - ok
00:42:07.0221 7124 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:42:07.0235 7124 fvevol - ok
00:42:07.0247 7124 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:42:07.0257 7124 gagp30kx - ok
00:42:07.0285 7124 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:42:07.0293 7124 GEARAspiWDM - ok
00:42:07.0326 7124 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:42:07.0372 7124 gpsvc - ok
00:42:07.0454 7124 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:42:07.0473 7124 gupdate - ok
00:42:07.0478 7124 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:42:07.0486 7124 gupdatem - ok
00:42:07.0508 7124 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:42:07.0528 7124 hcw85cir - ok
00:42:07.0559 7124 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:42:07.0594 7124 HdAudAddService - ok
00:42:07.0616 7124 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:42:07.0650 7124 HDAudBus - ok
00:42:07.0684 7124 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
00:42:07.0720 7124 HidBatt - ok
00:42:07.0745 7124 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:42:07.0779 7124 HidBth - ok
00:42:07.0807 7124 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
00:42:07.0835 7124 HidIr - ok
00:42:07.0856 7124 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
00:42:07.0920 7124 hidserv - ok
00:42:07.0949 7124 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:42:07.0961 7124 HidUsb - ok
00:42:07.0986 7124 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
00:42:07.0998 7124 HipShieldK - ok
00:42:08.0031 7124 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:42:08.0100 7124 hkmsvc - ok
00:42:08.0113 7124 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:42:08.0138 7124 HomeGroupListener - ok
00:42:08.0167 7124 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:42:08.0198 7124 HomeGroupProvider - ok
00:42:08.0288 7124 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
00:42:08.0309 7124 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
00:42:08.0309 7124 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
00:42:08.0342 7124 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
00:42:08.0363 7124 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
00:42:08.0363 7124 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
00:42:08.0397 7124 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:42:08.0420 7124 HpSAMD - ok
00:42:08.0507 7124 HPSLPSVC - ok
00:42:08.0533 7124 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:42:08.0584 7124 HTTP - ok
00:42:08.0613 7124 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:42:08.0623 7124 hwpolicy - ok
00:42:08.0644 7124 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:42:08.0655 7124 i8042prt - ok
00:42:08.0683 7124 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
00:42:08.0697 7124 iaStor - ok
00:42:08.0754 7124 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:42:08.0773 7124 IAStorDataMgrSvc - ok
00:42:08.0814 7124 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:42:08.0834 7124 iaStorV - ok
00:42:08.0855 7124 [ 60CC7AE9AEDB4D1E7923BD053B176D97 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
00:42:08.0881 7124 ibtfltcoex - ok
00:42:08.0943 7124 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:42:08.0983 7124 idsvc - ok
00:42:09.0007 7124 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:42:09.0017 7124 iirsp - ok
00:42:09.0053 7124 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:42:09.0100 7124 IKEEXT - ok
00:42:09.0133 7124 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
00:42:09.0143 7124 intaud_WaveExtensible - ok
00:42:09.0182 7124 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:42:09.0224 7124 IntcDAud - ok
00:42:09.0273 7124 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
00:42:09.0304 7124 Intel® Capability Licensing Service Interface - ok
00:42:09.0326 7124 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:42:09.0336 7124 intelide - ok
00:42:09.0581 7124 [ 11BA677667432A99CA261A472A2C29B8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
00:42:09.0716 7124 intelkmd - ok
00:42:09.0746 7124 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:42:09.0781 7124 intelppm - ok
00:42:09.0815 7124 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:42:09.0883 7124 IPBusEnum - ok
00:42:09.0902 7124 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:42:09.0929 7124 IpFilterDriver - ok
00:42:09.0968 7124 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:42:10.0020 7124 iphlpsvc - ok
00:42:10.0043 7124 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:42:10.0074 7124 IPMIDRV - ok
00:42:10.0100 7124 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:42:10.0155 7124 IPNAT - ok
00:42:10.0210 7124 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:42:10.0238 7124 iPod Service - ok
00:42:10.0259 7124 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:42:10.0274 7124 IRENUM - ok
00:42:10.0287 7124 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:42:10.0297 7124 isapnp - ok
00:42:10.0309 7124 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:42:10.0322 7124 iScsiPrt - ok
00:42:10.0340 7124 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
00:42:10.0349 7124 iusb3hcs - ok
00:42:10.0380 7124 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
00:42:10.0401 7124 iusb3hub - ok
00:42:10.0430 7124 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
00:42:10.0446 7124 iusb3xhc - ok
00:42:10.0477 7124 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
00:42:10.0497 7124 iwdbus - ok
00:42:10.0525 7124 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:42:10.0534 7124 kbdclass - ok
00:42:10.0546 7124 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:42:10.0565 7124 kbdhid - ok
00:42:10.0601 7124 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:42:10.0625 7124 KeyIso - ok
00:42:10.0649 7124 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:42:10.0659 7124 KSecDD - ok
00:42:10.0688 7124 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:42:10.0712 7124 KSecPkg - ok
00:42:10.0736 7124 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:42:10.0787 7124 ksthunk - ok
00:42:10.0826 7124 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:42:10.0871 7124 KtmRm - ok
00:42:10.0906 7124 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
00:42:10.0963 7124 LanmanServer - ok
00:42:10.0984 7124 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:42:11.0028 7124 LanmanWorkstation - ok
00:42:11.0043 7124 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:42:11.0087 7124 lltdio - ok
00:42:11.0114 7124 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:42:11.0174 7124 lltdsvc - ok
00:42:11.0187 7124 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:42:11.0214 7124 lmhosts - ok
00:42:11.0245 7124 [ 5C08357C65F658E29B5DDC2EF18D575C ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:42:11.0258 7124 LMS - ok
00:42:11.0297 7124 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:42:11.0309 7124 LSI_FC - ok
00:42:11.0326 7124 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:42:11.0337 7124 LSI_SAS - ok
00:42:11.0355 7124 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
00:42:11.0366 7124 LSI_SAS2 - ok
00:42:11.0384 7124 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:42:11.0395 7124 LSI_SCSI - ok
00:42:11.0424 7124 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:42:11.0478 7124 luafv - ok
00:42:11.0542 7124 [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
00:42:11.0555 7124 McAWFwk - ok
00:42:11.0642 7124 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:11.0665 7124 McMPFSvc - ok
00:42:11.0676 7124 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:42:11.0686 7124 mcmscsvc - ok
00:42:11.0692 7124 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:42:11.0702 7124 McNaiAnn - ok
00:42:11.0708 7124 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:42:11.0718 7124 McNASvc - ok
00:42:11.0796 7124 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
00:42:11.0816 7124 McODS - ok
00:42:11.0830 7124 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:42:11.0840 7124 McOobeSv - ok
00:42:11.0846 7124 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:42:11.0856 7124 McProxy - ok
00:42:11.0902 7124 [ 9BBCECBE3FE5AF5958A770DC512D0473 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:42:11.0914 7124 McShield - ok
00:42:11.0958 7124 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:42:11.0971 7124 Mcx2Svc - ok
00:42:12.0001 7124 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
00:42:12.0037 7124 megasas - ok
00:42:12.0058 7124 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
00:42:12.0072 7124 MegaSR - ok
00:42:12.0103 7124 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:42:12.0112 7124 MEIx64 - ok
00:42:12.0155 7124 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
00:42:12.0165 7124 mfeapfk - ok
00:42:12.0178 7124 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
00:42:12.0189 7124 mfeavfk - ok
00:42:12.0207 7124 mfeavfk01 - ok
00:42:12.0249 7124 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:42:12.0259 7124 mfefire - ok
00:42:12.0292 7124 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
00:42:12.0306 7124 mfefirek - ok
00:42:12.0341 7124 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
00:42:12.0377 7124 mfehidk - ok
00:42:12.0389 7124 [ B5B96149BE124092F577DE54EC7D4D65 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
00:42:12.0399 7124 mferkdet - ok
00:42:12.0446 7124 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
00:42:12.0461 7124 mfevtp - ok
00:42:12.0486 7124 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
00:42:12.0500 7124 mfewfpk - ok
00:42:12.0521 7124 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:42:12.0566 7124 MMCSS - ok
00:42:12.0601 7124 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:42:12.0637 7124 Modem - ok
00:42:12.0646 7124 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:42:12.0686 7124 monitor - ok
00:42:12.0725 7124 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:42:12.0746 7124 mouclass - ok
00:42:12.0782 7124 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:42:12.0803 7124 mouhid - ok
00:42:12.0820 7124 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:42:12.0830 7124 mountmgr - ok
00:42:12.0902 7124 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:42:12.0922 7124 MozillaMaintenance - ok
00:42:12.0959 7124 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:42:12.0992 7124 mpio - ok
00:42:13.0020 7124 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:42:13.0047 7124 mpsdrv - ok
00:42:13.0148 7124 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:42:13.0186 7124 MpsSvc - ok
00:42:13.0242 7124 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:42:13.0277 7124 MRxDAV - ok
00:42:13.0328 7124 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:42:13.0362 7124 mrxsmb - ok
00:42:13.0395 7124 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:42:13.0407 7124 mrxsmb10 - ok
00:42:13.0429 7124 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:42:13.0440 7124 mrxsmb20 - ok
00:42:13.0465 7124 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:42:13.0475 7124 msahci - ok
00:42:13.0566 7124 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:42:13.0590 7124 msdsm - ok
00:42:13.0647 7124 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:42:13.0695 7124 MSDTC - ok
00:42:13.0735 7124 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:42:13.0761 7124 Msfs - ok
00:42:13.0786 7124 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:42:13.0822 7124 mshidkmdf - ok
00:42:13.0839 7124 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:42:13.0849 7124 msisadrv - ok
00:42:13.0883 7124 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:42:13.0937 7124 MSiSCSI - ok
00:42:13.0942 7124 msiserver - ok
00:42:13.0964 7124 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:13.0975 7124 MSK80Service - ok
00:42:13.0985 7124 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:42:14.0029 7124 MSKSSRV - ok
00:42:14.0054 7124 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:42:14.0090 7124 MSPCLOCK - ok
00:42:14.0103 7124 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:42:14.0141 7124 MSPQM - ok
00:42:14.0161 7124 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:42:14.0175 7124 MsRPC - ok
00:42:14.0191 7124 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:42:14.0200 7124 mssmbios - ok
00:42:14.0220 7124 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:42:14.0260 7124 MSTEE - ok
00:42:14.0276 7124 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
00:42:14.0287 7124 MTConfig - ok
00:42:14.0304 7124 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:42:14.0314 7124 Mup - ok
00:42:14.0358 7124 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:42:14.0379 7124 MyWiFiDHCPDNS - ok
00:42:14.0419 7124 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:42:14.0472 7124 napagent - ok
00:42:14.0504 7124 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:42:14.0550 7124 NativeWifiP - ok
00:42:14.0595 7124 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:42:14.0643 7124 NDIS - ok
00:42:14.0657 7124 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:42:14.0685 7124 NdisCap - ok
00:42:14.0704 7124 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:42:14.0730 7124 NdisTapi - ok
00:42:14.0743 7124 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:42:14.0801 7124 Ndisuio - ok
00:42:14.0828 7124 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:42:14.0870 7124 NdisWan - ok
00:42:14.0885 7124 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:42:14.0911 7124 NDProxy - ok
00:42:14.0945 7124 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
00:42:14.0969 7124 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:42:14.0969 7124 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:42:14.0998 7124 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:42:15.0050 7124 NetBIOS - ok
00:42:15.0075 7124 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:42:15.0101 7124 NetBT - ok
00:42:15.0113 7124 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:42:15.0124 7124 Netlogon - ok
00:42:15.0168 7124 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:42:15.0247 7124 Netman - ok
00:42:15.0301 7124 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:42:15.0345 7124 NetMsmqActivator - ok
00:42:15.0358 7124 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:42:15.0371 7124 NetPipeActivator - ok
00:42:15.0397 7124 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:42:15.0443 7124 netprofm - ok
00:42:15.0449 7124 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:42:15.0458 7124 NetTcpActivator - ok
00:42:15.0464 7124 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:42:15.0472 7124 NetTcpPortSharing - ok
00:42:15.0660 7124 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
00:42:15.0762 7124 NETwNs64 - ok
00:42:15.0792 7124 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:42:15.0803 7124 nfrd960 - ok
00:42:15.0839 7124 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:42:15.0876 7124 NlaSvc - ok
00:42:15.0894 7124 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:42:15.0937 7124 Npfs - ok
00:42:15.0960 7124 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:42:15.0986 7124 nsi - ok
00:42:15.0998 7124 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:42:16.0058 7124 nsiproxy - ok
00:42:16.0112 7124 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:42:16.0181 7124 Ntfs - ok
00:42:16.0205 7124 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:42:16.0231 7124 Null - ok
00:42:16.0244 7124 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:42:16.0255 7124 nvraid - ok
00:42:16.0273 7124 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:42:16.0284 7124 nvstor - ok
00:42:16.0298 7124 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:42:16.0309 7124 nv_agp - ok
00:42:16.0326 7124 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:42:16.0338 7124 ohci1394 - ok
00:42:16.0381 7124 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:42:16.0399 7124 ose - ok
00:42:16.0515 7124 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:42:16.0639 7124 osppsvc - ok
00:42:16.0666 7124 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:42:16.0706 7124 p2pimsvc - ok
00:42:16.0739 7124 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:42:16.0770 7124 p2psvc - ok
00:42:16.0797 7124 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
00:42:16.0809 7124 Parport - ok
00:42:16.0830 7124 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:42:16.0840 7124 partmgr - ok
00:42:16.0868 7124 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:42:16.0910 7124 PcaSvc - ok
00:42:16.0939 7124 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:42:16.0957 7124 pci - ok
00:42:16.0977 7124 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:42:16.0987 7124 pciide - ok
00:42:17.0022 7124 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:42:17.0047 7124 pcmcia - ok
00:42:17.0083 7124 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:42:17.0105 7124 pcw - ok
00:42:17.0138 7124 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:42:17.0187 7124 PEAUTH - ok
00:42:17.0402 7124 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:42:17.0440 7124 PerfHost - ok
00:42:17.0528 7124 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:42:17.0621 7124 pla - ok
00:42:17.0826 7124 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:42:17.0868 7124 PlugPlay - ok
00:42:17.0904 7124 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
00:42:17.0950 7124 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:42:17.0951 7124 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:42:18.0016 7124 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:42:18.0049 7124 PNRPAutoReg - ok
00:42:18.0076 7124 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:42:18.0088 7124 PNRPsvc - ok
00:42:18.0125 7124 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:42:18.0161 7124 PolicyAgent - ok
00:42:18.0226 7124 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
00:42:18.0259 7124 Power - ok
00:42:18.0290 7124 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:42:18.0330 7124 PptpMiniport - ok
00:42:18.0344 7124 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
00:42:18.0365 7124 Processor - ok
00:42:18.0407 7124 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:42:18.0443 7124 ProfSvc - ok
00:42:18.0469 7124 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:42:18.0479 7124 ProtectedStorage - ok
00:42:18.0513 7124 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:42:18.0580 7124 Psched - ok
00:42:18.0719 7124 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:42:18.0825 7124 ql2300 - ok
00:42:18.0858 7124 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:42:18.0899 7124 ql40xx - ok
00:42:18.0935 7124 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:42:18.0969 7124 QWAVE - ok
00:42:19.0041 7124 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:42:19.0103 7124 QWAVEdrv - ok
00:42:19.0197 7124 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:42:19.0260 7124 RasAcd - ok
00:42:19.0338 7124 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:42:19.0381 7124 RasAgileVpn - ok
00:42:19.0423 7124 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:42:19.0489 7124 RasAuto - ok
00:42:19.0578 7124 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:42:19.0635 7124 Rasl2tp - ok
00:42:19.0730 7124 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:42:19.0788 7124 RasMan - ok
00:42:19.0835 7124 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:42:19.0883 7124 RasPppoe - ok
00:42:19.0903 7124 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:42:19.0970 7124 RasSstp - ok
00:42:20.0033 7124 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:42:20.0092 7124 rdbss - ok
00:42:20.0122 7124 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
00:42:20.0195 7124 rdpbus - ok
00:42:20.0236 7124 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:42:20.0273 7124 RDPCDD - ok
00:42:20.0284 7124 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:42:20.0373 7124 RDPENCDD - ok
00:42:20.0504 7124 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:42:20.0542 7124 RDPREFMP - ok
00:42:20.0594 7124 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:42:20.0642 7124 RdpVideoMiniport - ok
00:42:20.0709 7124 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:42:20.0736 7124 RDPWD - ok
00:42:20.0801 7124 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:42:20.0945 7124 rdyboost - ok
00:42:21.0139 7124 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:42:21.0158 7124 RegSrvc - ok
00:42:21.0244 7124 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:42:21.0372 7124 RemoteAccess - ok
00:42:21.0496 7124 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:42:21.0552 7124 RemoteRegistry - ok
00:42:21.0576 7124 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:42:21.0625 7124 RFCOMM - ok
00:42:21.0712 7124 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:42:21.0761 7124 RpcEptMapper - ok
00:42:21.0826 7124 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:42:21.0852 7124 RpcLocator - ok
00:42:21.0994 7124 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:42:22.0041 7124 RpcSs - ok
00:42:22.0091 7124 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:42:22.0140 7124 rspndr - ok
00:42:22.0257 7124 [ 40817D2DA49866C55781DB7601ABCEC1 ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys
00:42:22.0288 7124 RSUSBVSTOR - ok
00:42:22.0492 7124 [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:42:22.0514 7124 RTL8167 - ok
00:42:22.0535 7124 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:42:22.0546 7124 SamSs - ok
00:42:22.0560 7124 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:42:22.0588 7124 sbp2port - ok
00:42:22.0665 7124 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:42:22.0717 7124 SCardSvr - ok
00:42:22.0804 7124 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:42:22.0932 7124 scfilter - ok
00:42:23.0071 7124 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:42:23.0151 7124 Schedule - ok
00:42:23.0181 7124 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:42:23.0230 7124 SCPolicySvc - ok
00:42:23.0282 7124 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:42:23.0373 7124 SDRSVC - ok
00:42:23.0430 7124 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
00:42:23.0449 7124 SDScannerService - ok
00:42:23.0478 7124 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
00:42:23.0499 7124 SDUpdateService - ok
00:42:23.0523 7124 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
00:42:23.0534 7124 SDWSCService - ok
00:42:23.0560 7124 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:42:23.0598 7124 secdrv - ok
00:42:23.0619 7124 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:42:23.0645 7124 seclogon - ok
00:42:23.0658 7124 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
00:42:23.0697 7124 SENS - ok
00:42:23.0713 7124 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:42:23.0729 7124 SensrSvc - ok
00:42:23.0752 7124 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
00:42:23.0778 7124 Serenum - ok
00:42:23.0805 7124 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
00:42:23.0838 7124 Serial - ok
00:42:23.0859 7124 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:42:23.0905 7124 sermouse - ok
00:42:23.0973 7124 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:42:24.0078 7124 SessionEnv - ok
00:42:24.0111 7124 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:42:24.0124 7124 sffdisk - ok
00:42:24.0146 7124 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:42:24.0202 7124 sffp_mmc - ok
00:42:24.0222 7124 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:42:24.0284 7124 sffp_sd - ok
00:42:24.0734 7124 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:42:24.0758 7124 sfloppy - ok
00:42:24.0809 7124 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:42:24.0838 7124 SharedAccess - ok
00:42:24.0875 7124 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:42:24.0963 7124 ShellHWDetection - ok
00:42:25.0038 7124 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
00:42:25.0069 7124 SiSRaid2 - ok
00:42:25.0094 7124 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:42:25.0114 7124 SiSRaid4 - ok
00:42:25.0162 7124 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:42:25.0171 7124 SkypeUpdate - ok
00:42:25.0206 7124 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
00:42:25.0215 7124 SmartDefragDriver - ok
00:42:25.0277 7124 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:42:25.0327 7124 Smb - ok
00:42:25.0365 7124 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:42:25.0387 7124 SNMPTRAP - ok
00:42:25.0436 7124 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:42:25.0467 7124 spldr - ok
00:42:25.0556 7124 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:42:25.0571 7124 Spooler - ok
00:42:25.0754 7124 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:42:25.0822 7124 sppsvc - ok
00:42:25.0841 7124 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:42:25.0868 7124 sppuinotify - ok
00:42:25.0900 7124 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:42:25.0943 7124 srv - ok
00:42:25.0963 7124 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:42:25.0991 7124 srv2 - ok
00:42:26.0027 7124 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:42:26.0038 7124 srvnet - ok
00:42:26.0068 7124 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:42:26.0096 7124 SSDPSRV - ok
00:42:26.0106 7124 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:42:26.0133 7124 SstpSvc - ok
00:42:26.0147 7124 Steam Client Service - ok
00:42:26.0174 7124 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
00:42:26.0184 7124 stexstor - ok
00:42:26.0308 7124 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:42:26.0338 7124 stisvc - ok
00:42:26.0367 7124 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:42:26.0376 7124 swenum - ok
00:42:26.0423 7124 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:42:26.0523 7124 swprv - ok
00:42:26.0664 7124 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:42:26.0714 7124 SysMain - ok
00:42:26.0757 7124 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:42:26.0812 7124 TabletInputService - ok
00:42:26.0876 7124 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:42:26.0949 7124 TapiSrv - ok
00:42:27.0037 7124 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:42:27.0065 7124 TBS - ok
00:42:27.0175 7124 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:42:27.0229 7124 Tcpip - ok
00:42:27.0306 7124 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:42:27.0350 7124 TCPIP6 - ok
00:42:27.0397 7124 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:42:27.0420 7124 tcpipreg - ok
00:42:27.0479 7124 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:42:27.0512 7124 TDPIPE - ok
00:42:27.0575 7124 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:42:27.0617 7124 TDTCP - ok
00:42:27.0662 7124 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:42:27.0688 7124 tdx - ok
00:42:27.0705 7124 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:42:27.0714 7124 TermDD - ok
00:42:27.0807 7124 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:42:27.0865 7124 TermService - ok
00:42:27.0889 7124 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:42:27.0903 7124 Themes - ok
00:42:27.0921 7124 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:42:27.0948 7124 THREADORDER - ok
00:42:27.0976 7124 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:42:28.0014 7124 TrkWks - ok
00:42:28.0064 7124 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:42:28.0091 7124 TrustedInstaller - ok
00:42:28.0123 7124 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:42:28.0159 7124 tssecsrv - ok
00:42:28.0181 7124 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:42:28.0197 7124 TsUsbFlt - ok
00:42:28.0223 7124 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
00:42:28.0233 7124 TsUsbGD - ok
00:42:28.0246 7124 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:42:28.0288 7124 tunnel - ok
00:42:28.0318 7124 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
00:42:28.0332 7124 TurboB - ok
00:42:28.0393 7124 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:42:28.0406 7124 TurboBoost - ok
00:42:28.0422 7124 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:42:28.0432 7124 uagp35 - ok
00:42:28.0461 7124 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:42:28.0498 7124 udfs - ok
00:42:28.0540 7124 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:42:28.0551 7124 UI0Detect - ok
00:42:28.0565 7124 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:42:28.0575 7124 uliagpkx - ok
00:42:28.0588 7124 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:42:28.0608 7124 umbus - ok
00:42:28.0628 7124 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
00:42:28.0652 7124 UmPass - ok
00:42:28.0723 7124 [ 0DFC9713D117B349E41A2A477448107A ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:42:28.0735 7124 UNS - ok
00:42:28.0760 7124 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:42:28.0842 7124 upnphost - ok
00:42:28.0869 7124 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:42:28.0885 7124 USBAAPL64 - ok
00:42:28.0910 7124 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:42:28.0932 7124 usbccgp - ok
00:42:28.0963 7124 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:42:28.0977 7124 usbcir - ok
00:42:29.0000 7124 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:42:29.0022 7124 usbehci - ok
00:42:29.0058 7124 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:42:29.0081 7124 usbhub - ok
00:42:29.0097 7124 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:42:29.0122 7124 usbohci - ok
00:42:29.0153 7124 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:42:29.0179 7124 usbprint - ok
00:42:29.0211 7124 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:42:29.0224 7124 usbscan - ok
00:42:29.0243 7124 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:42:29.0271 7124 USBSTOR - ok
00:42:29.0297 7124 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:42:29.0307 7124 usbuhci - ok
00:42:29.0333 7124 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:42:29.0346 7124 usbvideo - ok
00:42:29.0365 7124 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:42:29.0400 7124 UxSms - ok
00:42:29.0424 7124 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:42:29.0434 7124 VaultSvc - ok
00:42:29.0455 7124 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:42:29.0465 7124 vdrvroot - ok
00:42:29.0494 7124 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:42:29.0536 7124 vds - ok
00:42:29.0562 7124 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:42:29.0575 7124 vga - ok
00:42:29.0595 7124 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:42:29.0669 7124 VgaSave - ok
00:42:29.0687 7124 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:42:29.0699 7124 vhdmp - ok
00:42:29.0723 7124 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:42:29.0732 7124 viaide - ok
00:42:29.0754 7124 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:42:29.0764 7124 volmgr - ok
00:42:29.0787 7124 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:42:29.0801 7124 volmgrx - ok
00:42:29.0818 7124 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:42:29.0831 7124 volsnap - ok
00:42:29.0853 7124 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:42:29.0864 7124 vsmraid - ok
00:42:29.0913 7124 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:42:29.0987 7124 VSS - ok
00:42:30.0013 7124 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:42:30.0063 7124 vwifibus - ok
00:42:30.0094 7124 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:42:30.0132 7124 vwififlt - ok

#10 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 05 January 2013 - 06:12 AM

TDSSKiller log part 2:

00:42:30.0150 7124 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:42:30.0164 7124 vwifimp - ok
00:42:30.0203 7124 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:42:30.0269 7124 W32Time - ok
00:42:30.0302 7124 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:42:30.0320 7124 WacomPen - ok
00:42:30.0352 7124 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:42:30.0393 7124 WANARP - ok
00:42:30.0401 7124 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:42:30.0427 7124 Wanarpv6 - ok
00:42:30.0483 7124 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:42:30.0539 7124 WatAdminSvc - ok
00:42:30.0603 7124 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:42:30.0684 7124 wbengine - ok
00:42:30.0715 7124 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:42:30.0732 7124 WbioSrvc - ok
00:42:30.0751 7124 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:42:30.0776 7124 wcncsvc - ok
00:42:30.0797 7124 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:42:30.0809 7124 WcsPlugInService - ok
00:42:30.0843 7124 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
00:42:30.0863 7124 Wd - ok
00:42:30.0913 7124 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:42:30.0960 7124 Wdf01000 - ok
00:42:30.0991 7124 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:42:31.0021 7124 WdiServiceHost - ok
00:42:31.0035 7124 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:42:31.0061 7124 WdiSystemHost - ok
00:42:31.0081 7124 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:42:31.0111 7124 WebClient - ok
00:42:31.0134 7124 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:42:31.0175 7124 Wecsvc - ok
00:42:31.0196 7124 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:42:31.0224 7124 wercplsupport - ok
00:42:31.0244 7124 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:42:31.0271 7124 WerSvc - ok
00:42:31.0295 7124 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:42:31.0321 7124 WfpLwf - ok
00:42:31.0359 7124 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
00:42:31.0371 7124 WimFltr - ok
00:42:31.0383 7124 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:42:31.0393 7124 WIMMount - ok
00:42:31.0406 7124 WinDefend - ok
00:42:31.0428 7124 WinHttpAutoProxySvc - ok
00:42:31.0488 7124 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:42:31.0525 7124 Winmgmt - ok
00:42:31.0594 7124 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:42:31.0680 7124 WinRM - ok
00:42:31.0727 7124 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:42:31.0740 7124 WinUsb - ok
00:42:31.0783 7124 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:42:31.0827 7124 Wlansvc - ok
00:42:31.0873 7124 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:42:31.0893 7124 wlcrasvc - ok
00:42:31.0966 7124 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:42:32.0008 7124 wlidsvc - ok
00:42:32.0038 7124 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:42:32.0075 7124 WmiAcpi - ok
00:42:32.0141 7124 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:42:32.0179 7124 wmiApSrv - ok
00:42:32.0218 7124 WMPNetworkSvc - ok
00:42:32.0252 7124 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:42:32.0272 7124 WPCSvc - ok
00:42:32.0300 7124 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:42:32.0313 7124 WPDBusEnum - ok
00:42:32.0339 7124 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:42:32.0366 7124 ws2ifsl - ok
00:42:32.0384 7124 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
00:42:32.0417 7124 wscsvc - ok
00:42:32.0426 7124 WSearch - ok
00:42:32.0514 7124 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:42:32.0553 7124 wuauserv - ok
00:42:32.0587 7124 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:42:32.0618 7124 WudfPf - ok
00:42:32.0639 7124 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:42:32.0670 7124 WUDFRd - ok
00:42:32.0698 7124 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:42:32.0710 7124 wudfsvc - ok
00:42:32.0750 7124 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:42:32.0794 7124 WwanSvc - ok
00:42:32.0864 7124 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
00:42:32.0889 7124 ZeroConfigService - ok
00:42:32.0934 7124 ================ Scan global ===============================
00:42:32.0975 7124 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:42:33.0008 7124 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
00:42:33.0013 7124 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
00:42:33.0031 7124 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:42:33.0061 7124 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:42:33.0064 7124 [Global] - ok
00:42:33.0064 7124 ================ Scan MBR ==================================
00:42:33.0072 7124 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:42:33.0718 7124 \Device\Harddisk0\DR0 - ok
00:42:33.0719 7124 ================ Scan VBR ==================================
00:42:33.0754 7124 [ 715EF1D0DCA356655DFF4670781C37DB ] \Device\Harddisk0\DR0\Partition1
00:42:33.0756 7124 \Device\Harddisk0\DR0\Partition1 - ok
00:42:33.0771 7124 [ DF6BC9F50CFFBEC340DA8051D7675095 ] \Device\Harddisk0\DR0\Partition2
00:42:33.0773 7124 \Device\Harddisk0\DR0\Partition2 - ok
00:42:33.0809 7124 [ D05ED8AA2F79CD81952BD8A0D2012F12 ] \Device\Harddisk0\DR0\Partition3
00:42:33.0809 7124 \Device\Harddisk0\DR0\Partition3 - ok
00:42:33.0810 7124 ================ Scan active images ========================
00:42:33.0813 7124 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
00:42:33.0813 7124 C:\Windows\System32\drivers\crashdmp.sys - ok
00:42:33.0817 7124 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
00:42:33.0817 7124 C:\Windows\System32\drivers\dumpfve.sys - ok
00:42:33.0822 7124 [ C224331A54571C8C9162F7714400BBBD ] C:\Windows\System32\drivers\iaStor.sys
00:42:33.0822 7124 C:\Windows\System32\drivers\iaStor.sys - ok
00:42:33.0827 7124 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
00:42:33.0827 7124 C:\Windows\System32\drivers\beep.sys - ok
00:42:33.0832 7124 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
00:42:33.0832 7124 C:\Windows\System32\drivers\cdrom.sys - ok
00:42:33.0837 7124 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
00:42:33.0837 7124 C:\Windows\System32\drivers\null.sys - ok
00:42:33.0842 7124 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
00:42:33.0842 7124 C:\Windows\System32\drivers\RDPCDD.sys - ok
00:42:33.0846 7124 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
00:42:33.0846 7124 C:\Windows\System32\drivers\vga.sys - ok
00:42:33.0849 7124 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
00:42:33.0849 7124 C:\Windows\System32\drivers\videoprt.sys - ok
00:42:33.0851 7124 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
00:42:33.0851 7124 C:\Windows\System32\drivers\watchdog.sys - ok
00:42:33.0853 7124 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
00:42:33.0853 7124 C:\Windows\System32\drivers\msfs.sys - ok
00:42:33.0855 7124 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
00:42:33.0855 7124 C:\Windows\System32\drivers\npfs.sys - ok
00:42:33.0858 7124 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
00:42:33.0858 7124 C:\Windows\System32\drivers\RDPENCDD.sys - ok
00:42:33.0860 7124 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
00:42:33.0860 7124 C:\Windows\System32\drivers\RDPREFMP.sys - ok
00:42:33.0862 7124 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
00:42:33.0862 7124 C:\Windows\System32\drivers\afd.sys - ok
00:42:33.0864 7124 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
00:42:33.0864 7124 C:\Windows\System32\drivers\netbt.sys - ok
00:42:33.0867 7124 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
00:42:33.0867 7124 C:\Windows\System32\drivers\tdi.sys - ok
00:42:33.0869 7124 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
00:42:33.0869 7124 C:\Windows\System32\drivers\tdx.sys - ok
00:42:33.0871 7124 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
00:42:33.0871 7124 C:\Windows\System32\drivers\netbios.sys - ok
00:42:33.0874 7124 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
00:42:33.0874 7124 C:\Windows\System32\drivers\pacer.sys - ok
00:42:33.0876 7124 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
00:42:33.0876 7124 C:\Windows\System32\drivers\vwififlt.sys - ok
00:42:33.0878 7124 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
00:42:33.0878 7124 C:\Windows\System32\drivers\wanarp.sys - ok
00:42:33.0880 7124 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
00:42:33.0880 7124 C:\Windows\System32\drivers\wfplwf.sys - ok
00:42:33.0883 7124 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
00:42:33.0883 7124 C:\Windows\System32\drivers\ws2ifsl.sys - ok
00:42:33.0885 7124 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
00:42:33.0885 7124 C:\Windows\System32\drivers\discache.sys - ok
00:42:33.0887 7124 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
00:42:33.0887 7124 C:\Windows\System32\drivers\mssmbios.sys - ok
00:42:33.0890 7124 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
00:42:33.0890 7124 C:\Windows\System32\drivers\nsiproxy.sys - ok
00:42:33.0892 7124 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
00:42:33.0892 7124 C:\Windows\System32\drivers\rdbss.sys - ok
00:42:33.0894 7124 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
00:42:33.0894 7124 C:\Windows\System32\drivers\termdd.sys - ok
00:42:33.0896 7124 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
00:42:33.0896 7124 C:\Windows\System32\drivers\blbdrive.sys - ok
00:42:33.0898 7124 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
00:42:33.0898 7124 C:\Windows\System32\drivers\dfsc.sys - ok
00:42:33.0901 7124 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
00:42:33.0901 7124 C:\Windows\System32\drivers\tunnel.sys - ok
00:42:33.0903 7124 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
00:42:33.0903 7124 C:\Windows\System32\ntdll.dll - ok
00:42:33.0905 7124 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
00:42:33.0905 7124 C:\Windows\System32\smss.exe - ok
00:42:33.0907 7124 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
00:42:33.0907 7124 C:\Windows\System32\autochk.exe - ok
00:42:33.0909 7124 [ 92D664FFFCD9E742FB25254F7F458D88 ] C:\Windows\System32\drivers\atikmpag.sys
00:42:33.0909 7124 C:\Windows\System32\drivers\atikmpag.sys - ok
00:42:33.0912 7124 [ BFA5E854959D5546D8834CA61F4AD075 ] C:\Windows\System32\drivers\atikmdag.sys
00:42:33.0912 7124 C:\Windows\System32\drivers\atikmdag.sys - ok
00:42:33.0914 7124 [ 11BA677667432A99CA261A472A2C29B8 ] C:\Windows\System32\drivers\igdpmd64.sys
00:42:33.0914 7124 C:\Windows\System32\drivers\igdpmd64.sys - ok
00:42:33.0916 7124 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
00:42:33.0916 7124 C:\Windows\System32\drivers\dxgkrnl.sys - ok
00:42:33.0918 7124 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
00:42:33.0918 7124 C:\Windows\System32\drivers\dxgmms1.sys - ok
00:42:33.0921 7124 [ 0F1756D9396740F053221FA6260FCE66 ] C:\Windows\System32\drivers\iusb3xhc.sys
00:42:33.0921 7124 C:\Windows\System32\drivers\iusb3xhc.sys - ok
00:42:33.0923 7124 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
00:42:33.0923 7124 C:\Windows\System32\drivers\usbd.sys - ok
00:42:33.0925 7124 [ 6B01B7414A105B9E51652089A03027CF ] C:\Windows\System32\drivers\HECIx64.sys
00:42:33.0925 7124 C:\Windows\System32\drivers\HECIx64.sys - ok
00:42:33.0927 7124 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
00:42:33.0927 7124 C:\Windows\System32\drivers\usbehci.sys - ok
00:42:33.0930 7124 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
00:42:33.0930 7124 C:\Windows\System32\drivers\usbport.sys - ok
00:42:33.0932 7124 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
00:42:33.0932 7124 C:\Windows\System32\drivers\hdaudbus.sys - ok
00:42:33.0934 7124 [ 7F4F11527AF5A7E4526CB6A146B3E40C ] C:\Windows\System32\drivers\Rt64win7.sys
00:42:33.0934 7124 C:\Windows\System32\drivers\Rt64win7.sys - ok
00:42:33.0936 7124 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] C:\Windows\System32\drivers\NETwNs64.sys
00:42:33.0937 7124 C:\Windows\System32\drivers\NETwNs64.sys - ok
00:42:33.0939 7124 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
00:42:33.0939 7124 C:\Windows\System32\drivers\vwifibus.sys - ok
00:42:33.0941 7124 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
00:42:33.0941 7124 C:\Windows\System32\drivers\CmBatt.sys - ok
00:42:33.0943 7124 [ 9F819F324CC4141FAFD5F44B0EAFB1C2 ] C:\Windows\System32\drivers\ETD.sys
00:42:33.0943 7124 C:\Windows\System32\drivers\ETD.sys - ok
00:42:33.0945 7124 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
00:42:33.0945 7124 C:\Windows\System32\drivers\i8042prt.sys - ok
00:42:33.0948 7124 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
00:42:33.0948 7124 C:\Windows\System32\drivers\kbdclass.sys - ok
00:42:33.0950 7124 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
00:42:33.0950 7124 C:\Windows\System32\drivers\mouclass.sys - ok
00:42:33.0952 7124 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] C:\Windows\System32\drivers\AmpPal.sys
00:42:33.0952 7124 C:\Windows\System32\drivers\AmpPal.sys - ok
00:42:33.0954 7124 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
00:42:33.0954 7124 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
00:42:33.0957 7124 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
00:42:33.0957 7124 C:\Windows\System32\drivers\intelppm.sys - ok
00:42:33.0959 7124 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
00:42:33.0959 7124 C:\Windows\System32\drivers\wmiacpi.sys - ok
00:42:33.0961 7124 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
00:42:33.0961 7124 C:\Windows\System32\drivers\agilevpn.sys - ok
00:42:33.0963 7124 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
00:42:33.0964 7124 C:\Windows\System32\drivers\CompositeBus.sys - ok
00:42:33.0966 7124 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
00:42:33.0966 7124 C:\Windows\System32\drivers\ndistapi.sys - ok
00:42:33.0968 7124 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
00:42:33.0968 7124 C:\Windows\System32\drivers\ndiswan.sys - ok
00:42:33.0970 7124 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
00:42:33.0970 7124 C:\Windows\System32\drivers\rasl2tp.sys - ok
00:42:33.0973 7124 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
00:42:33.0973 7124 C:\Windows\System32\drivers\raspppoe.sys - ok
00:42:33.0975 7124 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
00:42:33.0975 7124 C:\Windows\System32\drivers\raspptp.sys - ok
00:42:33.0977 7124 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
00:42:33.0977 7124 C:\Windows\System32\drivers\rassstp.sys - ok
00:42:33.0979 7124 [ 716F66336F10885D935B08174DC54242 ] C:\Windows\System32\drivers\iwdbus.sys
00:42:33.0979 7124 C:\Windows\System32\drivers\iwdbus.sys - ok
00:42:33.0981 7124 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
00:42:33.0981 7124 C:\Windows\System32\drivers\ks.sys - ok
00:42:33.0984 7124 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
00:42:33.0984 7124 C:\Windows\System32\drivers\swenum.sys - ok
00:42:33.0986 7124 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
00:42:33.0986 7124 C:\Windows\System32\drivers\umbus.sys - ok
00:42:33.0988 7124 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
00:42:33.0988 7124 C:\Windows\System32\drivers\usbhub.sys - ok
00:42:33.0990 7124 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
00:42:33.0990 7124 C:\Windows\System32\drivers\ndproxy.sys - ok
00:42:33.0992 7124 [ F080EADA8715F811B58BD35BB774F2F9 ] C:\Windows\System32\drivers\iusb3hub.sys
00:42:33.0993 7124 C:\Windows\System32\drivers\iusb3hub.sys - ok
00:42:33.0995 7124 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
00:42:33.0995 7124 C:\Windows\System32\drivers\drmk.sys - ok
00:42:33.0997 7124 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
00:42:33.0997 7124 C:\Windows\System32\drivers\portcls.sys - ok
00:42:33.0999 7124 [ 97238AC8006C14EAF80E374D3B81C2B3 ] C:\Windows\System32\drivers\CHDRT64.sys
00:42:33.0999 7124 C:\Windows\System32\drivers\CHDRT64.sys - ok
00:42:34.0001 7124 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] C:\Windows\System32\drivers\IntcDAud.sys
00:42:34.0001 7124 C:\Windows\System32\drivers\IntcDAud.sys - ok
00:42:34.0004 7124 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
00:42:34.0004 7124 C:\Windows\System32\drivers\ksthunk.sys - ok
00:42:34.0006 7124 [ 40817D2DA49866C55781DB7601ABCEC1 ] C:\Windows\System32\drivers\RtsUVStor.sys
00:42:34.0006 7124 C:\Windows\System32\drivers\RtsUVStor.sys - ok
00:42:34.0008 7124 [ C0EAF4F2367C44157E1DE4817238FEC2 ] C:\Windows\System32\drivers\mfeavfk.sys
00:42:34.0008 7124 C:\Windows\System32\drivers\mfeavfk.sys - ok
00:42:34.0010 7124 [ 6856931F9F5B757E9D09369CC35096B9 ] C:\Windows\System32\drivers\mfefirek.sys
00:42:34.0010 7124 C:\Windows\System32\drivers\mfefirek.sys - ok
00:42:34.0013 7124 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] C:\Windows\System32\drivers\btmhsf.sys
00:42:34.0013 7124 C:\Windows\System32\drivers\btmhsf.sys - ok
00:42:34.0015 7124 [ 60CC7AE9AEDB4D1E7923BD053B176D97 ] C:\Windows\System32\drivers\iBtFltCoex.sys
00:42:34.0015 7124 C:\Windows\System32\drivers\iBtFltCoex.sys - ok
00:42:34.0017 7124 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
00:42:34.0017 7124 C:\Windows\System32\drivers\bthport.sys - ok
00:42:34.0019 7124 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
00:42:34.0019 7124 C:\Windows\System32\drivers\BTHUSB.SYS - ok
00:42:34.0022 7124 [ 19AD7990C0B67E48DAC5B26F99628223 ] C:\Windows\System32\drivers\usbccgp.sys
00:42:34.0022 7124 C:\Windows\System32\drivers\usbccgp.sys - ok
00:42:34.0024 7124 [ DF214BFF646880D0EB31BDC86136B29B ] C:\Windows\System32\drivers\CtClsFlt.sys
00:42:34.0024 7124 C:\Windows\System32\drivers\CtClsFlt.sys - ok
00:42:34.0026 7124 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
00:42:34.0026 7124 C:\Windows\System32\drivers\usbvideo.sys - ok
00:42:34.0028 7124 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
00:42:34.0028 7124 C:\Windows\System32\drivers\bthenum.sys - ok
00:42:34.0031 7124 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
00:42:34.0031 7124 C:\Windows\System32\drivers\bthpan.sys - ok
00:42:34.0033 7124 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
00:42:34.0033 7124 C:\Windows\System32\drivers\rfcomm.sys - ok
00:42:34.0035 7124 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] C:\Windows\System32\drivers\bthmodem.sys
00:42:34.0035 7124 C:\Windows\System32\drivers\bthmodem.sys - ok
00:42:34.0037 7124 [ 988CC6CC49303665D3B2435C51505C3F ] C:\Windows\System32\drivers\btmaux.sys
00:42:34.0037 7124 C:\Windows\System32\drivers\btmaux.sys - ok
00:42:34.0039 7124 [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
00:42:34.0040 7124 C:\Windows\System32\drivers\modem.sys - ok
00:42:34.0042 7124 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
00:42:34.0042 7124 C:\Windows\System32\urlmon.dll - ok
00:42:34.0044 7124 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
00:42:34.0044 7124 C:\Windows\System32\Wldap32.dll - ok
00:42:34.0046 7124 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
00:42:34.0046 7124 C:\Windows\System32\normaliz.dll - ok
00:42:34.0048 7124 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
00:42:34.0048 7124 C:\Windows\System32\ole32.dll - ok
00:42:34.0050 7124 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
00:42:34.0050 7124 C:\Windows\System32\clbcatq.dll - ok
00:42:34.0052 7124 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
00:42:34.0052 7124 C:\Windows\System32\shell32.dll - ok
00:42:34.0055 7124 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
00:42:34.0055 7124 C:\Windows\System32\user32.dll - ok
00:42:34.0057 7124 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
00:42:34.0057 7124 C:\Windows\System32\gdi32.dll - ok
00:42:34.0059 7124 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
00:42:34.0059 7124 C:\Windows\System32\lpk.dll - ok
00:42:34.0061 7124 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
00:42:34.0061 7124 C:\Windows\System32\nsi.dll - ok
00:42:34.0063 7124 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
00:42:34.0063 7124 C:\Windows\System32\wininet.dll - ok
00:42:34.0064 7124 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
00:42:34.0064 7124 C:\Windows\System32\psapi.dll - ok
00:42:34.0067 7124 [ 6F6D81F3D513D927EB6D393EEC7FF851 ] C:\Windows\System32\usp10.dll
00:42:34.0067 7124 C:\Windows\System32\usp10.dll - ok
00:42:34.0069 7124 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
00:42:34.0069 7124 C:\Windows\System32\imagehlp.dll - ok
00:42:34.0072 7124 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
00:42:34.0072 7124 C:\Windows\System32\imm32.dll - ok
00:42:34.0074 7124 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
00:42:34.0074 7124 C:\Windows\System32\rpcrt4.dll - ok
00:42:34.0076 7124 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
00:42:34.0076 7124 C:\Windows\System32\setupapi.dll - ok
00:42:34.0078 7124 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
00:42:34.0078 7124 C:\Windows\System32\kernel32.dll - ok
00:42:34.0080 7124 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
00:42:34.0080 7124 C:\Windows\System32\msctf.dll - ok
00:42:34.0083 7124 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
00:42:34.0083 7124 C:\Windows\System32\ws2_32.dll - ok
00:42:34.0085 7124 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
00:42:34.0085 7124 C:\Windows\System32\iertutil.dll - ok
00:42:34.0087 7124 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
00:42:34.0087 7124 C:\Windows\System32\comdlg32.dll - ok
00:42:34.0089 7124 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
00:42:34.0089 7124 C:\Windows\System32\advapi32.dll - ok
00:42:34.0091 7124 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
00:42:34.0091 7124 C:\Windows\System32\shlwapi.dll - ok
00:42:34.0093 7124 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
00:42:34.0093 7124 C:\Windows\System32\msvcrt.dll - ok
00:42:34.0096 7124 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
00:42:34.0096 7124 C:\Windows\System32\oleaut32.dll - ok
00:42:34.0098 7124 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
00:42:34.0098 7124 C:\Windows\System32\difxapi.dll - ok
00:42:34.0100 7124 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
00:42:34.0100 7124 C:\Windows\System32\sechost.dll - ok
00:42:34.0102 7124 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
00:42:34.0102 7124 C:\Windows\System32\comctl32.dll - ok
00:42:34.0104 7124 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
00:42:34.0104 7124 C:\Windows\System32\cfgmgr32.dll - ok
00:42:34.0107 7124 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
00:42:34.0107 7124 C:\Windows\System32\crypt32.dll - ok
00:42:34.0109 7124 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
00:42:34.0109 7124 C:\Windows\System32\devobj.dll - ok
00:42:34.0111 7124 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
00:42:34.0111 7124 C:\Windows\System32\KernelBase.dll - ok
00:42:34.0113 7124 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
00:42:34.0113 7124 C:\Windows\System32\wintrust.dll - ok
00:42:34.0115 7124 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
00:42:34.0115 7124 C:\Windows\System32\msasn1.dll - ok
00:42:34.0117 7124 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
00:42:34.0117 7124 C:\Windows\SysWOW64\normaliz.dll - ok
00:42:34.0119 7124 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
00:42:34.0119 7124 C:\Windows\System32\drivers\dxapi.sys - ok
00:42:34.0122 7124 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
00:42:34.0122 7124 C:\Windows\System32\win32k.sys - ok
00:42:34.0124 7124 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
00:42:34.0124 7124 C:\Windows\System32\csrsrv.dll - ok
00:42:34.0126 7124 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
00:42:34.0126 7124 C:\Windows\System32\csrss.exe - ok
00:42:34.0128 7124 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
00:42:34.0128 7124 C:\Windows\System32\basesrv.dll - ok
00:42:34.0130 7124 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
00:42:34.0130 7124 C:\Windows\System32\winsrv.dll - ok
00:42:34.0132 7124 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
00:42:34.0132 7124 C:\Windows\System32\drivers\monitor.sys - ok
00:42:34.0134 7124 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
00:42:34.0134 7124 C:\Windows\System32\profapi.dll - ok
00:42:34.0137 7124 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
00:42:34.0137 7124 C:\Windows\System32\sxssrv.dll - ok
00:42:34.0139 7124 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
00:42:34.0139 7124 C:\Windows\System32\tsddd.dll - ok
00:42:34.0141 7124 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
00:42:34.0141 7124 C:\Windows\System32\wininit.exe - ok
00:42:34.0143 7124 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
00:42:34.0143 7124 C:\Windows\System32\cdd.dll - ok
00:42:34.0145 7124 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
00:42:34.0145 7124 C:\Windows\System32\KBDUK.DLL - ok
00:42:34.0147 7124 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
00:42:34.0147 7124 C:\Windows\System32\RpcRtRemote.dll - ok
00:42:34.0149 7124 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
00:42:34.0149 7124 C:\Windows\System32\sxs.dll - ok
00:42:34.0151 7124 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
00:42:34.0152 7124 C:\Windows\System32\WlS0WndH.dll - ok
00:42:34.0154 7124 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
00:42:34.0154 7124 C:\Windows\System32\cryptbase.dll - ok
00:42:34.0156 7124 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
00:42:34.0156 7124 C:\Windows\System32\apphelp.dll - ok
00:42:34.0158 7124 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
00:42:34.0158 7124 C:\Windows\System32\lsass.exe - ok
00:42:34.0160 7124 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
00:42:34.0160 7124 C:\Windows\System32\lsm.exe - ok
00:42:34.0162 7124 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
00:42:34.0162 7124 C:\Windows\System32\services.exe - ok
00:42:34.0164 7124 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
00:42:34.0164 7124 C:\Windows\System32\sspicli.dll - ok
00:42:34.0167 7124 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
00:42:34.0167 7124 C:\Windows\System32\sspisrv.dll - ok
00:42:34.0169 7124 [ 8784236EED5079493DA9FC95B28B89F8 ] C:\Windows\System32\WerFault.exe
00:42:34.0169 7124 C:\Windows\System32\WerFault.exe - ok
00:42:34.0171 7124 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
00:42:34.0171 7124 C:\Windows\System32\lsasrv.dll - ok
00:42:34.0173 7124 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
00:42:34.0173 7124 C:\Windows\System32\samsrv.dll - ok
00:42:34.0175 7124 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
00:42:34.0175 7124 C:\Windows\System32\scesrv.dll - ok
00:42:34.0177 7124 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
00:42:34.0177 7124 C:\Windows\System32\scext.dll - ok
00:42:34.0179 7124 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
00:42:34.0179 7124 C:\Windows\System32\secur32.dll - ok
00:42:34.0181 7124 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
00:42:34.0181 7124 C:\Windows\System32\srvcli.dll - ok
00:42:34.0184 7124 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
00:42:34.0184 7124 C:\Windows\System32\sysntfy.dll - ok
00:42:34.0186 7124 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
00:42:34.0186 7124 C:\Windows\System32\wer.dll - ok
00:42:34.0188 7124 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
00:42:34.0188 7124 C:\Windows\System32\wmsgapi.dll - ok
00:42:34.0190 7124 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
00:42:34.0190 7124 C:\Windows\System32\cryptdll.dll - ok
00:42:34.0192 7124 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
00:42:34.0192 7124 C:\Windows\System32\wevtapi.dll - ok
00:42:34.0195 7124 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
00:42:34.0195 7124 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
00:42:34.0197 7124 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
00:42:34.0197 7124 C:\Windows\System32\authz.dll - ok
00:42:34.0199 7124 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
00:42:34.0199 7124 C:\Windows\System32\cngaudit.dll - ok
00:42:34.0201 7124 [ 9B3718651DDE8A75FC4E8D6542A250D8 ] C:\Windows\System32\ncrypt.dll
00:42:34.0201 7124 C:\Windows\System32\ncrypt.dll - ok
00:42:34.0204 7124 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
00:42:34.0204 7124 C:\Windows\System32\bcrypt.dll - ok
00:42:34.0206 7124 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
00:42:34.0206 7124 C:\Windows\System32\msprivs.dll - ok
00:42:34.0208 7124 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
00:42:34.0208 7124 C:\Windows\System32\netjoin.dll - ok
00:42:34.0210 7124 [ F152755F131ADFE452D534F4E9383590 ] C:\Windows\System32\Faultrep.dll
00:42:34.0210 7124 C:\Windows\System32\Faultrep.dll - ok
00:42:34.0212 7124 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
00:42:34.0212 7124 C:\Windows\System32\atmfd.dll - ok
00:42:34.0214 7124 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
00:42:34.0214 7124 C:\Windows\System32\negoexts.dll - ok
00:42:34.0216 7124 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
00:42:34.0216 7124 C:\Windows\System32\wkscli.dll - ok
00:42:34.0219 7124 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
00:42:34.0219 7124 C:\Windows\System32\kerberos.dll - ok
00:42:34.0221 7124 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
00:42:34.0221 7124 C:\Windows\System32\cryptsp.dll - ok
00:42:34.0223 7124 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
00:42:34.0223 7124 C:\Windows\System32\msv1_0.dll - ok
00:42:34.0225 7124 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
00:42:34.0225 7124 C:\Windows\System32\mswsock.dll - ok
00:42:34.0227 7124 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
00:42:34.0227 7124 C:\Windows\System32\version.dll - ok
00:42:34.0230 7124 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
00:42:34.0230 7124 C:\Windows\System32\wship6.dll - ok
00:42:34.0232 7124 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
00:42:34.0232 7124 C:\Windows\System32\netlogon.dll - ok
00:42:34.0234 7124 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
00:42:34.0234 7124 C:\Windows\System32\dnsapi.dll - ok
00:42:34.0236 7124 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
00:42:34.0236 7124 C:\Windows\System32\logoncli.dll - ok
00:42:34.0238 7124 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
00:42:34.0238 7124 C:\Windows\System32\schannel.dll - ok
00:42:34.0240 7124 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
00:42:34.0240 7124 C:\Windows\System32\wdigest.dll - ok
00:42:34.0243 7124 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
00:42:34.0243 7124 C:\Windows\System32\rsaenh.dll - ok
00:42:34.0245 7124 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
00:42:34.0245 7124 C:\Windows\System32\TSpkg.dll - ok
00:42:34.0247 7124 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
00:42:34.0247 7124 C:\Windows\System32\pku2u.dll - ok
00:42:34.0249 7124 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
00:42:34.0249 7124 C:\Windows\System32\LIVESSP.DLL - ok
00:42:34.0251 7124 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
00:42:34.0251 7124 C:\Windows\System32\bcryptprimitives.dll - ok
00:42:34.0253 7124 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
00:42:34.0253 7124 C:\Windows\System32\efslsaext.dll - ok
00:42:34.0255 7124 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
00:42:34.0255 7124 C:\Windows\System32\credssp.dll - ok
00:42:34.0258 7124 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
00:42:34.0258 7124 C:\Windows\System32\scecli.dll - ok
00:42:34.0260 7124 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
00:42:34.0260 7124 C:\Windows\System32\ubpm.dll - ok
00:42:34.0262 7124 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
00:42:34.0262 7124 C:\Windows\System32\netutils.dll - ok
00:42:34.0264 7124 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
00:42:34.0264 7124 C:\Windows\System32\winsta.dll - ok
00:42:34.0266 7124 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
00:42:34.0266 7124 C:\Windows\System32\SPInf.dll - ok
00:42:34.0268 7124 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
00:42:34.0268 7124 C:\Windows\System32\svchost.exe - ok
00:42:34.0270 7124 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
00:42:34.0270 7124 C:\Windows\System32\umpnpmgr.dll - ok
00:42:34.0273 7124 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
00:42:34.0273 7124 C:\Windows\System32\devrtl.dll - ok
00:42:34.0275 7124 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
00:42:34.0275 7124 C:\Windows\System32\userenv.dll - ok
00:42:34.0277 7124 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
00:42:34.0277 7124 C:\Windows\System32\gpapi.dll - ok
00:42:34.0279 7124 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
00:42:34.0279 7124 C:\Windows\System32\umpo.dll - ok
00:42:34.0281 7124 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
00:42:34.0281 7124 C:\Windows\System32\pcwum.dll - ok
00:42:34.0284 7124 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
00:42:34.0284 7124 C:\Windows\System32\powrprof.dll - ok
00:42:34.0286 7124 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
00:42:34.0286 7124 C:\Windows\System32\drivers\luafv.sys - ok
00:42:34.0288 7124 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
00:42:34.0288 7124 C:\Windows\System32\RpcEpMap.dll - ok
00:42:34.0290 7124 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
00:42:34.0290 7124 C:\Windows\System32\rpcss.dll - ok
00:42:34.0292 7124 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
00:42:34.0292 7124 C:\Windows\System32\wshqos.dll - ok
00:42:34.0294 7124 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
00:42:34.0294 7124 C:\Windows\System32\WSHTCPIP.DLL - ok
00:42:34.0296 7124 [ 2AED9A422EA1574C7D7EF9359A417718 ] C:\Windows\System32\atiesrxx.exe
00:42:34.0296 7124 C:\Windows\System32\atiesrxx.exe - ok
00:42:34.0299 7124 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
00:42:34.0299 7124 C:\Windows\System32\FirewallAPI.dll - ok
00:42:34.0301 7124 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
00:42:34.0301 7124 C:\Windows\System32\wtsapi32.dll - ok
00:42:34.0303 7124 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
00:42:34.0303 7124 C:\Windows\System32\winlogon.exe - ok
00:42:34.0306 7124 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
00:42:34.0306 7124 C:\Windows\System32\wevtsvc.dll - ok
00:42:34.0308 7124 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
00:42:34.0308 7124 C:\Windows\System32\adtschema.dll - ok
00:42:34.0310 7124 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
00:42:34.0310 7124 C:\Windows\System32\audiosrv.dll - ok
00:42:34.0312 7124 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
00:42:34.0312 7124 C:\Windows\System32\profsvc.dll - ok
00:42:34.0314 7124 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
00:42:34.0314 7124 C:\Windows\System32\avrt.dll - ok
00:42:34.0316 7124 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
00:42:34.0316 7124 C:\Windows\System32\mmcss.dll - ok
00:42:34.0318 7124 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
00:42:34.0318 7124 C:\Windows\System32\LogonUI.exe - ok
00:42:34.0320 7124 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
00:42:34.0320 7124 C:\Windows\System32\MMDevAPI.dll - ok
00:42:34.0322 7124 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
00:42:34.0322 7124 C:\Windows\System32\authui.dll - ok
00:42:34.0324 7124 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
00:42:34.0324 7124 C:\Windows\System32\propsys.dll - ok
00:42:34.0326 7124 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
00:42:34.0326 7124 C:\Windows\System32\netprofm.dll - ok
00:42:34.0329 7124 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
00:42:34.0329 7124 C:\Windows\System32\cryptui.dll - ok
00:42:34.0331 7124 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
00:42:34.0331 7124 C:\Windows\System32\audiodg.exe - ok
00:42:34.0333 7124 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
00:42:34.0333 7124 C:\Windows\System32\samlib.dll - ok
00:42:34.0335 7124 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
00:42:34.0335 7124 C:\Windows\System32\shacct.dll - ok
00:42:34.0337 7124 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
00:42:34.0337 7124 C:\Windows\System32\ntmarta.dll - ok
00:42:34.0339 7124 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
00:42:34.0339 7124 C:\Windows\System32\uxtheme.dll - ok
00:42:34.0341 7124 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
00:42:34.0341 7124 C:\Windows\System32\atl.dll - ok
00:42:34.0343 7124 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
00:42:34.0344 7124 C:\Windows\System32\gpsvc.dll - ok
00:42:34.0346 7124 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
00:42:34.0346 7124 C:\Windows\System32\themeservice.dll - ok
00:42:34.0348 7124 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
00:42:34.0348 7124 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
00:42:34.0350 7124 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
00:42:34.0350 7124 C:\Windows\System32\es.dll - ok
00:42:34.0352 7124 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
00:42:34.0352 7124 C:\Windows\System32\comres.dll - ok
00:42:34.0354 7124 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
00:42:34.0354 7124 C:\Windows\System32\Sens.dll - ok
00:42:34.0357 7124 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
00:42:34.0357 7124 C:\Windows\System32\drivers\lltdio.sys - ok
00:42:34.0359 7124 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
00:42:34.0359 7124 C:\Windows\System32\drivers\nwifi.sys - ok
00:42:34.0361 7124 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
00:42:34.0361 7124 C:\Windows\System32\dsrole.dll - ok
00:42:34.0363 7124 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
00:42:34.0363 7124 C:\Windows\System32\dui70.dll - ok
00:42:34.0365 7124 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
00:42:34.0365 7124 C:\Windows\System32\nlaapi.dll - ok
00:42:34.0367 7124 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
00:42:34.0367 7124 C:\Windows\System32\slc.dll - ok
00:42:34.0369 7124 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
00:42:34.0369 7124 C:\Windows\System32\uxsms.dll - ok
00:42:34.0371 7124 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
00:42:34.0372 7124 C:\Windows\System32\drivers\ndisuio.sys - ok
00:42:34.0374 7124 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
00:42:34.0374 7124 C:\Windows\System32\drivers\rspndr.sys - ok
00:42:34.0376 7124 [ FD24F98D2898BE093FE926604BE7DB99 ] C:\Windows\System32\drivers\TurboB.sys
00:42:34.0376 7124 C:\Windows\System32\drivers\TurboB.sys - ok
00:42:34.0378 7124 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
00:42:34.0378 7124 C:\Windows\System32\IPHLPAPI.DLL - ok
00:42:34.0380 7124 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
00:42:34.0380 7124 C:\Windows\System32\lmhsvc.dll - ok
00:42:34.0382 7124 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
00:42:34.0382 7124 C:\Windows\System32\nsisvc.dll - ok
00:42:34.0384 7124 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
00:42:34.0384 7124 C:\Windows\System32\dhcpcore.dll - ok
00:42:34.0387 7124 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
00:42:34.0387 7124 C:\Windows\System32\duser.dll - ok
00:42:34.0389 7124 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
00:42:34.0389 7124 C:\Windows\System32\nrpsrv.dll - ok
00:42:34.0391 7124 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
00:42:34.0391 7124 C:\Windows\System32\winnsi.dll - ok
00:42:34.0393 7124 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
00:42:34.0393 7124 C:\Windows\System32\dnsrslvr.dll - ok
00:42:34.0395 7124 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
00:42:34.0395 7124 C:\Windows\System32\eapphost.dll - ok
00:42:34.0397 7124 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
00:42:34.0397 7124 C:\Windows\System32\eapsvc.dll - ok
00:42:34.0399 7124 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
00:42:34.0399 7124 C:\Windows\System32\keyiso.dll - ok
00:42:34.0401 7124 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
00:42:34.0401 7124 C:\Windows\System32\winmm.dll - ok
00:42:34.0404 7124 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
00:42:34.0404 7124 C:\Windows\System32\FWPUCLNT.DLL - ok
00:42:34.0406 7124 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
00:42:34.0406 7124 C:\Windows\System32\SndVolSSO.dll - ok
00:42:34.0408 7124 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
00:42:34.0408 7124 C:\Windows\System32\hid.dll - ok
00:42:34.0410 7124 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
00:42:34.0410 7124 C:\Windows\System32\wdmaud.drv - ok
00:42:34.0412 7124 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
00:42:34.0412 7124 C:\Windows\System32\dhcpcsvc.dll - ok
00:42:34.0414 7124 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
00:42:34.0414 7124 C:\Windows\System32\dnsext.dll - ok
00:42:34.0416 7124 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
00:42:34.0416 7124 C:\Windows\System32\dhcpcsvc6.dll - ok
00:42:34.0418 7124 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
00:42:34.0418 7124 C:\Windows\System32\ksuser.dll - ok
00:42:34.0421 7124 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
00:42:34.0421 7124 C:\Windows\System32\umb.dll - ok
00:42:34.0423 7124 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
00:42:34.0423 7124 C:\Windows\System32\wlansvc.dll - ok
00:42:34.0425 7124 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
00:42:34.0425 7124 C:\Windows\System32\wlanmsm.dll - ok
00:42:34.0427 7124 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
00:42:34.0427 7124 C:\Windows\System32\dhcpcore6.dll - ok
00:42:34.0429 7124 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
00:42:34.0429 7124 C:\Windows\System32\dwmapi.dll - ok
00:42:34.0431 7124 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
00:42:34.0431 7124 C:\Windows\System32\xmllite.dll - ok
00:42:34.0434 7124 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
00:42:34.0434 7124 C:\Windows\System32\AudioSes.dll - ok
00:42:34.0436 7124 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
00:42:34.0436 7124 C:\Windows\System32\msacm32.dll - ok
00:42:34.0438 7124 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
00:42:34.0438 7124 C:\Windows\System32\msacm32.drv - ok
00:42:34.0440 7124 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
00:42:34.0440 7124 C:\Windows\System32\midimap.dll - ok
00:42:34.0442 7124 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
00:42:34.0442 7124 C:\Windows\System32\AudioEng.dll - ok
00:42:34.0444 7124 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
00:42:34.0445 7124 C:\Windows\System32\AUDIOKSE.dll - ok
00:42:34.0447 7124 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
00:42:34.0447 7124 C:\Windows\System32\onex.dll - ok
00:42:34.0449 7124 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
00:42:34.0449 7124 C:\Windows\System32\wlansec.dll - ok
00:42:34.0451 7124 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
00:42:34.0451 7124 C:\Windows\System32\eappcfg.dll - ok
00:42:34.0453 7124 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
00:42:34.0453 7124 C:\Windows\System32\eappprxy.dll - ok
00:42:34.0455 7124 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
00:42:34.0455 7124 C:\Windows\System32\l2gpstore.dll - ok
00:42:34.0457 7124 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
00:42:34.0457 7124 C:\Windows\System32\WinSCard.dll - ok
00:42:34.0460 7124 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
00:42:34.0460 7124 C:\Windows\System32\wlanutil.dll - ok
00:42:34.0462 7124 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
00:42:34.0462 7124 C:\Windows\System32\wlgpclnt.dll - ok
00:42:34.0464 7124 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
00:42:34.0464 7124 C:\Windows\System32\msxml6.dll - ok
00:42:34.0466 7124 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
00:42:34.0466 7124 C:\Windows\System32\shsvcs.dll - ok
00:42:34.0468 7124 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
00:42:34.0468 7124 C:\Windows\System32\conhost.exe - ok
00:42:34.0470 7124 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
00:42:34.0470 7124 C:\Windows\System32\schedsvc.dll - ok
00:42:34.0472 7124 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
00:42:34.0472 7124 C:\Windows\System32\wlanext.exe - ok
00:42:34.0475 7124 [ B4BD4963EDB7A8578790907F602FC0AF ] C:\Windows\System32\CX64AP54.dll
00:42:34.0475 7124 C:\Windows\System32\CX64AP54.dll - ok
00:42:34.0477 7124 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
00:42:34.0477 7124 C:\Windows\System32\MPSSVC.dll - ok
00:42:34.0479 7124 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
00:42:34.0479 7124 C:\Windows\System32\drivers\fltMgr.sys - ok
00:42:34.0481 7124 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
00:42:34.0481 7124 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
00:42:34.0484 7124 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
00:42:34.0484 7124 C:\Windows\System32\PSHED.DLL - ok
00:42:34.0486 7124 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
00:42:34.0486 7124 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
00:42:34.0489 7124 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
00:42:34.0489 7124 C:\Windows\System32\WMALFXGFXDSP.dll - ok
00:42:34.0491 7124 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
00:42:34.0491 7124 C:\Windows\System32\mfplat.dll - ok
00:42:34.0493 7124 [ A59634F9B3453CF0C60C05A0FB9D5728 ] C:\Windows\System32\MaxxAudioAPO4064.dll
00:42:34.0493 7124 C:\Windows\System32\MaxxAudioAPO4064.dll - ok
00:42:34.0495 7124 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
00:42:34.0495 7124 C:\Windows\System32\WindowsCodecs.dll - ok
00:42:34.0497 7124 [ 388027CF7F4876107708499575FA04DB ] C:\Windows\System32\iwmssvc.dll
00:42:34.0497 7124 C:\Windows\System32\iwmssvc.dll - ok
00:42:34.0499 7124 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
00:42:34.0499 7124 C:\Windows\System32\winbrand.dll - ok
00:42:34.0502 7124 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
00:42:34.0502 7124 C:\Windows\System32\VaultCredProvider.dll - ok
00:42:34.0504 7124 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
00:42:34.0504 7124 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
00:42:34.0507 7124 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
00:42:34.0507 7124 C:\Windows\System32\BioCredProv.dll - ok
00:42:34.0509 7124 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
00:42:34.0509 7124 C:\Windows\System32\winbio.dll - ok
00:42:34.0511 7124 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
00:42:34.0511 7124 C:\Windows\System32\credui.dll - ok
00:42:34.0513 7124 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
00:42:34.0513 7124 C:\Windows\System32\vaultcli.dll - ok
00:42:34.0515 7124 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
00:42:34.0515 7124 C:\Windows\System32\netapi32.dll - ok
00:42:34.0517 7124 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
00:42:34.0517 7124 C:\Windows\System32\certCredProvider.dll - ok
00:42:34.0520 7124 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
00:42:34.0520 7124 C:\Windows\System32\ktmw32.dll - ok
00:42:34.0522 7124 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
00:42:34.0522 7124 C:\Windows\System32\samcli.dll - ok
00:42:34.0524 7124 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
00:42:34.0524 7124 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
00:42:34.0526 7124 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
00:42:34.0526 7124 C:\Windows\System32\rasplap.dll - ok
00:42:34.0529 7124 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
00:42:34.0529 7124 C:\Windows\System32\rasapi32.dll - ok
00:42:34.0531 7124 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
00:42:34.0531 7124 C:\Windows\System32\fveapi.dll - ok
00:42:34.0533 7124 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
00:42:34.0533 7124 C:\Windows\System32\fvecerts.dll - ok
00:42:34.0535 7124 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
00:42:34.0535 7124 C:\Windows\System32\tbs.dll - ok
00:42:34.0537 7124 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
00:42:34.0537 7124 C:\Windows\System32\taskcomp.dll - ok
00:42:34.0539 7124 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
00:42:34.0539 7124 C:\Windows\System32\rasman.dll - ok
00:42:34.0542 7124 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
00:42:34.0542 7124 C:\Windows\System32\rtutils.dll - ok
00:42:34.0544 7124 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
00:42:34.0544 7124 C:\Windows\System32\wiarpc.dll - ok
00:42:34.0546 7124 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
00:42:34.0546 7124 C:\Windows\System32\taskeng.exe - ok
00:42:34.0548 7124 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
00:42:34.0548 7124 C:\Windows\System32\drivers\http.sys - ok
00:42:34.0550 7124 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
00:42:34.0550 7124 C:\Windows\System32\spoolsv.exe - ok
00:42:34.0552 7124 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
00:42:34.0552 7124 C:\Windows\System32\rundll32.exe - ok
00:42:34.0555 7124 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
00:42:34.0555 7124 C:\Windows\System32\TSChannel.dll - ok
00:42:34.0557 7124 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
00:42:34.0557 7124 C:\Windows\System32\UXInit.dll - ok
00:42:34.0559 7124 [ 01F07EF038BB3C9BF8EA9EBD4571F546 ] C:\Windows\System32\atieclxx.exe
00:42:34.0559 7124 C:\Windows\System32\atieclxx.exe - ok
00:42:34.0561 7124 [ E76FD59F422F714C3DCA4DF8FDD08298 ] C:\Windows\System32\mfc100.dll
00:42:34.0561 7124 C:\Windows\System32\mfc100.dll - ok
00:42:34.0563 7124 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
00:42:34.0563 7124 C:\Windows\SysWOW64\ntdll.dll - ok
00:42:34.0564 7124 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
00:42:34.0564 7124 C:\Windows\SysWOW64\rundll32.exe - ok
00:42:34.0567 7124 [ BCA6A833803E72828E600ACBD233B01E ] C:\Windows\System32\atiadlxx.dll
00:42:34.0567 7124 C:\Windows\System32\atiadlxx.dll - ok
00:42:34.0569 7124 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
00:42:34.0569 7124 C:\Windows\System32\msvcr100.dll - ok
00:42:34.0571 7124 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
00:42:34.0571 7124 C:\Windows\System32\oleacc.dll - ok
00:42:34.0573 7124 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
00:42:34.0573 7124 C:\Windows\System32\wow64.dll - ok
00:42:34.0575 7124 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
00:42:34.0575 7124 C:\Windows\System32\wow64win.dll - ok
00:42:34.0577 7124 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
00:42:34.0577 7124 C:\Windows\System32\BFE.DLL - ok
00:42:34.0579 7124 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
00:42:34.0580 7124 C:\Windows\System32\UIAutomationCore.dll - ok
00:42:34.0582 7124 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
00:42:34.0582 7124 C:\Windows\System32\wow64cpu.dll - ok
00:42:34.0584 7124 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
00:42:34.0584 7124 C:\Windows\System32\drivers\bowser.sys - ok
00:42:34.0586 7124 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
00:42:34.0586 7124 C:\Windows\System32\drivers\mpsdrv.sys - ok
00:42:34.0588 7124 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
00:42:34.0588 7124 C:\Windows\SysWOW64\kernel32.dll - ok
00:42:34.0590 7124 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
00:42:34.0590 7124 C:\Windows\System32\drivers\mrxsmb.sys - ok
00:42:34.0593 7124 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
00:42:34.0593 7124 C:\Windows\System32\drivers\mrxsmb10.sys - ok
00:42:34.0595 7124 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
00:42:34.0595 7124 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
00:42:34.0597 7124 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
00:42:34.0597 7124 C:\Windows\System32\drivers\mrxsmb20.sys - ok
00:42:34.0600 7124 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
00:42:34.0600 7124 C:\Windows\System32\wkssvc.dll - ok
00:42:34.0602 7124 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:42:34.0602 7124 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
00:42:34.0604 7124 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
00:42:34.0604 7124 C:\Windows\System32\wfapigp.dll - ok
00:42:34.0606 7124 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
00:42:34.0606 7124 C:\Windows\SysWOW64\KernelBase.dll - ok
00:42:34.0609 7124 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
00:42:34.0609 7124 C:\Windows\SysWOW64\user32.dll - ok
00:42:34.0611 7124 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
00:42:34.0611 7124 C:\Windows\SysWOW64\gdi32.dll - ok
00:42:34.0613 7124 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
00:42:34.0613 7124 C:\Windows\System32\mscms.dll - ok
00:42:34.0615 7124 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
00:42:34.0615 7124 C:\Windows\SysWOW64\lpk.dll - ok
00:42:34.0617 7124 [ BA42686199689FE58BD37C52CA2558FB ] C:\Windows\System32\atimuixx.dll
00:42:34.0617 7124 C:\Windows\System32\atimuixx.dll - ok
00:42:34.0619 7124 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
00:42:34.0619 7124 C:\Windows\System32\imageres.dll - ok
00:42:34.0621 7124 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
00:42:34.0621 7124 C:\Windows\System32\msimg32.dll - ok
00:42:34.0624 7124 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
00:42:34.0624 7124 C:\Windows\System32\msvcp100.dll - ok
00:42:34.0626 7124 [ CC19A4AE696C2191E965A9835F1E6399 ] C:\Windows\SysWOW64\usp10.dll
00:42:34.0626 7124 C:\Windows\SysWOW64\usp10.dll - ok
00:42:34.0628 7124 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
00:42:34.0628 7124 C:\Windows\SysWOW64\msvcrt.dll - ok
00:42:34.0630 7124 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
00:42:34.0630 7124 C:\Windows\SysWOW64\advapi32.dll - ok
00:42:34.0632 7124 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
00:42:34.0632 7124 C:\Windows\SysWOW64\rpcrt4.dll - ok
00:42:34.0634 7124 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
00:42:34.0634 7124 C:\Windows\SysWOW64\sechost.dll - ok
00:42:34.0636 7124 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
00:42:34.0636 7124 C:\Windows\System32\pcasvc.dll - ok
00:42:34.0638 7124 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
00:42:34.0638 7124 C:\Windows\SysWOW64\cryptbase.dll - ok
00:42:34.0641 7124 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
00:42:34.0641 7124 C:\Windows\SysWOW64\imagehlp.dll - ok
00:42:34.0643 7124 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
00:42:34.0643 7124 C:\Windows\SysWOW64\shell32.dll - ok
00:42:34.0645 7124 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
00:42:34.0645 7124 C:\Windows\SysWOW64\sspicli.dll - ok
00:42:34.0647 7124 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
00:42:34.0647 7124 C:\Windows\System32\snmptrap.exe - ok
00:42:34.0649 7124 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
00:42:34.0649 7124 C:\Windows\SysWOW64\apphelp.dll - ok
00:42:34.0651 7124 [ D56DE559D44C42074B97B2C5624E9FE9 ] C:\Windows\System32\mfc100enu.dll
00:42:34.0651 7124 C:\Windows\System32\mfc100enu.dll - ok
00:42:34.0654 7124 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
00:42:34.0654 7124 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
00:42:34.0657 7124 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
00:42:34.0657 7124 C:\Windows\AppPatch\AcLayers.dll - ok
00:42:34.0659 7124 [ 5203BA7F91EE2E113BB5C6AE1816E704 ] C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll
00:42:34.0659 7124 C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll - ok
00:42:34.0661 7124 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
00:42:34.0661 7124 C:\Windows\System32\wlanapi.dll - ok
00:42:34.0664 7124 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
00:42:34.0664 7124 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
00:42:34.0666 7124 [ C3473CA7B6114D6FAA9054C9C12B4DAD ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
00:42:34.0666 7124 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
00:42:34.0668 7124 [ 95D3964DA430CF95CEC424C98A90B013 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll
00:42:34.0669 7124 C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll - ok
00:42:34.0671 7124 [ 323764C9E02492A382EE9480314850E3 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
00:42:34.0671 7124 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
00:42:34.0673 7124 [ 3FA1CAE9D094AA7718ECBEC2CB9F2EE6 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll
00:42:34.0673 7124 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll - ok
00:42:34.0676 7124 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
00:42:34.0676 7124 C:\Windows\System32\winspool.drv - ok
00:42:34.0678 7124 [ 930FE4496413D491FF78E61FA3DEAC1E ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll
00:42:34.0678 7124 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll - ok
00:42:34.0680 7124 [ BF1152024FDD908A1535E69FDB21439E ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll
00:42:34.0680 7124 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll - ok
00:42:34.0683 7124 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
00:42:34.0683 7124 C:\Windows\SysWOW64\shlwapi.dll - ok
00:42:34.0685 7124 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
00:42:34.0685 7124 C:\Windows\SysWOW64\ole32.dll - ok
00:42:34.0687 7124 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
00:42:34.0687 7124 C:\Windows\SysWOW64\oleaut32.dll - ok
00:42:34.0689 7124 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
00:42:34.0689 7124 C:\Windows\SysWOW64\crypt32.dll - ok
00:42:34.0692 7124 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
00:42:34.0692 7124 C:\Windows\SysWOW64\userenv.dll - ok
00:42:34.0694 7124 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
00:42:34.0694 7124 C:\Windows\SysWOW64\profapi.dll - ok
00:42:34.0696 7124 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
00:42:34.0696 7124 C:\Windows\SysWOW64\winspool.drv - ok
00:42:34.0698 7124 [ E337DE8814EABEDEA01919B94D323078 ] C:\Windows\AppPatch\acwow64.dll
00:42:34.0698 7124 C:\Windows\AppPatch\acwow64.dll - ok
00:42:34.0700 7124 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
00:42:34.0701 7124 C:\Windows\SysWOW64\imm32.dll - ok
00:42:34.0703 7124 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
00:42:34.0703 7124 C:\Windows\SysWOW64\mpr.dll - ok
00:42:34.0705 7124 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
00:42:34.0705 7124 C:\Windows\SysWOW64\msasn1.dll - ok
00:42:34.0707 7124 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
00:42:34.0707 7124 C:\Windows\SysWOW64\version.dll - ok
00:42:34.0709 7124 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
00:42:34.0709 7124 C:\Windows\SysWOW64\wintrust.dll - ok
00:42:34.0712 7124 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
00:42:34.0712 7124 C:\Windows\SysWOW64\msctf.dll - ok
00:42:34.0714 7124 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
00:42:34.0714 7124 C:\Windows\SysWOW64\opengl32.dll - ok
00:42:34.0716 7124 [ 0D14D602C8A63C767E5FC9E3B59DBCAB ] C:\Windows\SysWOW64\tzutil4.dll
00:42:34.0716 7124 C:\Windows\SysWOW64\tzutil4.dll - ok
00:42:34.0718 7124 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
00:42:34.0718 7124 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
00:42:34.0721 7124 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
00:42:34.0721 7124 C:\Windows\SysWOW64\ddraw.dll - ok
00:42:34.0723 7124 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
00:42:34.0723 7124 C:\Windows\SysWOW64\glu32.dll - ok
00:42:34.0725 7124 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
00:42:34.0725 7124 C:\Windows\SysWOW64\dciman32.dll - ok
00:42:34.0727 7124 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
00:42:34.0727 7124 C:\Windows\SysWOW64\setupapi.dll - ok
00:42:34.0729 7124 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
00:42:34.0729 7124 C:\Windows\SysWOW64\cfgmgr32.dll - ok
00:42:34.0731 7124 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
00:42:34.0731 7124 C:\Windows\SysWOW64\devobj.dll - ok
00:42:34.0733 7124 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
00:42:34.0733 7124 C:\Windows\SysWOW64\dwmapi.dll - ok
00:42:34.0736 7124 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
00:42:34.0736 7124 C:\Windows\SysWOW64\winmm.dll - ok
00:42:34.0738 7124 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
00:42:34.0738 7124 C:\Windows\System32\netcfgx.dll - ok
00:42:34.0740 7124 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
00:42:34.0740 7124 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
00:42:34.0742 7124 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
00:42:34.0742 7124 C:\Windows\SysWOW64\nsi.dll - ok
00:42:34.0744 7124 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
00:42:34.0744 7124 C:\Windows\SysWOW64\urlmon.dll - ok
00:42:34.0746 7124 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
00:42:34.0746 7124 C:\Windows\SysWOW64\winnsi.dll - ok
00:42:34.0748 7124 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
00:42:34.0748 7124 C:\Windows\SysWOW64\iertutil.dll - ok
00:42:34.0750 7124 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
00:42:34.0750 7124 C:\Windows\SysWOW64\wininet.dll - ok
00:42:34.0753 7124 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
00:42:34.0753 7124 C:\Windows\SysWOW64\ws2_32.dll - ok
00:42:34.0755 7124 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:42:34.0755 7124 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
00:42:34.0758 7124 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
00:42:34.0758 7124 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
00:42:34.0760 7124 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
00:42:34.0760 7124 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
00:42:34.0763 7124 [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
00:42:34.0763 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
00:42:34.0765 7124 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
00:42:34.0765 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
00:42:34.0768 7124 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
00:42:34.0768 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
00:42:34.0770 7124 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
00:42:34.0770 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
00:42:34.0773 7124 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
00:42:34.0773 7124 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
00:42:34.0775 7124 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
00:42:34.0775 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
00:42:34.0778 7124 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
00:42:34.0778 7124 C:\Windows\SysWOW64\wsock32.dll - ok
00:42:34.0780 7124 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
00:42:34.0780 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
00:42:34.0782 7124 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
00:42:34.0782 7124 C:\Windows\System32\provsvc.dll - ok
00:42:34.0784 7124 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
00:42:34.0784 7124 C:\Windows\System32\sstpsvc.dll - ok
00:42:34.0787 7124 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
00:42:34.0787 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
00:42:34.0789 7124 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
00:42:34.0789 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
00:42:34.0792 7124 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
00:42:34.0792 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
00:42:34.0794 7124 [ 7D3E562070B0A0D89D3DA07118F32B3C ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
00:42:34.0794 7124 C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
00:42:34.0796 7124 [ D3A8AF8BC003E16DAB96AB1ED20A52B8 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
00:42:34.0797 7124 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
00:42:34.0799 7124 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
00:42:34.0799 7124 C:\Windows\System32\rastls.dll - ok
00:42:34.0801 7124 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
00:42:34.0801 7124 C:\Windows\System32\raschap.dll - ok
00:42:34.0803 7124 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
00:42:34.0803 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
00:42:34.0806 7124 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
00:42:34.0806 7124 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
00:42:34.0808 7124 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
00:42:34.0808 7124 C:\Windows\System32\drivers\vwifimp.sys - ok
00:42:34.0810 7124 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
00:42:34.0810 7124 C:\Windows\SysWOW64\dnssd.dll - ok
00:42:34.0812 7124 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
00:42:34.0812 7124 C:\Windows\SysWOW64\wtsapi32.dll - ok
00:42:34.0815 7124 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
00:42:34.0815 7124 C:\Windows\SysWOW64\ntmarta.dll - ok
00:42:34.0816 7124 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
00:42:34.0816 7124 C:\Windows\SysWOW64\Wldap32.dll - ok
00:42:34.0818 7124 [ A52EA1D8C2900055323C93DDB252A3DA ] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
00:42:34.0818 7124 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe - ok
00:42:34.0820 7124 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
00:42:34.0821 7124 C:\Windows\SysWOW64\mswsock.dll - ok
00:42:34.0823 7124 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
00:42:34.0823 7124 C:\Windows\SysWOW64\bthprops.cpl - ok
00:42:34.0825 7124 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
00:42:34.0825 7124 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
00:42:34.0827 7124 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
00:42:34.0827 7124 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
00:42:34.0830 7124 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
00:42:34.0830 7124 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
00:42:34.0832 7124 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
00:42:34.0832 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
00:42:34.0835 7124 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
00:42:34.0835 7124 C:\Program Files\Bonjour\mDNSResponder.exe - ok
00:42:34.0837 7124 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
00:42:34.0837 7124 C:\Windows\SysWOW64\clbcatq.dll - ok
00:42:34.0839 7124 [ 9A59DF2CA690019FEA3B265D5A7EB619 ] C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
00:42:34.0839 7124 C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe - ok
00:42:34.0841 7124 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
00:42:34.0841 7124 C:\Windows\System32\bthserv.dll - ok
00:42:34.0843 7124 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
00:42:34.0843 7124 C:\Windows\System32\cryptnet.dll - ok
00:42:34.0846 7124 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
00:42:34.0846 7124 C:\Windows\System32\cryptsvc.dll - ok
00:42:34.0848 7124 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
00:42:34.0848 7124 C:\Windows\System32\vssapi.dll - ok
00:42:34.0850 7124 [ 64D25284A4E9D11CA0722AF3F30FD970 ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:42:34.0850 7124 C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
00:42:34.0852 7124 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
00:42:34.0852 7124 C:\Windows\System32\dps.dll - ok
00:42:34.0854 7124 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
00:42:34.0854 7124 C:\Windows\System32\shfolder.dll - ok
00:42:34.0856 7124 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
00:42:34.0856 7124 C:\Windows\SysWOW64\cryptsp.dll - ok
00:42:34.0858 7124 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
00:42:34.0858 7124 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
00:42:34.0861 7124 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
00:42:34.0861 7124 C:\Windows\SysWOW64\rsaenh.dll - ok
00:42:34.0863 7124 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
00:42:34.0863 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
00:42:34.0865 7124 [ 3A8EB5DA39026C810BEE7CD397DA68B7 ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
00:42:34.0865 7124 C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
00:42:34.0867 7124 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
00:42:34.0867 7124 C:\Windows\System32\taskschd.dll - ok
00:42:34.0870 7124 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
00:42:34.0870 7124 C:\Windows\System32\vsstrace.dll - ok
00:42:34.0872 7124 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
00:42:34.0872 7124 C:\Windows\SysWOW64\svchost.exe - ok
00:42:34.0874 7124 [ 7C76466F4E0F76CE259C6005D161E9E8 ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
00:42:34.0874 7124 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
00:42:34.0876 7124 [ 0AC0A2A1C4457249ADC21F28045F2664 ] C:\Program Files\Intel\WiFi\bin\iWrap.exe
00:42:34.0876 7124 C:\Program Files\Intel\WiFi\bin\iWrap.exe - ok
00:42:34.0878 7124 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
00:42:34.0878 7124 C:\Windows\System32\IKEEXT.DLL - ok
00:42:34.0880 7124 [ DC5483CAD90D95D65B618E35C66E28DF ] C:\Windows\System32\mfevtps.exe
00:42:34.0881 7124 C:\Windows\System32\mfevtps.exe - ok
00:42:34.0883 7124 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
00:42:34.0883 7124 C:\Windows\System32\HPZinw12.dll - ok
00:42:34.0885 7124 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
00:42:34.0885 7124 C:\Windows\System32\ncsi.dll - ok
00:42:34.0887 7124 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
00:42:34.0887 7124 C:\Windows\System32\netman.dll - ok
00:42:34.0889 7124 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
00:42:34.0889 7124 C:\Windows\System32\nlasvc.dll - ok
00:42:34.0891 7124 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
00:42:34.0891 7124 C:\Windows\System32\sfc.dll - ok
00:42:34.0893 7124 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
00:42:34.0893 7124 C:\Windows\System32\sfc_os.dll - ok
00:42:34.0895 7124 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
00:42:34.0895 7124 C:\Windows\System32\winhttp.dll - ok
00:42:34.0898 7124 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
00:42:34.0898 7124 C:\Windows\System32\wsock32.dll - ok
00:42:34.0900 7124 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
00:42:34.0900 7124 C:\Windows\System32\aepic.dll - ok
00:42:34.0902 7124 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
00:42:34.0902 7124 C:\Windows\System32\drivers\PEAuth.sys - ok
00:42:34.0904 7124 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
00:42:34.0904 7124 C:\Windows\System32\webio.dll - ok
00:42:34.0907 7124 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:42:34.0907 7124 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
00:42:34.0909 7124 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
00:42:34.0909 7124 C:\Windows\System32\HPZipm12.dll - ok
00:42:34.0911 7124 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
00:42:34.0911 7124 C:\Windows\System32\vpnikeapi.dll - ok
00:42:34.0914 7124 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
00:42:34.0914 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
00:42:34.0916 7124 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
00:42:34.0916 7124 C:\Windows\System32\ssdpapi.dll - ok
00:42:34.0918 7124 [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
00:42:34.0918 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
00:42:34.0921 7124 [ 206387AB881E93A1A6EB89966C8651F1 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
00:42:34.0921 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
00:42:34.0924 7124 [ 4C867B62F6100C107A3A8F5E7A10461D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
00:42:34.0924 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl - ok
00:42:34.0926 7124 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
00:42:34.0926 7124 C:\Windows\System32\aeevts.dll - ok
00:42:34.0928 7124 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
00:42:34.0928 7124 C:\Windows\SysWOW64\oleacc.dll - ok
00:42:34.0930 7124 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
00:42:34.0930 7124 C:\Windows\SysWOW64\shfolder.dll - ok
00:42:34.0933 7124 [ D9AF104F7E21FA859EFA3C67E5522E88 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl
00:42:34.0933 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl - ok
00:42:34.0935 7124 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
00:42:34.0935 7124 C:\Windows\System32\oledlg.dll - ok
00:42:34.0937 7124 [ 77DCD9163C1322AA440AEDD4752F3965 ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
00:42:34.0937 7124 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
00:42:34.0940 7124 [ FB24438F64BAF5198EE7648B51FD3AB0 ] C:\Windows\System32\cacls.exe
00:42:34.0940 7124 C:\Windows\System32\cacls.exe - ok
00:42:34.0942 7124 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
00:42:34.0942 7124 C:\Windows\SysWOW64\msimg32.dll - ok
00:42:34.0944 7124 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
00:42:34.0944 7124 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
00:42:34.0946 7124 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
00:42:34.0946 7124 C:\Windows\SysWOW64\comdlg32.dll - ok
00:42:34.0949 7124 [ 105ED75F4CEE9E58152061520DAA4ABD ] C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
00:42:34.0949 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl - ok
00:42:34.0951 7124 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
00:42:34.0951 7124 C:\Windows\SysWOW64\oledlg.dll - ok
00:42:34.0953 7124 [ 512D4FD86DE088A0DBDE4A5D5F10B3E2 ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
00:42:34.0953 7124 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
00:42:34.0956 7124 [ 0FDABB1FD68CBC557084E16B0EA2F731 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl
00:42:34.0956 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl - ok
00:42:34.0959 7124 [ FA27F4DF4015B22F04B5D18044A24322 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
00:42:34.0959 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
00:42:34.0962 7124 [ 86E99E1222E671408ED5E8618521AEEB ] C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
00:42:34.0962 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl - ok
00:42:34.0965 7124 [ 9244E0240A1D150581C3BAA89D8AA154 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
00:42:34.0965 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
00:42:34.0967 7124 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
00:42:34.0967 7124 C:\Windows\SysWOW64\netapi32.dll - ok
00:42:34.0970 7124 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
00:42:34.0970 7124 C:\Windows\SysWOW64\netutils.dll - ok
00:42:34.0972 7124 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
00:42:34.0972 7124 C:\Windows\SysWOW64\samcli.dll - ok
00:42:34.0974 7124 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
00:42:34.0974 7124 C:\Windows\SysWOW64\srvcli.dll - ok
00:42:34.0976 7124 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
00:42:34.0976 7124 C:\Windows\SysWOW64\wkscli.dll - ok
00:42:34.0978 7124 [ 14361FB2FD630988816A4F46AEAF0684 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
00:42:34.0978 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll - ok
00:42:34.0981 7124 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
00:42:34.0981 7124 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
00:42:34.0983 7124 [ 4909501F53DA2EB6603848944C45F524 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
00:42:34.0983 7124 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
00:42:34.0986 7124 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
00:42:34.0986 7124 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
00:42:34.0988 7124 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
00:42:34.0988 7124 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
00:42:34.0991 7124 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:42:34.0991 7124 C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:42:34.0993 7124 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
00:42:34.0993 7124 C:\Windows\System32\localspl.dll - ok
00:42:34.0995 7124 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
00:42:34.0995 7124 C:\Windows\System32\rasadhlp.dll - ok
00:42:34.0997 7124 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
00:42:34.0997 7124 C:\Windows\System32\spoolss.dll - ok
00:42:34.0999 7124 [ 45501DD2CE1BF22E7F7C2ED568D478CA ] C:\Windows\System32\hpinkstsa011LM.dll
00:42:35.0000 7124 C:\Windows\System32\hpinkstsa011LM.dll - ok
00:42:35.0002 7124 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
00:42:35.0002 7124 C:\Windows\System32\PrintIsolationProxy.dll - ok
00:42:35.0004 7124 [ C83816213C3C0CC3A35CE726A6C90375 ] C:\Windows\System32\HPDiscoPMa011.dll
00:42:35.0004 7124 C:\Windows\System32\HPDiscoPMa011.dll - ok
00:42:35.0006 7124 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
00:42:35.0006 7124 C:\Windows\System32\wsnmp32.dll - ok
00:42:35.0009 7124 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
00:42:35.0009 7124 C:\Windows\System32\FXSMON.dll - ok
00:42:35.0011 7124 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll
00:42:35.0011 7124 C:\Windows\System32\hpz3lw71.dll - ok
00:42:35.0013 7124 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
00:42:35.0013 7124 C:\Windows\System32\tcpmon.dll - ok
00:42:35.0015 7124 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
00:42:35.0015 7124 C:\Windows\System32\snmpapi.dll - ok
00:42:35.0018 7124 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
00:42:35.0018 7124 C:\Windows\System32\usbmon.dll - ok
00:42:35.0020 7124 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
00:42:35.0020 7124 C:\Windows\System32\WSDMon.dll - ok
00:42:35.0022 7124 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
00:42:35.0022 7124 C:\Windows\System32\WSDApi.dll - ok
00:42:35.0024 7124 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
00:42:35.0024 7124 C:\Windows\System32\netshell.dll - ok
00:42:35.0026 7124 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
00:42:35.0026 7124 C:\Windows\System32\webservices.dll - ok
00:42:35.0028 7124 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
00:42:35.0028 7124 C:\Windows\System32\fundisc.dll - ok
00:42:35.0031 7124 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
00:42:35.0031 7124 C:\Windows\System32\fdPnp.dll - ok
00:42:35.0033 7124 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
00:42:35.0033 7124 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
00:42:35.0035 7124 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
00:42:35.0035 7124 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
00:42:35.0037 7124 [ 711726A65821211AC12F21EA8B7CBE83 ] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll

#11 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 05 January 2013 - 06:14 AM

TDSSKiller log part 3:

00:42:35.0037 7124 C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll - ok
00:42:35.0040 7124 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
00:42:35.0040 7124 C:\Windows\System32\win32spl.dll - ok
00:42:35.0042 7124 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
00:42:35.0042 7124 C:\Windows\System32\inetpp.dll - ok
00:42:35.0044 7124 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
00:42:35.0044 7124 C:\Windows\System32\cscapi.dll - ok
00:42:35.0046 7124 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
00:42:35.0046 7124 C:\Windows\System32\wbemcomn.dll - ok
00:42:35.0048 7124 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
00:42:35.0048 7124 C:\Windows\System32\wbem\wbemprox.dll - ok
00:42:35.0051 7124 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
00:42:35.0051 7124 C:\Windows\SysWOW64\propsys.dll - ok
00:42:35.0053 7124 [ 8E38CE628D4817D949DD31D77A7F21CD ] C:\Windows\SysWOW64\jsproxy.dll
00:42:35.0053 7124 C:\Windows\SysWOW64\jsproxy.dll - ok
00:42:35.0055 7124 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
00:42:35.0055 7124 C:\Windows\SysWOW64\secur32.dll - ok
00:42:35.0057 7124 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
00:42:35.0057 7124 C:\Windows\SysWOW64\dnsapi.dll - ok
00:42:35.0059 7124 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
00:42:35.0059 7124 C:\Windows\System32\drivers\secdrv.sys - ok
00:42:35.0062 7124 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
00:42:35.0062 7124 C:\Windows\System32\seclogon.dll - ok
00:42:35.0064 7124 [ EA396139541706B4B433641D62EA53CE ] C:\Program Files (x86)\Skype\Updater\Updater.exe
00:42:35.0064 7124 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
00:42:35.0065 7124 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
00:42:35.0065 7124 C:\Windows\SysWOW64\psapi.dll - ok
00:42:35.0068 7124 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
00:42:35.0068 7124 C:\Windows\System32\drivers\srvnet.sys - ok
00:42:35.0070 7124 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
00:42:35.0070 7124 C:\Windows\System32\drivers\tcpipreg.sys - ok
00:42:35.0072 7124 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
00:42:35.0072 7124 C:\Windows\System32\httpapi.dll - ok
00:42:35.0074 7124 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
00:42:35.0074 7124 C:\Windows\System32\sysmain.dll - ok
00:42:35.0076 7124 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
00:42:35.0076 7124 C:\Windows\System32\tapisrv.dll - ok
00:42:35.0079 7124 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
00:42:35.0079 7124 C:\Windows\System32\wbem\WMIsvc.dll - ok
00:42:35.0081 7124 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
00:42:35.0081 7124 C:\Windows\System32\wiaservc.dll - ok
00:42:35.0083 7124 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
00:42:35.0083 7124 C:\Windows\System32\wbem\WinMgmtR.dll - ok
00:42:35.0085 7124 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
00:42:35.0085 7124 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
00:42:35.0087 7124 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
00:42:35.0087 7124 C:\Windows\System32\wiatrace.dll - ok
00:42:35.0090 7124 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:42:35.0090 7124 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
00:42:35.0092 7124 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
00:42:35.0092 7124 C:\Windows\System32\wbem\wbemcore.dll - ok
00:42:35.0094 7124 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
00:42:35.0094 7124 C:\Windows\System32\wbem\fastprox.dll - ok
00:42:35.0097 7124 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
00:42:35.0097 7124 C:\Windows\System32\wbem\esscli.dll - ok
00:42:35.0099 7124 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
00:42:35.0099 7124 C:\Windows\System32\ntdsapi.dll - ok
00:42:35.0101 7124 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
00:42:35.0101 7124 C:\Windows\System32\wbem\wbemsvc.dll - ok
00:42:35.0103 7124 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
00:42:35.0103 7124 C:\Windows\System32\wbem\wmiutils.dll - ok
00:42:35.0106 7124 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
00:42:35.0106 7124 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
00:42:35.0108 7124 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
00:42:35.0108 7124 C:\Windows\System32\SensApi.dll - ok
00:42:35.0111 7124 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
00:42:35.0111 7124 C:\Windows\System32\wbem\repdrvfs.dll - ok
00:42:35.0113 7124 [ 66C5255881F6F37F5CB22B9C9C777662 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
00:42:35.0113 7124 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
00:42:35.0115 7124 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
00:42:35.0115 7124 C:\Windows\System32\msxml3.dll - ok
00:42:35.0117 7124 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
00:42:35.0118 7124 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
00:42:35.0120 7124 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
00:42:35.0120 7124 C:\Windows\System32\ncobjapi.dll - ok
00:42:35.0122 7124 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
00:42:35.0122 7124 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
00:42:35.0124 7124 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
00:42:35.0124 7124 C:\Windows\System32\wbem\wbemess.dll - ok
00:42:35.0127 7124 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
00:42:35.0139 7124 C:\Windows\System32\dllhost.exe - ok
00:42:35.0140 7124 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
00:42:35.0140 7124 C:\Windows\System32\IDStore.dll - ok
00:42:35.0143 7124 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
00:42:35.0143 7124 C:\Windows\System32\taskhost.exe - ok
00:42:35.0145 7124 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
00:42:35.0145 7124 C:\Windows\SysWOW64\winsta.dll - ok
00:42:35.0147 7124 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
00:42:35.0147 7124 C:\Windows\System32\AtBroker.exe - ok
00:42:35.0149 7124 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
00:42:35.0149 7124 C:\Windows\System32\PlaySndSrv.dll - ok
00:42:35.0152 7124 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:42:35.0152 7124 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
00:42:35.0154 7124 [ 8F1D435457353941E36B5337D25BEC17 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
00:42:35.0154 7124 C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe - ok
00:42:35.0156 7124 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
00:42:35.0156 7124 C:\Windows\System32\mpr.dll - ok
00:42:35.0159 7124 [ 26AA77FC855DC49E3FFD98BFB38904BE ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\rtl120.bpl
00:42:35.0159 7124 C:\Program Files (x86)\IObit\Advanced SystemCare 6\rtl120.bpl - ok
00:42:35.0162 7124 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
00:42:35.0162 7124 C:\Windows\System32\userinit.exe - ok
00:42:35.0164 7124 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
00:42:35.0164 7124 C:\Windows\System32\dwm.exe - ok
00:42:35.0166 7124 [ 07F7AE68602448F4B6D5A9A40BBA977C ] C:\Program Files (x86)\Google\Update\1.3.21.124\goopdate.dll
00:42:35.0166 7124 C:\Program Files (x86)\Google\Update\1.3.21.124\goopdate.dll - ok
00:42:35.0169 7124 [ 5DDC9E26AC78B2D7F97197B6F0C6F3C1 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
00:42:35.0169 7124 C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl - ok
00:42:35.0171 7124 [ CB677BD0701133FCA8B7034A2647928C ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
00:42:35.0171 7124 C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl - ok
00:42:35.0173 7124 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
00:42:35.0173 7124 C:\Windows\System32\dwmredir.dll - ok
00:42:35.0176 7124 [ B10E3287B7CB1060CD70B51B079A354D ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\vcl120.bpl
00:42:35.0176 7124 C:\Program Files (x86)\IObit\Advanced SystemCare 6\vcl120.bpl - ok
00:42:35.0178 7124 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
00:42:35.0178 7124 C:\Windows\System32\dwmcore.dll - ok
00:42:35.0180 7124 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
00:42:35.0180 7124 C:\Windows\System32\HotStartUserAgent.dll - ok
00:42:35.0182 7124 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
00:42:35.0182 7124 C:\Windows\System32\MsCtfMonitor.dll - ok
00:42:35.0185 7124 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
00:42:35.0185 7124 C:\Windows\System32\msutb.dll - ok
00:42:35.0187 7124 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
00:42:35.0187 7124 C:\Windows\SysWOW64\msi.dll - ok
00:42:35.0189 7124 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
00:42:35.0189 7124 C:\Windows\System32\dssenh.dll - ok
00:42:35.0191 7124 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
00:42:35.0191 7124 C:\Windows\System32\d3d10_1.dll - ok
00:42:35.0193 7124 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
00:42:35.0193 7124 C:\Windows\System32\d3d10_1core.dll - ok
00:42:35.0195 7124 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
00:42:35.0195 7124 C:\Windows\SysWOW64\cscapi.dll - ok
00:42:35.0197 7124 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
00:42:35.0197 7124 C:\Windows\SysWOW64\dbghelp.dll - ok
00:42:35.0199 7124 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
00:42:35.0200 7124 C:\Windows\System32\dxgi.dll - ok
00:42:35.0202 7124 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
00:42:35.0202 7124 C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe - ok
00:42:35.0204 7124 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
00:42:35.0204 7124 C:\Windows\explorer.exe - ok
00:42:35.0206 7124 [ 02188056246C04845E11E38C0E85880B ] C:\Windows\System32\aticfx64.dll
00:42:35.0206 7124 C:\Windows\System32\aticfx64.dll - ok
00:42:35.0209 7124 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
00:42:35.0209 7124 C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe - ok
00:42:35.0211 7124 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
00:42:35.0211 7124 C:\Windows\SysWOW64\mstask.dll - ok
00:42:35.0213 7124 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
00:42:35.0213 7124 C:\Windows\System32\dbghelp.dll - ok
00:42:35.0215 7124 [ 41705E24527EA706117646E1D715A2C1 ] C:\Windows\System32\atiuxp64.dll
00:42:35.0215 7124 C:\Windows\System32\atiuxp64.dll - ok
00:42:35.0218 7124 [ C101ADAD335CEC5478B08C0BB8697C83 ] C:\Windows\System32\igd10umd64.dll
00:42:35.0218 7124 C:\Windows\System32\igd10umd64.dll - ok
00:42:35.0220 7124 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
00:42:35.0220 7124 C:\Windows\System32\ExplorerFrame.dll - ok
00:42:35.0222 7124 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
00:42:35.0222 7124 C:\Windows\System32\EhStorShell.dll - ok
00:42:35.0224 7124 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
00:42:35.0224 7124 C:\Windows\System32\ntshrui.dll - ok
00:42:35.0226 7124 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
00:42:35.0226 7124 C:\Windows\System32\IconCodecService.dll - ok
00:42:35.0229 7124 [ FB6CDBBAFE4D36B31C6F09523E9206D9 ] C:\Windows\System32\atidxx64.dll
00:42:35.0229 7124 C:\Windows\System32\atidxx64.dll - ok
00:42:35.0231 7124 [ 862586AD4B1355F7DCDE111EE0AAF350 ] C:\Windows\System32\d3dx10_40.dll
00:42:35.0231 7124 C:\Windows\System32\d3dx10_40.dll - ok
00:42:35.0233 7124 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
00:42:35.0233 7124 C:\Windows\System32\uDWM.dll - ok
00:42:35.0235 7124 [ 74713CB32792F9C7632DAA7DA22CA974 ] C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
00:42:35.0235 7124 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe - ok
00:42:35.0238 7124 [ 65BD1467E164396A00B92C8F0E57E557 ] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
00:42:35.0238 7124 C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll - ok
00:42:35.0240 7124 [ 392450754E17FF778CBC5B9D20583AD1 ] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
00:42:35.0240 7124 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe - ok
00:42:35.0243 7124 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
00:42:35.0243 7124 C:\Windows\System32\wbem\unsecapp.exe - ok
00:42:35.0245 7124 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
00:42:35.0245 7124 C:\Windows\System32\iphlpsvc.dll - ok
00:42:35.0247 7124 [ 05248F2E6E1AFA6972D058C36199DEB7 ] C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
00:42:35.0247 7124 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe - ok
00:42:35.0250 7124 [ 270DB70DF6289F49A5FC7B462D5F6146 ] C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll
00:42:35.0250 7124 C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll - ok
00:42:35.0252 7124 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
00:42:35.0252 7124 C:\Windows\System32\sqmapi.dll - ok
00:42:35.0254 7124 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
00:42:35.0254 7124 C:\Windows\System32\wdscore.dll - ok
00:42:35.0256 7124 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
00:42:35.0256 7124 C:\Windows\System32\rasmans.dll - ok
00:42:35.0258 7124 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
00:42:35.0258 7124 C:\Windows\System32\rastapi.dll - ok
00:42:35.0260 7124 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
00:42:35.0260 7124 C:\Windows\System32\tapi32.dll - ok
00:42:35.0263 7124 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
00:42:35.0263 7124 C:\Windows\System32\hnetcfg.dll - ok
00:42:35.0265 7124 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
00:42:35.0265 7124 C:\Windows\System32\unimdm.tsp - ok
00:42:35.0267 7124 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
00:42:35.0267 7124 C:\Windows\System32\nci.dll - ok
00:42:35.0269 7124 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
00:42:35.0269 7124 C:\Windows\System32\uniplat.dll - ok
00:42:35.0271 7124 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
00:42:35.0271 7124 C:\Windows\SysWOW64\wshbth.dll - ok
00:42:35.0273 7124 [ 2472BDF30C62F3E81AE27A968C25608C ] C:\Windows\System32\unimdmat.dll
00:42:35.0273 7124 C:\Windows\System32\unimdmat.dll - ok
00:42:35.0275 7124 [ C1446A66BB89FC3AA2485C67562247DA ] C:\Windows\System32\modemui.dll
00:42:35.0276 7124 C:\Windows\System32\modemui.dll - ok
00:42:35.0278 7124 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
00:42:35.0278 7124 C:\Windows\System32\kmddsp.tsp - ok
00:42:35.0280 7124 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
00:42:35.0280 7124 C:\Windows\System32\ndptsp.tsp - ok
00:42:35.0282 7124 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
00:42:35.0282 7124 C:\Windows\System32\hidphone.tsp - ok
00:42:35.0284 7124 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
00:42:35.0284 7124 C:\Windows\System32\rasppp.dll - ok
00:42:35.0286 7124 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
00:42:35.0286 7124 C:\Windows\System32\vpnike.dll - ok
00:42:35.0289 7124 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
00:42:35.0289 7124 C:\Windows\System32\wbem\NCProv.dll - ok
00:42:35.0291 7124 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
00:42:35.0291 7124 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
00:42:35.0293 7124 [ 6132603F7D745CED00C6E6525A7FB4E3 ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
00:42:35.0293 7124 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
00:42:35.0295 7124 [ E155362D3C60232CFC15397EA6617E88 ] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
00:42:35.0295 7124 C:\Program Files\Intel\WiFi\bin\DbEngine.dll - ok
00:42:35.0298 7124 [ 4D753B377049EA1E74A4C7787C8122AB ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
00:42:35.0298 7124 C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl - ok
00:42:35.0300 7124 [ 055D1BC572E67E0728D4DC5835794207 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\taskmgr.dll
00:42:35.0300 7124 C:\Program Files (x86)\IObit\Advanced SystemCare 6\taskmgr.dll - ok
00:42:35.0303 7124 [ ECA9510DAD38FDD900B4E8804CC492C8 ] C:\Program Files (x86)\IObit\Advanced SystemCare 6\datastate.dll
00:42:35.0303 7124 C:\Program Files (x86)\IObit\Advanced SystemCare 6\datastate.dll - ok
00:42:35.0305 7124 [ 38A2D5C5ECEE90A795D52A4D8B898751 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.7601.17825_none_83810474ed62c6c4\GdiPlus.dll
00:42:35.0305 7124 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.7601.17825_none_83810474ed62c6c4\GdiPlus.dll - ok
00:42:35.0308 7124 [ DB3FB9F91EA29B0B4B6D9ADE2630FC63 ] C:\Program Files\Intel\WiFi\bin\PanIHVInt.dll
00:42:35.0308 7124 C:\Program Files\Intel\WiFi\bin\PanIHVInt.dll - ok
00:42:35.0310 7124 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
00:42:35.0310 7124 C:\Windows\System32\wbem\wmiprov.dll - ok
00:42:35.0313 7124 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
00:42:35.0313 7124 C:\Windows\SysWOW64\uxtheme.dll - ok
00:42:35.0315 7124 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
00:42:35.0315 7124 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
00:42:35.0316 7124 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
00:42:35.0316 7124 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
00:42:35.0319 7124 [ A529CFE32565C0B145578FFB2B32C9A5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
00:42:35.0319 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
00:42:35.0321 7124 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
00:42:35.0321 7124 C:\Windows\SysWOW64\cabinet.dll - ok
00:42:35.0323 7124 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
00:42:35.0323 7124 C:\Windows\AppPatch\AcGenral.dll - ok
00:42:35.0326 7124 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
00:42:35.0326 7124 C:\Windows\SysWOW64\msacm32.dll - ok
00:42:35.0328 7124 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
00:42:35.0328 7124 C:\Windows\SysWOW64\sfc.dll - ok
00:42:35.0330 7124 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
00:42:35.0330 7124 C:\Windows\SysWOW64\sfc_os.dll - ok
00:42:35.0332 7124 [ D21AB32F16E8DE67D45E5A383B5E52BA ] C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll
00:42:35.0332 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll - ok
00:42:35.0335 7124 [ B009D6171147BE129636A49C4178E487 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll
00:42:35.0335 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll - ok
00:42:35.0338 7124 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
00:42:35.0338 7124 C:\Windows\System32\drivers\srv2.sys - ok
00:42:35.0340 7124 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
00:42:35.0340 7124 C:\Windows\System32\ipnathlp.dll - ok
00:42:35.0342 7124 [ F928E5E72BBA15DD0CE9A26E0413D236 ] C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
00:42:35.0342 7124 C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe - ok
00:42:35.0345 7124 [ 2C0D7AA2DACF6E11C71F22BFC0050147 ] C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll
00:42:35.0345 7124 C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll - ok
00:42:35.0347 7124 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
00:42:35.0347 7124 C:\Windows\System32\mprapi.dll - ok
00:42:35.0349 7124 [ 8422CE4E53738275C4C8539F91790A7F ] C:\PROGRA~1\mcafee\msc\McOobeSv.dll
00:42:35.0349 7124 C:\PROGRA~1\mcafee\msc\McOobeSv.dll - ok
00:42:35.0351 7124 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
00:42:35.0351 7124 C:\Windows\System32\drivers\srv.sys - ok
00:42:35.0353 7124 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
00:42:35.0353 7124 C:\Windows\System32\srvsvc.dll - ok
00:42:35.0356 7124 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
00:42:35.0356 7124 C:\Windows\System32\browser.dll - ok
00:42:35.0358 7124 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
00:42:35.0358 7124 C:\Windows\System32\clusapi.dll - ok
00:42:35.0360 7124 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
00:42:35.0360 7124 C:\Windows\System32\netmsg.dll - ok
00:42:35.0362 7124 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
00:42:35.0362 7124 C:\Windows\System32\sscore.dll - ok
00:42:35.0364 7124 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
00:42:35.0364 7124 C:\Windows\System32\resutils.dll - ok
00:42:35.0366 7124 [ E30E33FEA53642563CF4C240CACA5D2E ] C:\PROGRA~1\mcafee\mpf\MpfSvc.dll
00:42:35.0366 7124 C:\PROGRA~1\mcafee\mpf\MpfSvc.dll - ok
00:42:35.0368 7124 [ 2DBB4E43F9553756350947E4AF41F9C4 ] C:\PROGRA~1\mcafee\msk\msksrvr.dll
00:42:35.0368 7124 C:\PROGRA~1\mcafee\msk\msksrvr.dll - ok
00:42:35.0371 7124 [ A62EDFFE66C0D7916D73A6DE75758024 ] C:\Program Files\Common Files\mcafee\mcproxy\McProxy.dll
00:42:35.0371 7124 C:\Program Files\Common Files\mcafee\mcproxy\McProxy.dll - ok
00:42:35.0373 7124 [ 5A55E3E6F53592F8170623DEFA2B7954 ] C:\Windows\System32\atl100.dll
00:42:35.0373 7124 C:\Windows\System32\atl100.dll - ok
00:42:35.0375 7124 [ 47CDFF9055CF0A95E01AB60B4A435B4E ] C:\Program Files\Common Files\mcafee\systemcore\mfefwctl.dll
00:42:35.0375 7124 C:\Program Files\Common Files\mcafee\systemcore\mfefwctl.dll - ok
00:42:35.0378 7124 [ C97C8EC408AC6F2453EB9417E5EF355A ] C:\Program Files\Common Files\mcafee\msc\McRTMui.dll
00:42:35.0378 7124 C:\Program Files\Common Files\mcafee\msc\McRTMui.dll - ok
00:42:35.0380 7124 [ 57FA62B72A77EA12B95EB73501D92B63 ] C:\Program Files\Common Files\mcafee\msc\LangSel.dll
00:42:35.0380 7124 C:\Program Files\Common Files\mcafee\msc\LangSel.dll - ok
00:42:35.0382 7124 [ 8A80968A897BCFC38512AEE1D7B73501 ] C:\PROGRA~1\mcafee\msk\mskengn.dll
00:42:35.0382 7124 C:\PROGRA~1\mcafee\msk\mskengn.dll - ok
00:42:35.0384 7124 [ 75F40B422E78C5B9D4D0A59EC0AA2B38 ] C:\PROGRA~1\mcafee\mps\mps.dll
00:42:35.0384 7124 C:\PROGRA~1\mcafee\mps\mps.dll - ok
00:42:35.0386 7124 [ 1CD479BBDB6714D58C76B26912FF2327 ] C:\PROGRA~1\mcafee\msk\mskupd.dll
00:42:35.0386 7124 C:\PROGRA~1\mcafee\msk\mskupd.dll - ok
00:42:35.0389 7124 [ 19B8FEB9455D9D63425514271F5752E6 ] C:\PROGRA~1\mcafee\msc\mclwapi.dll
00:42:35.0389 7124 C:\PROGRA~1\mcafee\msc\mclwapi.dll - ok
00:42:35.0391 7124 [ 254C46A466484D4169DFF44B29F6A979 ] C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~2\mcutil.dll
00:42:35.0391 7124 C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~2\mcutil.dll - ok
00:42:35.0393 7124 [ 1FA5C7F6E7296AEC651489AD07BAB866 ] C:\PROGRA~1\mcafee\mps\mpscfg.dll
00:42:35.0393 7124 C:\PROGRA~1\mcafee\mps\mpscfg.dll - ok
00:42:35.0395 7124 [ 89E9ABC86EB600565D24516B170B0E39 ] C:\PROGRA~1\mcafee\msk\mskwm.dll
00:42:35.0396 7124 C:\PROGRA~1\mcafee\msk\mskwm.dll - ok
00:42:35.0398 7124 [ 4742F810686D2C7883CD69036CE15542 ] C:\PROGRA~1\mcafee\msk\mskxaif.dll
00:42:35.0398 7124 C:\PROGRA~1\mcafee\msk\mskxaif.dll - ok
00:42:35.0400 7124 [ 8ED06C74B9BC9CE0E24EA0CB0C5CF2A7 ] C:\PROGRA~1\COMMON~1\mcafee\core\McEvtBrk.dll
00:42:35.0400 7124 C:\PROGRA~1\COMMON~1\mcafee\core\McEvtBrk.dll - ok
00:42:35.0402 7124 [ 9FFD32E56D61E1514892EB170186DC0A ] C:\PROGRA~1\mcafee\mps\mpsevh.dll
00:42:35.0402 7124 C:\PROGRA~1\mcafee\mps\mpsevh.dll - ok
00:42:35.0404 7124 [ 5E3FDBD96C880A600C7E4B60D091D4E1 ] C:\PROGRA~1\mcafee\mps\MPSMisp.dll
00:42:35.0404 7124 C:\PROGRA~1\mcafee\mps\MPSMisp.dll - ok
00:42:35.0407 7124 [ B89910DBAD3A7C4782ECFD5F582D37D3 ] C:\PROGRA~1\mcafee\msc\mcmscsub.dll
00:42:35.0407 7124 C:\PROGRA~1\mcafee\msc\mcmscsub.dll - ok
00:42:35.0409 7124 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
00:42:35.0409 7124 C:\Windows\System32\appinfo.dll - ok
00:42:35.0411 7124 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
00:42:35.0411 7124 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
00:42:35.0413 7124 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
00:42:35.0413 7124 C:\Windows\System32\wdi.dll - ok
00:42:35.0416 7124 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
00:42:35.0416 7124 C:\Windows\System32\wpdbusenum.dll - ok
00:42:35.0418 7124 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
00:42:35.0418 7124 C:\Windows\System32\npmproxy.dll - ok
00:42:35.0420 7124 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
00:42:35.0420 7124 C:\Windows\System32\perftrack.dll - ok
00:42:35.0422 7124 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
00:42:35.0422 7124 C:\Windows\SysWOW64\sxs.dll - ok
00:42:35.0424 7124 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
00:42:35.0424 7124 C:\Windows\System32\diagperf.dll - ok
00:42:35.0427 7124 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
00:42:35.0427 7124 C:\Windows\System32\PortableDeviceApi.dll - ok
00:42:35.0429 7124 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
00:42:35.0429 7124 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
00:42:35.0431 7124 [ FFB6E1AACCF286EBD549DFDAA93BC940 ] C:\PROGRA~1\mcafee\msc\mcregobj\11_6_4~1\mcregobj.dll
00:42:35.0431 7124 C:\PROGRA~1\mcafee\msc\mcregobj\11_6_4~1\mcregobj.dll - ok
00:42:35.0433 7124 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
00:42:35.0433 7124 C:\Windows\System32\NapiNSP.dll - ok
00:42:35.0436 7124 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
00:42:35.0436 7124 C:\Windows\System32\pnrpnsp.dll - ok
00:42:35.0438 7124 [ D065827C0915CCBA48D47B4E4F855E54 ] C:\Program Files\mcafee\msc\mcoemres.dll
00:42:35.0438 7124 C:\Program Files\mcafee\msc\mcoemres.dll - ok
00:42:35.0440 7124 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
00:42:35.0440 7124 C:\Windows\System32\winrnr.dll - ok
00:42:35.0442 7124 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
00:42:35.0442 7124 C:\Windows\System32\wshbth.dll - ok
00:42:35.0444 7124 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
00:42:35.0444 7124 C:\Windows\System32\Apphlpdm.dll - ok
00:42:35.0446 7124 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
00:42:35.0446 7124 C:\Windows\System32\FXSRESM.dll - ok
00:42:35.0448 7124 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
00:42:35.0448 7124 C:\Windows\System32\pnpts.dll - ok
00:42:35.0451 7124 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
00:42:35.0451 7124 C:\Windows\System32\wdiasqmmodule.dll - ok
00:42:35.0453 7124 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
00:42:35.0453 7124 C:\Windows\System32\p2pcollab.dll - ok
00:42:35.0455 7124 [ A444C15772749F572E61DAFED66F51C4 ] C:\Program Files\mcafee\msc\oemui.dll
00:42:35.0455 7124 C:\Program Files\mcafee\msc\oemui.dll - ok
00:42:35.0457 7124 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
00:42:35.0457 7124 C:\Windows\System32\QAGENTRT.DLL - ok
00:42:35.0460 7124 [ 1565AEDA55469D030E35801ECD17E1A5 ] C:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll
00:42:35.0460 7124 C:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll - ok
00:42:35.0462 7124 [ 6D78A6AFD8D5CEE3B2C716C104B1B5A4 ] C:\Program Files\mcafee\msc\mcprlres.dll
00:42:35.0462 7124 C:\Program Files\mcafee\msc\mcprlres.dll - ok
00:42:35.0464 7124 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
00:42:35.0464 7124 C:\Windows\System32\fveui.dll - ok
00:42:35.0466 7124 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
00:42:35.0466 7124 C:\Windows\System32\runonce.exe - ok
00:42:35.0469 7124 [ AA59306D5EB1D78E0911183B3AFBC6F5 ] C:\PROGRA~1\COMMON~1\mcafee\msc\sqlite3.dll
00:42:35.0469 7124 C:\PROGRA~1\COMMON~1\mcafee\msc\sqlite3.dll - ok
00:42:35.0471 7124 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
00:42:35.0471 7124 C:\Windows\SysWOW64\runonce.exe - ok
00:42:35.0473 7124 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
00:42:35.0473 7124 C:\Windows\System32\dimsjob.dll - ok
00:42:35.0475 7124 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
00:42:35.0476 7124 C:\Windows\System32\IPSECSVC.DLL - ok
00:42:35.0478 7124 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
00:42:35.0478 7124 C:\Windows\System32\FwRemoteSvr.dll - ok
00:42:35.0480 7124 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
00:42:35.0480 7124 C:\Windows\System32\pautoenr.dll - ok
00:42:35.0482 7124 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
00:42:35.0482 7124 C:\Windows\System32\certcli.dll - ok
00:42:35.0484 7124 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
00:42:35.0484 7124 C:\Windows\SysWOW64\cmd.exe - ok
00:42:35.0486 7124 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
00:42:35.0486 7124 C:\Windows\System32\CertEnroll.dll - ok
00:42:35.0488 7124 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
00:42:35.0488 7124 C:\Windows\SysWOW64\winbrand.dll - ok
00:42:35.0491 7124 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
00:42:35.0491 7124 C:\Windows\SysWOW64\ieframe.dll - ok
00:42:35.0493 7124 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
00:42:35.0493 7124 C:\Windows\SysWOW64\shdocvw.dll - ok
00:42:35.0495 7124 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\David\AppData\Local\Temp\A8891D03-591B-4572-8CF6-32AA14E7FB0A.exe
00:42:35.0495 7124 C:\Users\David\AppData\Local\Temp\A8891D03-591B-4572-8CF6-32AA14E7FB0A.exe - ok
00:42:35.0497 7124 [ 859CFCE4A0F72916911BD9F6C6E84581 ] C:\Windows\SysWOW64\ncrypt.dll
00:42:35.0497 7124 C:\Windows\SysWOW64\ncrypt.dll - ok
00:42:35.0499 7124 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
00:42:35.0499 7124 C:\Windows\SysWOW64\bcrypt.dll - ok
00:42:35.0502 7124 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
00:42:35.0502 7124 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
00:42:35.0504 7124 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
00:42:35.0504 7124 C:\Windows\SysWOW64\gpapi.dll - ok
00:42:35.0506 7124 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
00:42:35.0506 7124 C:\Windows\SysWOW64\cryptnet.dll - ok
00:42:35.0508 7124 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
00:42:35.0508 7124 C:\Windows\SysWOW64\SensApi.dll - ok
00:42:35.0510 7124 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
00:42:35.0510 7124 C:\Windows\SysWOW64\webio.dll - ok
00:42:35.0512 7124 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
00:42:35.0512 7124 C:\Windows\SysWOW64\winhttp.dll - ok
00:42:35.0515 7124 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
00:42:35.0515 7124 C:\Windows\SysWOW64\credssp.dll - ok
00:42:35.0517 7124 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
00:42:35.0517 7124 C:\Windows\SysWOW64\wship6.dll - ok
00:42:35.0519 7124 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
00:42:35.0520 7124 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
00:42:35.0522 7124 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
00:42:35.0522 7124 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
00:42:35.0524 7124 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
00:42:35.0524 7124 C:\Windows\SysWOW64\rasadhlp.dll - ok
00:42:35.0526 7124 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
00:42:35.0526 7124 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
00:42:35.0528 7124 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
00:42:35.0528 7124 C:\Windows\SysWOW64\devrtl.dll - ok
00:42:35.0531 7124 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
00:42:35.0531 7124 C:\Windows\System32\aelupsvc.dll - ok
00:42:35.0533 7124 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
00:42:35.0533 7124 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
00:42:35.0535 7124 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
00:42:35.0535 7124 C:\Windows\SysWOW64\EhStorShell.dll - ok
00:42:35.0537 7124 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
00:42:35.0537 7124 C:\Windows\SysWOW64\ntshrui.dll - ok
00:42:35.0539 7124 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
00:42:35.0539 7124 C:\Windows\SysWOW64\imageres.dll - ok
00:42:35.0542 7124 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
00:42:35.0542 7124 C:\Windows\SysWOW64\slc.dll - ok
00:42:35.0544 7124 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
00:42:35.0544 7124 C:\Windows\SysWOW64\IconCodecService.dll - ok
00:42:35.0546 7124 [ 30830E9DA7F0BA3946665827D5247EC0 ] C:\PROGRA~1\mcafee\mpf\MpfEvt.dll
00:42:35.0546 7124 C:\PROGRA~1\mcafee\mpf\MpfEvt.dll - ok
00:42:35.0548 7124 [ F1F438402FC37991A0502F09CC0AA284 ] C:\PROGRA~1\COMMON~1\mcafee\HACKER~1\HWAPI.dll
00:42:35.0548 7124 C:\PROGRA~1\COMMON~1\mcafee\HACKER~1\HWAPI.dll - ok
00:42:35.0551 7124 [ 46CB29F9A3D487A9839E38EFA49B6491 ] C:\Program Files\Common Files\mcafee\VSCore\lockdown.dll
00:42:35.0551 7124 C:\Program Files\Common Files\mcafee\VSCore\lockdown.dll - ok
00:42:35.0553 7124 [ FD0D2E1FAEBAE5031BE2EB8000D973F1 ] C:\Program Files\Internet Explorer\iexplore.exe
00:42:35.0553 7124 C:\Program Files\Internet Explorer\iexplore.exe - ok
00:42:35.0555 7124 [ 88FD96AD1B0C56474ADDC97100FFFA39 ] C:\Program Files\mcafee\mpf\L10N.dll
00:42:35.0555 7124 C:\Program Files\mcafee\mpf\L10N.dll - ok
00:42:35.0557 7124 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
00:42:35.0557 7124 C:\Windows\System32\wbem\cimwin32.dll - ok
00:42:35.0560 7124 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
00:42:35.0560 7124 C:\Windows\System32\framedynos.dll - ok
00:42:35.0562 7124 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
00:42:35.0562 7124 C:\Windows\System32\wmi.dll - ok
00:42:35.0564 7124 [ DF8D07059E7237E0BE9C1421EF5F9482 ] C:\Windows\System32\drivers\cfwids.sys
00:42:35.0564 7124 C:\Windows\System32\drivers\cfwids.sys - ok
00:42:35.0565 7124 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
00:42:35.0565 7124 C:\Windows\System32\radardt.dll - ok
00:42:35.0568 7124 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
00:42:35.0568 7124 C:\Windows\System32\tdh.dll - ok
00:42:35.0570 7124 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
00:42:35.0570 7124 C:\Windows\System32\pnidui.dll - ok
00:42:35.0572 7124 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
00:42:35.0572 7124 C:\Windows\System32\wmp.dll - ok
00:42:35.0574 7124 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
00:42:35.0574 7124 C:\Windows\System32\ndiscapCfg.dll - ok
00:42:35.0576 7124 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
00:42:35.0576 7124 C:\Windows\System32\rascfg.dll - ok
00:42:35.0578 7124 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
00:42:35.0578 7124 C:\Windows\System32\mprmsg.dll - ok
00:42:35.0581 7124 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
00:42:35.0581 7124 C:\Windows\System32\tcpipcfg.dll - ok
00:42:35.0583 7124 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
00:42:35.0583 7124 C:\Windows\System32\wlaninst.dll - ok
00:42:35.0585 7124 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
00:42:35.0585 7124 C:\Windows\System32\wwaninst.dll - ok
00:42:35.0587 7124 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
00:42:35.0587 7124 C:\Windows\System32\spfileq.dll - ok
00:42:35.0590 7124 [ 0671A791C292F46423CFE37B53D598D0 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
00:42:35.0590 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
00:42:35.0593 7124 [ 9C2543A7AC524CAA63B26A16D4E3AD39 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
00:42:35.0593 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl - ok
00:42:35.0596 7124 [ 5422CB64444C33F029483552A8FACE37 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vclx150.bpl
00:42:35.0596 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\vclx150.bpl - ok
00:42:35.0599 7124 [ AEB9DD47B76075B05E27874384544F39 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vclie150.bpl
00:42:35.0599 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\vclie150.bpl - ok
00:42:35.0602 7124 [ FAD9807ACDE89A34D2EB4743D57016D7 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
00:42:35.0602 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll - ok
00:42:35.0604 7124 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
00:42:35.0604 7124 C:\Windows\System32\drivers\fastfat.sys - ok
00:42:35.0606 7124 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
00:42:35.0606 7124 C:\Windows\System32\ie4uinit.exe - ok
00:42:35.0608 7124 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
00:42:35.0608 7124 C:\Windows\System32\iedkcs32.dll - ok
00:42:35.0611 7124 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
00:42:35.0611 7124 C:\Windows\System32\themeui.dll - ok
00:42:35.0613 7124 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
00:42:35.0613 7124 C:\Windows\System32\timedate.cpl - ok
00:42:35.0615 7124 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
00:42:35.0615 7124 C:\Windows\System32\actxprxy.dll - ok
00:42:35.0617 7124 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
00:42:35.0617 7124 C:\Windows\System32\shdocvw.dll - ok
00:42:35.0619 7124 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
00:42:35.0619 7124 C:\Windows\System32\linkinfo.dll - ok
00:42:35.0621 7124 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
00:42:35.0621 7124 C:\Windows\System32\gameux.dll - ok
00:42:35.0624 7124 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
00:42:35.0624 7124 C:\Windows\System32\msftedit.dll - ok
00:42:35.0626 7124 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\60184277.sys
00:42:35.0626 7124 C:\Windows\System32\drivers\60184277.sys - ok
00:42:35.0628 7124 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
00:42:35.0628 7124 C:\Windows\System32\msls31.dll - ok
00:42:35.0630 7124 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
00:42:35.0630 7124 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
00:42:35.0633 7124 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
00:42:35.0633 7124 C:\Windows\System32\msiltcfg.dll - ok
00:42:35.0635 7124 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
00:42:35.0635 7124 C:\Windows\System32\msi.dll - ok
00:42:35.0637 7124 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
00:42:35.0637 7124 C:\Windows\System32\thumbcache.dll - ok
00:42:35.0639 7124 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
00:42:35.0639 7124 C:\Windows\System32\networkexplorer.dll - ok
00:42:35.0642 7124 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
00:42:35.0642 7124 C:\Windows\SysWOW64\riched20.dll - ok
00:42:35.0644 7124 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
00:42:35.0644 7124 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
00:42:35.0646 7124 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
00:42:35.0646 7124 C:\Windows\SysWOW64\duser.dll - ok
00:42:35.0648 7124 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
00:42:35.0648 7124 C:\Windows\SysWOW64\dui70.dll - ok
00:42:35.0650 7124 [ 5D5A1EB211F2A6B044FB5E578D0E4A89 ] C:\Program Files\Elantech\ETDCtrl.exe
00:42:35.0650 7124 C:\Program Files\Elantech\ETDCtrl.exe - ok
00:42:35.0652 7124 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
00:42:35.0652 7124 C:\Windows\System32\DeviceCenter.dll - ok
00:42:35.0655 7124 [ 8886E0697B0A93C521F99099EF643450 ] C:\Windows\System32\wscript.exe
00:42:35.0655 7124 C:\Windows\System32\wscript.exe - ok
00:42:35.0657 7124 [ FEA6C46CE217D35296F687156CDC1E11 ] C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20130103203859.dll
00:42:35.0657 7124 C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20130103203859.dll - ok
00:42:35.0660 7124 [ CEA9CC9F13E82893327CBCE5FAA90D1A ] C:\Program Files\CONEXANT\SA3\SACpl.exe
00:42:35.0660 7124 C:\Program Files\CONEXANT\SA3\SACpl.exe - ok
00:42:35.0663 7124 [ C8560742F5E4C77A91A75C14D3583604 ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
00:42:35.0663 7124 C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe - ok
00:42:35.0665 7124 [ 7D67F4845F1A4191237AD88CAF6CB6AB ] C:\Windows\System32\igfxtray.exe
00:42:35.0665 7124 C:\Windows\System32\igfxtray.exe - ok
00:42:35.0667 7124 [ A2A983191DBF344D81E7182890E7C796 ] C:\Windows\System32\hkcmd.exe
00:42:35.0667 7124 C:\Windows\System32\hkcmd.exe - ok
00:42:35.0669 7124 [ 0F14272FCC2ABF984DCD40A5D9EABA56 ] C:\Windows\System32\igfxpers.exe
00:42:35.0669 7124 C:\Windows\System32\igfxpers.exe - ok
00:42:35.0672 7124 [ 1136B11FB4B6A598051BD9648A798F7C ] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
00:42:35.0672 7124 C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe - ok
00:42:35.0674 7124 [ 0EE9F047A87A76B07EA26669757D0A6B ] C:\Windows\System32\hccutils.dll
00:42:35.0674 7124 C:\Windows\System32\hccutils.dll - ok
00:42:35.0677 7124 [ BB7481A1306823D1B6592263F1AB8DD7 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
00:42:35.0677 7124 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
00:42:35.0679 7124 [ AB0E99A9C6AFAE81DD499CCA292744B6 ] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
00:42:35.0679 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe - ok
00:42:35.0681 7124 [ D31766E264A89D6FE9A26B9D4D88ED9A ] C:\Windows\System32\igfxsrvc.exe
00:42:35.0681 7124 C:\Windows\System32\igfxsrvc.exe - ok
00:42:35.0683 7124 [ AE796055654387C7269039E1C4909CC6 ] C:\Windows\System32\mbtleapi.dll
00:42:35.0684 7124 C:\Windows\System32\mbtleapi.dll - ok
00:42:35.0686 7124 [ C68B62BF9ED49AA13223370F32A30BEF ] C:\Program Files\BOINC\boincmgr.exe
00:42:35.0686 7124 C:\Program Files\BOINC\boincmgr.exe - ok
00:42:35.0688 7124 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
00:42:35.0688 7124 C:\Windows\System32\bthprops.cpl - ok
00:42:35.0691 7124 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
00:42:35.0691 7124 C:\Windows\SysWOW64\taskschd.dll - ok
00:42:35.0693 7124 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
00:42:35.0693 7124 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
00:42:35.0695 7124 [ 423E9561F2B0EF8AC08F5BE5C3377CA7 ] C:\Windows\System32\mfc100u.dll
00:42:35.0695 7124 C:\Windows\System32\mfc100u.dll - ok
00:42:35.0698 7124 [ 2C68D1CEAA96FE39E44B4979ACD6D9B3 ] C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll
00:42:35.0698 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll - ok
00:42:35.0700 7124 [ 9568BB33BBAD356EDD6CDE988E570523 ] C:\Windows\System32\jscript9.dll
00:42:35.0700 7124 C:\Windows\System32\jscript9.dll - ok
00:42:35.0702 7124 [ 046AD878F246D3801B719700B543A6EE ] C:\Windows\System32\jscript.dll
00:42:35.0702 7124 C:\Windows\System32\jscript.dll - ok
00:42:35.0705 7124 [ C9CA9CF174E87DF735E3232755D18A5B ] C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
00:42:35.0705 7124 C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll - ok
00:42:35.0707 7124 [ F62E1670868E9EF413B7D7C3039AF66A ] C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
00:42:35.0707 7124 C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll - ok
00:42:35.0709 7124 [ 6E6602DE23AB3776007702FC9540E8E9 ] C:\Windows\System32\vbscript.dll
00:42:35.0709 7124 C:\Windows\System32\vbscript.dll - ok
00:42:35.0712 7124 [ EF4248D28C2940AE6D46470AC2479A4F ] C:\Windows\System32\msisip.dll
00:42:35.0712 7124 C:\Windows\System32\msisip.dll - ok
00:42:35.0714 7124 [ 6E74D0AE00231D87CD213CD7BDC27E37 ] C:\Windows\System32\wshext.dll
00:42:35.0714 7124 C:\Windows\System32\wshext.dll - ok
00:42:35.0716 7124 [ 67CE7A83CF4AA78A05EA26D4443CE5F3 ] C:\Windows\System32\scrobj.dll
00:42:35.0716 7124 C:\Windows\System32\scrobj.dll - ok
00:42:35.0718 7124 [ 754A0C324ECA95AE4F708D01EF27060E ] C:\Windows\System32\wbem\wbemdisp.dll
00:42:35.0718 7124 C:\Windows\System32\wbem\wbemdisp.dll - ok
00:42:35.0720 7124 [ B88E5340A5A50B53310B00DA455FB4FA ] C:\Windows\System32\wbem\stdprov.dll
00:42:35.0720 7124 C:\Windows\System32\wbem\stdprov.dll - ok
00:42:35.0723 7124 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
00:42:35.0723 7124 C:\Windows\System32\riched20.dll - ok
00:42:35.0725 7124 [ 8BC7F8F0B7AE856D910B3FDD895EC50E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
00:42:35.0725 7124 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
00:42:35.0728 7124 [ 9FD9A3349AFA3EE4B2A0589176CF1D0E ] C:\Program Files (x86)\Intel\Bluetooth\blesvcs.dll
00:42:35.0728 7124 C:\Program Files (x86)\Intel\Bluetooth\blesvcs.dll - ok
00:42:35.0730 7124 [ B2628B5290D79B778311D65BC7494010 ] C:\Program Files\BOINC\boinctray.exe
00:42:35.0730 7124 C:\Program Files\BOINC\boinctray.exe - ok
00:42:35.0732 7124 [ 62BFDE7B504163373522D75D80C92B79 ] C:\Program Files\Elantech\ETDFavorite.dll
00:42:35.0732 7124 C:\Program Files\Elantech\ETDFavorite.dll - ok
00:42:35.0735 7124 [ 5C5C72FCC0D42C9225763D7E62B57D89 ] C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
00:42:35.0735 7124 C:\Program Files\CONEXANT\SA3\SmartAudio3.exe - ok
00:42:35.0737 7124 [ 8FEDBE7A5D3E5F91FD4B96DAFA4DD197 ] C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
00:42:35.0737 7124 C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe - ok
00:42:35.0740 7124 [ BCD9CBF0621F9A6767276A2E0BF1DD15 ] C:\Users\David\AppData\Roaming\Google\Google Talk\googletalk.exe
00:42:35.0740 7124 C:\Users\David\AppData\Roaming\Google\Google Talk\googletalk.exe - ok
00:42:35.0742 7124 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
00:42:35.0742 7124 C:\Program Files\Windows Sidebar\sidebar.exe - ok
00:42:35.0744 7124 [ C7391769FCD6E04196EE8CA831E2C7E8 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
00:42:35.0744 7124 C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe - ok
00:42:35.0747 7124 [ 043FE3C9088BEADC6A9FFC033C84F20F ] C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
00:42:35.0747 7124 C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE - ok
00:42:35.0749 7124 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
00:42:35.0749 7124 C:\Windows\System32\mscoree.dll - ok
00:42:35.0751 7124 [ CFF3C4ABDCC5356B0674743BDF0FB674 ] C:\Windows\System32\mshtml.dll
00:42:35.0751 7124 C:\Windows\System32\mshtml.dll - ok
00:42:35.0754 7124 [ 766AE515B1749F2141E418CC6C08515B ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
00:42:35.0754 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
00:42:35.0756 7124 [ 2A510D5500FD4C50A9E38DF85478F862 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
00:42:35.0756 7124 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok
00:42:35.0759 7124 [ 1B907D6A729FAF70BFDA2FA30E908B6C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
00:42:35.0759 7124 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
00:42:35.0761 7124 [ F59E095B0BEF0CEED72DB039DAC3CD68 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
00:42:35.0761 7124 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
00:42:35.0764 7124 [ 19EACF9F606AD724B3D871475714AE3D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices_main.dll
00:42:35.0764 7124 C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices_main.dll - ok
00:42:35.0766 7124 [ FC19F3D46E21EF65EEA990B8AF2076F6 ] C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL
00:42:35.0766 7124 C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL - ok
00:42:35.0769 7124 [ C7B54521A98E81DA2D3C65D09B0E8C02 ] C:\Program Files\Elantech\ETDApix.dll
00:42:35.0769 7124 C:\Program Files\Elantech\ETDApix.dll - ok
00:42:35.0771 7124 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
00:42:35.0771 7124 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
00:42:35.0773 7124 [ 4D727B78C0992144F4F268C51197DF32 ] C:\Program Files\BOINC\sqlite3.dll
00:42:35.0773 7124 C:\Program Files\BOINC\sqlite3.dll - ok
00:42:35.0776 7124 [ 215EA0947A482695552F79A363FF94CE ] C:\Program Files\Elantech\ETDCmds.dll
00:42:35.0776 7124 C:\Program Files\Elantech\ETDCmds.dll - ok
00:42:35.0778 7124 [ 459B0681B6BA1BC2DD4E38FBFE5B6816 ] C:\Program Files\mcafee.com\agent\mcagent.exe
00:42:35.0778 7124 C:\Program Files\mcafee.com\agent\mcagent.exe - ok
00:42:35.0780 7124 [ 09E050B3CB76151FDD604877965A16C9 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
00:42:35.0780 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe - ok
00:42:35.0783 7124 [ 6E43238CADA10ED92DCC50C67A9B742F ] C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
00:42:35.0783 7124 C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe - ok
00:42:35.0785 7124 [ 2C68D1CEAA96FE39E44B4979ACD6D9B3 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll
00:42:35.0785 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll - ok
00:42:35.0788 7124 [ 7FC73CA34D587E05EA72C9A7CDBBCC62 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
00:42:35.0788 7124 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe - ok
00:42:35.0790 7124 [ B8E421C0890356CD4A793D8A346D9096 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:42:35.0790 7124 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
00:42:35.0792 7124 [ 31A4DCC46626B4E363A995264B4BDF4C ] C:\Windows\SysWOW64\atiadlxy.dll
00:42:35.0792 7124 C:\Windows\SysWOW64\atiadlxy.dll - ok
00:42:35.0795 7124 [ 6E95474CB9E22BC9768EFA176C6A0A29 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
00:42:35.0795 7124 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
00:42:35.0797 7124 [ DE1BEA113645BC52B66953E0F75477AB ] C:\Windows\SysWOW64\kdbsdk32.dll
00:42:35.0797 7124 C:\Windows\SysWOW64\kdbsdk32.dll - ok
00:42:35.0799 7124 [ 2C50D985C8EBA32ED4AFD99525DE8FAE ] C:\Windows\SysWOW64\OpenCL.dll
00:42:35.0799 7124 C:\Windows\SysWOW64\OpenCL.dll - ok
00:42:35.0801 7124 [ 72860972F8196EBB3C896F53D2B95470 ] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
00:42:35.0801 7124 C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe - ok
00:42:35.0804 7124 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:42:35.0804 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
00:42:35.0806 7124 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll
00:42:35.0806 7124 C:\Windows\System32\sti.dll - ok
00:42:35.0809 7124 [ F6E33B49AAF9E8FEB4E4B07C34F38C4B ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
00:42:35.0809 7124 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
00:42:35.0811 7124 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
00:42:35.0811 7124 C:\Windows\SysWOW64\mscoree.dll - ok
00:42:35.0813 7124 [ E5918CEE306FC7EAA6614F045EDC4DA5 ] C:\Windows\SysWOW64\igdrcl32.dll
00:42:35.0813 7124 C:\Windows\SysWOW64\igdrcl32.dll - ok
00:42:35.0815 7124 [ 65CB368A235D6AFE5F28422543434C79 ] C:\Windows\SysWOW64\IntelOpenCL32.dll
00:42:35.0815 7124 C:\Windows\SysWOW64\IntelOpenCL32.dll - ok
00:42:35.0817 7124 [ 10FC41C1A3C90F2AB553B8CFF1282ACE ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
00:42:35.0817 7124 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok
00:42:35.0820 7124 [ 544013C383833189A61C2F72B8814319 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll
00:42:35.0820 7124 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll - ok
00:42:35.0822 7124 [ 1165530EB8F7E5D18A8AFC78A636C91D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
00:42:35.0822 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
00:42:35.0825 7124 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
00:42:35.0825 7124 C:\Windows\SysWOW64\sti.dll - ok
00:42:35.0827 7124 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll
00:42:35.0827 7124 C:\Windows\SysWOW64\wiatrace.dll - ok
00:42:35.0829 7124 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
00:42:35.0829 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
00:42:35.0832 7124 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
00:42:35.0832 7124 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
00:42:35.0834 7124 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
00:42:35.0834 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
00:42:35.0836 7124 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
00:42:35.0836 7124 C:\Windows\SysWOW64\msxml6.dll - ok
00:42:35.0839 7124 [ E748D0B8F4060F4F7A7ABB705E289890 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll
00:42:35.0839 7124 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll - ok
00:42:35.0841 7124 [ D458B563613E898EE7C627359AF5973D ] C:\Windows\SysWOW64\Nlsdl.dll
00:42:35.0841 7124 C:\Windows\SysWOW64\Nlsdl.dll - ok
00:42:35.0843 7124 [ 84B3C0476D17C9A44DB4C9256A7E2844 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
00:42:35.0843 7124 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
00:42:35.0846 7124 [ C046C2BF5248587F6DB073E37D94C35C ] C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
00:42:35.0846 7124 C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll - ok
00:42:35.0848 7124 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
00:42:35.0848 7124 C:\Windows\System32\stobject.dll - ok
00:42:35.0850 7124 [ B782BD5438B7938E1CDD6E9AA88702DC ] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
00:42:35.0850 7124 C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll - ok
00:42:35.0853 7124 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
00:42:35.0853 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
00:42:35.0855 7124 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
00:42:35.0855 7124 C:\Windows\System32\batmeter.dll - ok
00:42:35.0857 7124 [ 339A5D2292110494B9594AB050AA55A6 ] C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
00:42:35.0857 7124 C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll - ok
00:42:35.0860 7124 [ AC6EE4B07B9A78B155DEE7529ACCE355 ] C:\Program Files (x86)\Dell Stage\Dell Stage\libmmd.dll
00:42:35.0860 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\libmmd.dll - ok
00:42:35.0862 7124 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
00:42:35.0862 7124 C:\Windows\SysWOW64\rasapi32.dll - ok
00:42:35.0864 7124 [ C78B64296C72D5B3EA07019790A602B9 ] C:\Program Files (x86)\Dell\Stage Remote\DMSAdapter.dll
00:42:35.0864 7124 C:\Program Files (x86)\Dell\Stage Remote\DMSAdapter.dll - ok
00:42:35.0866 7124 [ 3A663E5526A54FBEFE29E2E5D35E19B3 ] C:\Windows\SysWOW64\amdocl.dll
00:42:35.0866 7124 C:\Windows\SysWOW64\amdocl.dll - ok
00:42:35.0869 7124 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
00:42:35.0869 7124 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
00:42:35.0871 7124 [ 6299D41BE07A4584147ACD7D922454F8 ] C:\Program Files (x86)\Dell\Stage Remote\DHServerAgent.dll
00:42:35.0871 7124 C:\Program Files (x86)\Dell\Stage Remote\DHServerAgent.dll - ok
00:42:35.0874 7124 [ 3687E37869B69040657E0CE3F5DB58AA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
00:42:35.0874 7124 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
00:42:35.0876 7124 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
00:42:35.0876 7124 C:\Windows\SysWOW64\wbemcomn.dll - ok
00:42:35.0878 7124 [ BCD9CBF0621F9A6767276A2E0BF1DD15 ] C:\Program Files (x86)\Google\Google Talk\googletalk.exe
00:42:35.0878 7124 C:\Program Files (x86)\Google\Google Talk\googletalk.exe - ok
00:42:35.0881 7124 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
00:42:35.0881 7124 C:\Windows\System32\DXP.dll - ok
00:42:35.0883 7124 [ 07CDD5732A8A084BA8EC10287CADDD36 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
00:42:35.0883 7124 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
00:42:35.0885 7124 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
00:42:35.0885 7124 C:\Windows\System32\wersvc.dll - ok
00:42:35.0887 7124 [ E05EEA9E46EAF06F85EC34EAB8A92801 ] C:\Program Files\Elantech\ETDCtrlHelper.exe
00:42:35.0887 7124 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok
00:42:35.0890 7124 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
00:42:35.0890 7124 C:\Windows\System32\prnfldr.dll - ok
00:42:35.0892 7124 [ 2BB97FDD3FF685138A292164E7DE9A9D ] C:\Program Files (x86)\Dell\Stage Remote\UMediaManager.dll
00:42:35.0892 7124 C:\Program Files (x86)\Dell\Stage Remote\UMediaManager.dll - ok
00:42:35.0894 7124 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
00:42:35.0894 7124 C:\Windows\SysWOW64\rasman.dll - ok
00:42:35.0897 7124 [ B5A4EBA9487F08BECC843A87422B8052 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
00:42:35.0897 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe - ok
00:42:35.0899 7124 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
00:42:35.0899 7124 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
00:42:35.0901 7124 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
00:42:35.0901 7124 C:\Windows\SysWOW64\rtutils.dll - ok
00:42:35.0904 7124 [ AC6EE4B07B9A78B155DEE7529ACCE355 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libmmd.dll
00:42:35.0904 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libmmd.dll - ok
00:42:35.0906 7124 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
00:42:35.0906 7124 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
00:42:35.0909 7124 [ C819AACFC675D2BCA7C715822913B676 ] C:\Program Files (x86)\Dell\Stage Remote\ASDBTool.dll
00:42:35.0909 7124 C:\Program Files (x86)\Dell\Stage Remote\ASDBTool.dll - ok
00:42:35.0911 7124 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
00:42:35.0911 7124 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
00:42:35.0913 7124 [ 17932262563F8288D261E28F873FA6A9 ] C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
00:42:35.0913 7124 C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll - ok
00:42:35.0915 7124 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
00:42:35.0915 7124 C:\Windows\System32\ActionCenter.dll - ok
00:42:35.0918 7124 [ 0C7315CAFF701909AC65C087752B7E3A ] C:\Program Files (x86)\Dell\Stage Remote\ASTransMgr.dll
00:42:35.0918 7124 C:\Program Files (x86)\Dell\Stage Remote\ASTransMgr.dll - ok
00:42:35.0920 7124 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
00:42:35.0920 7124 C:\Windows\SysWOW64\ntdsapi.dll - ok
00:42:35.0922 7124 [ 0FBE8505FF8E52130EF4E90E2BD8F4CA ] C:\Program Files (x86)\Dell\Stage Remote\ASXmlTool.dll
00:42:35.0922 7124 C:\Program Files (x86)\Dell\Stage Remote\ASXmlTool.dll - ok
00:42:35.0925 7124 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
00:42:35.0925 7124 C:\Windows\System32\browcli.dll - ok
00:42:35.0927 7124 [ 8E757681A3245A407584A3D2FF3D65B8 ] C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
00:42:35.0927 7124 C:\Program Files (x86)\Dell\Stage Remote\DataService.dll - ok
00:42:35.0929 7124 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
00:42:35.0929 7124 C:\Windows\System32\schedcli.dll - ok
00:42:35.0932 7124 [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
00:42:35.0932 7124 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
00:42:35.0934 7124 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
00:42:35.0934 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
00:42:35.0936 7124 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
00:42:35.0937 7124 C:\Windows\System32\msimtf.dll - ok
00:42:35.0939 7124 [ C265BFF559718F341D16C8355B4EDAED ] C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
00:42:35.0939 7124 C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe - ok
00:42:35.0941 7124 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
00:42:35.0941 7124 C:\Windows\System32\Syncreg.dll - ok
00:42:35.0943 7124 [ 791A7314CE8EE46FA9D4B8276D7DE0C9 ] C:\Program Files (x86)\Dell\Stage Remote\EndPointCtrl.dll
00:42:35.0943 7124 C:\Program Files (x86)\Dell\Stage Remote\EndPointCtrl.dll - ok
00:42:35.0946 7124 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
00:42:35.0946 7124 C:\Windows\System32\FXSST.dll - ok
00:42:35.0948 7124 [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
00:42:35.0948 7124 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
00:42:35.0950 7124 [ D5A787E18D3C67894CDAC0A81D617DB4 ] C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
00:42:35.0950 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll - ok
00:42:35.0952 7124 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
00:42:35.0952 7124 C:\Windows\System32\consent.exe - ok
00:42:35.0955 7124 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
00:42:35.0955 7124 C:\Windows\SysWOW64\MMDevAPI.dll - ok
00:42:35.0957 7124 [ 4AA01BD5CC7DA9888AF33C5FAB5BF1DD ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vclimg150.bpl
00:42:35.0957 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\vclimg150.bpl - ok
00:42:35.0960 7124 [ B6B8A7F49301F0EF589B8BC8C4B24E98 ] C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
00:42:35.0960 7124 C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll - ok
00:42:35.0962 7124 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\SysWOW64\mshtml.dll
00:42:35.0962 7124 C:\Windows\SysWOW64\mshtml.dll - ok
00:42:35.0965 7124 [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
00:42:35.0965 7124 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
00:42:35.0967 7124 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
00:42:35.0967 7124 C:\Windows\SysWOW64\AudioSes.dll - ok
00:42:35.0970 7124 [ 8F220DCB4AA4B2A12ECE5B87C701170D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
00:42:35.0970 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl - ok
00:42:35.0972 7124 [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
00:42:35.0972 7124 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
00:42:35.0975 7124 [ D5A787E18D3C67894CDAC0A81D617DB4 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
00:42:35.0975 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll - ok
00:42:35.0977 7124 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
00:42:35.0977 7124 C:\Windows\System32\FXSAPI.dll - ok
00:42:35.0979 7124 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
00:42:35.0979 7124 C:\Windows\System32\d2d1.dll - ok
00:42:35.0981 7124 [ 0AD339204291838F585873D265EC5A56 ] C:\Program Files\Elantech\ETDGesture.exe
00:42:35.0981 7124 C:\Program Files\Elantech\ETDGesture.exe - ok
00:42:35.0984 7124 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
00:42:35.0984 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
00:42:35.0986 7124 [ 091210450CA7CED08F360D9D7FEC5D11 ] C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
00:42:35.0986 7124 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe - ok
00:42:35.0989 7124 [ A9CABA9A7D2E60FACD21A11815D3991D ] C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qsvg4.dll
00:42:35.0989 7124 C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qsvg4.dll - ok
00:42:35.0991 7124 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
00:42:35.0991 7124 C:\Windows\ehome\ehSSO.dll - ok
00:42:35.0993 7124 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
00:42:35.0993 7124 C:\Windows\SysWOW64\olepro32.dll - ok
00:42:35.0996 7124 [ 4DE57667406BB17A77BD056B9BEE7CF1 ] C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
00:42:35.0996 7124 C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll - ok
00:42:35.0998 7124 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
00:42:35.0998 7124 C:\Windows\System32\AltTab.dll - ok
00:42:36.0000 7124 [ 5FE1636D3B4E8285AABA3D940147DC09 ] C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
00:42:36.0000 7124 C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll - ok
00:42:36.0003 7124 [ 3A1EAD57EED81558DCA72AF8805574F4 ] C:\Windows\SysWOW64\aticaldd.dll
00:42:36.0003 7124 C:\Windows\SysWOW64\aticaldd.dll - ok
00:42:36.0005 7124 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
00:42:36.0005 7124 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
00:42:36.0007 7124 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
00:42:36.0007 7124 C:\Windows\System32\QUTIL.DLL - ok
00:42:36.0010 7124 [ 77198B03A8E31A7D01947A7D9673B708 ] C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
00:42:36.0010 7124 C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll - ok
00:42:36.0012 7124 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
00:42:36.0012 7124 C:\Windows\System32\DWrite.dll - ok
00:42:36.0014 7124 [ F07F47EE8F2D7785CEBA2B0CA10C6E68 ] C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
00:42:36.0014 7124 C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll - ok
00:42:36.0017 7124 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
00:42:36.0017 7124 C:\Windows\System32\WPDShServiceObj.dll - ok
00:42:36.0019 7124 [ 2ECD9D9087DC15E7AAD130883E665219 ] C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
00:42:36.0019 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll - ok
00:42:36.0021 7124 [ 86766A1BBF0E5993E2283ECE0B454177 ] C:\Program Files\mcafee\msk\MskSet64.dll
00:42:36.0021 7124 C:\Program Files\mcafee\msk\MskSet64.dll - ok
00:42:36.0024 7124 [ CA1DC0FFE7DD4D633421B8BC39ED5FFD ] C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
00:42:36.0024 7124 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe - ok
00:42:36.0026 7124 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
00:42:36.0026 7124 C:\Windows\System32\FntCache.dll - ok
00:42:36.0028 7124 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
00:42:36.0028 7124 C:\Windows\System32\PortableDeviceTypes.dll - ok
00:42:36.0030 7124 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
00:42:36.0031 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
00:42:36.0033 7124 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
00:42:36.0033 7124 C:\Windows\System32\FXSSVC.exe - ok
00:42:36.0035 7124 [ 2ECD9D9087DC15E7AAD130883E665219 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
00:42:36.0035 7124 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll - ok
00:42:36.0038 7124 [ 0F261EC4F514926177C70C1832374231 ] C:\Program Files\iPod\bin\iPodService.exe
00:42:36.0038 7124 C:\Program Files\iPod\bin\iPodService.exe - ok
00:42:36.0040 7124 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
00:42:36.0040 7124 C:\Windows\System32\srchadmin.dll - ok
00:42:36.0042 7124 [ 32B80EC0484302CC125CF13A893A1512 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
00:42:36.0042 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
00:42:36.0044 7124 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
00:42:36.0045 7124 C:\Windows\SysWOW64\dsound.dll - ok
00:42:36.0047 7124 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
00:42:36.0047 7124 C:\Windows\System32\rasdlg.dll - ok
00:42:36.0049 7124 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
00:42:36.0049 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
00:42:36.0051 7124 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
00:42:36.0051 7124 C:\Windows\System32\SearchFolder.dll - ok
00:42:36.0053 7124 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
00:42:36.0054 7124 C:\Windows\SysWOW64\powrprof.dll - ok
00:42:36.0056 7124 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
00:42:36.0056 7124 C:\Windows\SysWOW64\msimtf.dll - ok
00:42:36.0058 7124 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
00:42:36.0058 7124 C:\Windows\System32\SearchIndexer.exe - ok
00:42:36.0060 7124 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
00:42:36.0060 7124 C:\Windows\SysWOW64\msls31.dll - ok
00:42:36.0062 7124 [ 5EF8A000C7927E87332D8CB6B7970067 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
00:42:36.0062 7124 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
00:42:36.0065 7124 [ 763E2BBEFCD523AB3B7163A5671BF5EF ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
00:42:36.0065 7124 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
00:42:36.0066 7124 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
00:42:36.0067 7124 C:\Windows\System32\StructuredQuery.dll - ok
00:42:36.0069 7124 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
00:42:36.0069 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
00:42:36.0071 7124 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
00:42:36.0071 7124 C:\Windows\SysWOW64\d2d1.dll - ok
00:42:36.0073 7124 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
00:42:36.0073 7124 C:\Windows\System32\tquery.dll - ok
00:42:36.0076 7124 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
00:42:36.0076 7124 C:\Windows\System32\dot3api.dll - ok
00:42:36.0078 7124 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
00:42:36.0078 7124 C:\Windows\SysWOW64\DWrite.dll - ok
00:42:36.0080 7124 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
00:42:36.0080 7124 C:\Windows\System32\wlanhlp.dll - ok
00:42:36.0082 7124 [ 1F893901BAE267B78BA649FD50E28F7E ] C:\Program Files\CONEXANT\SA3\SmartAudio.Core.dll
00:42:36.0082 7124 C:\Program Files\CONEXANT\SA3\SmartAudio.Core.dll - ok
00:42:36.0084 7124 [ BDED21637DACCAE8ADA3F8B10541992F ] C:\Windows\SysWOW64\atigktxx.dll
00:42:36.0084 7124 C:\Windows\SysWOW64\atigktxx.dll - ok
00:42:36.0087 7124 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
00:42:36.0087 7124 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
00:42:36.0089 7124 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
00:42:36.0089 7124 C:\Windows\System32\WWanAPI.dll - ok
00:42:36.0091 7124 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
00:42:36.0091 7124 C:\Windows\SysWOW64\hhctrl.ocx - ok
00:42:36.0093 7124 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
00:42:36.0093 7124 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
00:42:36.0095 7124 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
00:42:36.0095 7124 C:\Windows\SysWOW64\d3d10.dll - ok
00:42:36.0098 7124 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
00:42:36.0098 7124 C:\Windows\System32\d3d10warp.dll - ok
00:42:36.0100 7124 [ A2F608F2BF88A122ABD43648B9B22BDE ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
00:42:36.0100 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
00:42:36.0102 7124 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
00:42:36.0102 7124 C:\Windows\SysWOW64\dxgi.dll - ok
00:42:36.0104 7124 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
00:42:36.0104 7124 C:\Windows\System32\wwapi.dll - ok
00:42:36.0106 7124 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
00:42:36.0106 7124 C:\Windows\System32\QAGENT.DLL - ok
00:42:36.0109 7124 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
00:42:36.0109 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
00:42:36.0111 7124 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
00:42:36.0111 7124 C:\Windows\SysWOW64\d3d10core.dll - ok
00:42:36.0113 7124 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
00:42:36.0113 7124 C:\Windows\SysWOW64\d3d10_1.dll - ok
00:42:36.0116 7124 [ F66CD16866E656F35130A67566721C4D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4a443c775f768ede71bde8e10f50ec0b\IAStorUtil.ni.dll
00:42:36.0116 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4a443c775f768ede71bde8e10f50ec0b\IAStorUtil.ni.dll - ok
00:42:36.0118 7124 [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0 ] C:\Windows\SysWOW64\srclient.dll
00:42:36.0118 7124 C:\Windows\SysWOW64\srclient.dll - ok
00:42:36.0120 7124 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
00:42:36.0120 7124 C:\Windows\System32\mssrch.dll - ok
00:42:36.0122 7124 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
00:42:36.0122 7124 C:\Windows\SysWOW64\d3d10_1core.dll - ok
00:42:36.0125 7124 [ 4B463FA6ED3336B660702EFB5214E271 ] C:\Windows\SysWOW64\aticfx32.dll
00:42:36.0125 7124 C:\Windows\SysWOW64\aticfx32.dll - ok
00:42:36.0127 7124 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
00:42:36.0127 7124 C:\Windows\SysWOW64\spp.dll - ok
00:42:36.0129 7124 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
00:42:36.0129 7124 C:\Windows\SysWOW64\d3d10warp.dll - ok
00:42:36.0131 7124 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
00:42:36.0131 7124 C:\Windows\System32\ieframe.dll - ok
00:42:36.0134 7124 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
00:42:36.0134 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok
00:42:36.0136 7124 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
00:42:36.0136 7124 C:\Windows\SysWOW64\vssapi.dll - ok
00:42:36.0138 7124 [ 00EAAB10858BB5D87CF8E28FF544BBC0 ] C:\Windows\SysWOW64\atiuxpag.dll
00:42:36.0138 7124 C:\Windows\SysWOW64\atiuxpag.dll - ok
00:42:36.0141 7124 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
00:42:36.0141 7124 C:\Windows\System32\esent.dll - ok
00:42:36.0143 7124 [ AF4E5959A3641E73433B654D34E42389 ] C:\Windows\SysWOW64\igd10umd32.dll
00:42:36.0143 7124 C:\Windows\SysWOW64\igd10umd32.dll - ok
00:42:36.0145 7124 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
00:42:36.0145 7124 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
00:42:36.0147 7124 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
00:42:36.0147 7124 C:\Windows\System32\msidle.dll - ok
00:42:36.0150 7124 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
00:42:36.0150 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok
00:42:36.0152 7124 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
00:42:36.0152 7124 C:\Windows\SysWOW64\atl.dll - ok
00:42:36.0154 7124 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
00:42:36.0154 7124 C:\Windows\System32\mssprxy.dll - ok
00:42:36.0157 7124 [ 7D81D6574E6A494CA56AC309F557931D ] C:\Windows\SysWOW64\atidxx32.dll
00:42:36.0157 7124 C:\Windows\SysWOW64\atidxx32.dll - ok
00:42:36.0159 7124 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
00:42:36.0159 7124 C:\Windows\SysWOW64\vsstrace.dll - ok
00:42:36.0161 7124 [ 76F39902E25F43FE9450AD3D6A14D0D8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll
00:42:36.0161 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll - ok
00:42:36.0164 7124 [ 91B4AAD4412BB223B466F3DFB43E86DA ] C:\Windows\SysWOW64\d3dx10_40.dll
00:42:36.0164 7124 C:\Windows\SysWOW64\d3dx10_40.dll - ok
00:42:36.0166 7124 [ A0E86BA4B3E56C1DC277BD7CCEC555DA ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll
00:42:36.0166 7124 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll - ok
00:42:36.0169 7124 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
00:42:36.0169 7124 C:\Windows\System32\wmdrmdev.dll - ok
00:42:36.0171 7124 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
00:42:36.0171 7124 C:\Windows\System32\wmploc.DLL - ok
00:42:36.0173 7124 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
00:42:36.0173 7124 C:\Windows\System32\drmv2clt.dll - ok
00:42:36.0175 7124 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
00:42:36.0175 7124 C:\Windows\System32\en-US\tquery.dll.mui - ok
00:42:36.0177 7124 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
00:42:36.0178 7124 C:\Windows\System32\mf.dll - ok
00:42:36.0180 7124 [ D51E1FF7F4AA27FA10F95B3150741F35 ] C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20130103203859.dll
00:42:36.0180 7124 C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20130103203859.dll - ok
00:42:36.0182 7124 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\SysWOW64\jscript9.dll
00:42:36.0182 7124 C:\Windows\SysWOW64\jscript9.dll - ok
00:42:36.0185 7124 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
00:42:36.0185 7124 C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll - ok
00:42:36.0187 7124 [ 72AB8C3F8AB7B550A896357C9E0896DA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll
00:42:36.0187 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll - ok
00:42:36.0189 7124 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
00:42:36.0190 7124 C:\Windows\SysWOW64\nlaapi.dll - ok
00:42:36.0192 7124 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
00:42:36.0192 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok
00:42:36.0194 7124 [ 257B606D2E5C06C2C983F426D33F366D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe
00:42:36.0194 7124 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe - ok
00:42:36.0197 7124 [ 0A866897039E42DF8080BE5DD83BC8E0 ] C:\Windows\SysWOW64\jscript.dll
00:42:36.0197 7124 C:\Windows\SysWOW64\jscript.dll - ok
00:42:36.0199 7124 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
00:42:36.0199 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok
00:42:36.0202 7124 [ 4071D132E66ACDA3776F1FEAD19E6E01 ] C:\Windows\SysWOW64\vbscript.dll
00:42:36.0202 7124 C:\Windows\SysWOW64\vbscript.dll - ok
00:42:36.0204 7124 [ 50F9394F53CF8015C703EBD2EF3BABC6 ] C:\Windows\System32\LocationApi.dll
00:42:36.0204 7124 C:\Windows\System32\LocationApi.dll - ok
00:42:36.0206 7124 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
00:42:36.0206 7124 C:\Windows\SysWOW64\NapiNSP.dll - ok
00:42:36.0208 7124 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
00:42:36.0208 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
00:42:36.0211 7124 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
00:42:36.0211 7124 C:\Windows\SysWOW64\pnrpnsp.dll - ok
00:42:36.0213 7124 [ 9111354A308612483F8DA995A1DD1835 ] C:\Windows\System32\SensorsApi.dll
00:42:36.0213 7124 C:\Windows\System32\SensorsApi.dll - ok
00:42:36.0215 7124 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
00:42:36.0215 7124 C:\Windows\System32\dxtrans.dll - ok
00:42:36.0217 7124 [ 3D2D108E14AD21889A2621B94C80A3DD ] C:\Windows\System32\tzres.dll
00:42:36.0217 7124 C:\Windows\System32\tzres.dll - ok
00:42:36.0219 7124 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
00:42:36.0219 7124 C:\Windows\SysWOW64\winrnr.dll - ok
00:42:36.0222 7124 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
00:42:36.0222 7124 C:\Windows\System32\ddrawex.dll - ok
00:42:36.0224 7124 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
00:42:36.0224 7124 C:\Windows\SysWOW64\schannel.dll - ok
00:42:36.0226 7124 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
00:42:36.0226 7124 C:\Windows\System32\ddraw.dll - ok
00:42:36.0228 7124 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
00:42:36.0228 7124 C:\Windows\System32\dciman32.dll - ok
00:42:36.0231 7124 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
00:42:36.0231 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
00:42:36.0233 7124 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
00:42:36.0233 7124 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
00:42:36.0236 7124 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
00:42:36.0236 7124 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
00:42:36.0238 7124 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
00:42:36.0238 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
00:42:36.0240 7124 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
00:42:36.0240 7124 C:\Windows\System32\mlang.dll - ok
00:42:36.0243 7124 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
00:42:36.0243 7124 C:\Windows\SysWOW64\perfos.dll - ok
00:42:36.0245 7124 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
00:42:36.0245 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
00:42:36.0247 7124 [ D6A99F26E31C9F15D8D8CC42FFE6D16B ] C:\Windows\System32\dxtmsft.dll
00:42:36.0247 7124 C:\Windows\System32\dxtmsft.dll - ok
00:42:36.0249 7124 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
00:42:36.0249 7124 C:\Windows\SysWOW64\wdmaud.drv - ok
00:42:36.0251 7124 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
00:42:36.0251 7124 C:\Windows\System32\d3d10.dll - ok
00:42:36.0254 7124 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
00:42:36.0254 7124 C:\Windows\SysWOW64\ksuser.dll - ok
00:42:36.0256 7124 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
00:42:36.0256 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
00:42:36.0258 7124 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
00:42:36.0258 7124 C:\Windows\SysWOW64\avrt.dll - ok
00:42:36.0260 7124 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
00:42:36.0260 7124 C:\Windows\SysWOW64\msacm32.drv - ok
00:42:36.0262 7124 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
00:42:36.0262 7124 C:\Windows\SysWOW64\midimap.dll - ok
00:42:36.0265 7124 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
00:42:36.0265 7124 C:\Windows\System32\d3d10core.dll - ok
00:42:36.0267 7124 [ C733EBBDD79892B96C9980EBDC0CA704 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c217382951ed46e82a9a3e27bd6379e7\PresentationFramework.ni.dll
00:42:36.0267 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c217382951ed46e82a9a3e27bd6379e7\PresentationFramework.ni.dll - ok
00:42:36.0269 7124 [ F66D289329B8C6BA0EFC4239FA61E692 ] C:\Windows\System32\MCWrp64.dll
00:42:36.0269 7124 C:\Windows\System32\MCWrp64.dll - ok
00:42:36.0272 7124 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
00:42:36.0272 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
00:42:36.0274 7124 [ 2E76FF14C5987BE45AB65A91332E3C58 ] C:\Program Files\Windows Sidebar\wlsrvc.dll
00:42:36.0274 7124 C:\Program Files\Windows Sidebar\wlsrvc.dll - ok
00:42:36.0276 7124 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
00:42:36.0276 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
00:42:36.0279 7124 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
00:42:36.0279 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
00:42:36.0281 7124 [ 523D0A842145F29855AAB2EE814B9754 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
00:42:36.0281 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
00:42:36.0284 7124 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll
00:42:36.0284 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok
00:42:36.0286 7124 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
00:42:36.0286 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
00:42:36.0289 7124 [ C861851A0BBD9903E324487011AA3705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
00:42:36.0289 7124 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
00:42:36.0291 7124 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
00:42:36.0291 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
00:42:36.0294 7124 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
00:42:36.0294 7124 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
00:42:36.0296 7124 [ 78B476DB024D3245E1E159E50DBB305F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
00:42:36.0296 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll - ok
00:42:36.0299 7124 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
00:42:36.0299 7124 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
00:42:36.0301 7124 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
00:42:36.0301 7124 C:\Windows\System32\webcheck.dll - ok
00:42:36.0303 7124 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
00:42:36.0303 7124 C:\Windows\System32\SyncCenter.dll - ok
00:42:36.0306 7124 [ D28C5A1411BB0B47E05E0D6AAF896690 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
00:42:36.0306 7124 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
00:42:36.0308 7124 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
00:42:36.0308 7124 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
00:42:36.0310 7124 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
00:42:36.0310 7124 C:\Windows\System32\imapi2.dll - ok
00:42:36.0313 7124 [ E63EAF09FC29954D7F8EAB2DEF495062 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll
00:42:36.0313 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll - ok
00:42:36.0315 7124 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
00:42:36.0315 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
00:42:36.0317 7124 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
00:42:36.0317 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
00:42:36.0320 7124 [ E2107F227E1C174C20BEB7A51404BBAC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
00:42:36.0320 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
00:42:36.0322 7124 [ 17ED2224666F6F65F8054D84A3839E71 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
00:42:36.0322 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
00:42:36.0324 7124 [ EE338F7673C339D5497C97E86D1011A3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll
00:42:36.0324 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
00:42:36.0327 7124 [ E3A4D59ED585226D381225521BF2A36D ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
00:42:36.0327 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
00:42:36.0329 7124 [ 449F7C92A14B7F50B898FC67202A326C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
00:42:36.0329 7124 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
00:42:36.0332 7124 [ 5976994D0ACF58F219ED22DED89B590E ] C:\Program Files\CONEXANT\SA3\CxHDAudioAPI.dll
00:42:36.0332 7124 C:\Program Files\CONEXANT\SA3\CxHDAudioAPI.dll - ok
00:42:36.0334 7124 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
00:42:36.0334 7124 C:\Windows\System32\dsound.dll - ok
00:42:36.0336 7124 [ 020C2F610BE801B9B50AF1BFF4A5B24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll
00:42:36.0336 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll - ok
00:42:36.0339 7124 [ 1019D3AEAB8B739896F7C0BA95D111D0 ] C:\Program Files\CONEXANT\SA3\MaxxAudioConexant.dll
00:42:36.0339 7124 C:\Program Files\CONEXANT\SA3\MaxxAudioConexant.dll - ok
00:42:36.0341 7124 [ AFEAD16EB06A67C03B39C11E3D168004 ] C:\Program Files\CONEXANT\SA3\MaxxAudioWrapper.dll
00:42:36.0341 7124 C:\Program Files\CONEXANT\SA3\MaxxAudioWrapper.dll - ok
00:42:36.0344 7124 [ 089084E640FDDEA328BF591F97FB27AC ] C:\Program Files\CONEXANT\SA3\SmartAudio.Creative.dll
00:42:36.0344 7124 C:\Program Files\CONEXANT\SA3\SmartAudio.Creative.dll - ok
00:42:36.0346 7124 [ D0EA66C52FB3022215712EF2F262A104 ] C:\Program Files\CONEXANT\SA3\SmartAudio.Dell.dll
00:42:36.0346 7124 C:\Program Files\CONEXANT\SA3\SmartAudio.Dell.dll - ok
00:42:36.0349 7124 [ A3B653A7C5870F64A7BCA2F6DA74E3F8 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
00:42:36.0349 7124 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
00:42:36.0351 7124 [ A3B653A7C5870F64A7BCA2F6DA74E3F8 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrvPXDiscrete.exe
00:42:36.0351 7124 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrvPXDiscrete.exe - ok
00:42:36.0354 7124 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
00:42:36.0354 7124 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
00:42:36.0356 7124 [ 9D831BCFCCC12316BD3815C35537E064 ] C:\Program Files\CONEXANT\SA3\SmartAudio.Localization.dll
00:42:36.0356 7124 C:\Program Files\CONEXANT\SA3\SmartAudio.Localization.dll - ok
00:42:36.0359 7124 [ 27089FB626D84328ACA8403053062285 ] C:\Program Files\CONEXANT\SA3\SmartAudio.Waves.dll
00:42:36.0359 7124 C:\Program Files\CONEXANT\SA3\SmartAudio.Waves.dll - ok
00:42:36.0361 7124 [ 0AF35A50B63A3A05E59DED4B7118E33E ] C:\Program Files\CONEXANT\SA3\WavesGUILib.dll
00:42:36.0361 7124 C:\Program Files\CONEXANT\SA3\WavesGUILib.dll - ok
00:42:36.0363 7124 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
00:42:36.0363 7124 C:\Windows\SysWOW64\quartz.dll - ok
00:42:36.0365 7124 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
00:42:36.0365 7124 C:\Windows\SysWOW64\d3d9.dll - ok
00:42:36.0367 7124 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
00:42:36.0367 7124 C:\Windows\SysWOW64\d3d8thk.dll - ok
00:42:36.0370 7124 [ 04B8B344880F122F32A2978C132F7CC0 ] C:\Windows\SysWOW64\atiu9pag.dll
00:42:36.0370 7124 C:\Windows\SysWOW64\atiu9pag.dll - ok
00:42:36.0372 7124 [ AD326A62CEC9C4ABD44EDF1B0A860963 ] C:\Windows\SysWOW64\igdumd32.dll
00:42:36.0372 7124 C:\Windows\SysWOW64\igdumd32.dll - ok
00:42:36.0374 7124 [ FEFF5EAF1C962469AB9F79C9B9F5A548 ] C:\Windows\SysWOW64\atiumdag.dll
00:42:36.0374 7124 C:\Windows\SysWOW64\atiumdag.dll - ok
00:42:36.0376 7124 [ 161612497C3A33C255744FDE6AC548F1 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\2a214ee30c3e257321cd8d8c708c5035\CustomMarshalers.ni.dll
00:42:36.0376 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\2a214ee30c3e257321cd8d8c708c5035\CustomMarshalers.ni.dll - ok
00:42:36.0379 7124 [ 28D0AAEB2F5D05629B287E3534FCAFB3 ] C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
00:42:36.0379 7124 C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
00:42:36.0381 7124 [ 99DB17882CACF7CCC315184EFE0953B4 ] C:\Windows\SysWOW64\atiumdva.dll
00:42:36.0381 7124 C:\Windows\SysWOW64\atiumdva.dll - ok
00:42:36.0384 7124 [ 2AFB8109E78CFDFA298355CBC9C2C785 ] C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode64.dll
00:42:36.0384 7124 C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode64.dll - ok
00:42:36.0386 7124 [ F74C858CBDBC16EEC5E5415324D7DE69 ] C:\Program Files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll
00:42:36.0386 7124 C:\Program Files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll - ok
00:42:36.0388 7124 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
00:42:36.0388 7124 C:\Windows\System32\d3d9.dll - ok
00:42:36.0391 7124 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
00:42:36.0391 7124 C:\Windows\SysWOW64\dxva2.dll - ok
00:42:36.0393 7124 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
00:42:36.0393 7124 C:\Windows\System32\d3d8thk.dll - ok
00:42:36.0395 7124 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
00:42:36.0395 7124 C:\Windows\System32\hgcpl.dll - ok
00:42:36.0397 7124 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
00:42:36.0397 7124 C:\Windows\System32\fdPHost.dll - ok
00:42:36.0399 7124 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
00:42:36.0399 7124 C:\Windows\System32\FDResPub.dll - ok
00:42:36.0401 7124 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
00:42:36.0401 7124 C:\Windows\System32\fdWSD.dll - ok
00:42:36.0403 7124 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
00:42:36.0403 7124 C:\Windows\System32\fdSSDP.dll - ok
00:42:36.0406 7124 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
00:42:36.0406 7124 C:\Windows\System32\fdProxy.dll - ok
00:42:36.0408 7124 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
00:42:36.0408 7124 C:\Program Files\Internet Explorer\ieproxy.dll - ok
00:42:36.0410 7124 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
00:42:36.0410 7124 C:\Windows\System32\blackbox.dll - ok
00:42:36.0412 7124 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
00:42:36.0412 7124 C:\Windows\System32\upnp.dll - ok
00:42:36.0414 7124 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
00:42:36.0414 7124 C:\Windows\System32\ssdpsrv.dll - ok
00:42:36.0417 7124 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
00:42:36.0417 7124 C:\Windows\System32\wmpps.dll - ok
00:42:36.0419 7124 [ 5744FFF8E72D105C138DAE9E17BB29FE ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
00:42:36.0419 7124 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
00:42:36.0421 7124 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
00:42:36.0421 7124 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
00:42:36.0423 7124 [ C2EFE31691B0220BA2D366F6ECD9EEBC ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
00:42:36.0423 7124 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
00:42:36.0426 7124 [ 4D8CAE21D3617DBC539F0A7ACEB66FAD ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
00:42:36.0426 7124 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok
00:42:36.0428 7124 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
00:42:36.0428 7124 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
00:42:36.0430 7124 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
00:42:36.0430 7124 C:\Windows\SysWOW64\wshqos.dll - ok
00:42:36.0433 7124 [ 2D64A5315260AAD1D6BEEE65D2681DB3 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
00:42:36.0433 7124 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
00:42:36.0435 7124 [ 6F255F96534FCF5FF4B611B52C1AB813 ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll
00:42:36.0435 7124 C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok
00:42:36.0437 7124 [ 15A9691C1F00631BC5475CEEF9A6EA62 ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
00:42:36.0437 7124 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok
00:42:36.0440 7124 [ 6B85D6ADEF244F9077BD7874610574A9 ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll
00:42:36.0440 7124 C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok
00:42:36.0442 7124 [ 0206166F245BE09DC9C1550AFB2C0B8D ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
00:42:36.0442 7124 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
00:42:36.0444 7124 [ 9F135327116E63D522BFEF39F37CB2E6 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll
00:42:36.0444 7124 C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok
00:42:36.0447 7124 [ F5720ED4EEA3D62A3C9AF0950F2B7D23 ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
00:42:36.0447 7124 C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok
00:42:36.0449 7124 [ 3D2706E87D3E4433DB929B86207CA928 ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
00:42:36.0449 7124 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok
00:42:36.0451 7124 [ 52652560BCE03F232CE6AF381D82CE5F ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
00:42:36.0451 7124 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
00:42:36.0454 7124 [ A38B82A306CDDA0BB141225F92FC9F85 ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
00:42:36.0454 7124 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
00:42:36.0456 7124 [ 4C44A99BB7584D6B70507987BE786259 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
00:42:36.0456 7124 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
00:42:36.0458 7124 [ 4D774B94671141D491CFCB4CA3650EBF ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
00:42:36.0458 7124 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok
00:42:36.0461 7124 [ 520B9EF148145FDE39E4FB77E0C7FC48 ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
00:42:36.0461 7124 C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok
00:42:36.0463 7124 [ 6B140B1382F1FE04BA57B196AEB19725 ] C:\Windows\SysWOW64\t2embed.dll
00:42:36.0463 7124 C:\Windows\SysWOW64\t2embed.dll - ok
00:42:36.0465 7124 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
00:42:36.0465 7124 C:\Windows\SysWOW64\mscms.dll - ok
00:42:36.0468 7124 [ 9662E514A77389EB6F7E846DB8B44C4D ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
00:42:36.0468 7124 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
00:42:36.0470 7124 [ CF7C83513AD0F22070B6795590F6BA68 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
00:42:36.0470 7124 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
00:42:36.0472 7124 [ D9FA57CBA32ABA63D5C30B854F660F07 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
00:42:36.0472 7124 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
00:42:36.0475 7124 [ 2944201BCD2BCC92897551A95757DDBE ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
00:42:36.0475 7124 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
00:42:36.0477 7124 [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
00:42:36.0477 7124 C:\Windows\SysWOW64\feclient.dll - ok
00:42:36.0479 7124 [ 01E00480F9FF435C22F321982FFB6DA3 ] C:\Windows\System32\MaxxAudioAPOShell64.dll
00:42:36.0479 7124 C:\Windows\System32\MaxxAudioAPOShell64.dll - ok
00:42:36.0481 7124 [ 8962BCAA278522D3A13F83E3E59FF2DF ] C:\Windows\System32\MCAPO64.dll
00:42:36.0481 7124 C:\Windows\System32\MCAPO64.dll - ok
00:42:36.0483 7124 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
00:42:36.0484 7124 C:\Windows\System32\opengl32.dll - ok
00:42:36.0486 7124 [ AB6E5B9333101E414D8F04BC570064F1 ] C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
00:42:36.0486 7124 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe - ok
00:42:36.0488 7124 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
00:42:36.0488 7124 C:\Windows\System32\glu32.dll - ok
00:42:36.0490 7124 [ 0EB43D82D41D3B9386A8A193B2A01799 ] C:\Program Files\mcafee\msk\masecore64.dll
00:42:36.0490 7124 C:\Program Files\mcafee\msk\masecore64.dll - ok
00:42:36.0493 7124 [ B6AE422234650CD48977A39C5023B178 ] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
00:42:36.0493 7124 C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll - ok
00:42:36.0495 7124 [ 70C8F2121EA29625A4913336AF781725 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\adcf9e45725f341acbd5d3fcd0a54572\PresentationFramework.Aero.ni.dll
00:42:36.0495 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\adcf9e45725f341acbd5d3fcd0a54572\PresentationFramework.Aero.ni.dll - ok
00:42:36.0497 7124 [ 11338E0557B07BC32CDB980B6EDB35AA ] C:\Windows\System32\ci.dll
00:42:36.0497 7124 C:\Windows\System32\ci.dll - ok
00:42:36.0499 7124 [ F39E5544A5A10E892EDBEE1A9A380B09 ] C:\Windows\System32\atiu9p64.dll
00:42:36.0500 7124 C:\Windows\System32\atiu9p64.dll - ok
00:42:36.0502 7124 [ 27E8D902F58029E1F2EFD1538FA8C628 ] C:\Windows\System32\igdumd64.dll
00:42:36.0502 7124 C:\Windows\System32\igdumd64.dll - ok
00:42:36.0504 7124 [ 588762F716C2B7A2054AFBC3D58E5C21 ] C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
00:42:36.0504 7124 C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe - ok
00:42:36.0506 7124 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
00:42:36.0506 7124 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
00:42:36.0509 7124 [ 6F077536B86299B662C6804ADA1F9077 ] C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\BTSupplicantPlugin.dll
00:42:36.0509 7124 C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\BTSupplicantPlugin.dll - ok
00:42:36.0511 7124 [ FB8A60ABF34562126D85C6150E87D41C ] C:\Windows\System32\atiumd64.dll
00:42:36.0511 7124 C:\Windows\System32\atiumd64.dll - ok
00:42:36.0514 7124 [ B70B2C69E4AF80028A98ECC74D7A005F ] C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\PanAuthenticator.dll
00:42:36.0514 7124 C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\PanAuthenticator.dll - ok
00:42:36.0516 7124 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:42:36.0516 7124 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
00:42:36.0518 7124 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
00:42:36.0518 7124 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
00:42:36.0521 7124 [ D08CFC32783AF412CB1A298EC274C232 ] C:\Windows\System32\atiumd6a.dll
00:42:36.0521 7124 C:\Windows\System32\atiumd6a.dll - ok
00:42:36.0523 7124 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:42:36.0523 7124 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
00:42:36.0525 7124 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
00:42:36.0525 7124 C:\Windows\System32\msvcr100_clr0400.dll - ok
00:42:36.0528 7124 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll
00:42:36.0528 7124 C:\Windows\System32\WindowsCodecsExt.dll - ok
00:42:36.0530 7124 [ D1B4C6060F3956D9EC705947599B0F99 ] C:\Program Files (x86)\Google\Update\1.3.21.124\goopdateres_en-GB.dll
00:42:36.0530 7124 C:\Program Files (x86)\Google\Update\1.3.21.124\goopdateres_en-GB.dll - ok
00:42:36.0532 7124 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
00:42:36.0532 7124 C:\Windows\System32\icm32.dll - ok
00:42:36.0535 7124 [ A515F7B9CBF06DE1848EADC3525293DA ] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
00:42:36.0535 7124 C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll - ok
00:42:36.0537 7124 [ 5906ADD530AE7CEBF749D2A02F723CE7 ] C:\PROGRA~1\mcafee\mpf\McMPFPPv.dll
00:42:36.0537 7124 C:\PROGRA~1\mcafee\mpf\McMPFPPv.dll - ok
00:42:36.0539 7124 [ 64D9CDDADB7A3400056F5578786A66AE ] C:\PROGRA~1\mcafee\mpf\MpfApi.dll
00:42:36.0539 7124 C:\PROGRA~1\mcafee\mpf\MpfApi.dll - ok
00:42:36.0541 7124 [ 7D4B9A48430ED57ACA6373B71D5904CA ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:42:36.0541 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
00:42:36.0544 7124 [ 741872AD9F03B7F0EC8BA73B22993884 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
00:42:36.0544 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
00:42:36.0547 7124 [ B006CC4322C93A78687C7DA975CBFC6C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\368a1cd0cb73df449327fb2d25cd4833\IAStorDataMgrSvc.ni.exe
00:42:36.0547 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\368a1cd0cb73df449327fb2d25cd4833\IAStorDataMgrSvc.ni.exe - ok
00:42:36.0549 7124 [ EF01746045606AC596EA224451A090A1 ] C:\Program Files\mcafee\virusscan\McVSPP.dll
00:42:36.0549 7124 C:\Program Files\mcafee\virusscan\McVSPP.dll - ok
00:42:36.0551 7124 [ B4C9E451C375C1208947C6CDFAD8E606 ] C:\PROGRA~1\mcafee\VIRUSS~1\MVsCfg.dll
00:42:36.0551 7124 C:\PROGRA~1\mcafee\VIRUSS~1\MVsCfg.dll - ok
00:42:36.0554 7124 [ 30B94A855F4C86212F98BB184A30CA96 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll
00:42:36.0554 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll - ok
00:42:36.0556 7124 [ 502D419765D2AACC963680E077E19A95 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
00:42:36.0557 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
00:42:36.0559 7124 [ 77FAB5FF8BF12A6FDDAA94C6D9F7A6E4 ] C:\PROGRA~1\mcafee\VIRUSS~1\NaiAnn.dll
00:42:36.0559 7124 C:\PROGRA~1\mcafee\VIRUSS~1\NaiAnn.dll - ok
00:42:36.0561 7124 [ A1708BD6810BF8051311D5CCF98A2016 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\8809c948e7a410dbd689ea3c49fdbf7b\IAStorDataMgr.ni.dll
00:42:36.0561 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\8809c948e7a410dbd689ea3c49fdbf7b\IAStorDataMgr.ni.dll - ok
00:42:36.0564 7124 [ 9BBCECBE3FE5AF5958A770DC512D0473 ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
00:42:36.0564 7124 C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe - ok
00:42:36.0566 7124 [ 72F76CF50488E0300537DE3126ABBF95 ] C:\PROGRA~1\mcafee\VIRUSS~1\McVsPs.dll
00:42:36.0566 7124 C:\PROGRA~1\mcafee\VIRUSS~1\McVsPs.dll - ok
00:42:36.0568 7124 [ 831B966DAE979ECA5AA28AFB7D2DD15A ] C:\PROGRA~1\mcafee\VIRUSS~1\NaiAnnPs.dll
00:42:36.0568 7124 C:\PROGRA~1\mcafee\VIRUSS~1\NaiAnnPs.dll - ok
00:42:36.0570 7124 [ 25801559BCACB018F9678B647390C3DC ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f9927372e716ec71e175fe7e5d3f14a3\IsdiInterop.ni.dll
00:42:36.0570 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f9927372e716ec71e175fe7e5d3f14a3\IsdiInterop.ni.dll - ok
00:42:36.0573 7124 [ A2436F2A99CBF602F6117ACB866C0EA7 ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll
00:42:36.0573 7124 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll - ok
00:42:36.0575 7124 [ 300A0BE0401E783787DD38D4ED408081 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
00:42:36.0575 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
00:42:36.0578 7124 [ 295657F93F6B19DEEA804048E1CB4FF9 ] C:\Windows\System32\lz32.dll
00:42:36.0578 7124 C:\Windows\System32\lz32.dll - ok
00:42:36.0580 7124 [ 46CB29F9A3D487A9839E38EFA49B6491 ] C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll
00:42:36.0580 7124 C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll - ok
00:42:36.0582 7124 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
00:42:36.0582 7124 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
00:42:36.0585 7124 [ 0F13DDFE201F0C766AFA1C2596901777 ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll
00:42:36.0585 7124 C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll - ok
00:42:36.0587 7124 [ 680566139B70234F69E1002DBC73F3D2 ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll
00:42:36.0587 7124 C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll - ok
00:42:36.0590 7124 [ 012A9C13A0A98CCEAAAA012C72CFEF1B ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll
00:42:36.0590 7124 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll - ok
00:42:36.0592 7124 [ 26B2D22041AB9BD3B4C8001A086C0165 ] C:\Program Files\Common Files\mcafee\systemcore\ftl.dll
00:42:36.0592 7124 C:\Program Files\Common Files\mcafee\systemcore\ftl.dll - ok
00:42:36.0594 7124 [ C643FD11E78B8535189848F66756E164 ] C:\PROGRA~1\mcafee\VIRUSS~1\mvslog.dll
00:42:36.0594 7124 C:\PROGRA~1\mcafee\VIRUSS~1\mvslog.dll - ok
00:42:36.0597 7124 [ 0ED5991EC13A811F27C31A98B70715BB ] C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll
00:42:36.0597 7124 C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll - ok
00:42:36.0599 7124 [ 2B5CF26350B42CBCFCCE921F8E36FDA5 ] C:\PROGRA~1\mcafee\msc\McTelemetryAPI.dll
00:42:36.0599 7124 C:\PROGRA~1\mcafee\msc\McTelemetryAPI.dll - ok
00:42:36.0601 7124 [ B4B133DE7161E7489DDC73184347FCF0 ] C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll
00:42:36.0601 7124 C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll - ok
00:42:36.0604 7124 [ 858716CED10DBBF0BC5748F71ED2F59D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
00:42:36.0604 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll - ok
00:42:36.0606 7124 [ 45AD07D2FCA4F62C37883EED850BB7BB ] C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll
00:42:36.0606 7124 C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll - ok
00:42:36.0609 7124 [ 5C08357C65F658E29B5DDC2EF18D575C ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:42:36.0609 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
00:42:36.0611 7124 [ 7760899D95C2D1AAC5C1D34AF41A11C7 ] C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll
00:42:36.0611 7124 C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll - ok
00:42:36.0614 7124 [ D72FC303D3539EF7DCF38AE22CD9F594 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e88f87e9200afb5ede994c89c92e22b8\IAStorCommon.ni.dll
00:42:36.0614 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e88f87e9200afb5ede994c89c92e22b8\IAStorCommon.ni.dll - ok
00:42:36.0616 7124 [ F860DD3F552437E37AD35D2AC0258CF0 ] C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll
00:42:36.0616 7124 C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll - ok
00:42:36.0619 7124 [ 2D53234C24B0103FDE0BE06782AA6F80 ] C:\Windows\System32\drivers\mfeapfk.sys
00:42:36.0619 7124 C:\Windows\System32\drivers\mfeapfk.sys - ok
00:42:36.0621 7124 [ 9B301B3FAE10015350B96B58AB24F046 ] C:\Users\David\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
00:42:36.0621 7124 C:\Users\David\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - ok
00:42:36.0623 7124 [ E54631B36DB25082B7998AE7538BA8C8 ] C:\Users\David\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
00:42:36.0623 7124 C:\Users\David\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - ok
00:42:36.0626 7124 [ 81D2A6253A4711856F6AC68904A0CB51 ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
00:42:36.0626 7124 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
00:42:36.0628 7124 [ 79E90A8067069F9323BA8FA4CAE56C65 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
00:42:36.0628 7124 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll - ok
00:42:36.0631 7124 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
00:42:36.0631 7124 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
00:42:36.0633 7124 [ B33D5B3F382BEA7774A15A1E4CE36E2C ] C:\PROGRA~1\COMMON~1\mcafee\mna\McNASvc.dll
00:42:36.0633 7124 C:\PROGRA~1\COMMON~1\mcafee\mna\McNASvc.dll - ok
00:42:36.0636 7124 [ 0B4B3598A1750E115545D67AFA02B90C ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
00:42:36.0636 7124 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll - ok
00:42:36.0638 7124 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
00:42:36.0638 7124 C:\Windows\System32\sppsvc.exe - ok
00:42:36.0640 7124 [ B108D55014EFC412A0971677C907F8CE ] C:\PROGRA~1\COMMON~1\mcafee\nmc\McNmcSrv.dll
00:42:36.0640 7124 C:\PROGRA~1\COMMON~1\mcafee\nmc\McNmcSrv.dll - ok
00:42:36.0643 7124 [ 86DE813862C270CA2B074CED75AA8712 ] C:\PROGRA~1\COMMON~1\mcafee\nmc\McDisc.dll
00:42:36.0643 7124 C:\PROGRA~1\COMMON~1\mcafee\nmc\McDisc.dll - ok
00:42:36.0645 7124 [ D1D6899FD8DB03046B9A743E69240611 ] C:\PROGRA~1\mcafee\msc\McMscShm.dll
00:42:36.0645 7124 C:\PROGRA~1\mcafee\msc\McMscShm.dll - ok
00:42:36.0647 7124 [ 8CDBEB444058A10E0B5A7673BE29E854 ] C:\PROGRA~1\COMMON~1\mcafee\nmc\McNDSv.dll
00:42:36.0647 7124 C:\PROGRA~1\COMMON~1\mcafee\nmc\McNDSv.dll - ok
00:42:36.0649 7124 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
00:42:36.0649 7124 C:\Windows\System32\drivers\spsys.sys - ok
00:42:36.0652 7124 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
00:42:36.0652 7124 C:\Windows\System32\wuaueng.dll - ok
00:42:36.0654 7124 [ 09F888288A9EA6F7009E74A455F5AA93 ] C:\PROGRA~1\mcafee\msc\mcsubmgr\11_6_4~1\mcsubmgr.dll
00:42:36.0654 7124 C:\PROGRA~1\mcafee\msc\mcsubmgr\11_6_4~1\mcsubmgr.dll - ok
00:42:36.0656 7124 [ BC3D827E1C7C926520D4BA357C5C39BE ] C:\Program Files\mcafee\msk\mskppv.dll
00:42:36.0656 7124 C:\Program Files\mcafee\msk\mskppv.dll - ok
00:42:36.0658 7124 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
00:42:36.0658 7124 C:\Windows\System32\cabinet.dll - ok
00:42:36.0660 7124 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
00:42:36.0660 7124 C:\Windows\System32\mspatcha.dll - ok
00:42:36.0663 7124 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
00:42:36.0663 7124 C:\Windows\System32\security.dll - ok
00:42:36.0665 7124 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
00:42:36.0665 7124 C:\Windows\System32\sppwinob.dll - ok
00:42:36.0667 7124 [ EB6B6B2ACDD27ED947D4F117919FAE6D ] C:\PROGRA~1\mcafee\mpf\MpfShm.dll
00:42:36.0667 7124 C:\PROGRA~1\mcafee\mpf\MpfShm.dll - ok
00:42:36.0669 7124 [ 0554BDD6128C8256D2DC926F455DD443 ] C:\PROGRA~1\mcafee\msk\mskcshim.dll
00:42:36.0669 7124 C:\PROGRA~1\mcafee\msk\mskcshim.dll - ok
00:42:36.0672 7124 [ 987E30CCDAEC027CF1AB54C23D20B3E2 ] C:\PROGRA~1\mcafee\VIRUSS~1\McOasShm.dll
00:42:36.0672 7124 C:\PROGRA~1\mcafee\VIRUSS~1\McOasShm.dll - ok
00:42:36.0674 7124 [ 295BCA8361AD333E0ACAE5C82D28D6AE ] C:\PROGRA~1\mcafee\VIRUSS~1\mvsap.dll
00:42:36.0674 7124 C:\PROGRA~1\mcafee\VIRUSS~1\mvsap.dll - ok
00:42:36.0676 7124 [ CC786CED154F55D9A7D843AC673F6C9B ] C:\PROGRA~1\mcafee\msc\McDBMgr.dll
00:42:36.0676 7124 C:\PROGRA~1\mcafee\msc\McDBMgr.dll - ok
00:42:36.0678 7124 [ 6A63D113C02C643B4ABB2E43E4744C81 ] C:\PROGRA~1\mcafee\mps\MpsShim.dll
00:42:36.0678 7124 C:\PROGRA~1\mcafee\mps\MpsShim.dll - ok
00:42:36.0681 7124 [ C354130F846F4DFE5483580FFAA9B0BC ] C:\PROGRA~1\mcafee\msc\mcmispps.dll
00:42:36.0681 7124 C:\PROGRA~1\mcafee\msc\mcmispps.dll - ok
00:42:36.0683 7124 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
00:42:36.0683 7124 C:\Windows\System32\sppobjs.dll - ok
00:42:36.0685 7124 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
00:42:36.0685 7124 C:\Windows\System32\wups.dll - ok
00:42:36.0687 7124 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
00:42:36.0687 7124 C:\Windows\System32\wups2.dll - ok
00:42:36.0689 7124 [ 0DFC9713D117B349E41A2A477448107A ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:42:36.0689 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
00:42:36.0692 7124 [ B708C40F9DCB2B201C2440A2C4C68B93 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
00:42:36.0692 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll - ok
00:42:36.0694 7124 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll
00:42:36.0694 7124 C:\Windows\SysWOW64\msvcp100.dll - ok
00:42:36.0696 7124 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll
00:42:36.0696 7124 C:\Windows\SysWOW64\msvcr100.dll - ok
00:42:36.0699 7124 [ E7F9CE0875DE165475ADCAA253301AFC ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll
00:42:36.0699 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll - ok
00:42:36.0701 7124 [ 1E7FB78A7014473ED75F8D6D489E14E8 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll
00:42:36.0701 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll - ok
00:42:36.0704 7124 [ 43338584E6E8FF756338FAE46276BFC8 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll
00:42:36.0704 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll - ok
00:42:36.0706 7124 [ 9295C7C31203231DE4419413BF5C62B6 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll
00:42:36.0706 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll - ok
00:42:36.0709 7124 [ 6E8C44717AC442C24B92B105F037B1E8 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll
00:42:36.0709 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll - ok
00:42:36.0712 7124 [ B4DB24F83F3BBA09C9DE232CCFF1D3A2 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll
00:42:36.0712 7124 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll - ok
00:42:36.0714 7124 [ B439EFB7F218ED0849B4CC2D4A7FE1D3 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\63ba654893f4fc924ff75cf785744150\System.Core.ni.dll
00:42:36.0714 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\63ba654893f4fc924ff75cf785744150\System.Core.ni.dll - ok
00:42:36.0717 7124 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
00:42:36.0717 7124 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
00:42:36.0719 7124 [ CCD0214A064CA26B6663E8AAA14EBF93 ] C:\Windows\System32\PresentationNative_v0300.dll
00:42:36.0719 7124 C:\Windows\System32\PresentationNative_v0300.dll - ok
00:42:36.0721 7124 [ 2EFE164449F1C62CEA167B10850CD9F1 ] C:\Windows\System32\msctfui.dll
00:42:36.0721 7124 C:\Windows\System32\msctfui.dll - ok
00:42:36.0724 7124 [ E185E2C42F8FBD2D7A21341CB171E648 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\20942af5321167fd09020d868507555a\WindowsFormsIntegration.ni.dll
00:42:36.0724 7124 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\20942af5321167fd09020d868507555a\WindowsFormsIntegration.ni.dll - ok
00:42:36.0726 7124 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
00:42:36.0726 7124 C:\Windows\System32\drprov.dll - ok
00:42:36.0728 7124 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
00:42:36.0728 7124 C:\Windows\System32\ntlanman.dll - ok
00:42:36.0730 7124 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
00:42:36.0730 7124 C:\Windows\System32\davclnt.dll - ok
00:42:36.0733 7124 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
00:42:36.0733 7124 C:\Windows\System32\davhlpr.dll - ok
00:42:36.0734 7124 ============================================================
00:42:36.0734 7124 Scan finished
00:42:36.0734 7124 ============================================================
00:42:36.0740 7112 Detected object count: 4
00:42:36.0740 7112 Actual detected object count: 4
00:43:00.0381 7112 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
00:43:00.0381 7112 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:43:00.0383 7112 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:43:00.0383 7112 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:43:00.0384 7112 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:43:00.0385 7112 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:43:00.0386 7112 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:43:00.0386 7112 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:43:38.0886 4800 Deinitialize success

aswMBR log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-05 10:40:50
-----------------------------
10:40:50.887 OS Version: Windows x64 6.1.7601 Service Pack 1
10:40:50.887 Number of processors: 8 586 0x3A09
10:40:50.887 ComputerName: MINNOW UserName: David
10:40:53.508 Initialize success
10:41:04.116 AVAST engine defs: 13010401
10:41:06.862 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:41:06.862 Disk 0 Vendor: TOSHIBA_ AX00 Size: 953869MB BusType: 3
10:41:06.877 Disk 0 MBR read successfully
10:41:06.877 Disk 0 MBR scan
10:41:06.893 Disk 0 Windows VISTA default MBR code
10:41:06.893 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
10:41:06.908 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20286 MB offset 81920
10:41:06.924 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 913062 MB offset 41627648
10:41:06.924 Disk 0 Partition - 00 0F Extended LBA 20480 MB offset 1911578624
10:41:06.971 Disk 0 Partition 4 00 06 FAT16 20479 MB offset 1911580672
10:41:07.002 Disk 0 scanning C:\Windows\system32\drivers
10:41:15.582 Service scanning
10:41:51.852 Modules scanning
10:41:51.852 Disk 0 trace - called modules:
10:41:51.883 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:41:51.883 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800735a790]
10:41:51.899 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80095f3050]
10:41:54.489 AVAST engine scan C:\Windows
10:41:58.233 AVAST engine scan C:\Windows\system32
10:44:29.662 AVAST engine scan C:\Windows\system32\drivers
10:44:40.878 AVAST engine scan C:\Users\David
10:59:15.385 AVAST engine scan C:\ProgramData
11:00:55.397 Scan finished successfully
11:01:22.073 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
11:01:22.073 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBRlog.txt"

aswMBR did not work in normal mode, giving a blue screen after several attempts. This log came from the scan done in safe mode.

Regards, dav43

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:24 AM

Posted 05 January 2013 - 09:50 AM

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 05 January 2013 - 11:17 AM

FSS Log:

Farbar Service Scanner Version: 05-01-2013
Ran by David (administrator) on 05-01-2013 at 16:16:36
Running from "C:\Users\David\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:24 AM

Posted 06 January 2013 - 06:29 PM

Click start-> type cmd.exe, right-click Command Prompt item + select 'run as administrator'. Type the following two commands (press ENTER after each one) in the command prompt window:


regsvr32 wmisvc.dll
net start winmgmt

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 06 January 2013 - 06:43 PM

After command 1:

DllRegisterSever in wmisvc.dll succeeded (pop up window)

After command 2:

The requested service has already been started. More help is available by typing NET HELPMSG 2182.

Still cannot start the security center.

Regards, dav43




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users