Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GOOGLE REDIRECT+ RANDOM ADS IN THE BACKROUND


  • Please log in to reply
24 replies to this topic

#1 saul1236

saul1236

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 17 February 2013 - 04:06 AM

HI,

 

For a while now I've had issues with google redirect virus. I was able to temp remove it for a while but it always manages to come back after a while. This time however, it came with another surprise. I keep on hearing ads in the background but even if i don't have any pages open or even any pop up ads on,

 

Can someone please help me with this?

 

 

Thanks in advance,

Saul



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:24 AM

Posted 17 February 2013 - 10:41 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 17 February 2013 - 01:27 PM

12:08:43.0676 3496  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:08:44.0254 3496  ============================================================
12:08:44.0254 3496  Current date / time: 2013/02/17 12:08:44.0254
12:08:44.0254 3496  SystemInfo:
12:08:44.0254 3496 
12:08:44.0254 3496  OS Version: 6.1.7601 ServicePack: 1.0
12:08:44.0254 3496  Product type: Workstation
12:08:44.0254 3496  ComputerName: SAUL-PC
12:08:44.0254 3496  UserName: Saul
12:08:44.0254 3496  Windows directory: C:\Windows
12:08:44.0254 3496  System windows directory: C:\Windows
12:08:44.0254 3496  Running under WOW64
12:08:44.0254 3496  Processor architecture: Intel x64
12:08:44.0254 3496  Number of processors: 8
12:08:44.0254 3496  Page size: 0x1000
12:08:44.0254 3496  Boot type: Normal boot
12:08:44.0254 3496  ============================================================
12:09:00.0659 3496  BG loaded
12:09:01.0174 3496  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:09:01.0190 3496  ============================================================
12:09:01.0190 3496  \Device\Harddisk0\DR0:
12:09:01.0190 3496  MBR partitions:
12:09:01.0190 3496  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A80000
12:09:01.0190 3496  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A94000, BlocksNum 0x72C72000
12:09:01.0190 3496  ============================================================
12:09:01.0268 3496  C: <-> \Device\Harddisk0\DR0\Partition2
12:09:01.0268 3496  ============================================================
12:09:01.0268 3496  Initialize success
12:09:01.0268 3496  ============================================================
12:09:11.0751 3232  ============================================================
12:09:11.0751 3232  Scan started
12:09:11.0751 3232  Mode: Manual; TDLFS;
12:09:11.0751 3232  ============================================================
12:09:13.0389 3232  ================ Scan system memory ========================
12:09:13.0389 3232  System memory - ok
12:09:13.0389 3232  ================ Scan services =============================
12:09:13.0545 3232  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:09:13.0545 3232  1394ohci - ok
12:09:13.0560 3232  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:09:13.0576 3232  ACPI - ok
12:09:13.0576 3232  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:09:13.0576 3232  AcpiPmi - ok
12:09:13.0623 3232  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:09:13.0623 3232  adp94xx - ok
12:09:13.0638 3232  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:09:13.0638 3232  adpahci - ok
12:09:13.0654 3232  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:09:13.0654 3232  adpu320 - ok
12:09:13.0670 3232  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:09:13.0670 3232  AeLookupSvc - ok
12:09:13.0732 3232  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
12:09:13.0732 3232  AFD - ok
12:09:13.0748 3232  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:09:13.0748 3232  agp440 - ok
12:09:13.0763 3232  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:09:13.0779 3232  ALG - ok
12:09:13.0779 3232  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:09:13.0779 3232  aliide - ok
12:09:13.0794 3232  [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:09:13.0794 3232  AMD External Events Utility - ok
12:09:13.0794 3232  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:09:13.0810 3232  amdide - ok
12:09:13.0810 3232  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:09:13.0810 3232  AmdK8 - ok
12:09:13.0935 3232  [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:09:13.0966 3232  amdkmdag - ok
12:09:13.0997 3232  [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:09:13.0997 3232  amdkmdap - ok
12:09:14.0013 3232  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:09:14.0013 3232  AmdPPM - ok
12:09:14.0013 3232  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:09:14.0028 3232  amdsata - ok
12:09:14.0028 3232  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:09:14.0028 3232  amdsbs - ok
12:09:14.0060 3232  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:09:14.0060 3232  amdxata - ok
12:09:14.0060 3232  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
12:09:14.0060 3232  AppID - ok
12:09:14.0075 3232  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:09:14.0075 3232  AppIDSvc - ok
12:09:14.0091 3232  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
12:09:14.0091 3232  Appinfo - ok
12:09:14.0091 3232  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
12:09:14.0091 3232  arc - ok
12:09:14.0091 3232  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:09:14.0106 3232  arcsas - ok
12:09:14.0184 3232  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:09:14.0200 3232  aspnet_state - ok
12:09:14.0216 3232  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:09:14.0216 3232  AsyncMac - ok
12:09:14.0231 3232  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
12:09:14.0231 3232  atapi - ok
12:09:14.0294 3232  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:09:14.0309 3232  AtiHDAudioService - ok
12:09:14.0325 3232  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:09:14.0325 3232  AudioEndpointBuilder - ok
12:09:14.0340 3232  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:09:14.0340 3232  AudioSrv - ok
12:09:14.0356 3232  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:09:14.0372 3232  AxInstSV - ok
12:09:14.0403 3232  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:09:14.0403 3232  b06bdrv - ok
12:09:14.0418 3232  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:09:14.0418 3232  b57nd60a - ok
12:09:14.0496 3232  [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
12:09:14.0512 3232  BCM43XX - ok
12:09:14.0512 3232  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:09:14.0512 3232  BDESVC - ok
12:09:14.0512 3232  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:09:14.0512 3232  Beep - ok
12:09:14.0543 3232  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
12:09:14.0559 3232  BITS - ok
12:09:14.0559 3232  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:09:14.0559 3232  blbdrive - ok
12:09:14.0606 3232  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:09:14.0606 3232  bowser - ok
12:09:14.0606 3232  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:09:14.0621 3232  BrFiltLo - ok
12:09:14.0621 3232  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:09:14.0621 3232  BrFiltUp - ok
12:09:14.0652 3232  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
12:09:14.0652 3232  Browser - ok
12:09:14.0668 3232  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:09:14.0668 3232  Brserid - ok
12:09:14.0684 3232  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:09:14.0684 3232  BrSerWdm - ok
12:09:14.0684 3232  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:09:14.0684 3232  BrUsbMdm - ok
12:09:14.0684 3232  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:09:14.0699 3232  BrUsbSer - ok
12:09:14.0699 3232  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:09:14.0699 3232  BTHMODEM - ok
12:09:14.0715 3232  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
12:09:14.0715 3232  bthserv - ok
12:09:14.0730 3232  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:09:14.0746 3232  cdfs - ok
12:09:14.0746 3232  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:09:14.0762 3232  cdrom - ok
12:09:14.0777 3232  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:09:14.0777 3232  CertPropSvc - ok
12:09:14.0808 3232  [ A73276435F75025DA6E67B2470E1FE16 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
12:09:14.0808 3232  cfwids - ok
12:09:14.0808 3232  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
12:09:14.0808 3232  circlass - ok
12:09:14.0824 3232  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
12:09:14.0824 3232  CLFS - ok
12:09:14.0918 3232  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:09:14.0918 3232  clr_optimization_v2.0.50727_32 - ok
12:09:14.0964 3232  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:09:14.0964 3232  clr_optimization_v2.0.50727_64 - ok
12:09:15.0011 3232  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:09:15.0089 3232  clr_optimization_v4.0.30319_32 - ok
12:09:15.0105 3232  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:09:15.0120 3232  clr_optimization_v4.0.30319_64 - ok
12:09:15.0136 3232  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:09:15.0136 3232  CmBatt - ok
12:09:15.0152 3232  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:09:15.0152 3232  cmdide - ok
12:09:15.0183 3232  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
12:09:15.0183 3232  CNG - ok
12:09:15.0214 3232  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:09:15.0214 3232  Compbatt - ok
12:09:15.0230 3232  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:09:15.0230 3232  CompositeBus - ok
12:09:15.0245 3232  COMSysApp - ok
12:09:15.0261 3232  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:09:15.0261 3232  crcdisk - ok
12:09:15.0308 3232  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:09:15.0308 3232  CryptSvc - ok
12:09:15.0432 3232  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:09:15.0448 3232  cvhsvc - ok
12:09:15.0495 3232  [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
12:09:15.0510 3232  dc3d - ok
12:09:15.0542 3232  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:09:15.0542 3232  DcomLaunch - ok
12:09:15.0588 3232  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
12:09:15.0604 3232  defragsvc - ok
12:09:15.0635 3232  [ 3A42B00C88E3E68080DAB6B27BB35B6E ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
12:09:15.0635 3232  DellDigitalDelivery - ok
12:09:15.0651 3232  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:09:15.0651 3232  DfsC - ok
12:09:15.0682 3232  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:09:15.0682 3232  Dhcp - ok
12:09:15.0682 3232  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
12:09:15.0682 3232  discache - ok
12:09:15.0698 3232  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
12:09:15.0698 3232  Disk - ok
12:09:15.0713 3232  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:09:15.0713 3232  Dnscache - ok
12:09:15.0729 3232  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:09:15.0729 3232  dot3svc - ok
12:09:15.0744 3232  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
12:09:15.0744 3232  DPS - ok
12:09:15.0760 3232  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:09:15.0760 3232  drmkaud - ok
12:09:15.0791 3232  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:09:15.0791 3232  DXGKrnl - ok
12:09:15.0807 3232  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
12:09:15.0807 3232  EapHost - ok
12:09:15.0869 3232  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:09:15.0932 3232  ebdrv - ok
12:09:15.0963 3232  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
12:09:15.0963 3232  EFS - ok
12:09:16.0010 3232  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:09:16.0010 3232  ehRecvr - ok
12:09:16.0025 3232  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
12:09:16.0025 3232  ehSched - ok
12:09:16.0056 3232  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:09:16.0056 3232  elxstor - ok
12:09:16.0072 3232  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:09:16.0072 3232  ErrDev - ok
12:09:16.0088 3232  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
12:09:16.0088 3232  EventSystem - ok
12:09:16.0103 3232  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
12:09:16.0103 3232  exfat - ok
12:09:16.0119 3232  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:09:16.0119 3232  fastfat - ok
12:09:16.0150 3232  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
12:09:16.0150 3232  Fax - ok
12:09:16.0150 3232  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
12:09:16.0150 3232  fdc - ok
12:09:16.0166 3232  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:09:16.0166 3232  fdPHost - ok
12:09:16.0181 3232  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:09:16.0181 3232  FDResPub - ok
12:09:16.0181 3232  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:09:16.0197 3232  FileInfo - ok
12:09:16.0197 3232  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:09:16.0212 3232  Filetrace - ok
12:09:16.0259 3232  [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:09:16.0275 3232  FLEXnet Licensing Service - ok
12:09:16.0275 3232  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:09:16.0275 3232  flpydisk - ok
12:09:16.0290 3232  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:09:16.0290 3232  FltMgr - ok
12:09:16.0322 3232  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
12:09:16.0337 3232  FontCache - ok
12:09:16.0400 3232  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:09:16.0400 3232  FontCache3.0.0.0 - ok
12:09:16.0415 3232  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:09:16.0415 3232  FsDepends - ok
12:09:16.0431 3232  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:09:16.0431 3232  Fs_Rec - ok
12:09:16.0462 3232  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:09:16.0462 3232  fvevol - ok
12:09:16.0478 3232  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:09:16.0478 3232  gagp30kx - ok
12:09:16.0509 3232  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
12:09:16.0509 3232  gpsvc - ok
12:09:16.0618 3232  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:09:16.0618 3232  gupdate - ok
12:09:16.0618 3232  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:09:16.0618 3232  gupdatem - ok
12:09:16.0634 3232  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:09:16.0634 3232  hcw85cir - ok
12:09:16.0665 3232  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:09:16.0665 3232  HDAudBus - ok
12:09:16.0665 3232  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:09:16.0665 3232  HidBatt - ok
12:09:16.0696 3232  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:09:16.0712 3232  HidBth - ok
12:09:16.0712 3232  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:09:16.0712 3232  HidIr - ok
12:09:16.0743 3232  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
12:09:16.0743 3232  hidserv - ok
12:09:16.0758 3232  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:09:16.0758 3232  HidUsb - ok
12:09:16.0774 3232  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
12:09:16.0790 3232  HipShieldK - ok
12:09:16.0821 3232  [ DD9C88B116408B30F855A76E09DD2962 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
12:09:16.0821 3232  hitmanpro37 - ok
12:09:16.0836 3232  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:09:16.0836 3232  hkmsvc - ok
12:09:16.0852 3232  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:09:16.0852 3232  HomeGroupListener - ok
12:09:16.0883 3232  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:09:16.0883 3232  HomeGroupProvider - ok
12:09:16.0883 3232  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:09:16.0899 3232  HpSAMD - ok
12:09:16.0914 3232  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:09:16.0930 3232  HTTP - ok
12:09:16.0930 3232  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:09:16.0930 3232  hwpolicy - ok
12:09:16.0946 3232  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:09:16.0946 3232  i8042prt - ok
12:09:16.0977 3232  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
12:09:16.0977 3232  iaStor - ok
12:09:17.0024 3232  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:09:17.0039 3232  IAStorDataMgrSvc - ok
12:09:17.0055 3232  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:09:17.0070 3232  iaStorV - ok
12:09:17.0102 3232  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:09:17.0117 3232  idsvc - ok
12:09:17.0117 3232  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:09:17.0133 3232  iirsp - ok
12:09:17.0148 3232  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:09:17.0164 3232  IKEEXT - ok
12:09:17.0195 3232  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:09:17.0226 3232  IntcAzAudAddService - ok
12:09:17.0242 3232  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:09:17.0242 3232  IntcDAud - ok
12:09:17.0242 3232  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
12:09:17.0242 3232  intelide - ok
12:09:17.0258 3232  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:09:17.0258 3232  intelppm - ok
12:09:17.0289 3232  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:09:17.0289 3232  IPBusEnum - ok
12:09:17.0289 3232  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:09:17.0289 3232  IpFilterDriver - ok
12:09:17.0304 3232  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:09:17.0304 3232  IPMIDRV - ok
12:09:17.0320 3232  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:09:17.0320 3232  IPNAT - ok
12:09:17.0336 3232  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:09:17.0351 3232  IRENUM - ok
12:09:17.0367 3232  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:09:17.0367 3232  isapnp - ok
12:09:17.0382 3232  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:09:17.0382 3232  iScsiPrt - ok
12:09:17.0398 3232  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
12:09:17.0398 3232  k57nd60a - ok
12:09:17.0414 3232  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:09:17.0414 3232  kbdclass - ok
12:09:17.0429 3232  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:09:17.0429 3232  kbdhid - ok
12:09:17.0445 3232  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
12:09:17.0445 3232  KeyIso - ok
12:09:17.0476 3232  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:09:17.0476 3232  KSecDD - ok
12:09:17.0492 3232  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:09:17.0492 3232  KSecPkg - ok
12:09:17.0492 3232  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:09:17.0492 3232  ksthunk - ok
12:09:17.0523 3232  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:09:17.0538 3232  KtmRm - ok
12:09:17.0554 3232  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:09:17.0570 3232  LanmanServer - ok
12:09:17.0570 3232  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:09:17.0585 3232  LanmanWorkstation - ok
12:09:17.0601 3232  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:09:17.0601 3232  lltdio - ok
12:09:17.0616 3232  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:09:17.0632 3232  lltdsvc - ok
12:09:17.0648 3232  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:09:17.0648 3232  lmhosts - ok
12:09:17.0679 3232  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:09:17.0694 3232  LSI_FC - ok
12:09:17.0694 3232  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:09:17.0694 3232  LSI_SAS - ok
12:09:17.0710 3232  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:09:17.0710 3232  LSI_SAS2 - ok
12:09:17.0726 3232  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:09:17.0726 3232  LSI_SCSI - ok
12:09:17.0741 3232  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:09:17.0741 3232  luafv - ok
12:09:17.0835 3232  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
12:09:17.0835 3232  LVRS64 - ok
12:09:17.0913 3232  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
12:09:17.0928 3232  LVUVC64 - ok
12:09:18.0131 3232  [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
12:09:18.0162 3232  McAWFwk - ok
12:09:18.0240 3232  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:09:18.0256 3232  McMPFSvc - ok
12:09:18.0256 3232  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:09:18.0256 3232  mcmscsvc - ok
12:09:18.0256 3232  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:09:18.0256 3232  McNaiAnn - ok
12:09:18.0272 3232  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:09:18.0272 3232  McNASvc - ok
12:09:18.0350 3232  [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
12:09:18.0350 3232  McODS - ok
12:09:18.0350 3232  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:09:18.0350 3232  McOobeSv - ok
12:09:18.0365 3232  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:09:18.0365 3232  McProxy - ok
12:09:18.0381 3232  [ 23EA22ACADD66D7F1E18A4AA72BE6158 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
12:09:18.0381 3232  McShield - ok
12:09:18.0443 3232  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:09:18.0459 3232  Mcx2Svc - ok
12:09:18.0474 3232  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:09:18.0474 3232  megasas - ok
12:09:18.0490 3232  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:09:18.0506 3232  MegaSR - ok
12:09:18.0537 3232  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:09:18.0537 3232  MEIx64 - ok
12:09:18.0552 3232  [ 19323081FA4018C9C1AEBF08114BEA11 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
12:09:18.0552 3232  mfeapfk - ok
12:09:18.0568 3232  [ EF1D39A70CAD1B7BEDC220480F26815C ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
12:09:18.0568 3232  mfeavfk - ok
12:09:18.0568 3232  mfeavfk01 - ok
12:09:18.0615 3232  [ 3CBBB569730EFD069B4BD253DDD4AD58 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:09:18.0615 3232  mfefire - ok
12:09:18.0693 3232  [ 67972BFC8F23054BD23E1DE1450E40BD ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
12:09:18.0693 3232  mfefirek - ok
12:09:18.0786 3232  [ 5C0EE849C03C37071FABDAA6B58D3D94 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
12:09:18.0802 3232  mfehidk - ok
12:09:18.0818 3232  [ 450B77CAC7384A9C1BAF476AC302CD4C ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
12:09:18.0818 3232  mferkdet - ok
12:09:18.0880 3232  [ 74CE2EBE64AB78904E33DD4C5F21611F ] mfevtp          C:\Windows\system32\mfevtps.exe
12:09:18.0880 3232  mfevtp - ok
12:09:18.0927 3232  [ F55F9742BFA88D02F96516B80AB400EC ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
12:09:18.0989 3232  mfewfpk - ok
12:09:19.0020 3232  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
12:09:19.0020 3232  MMCSS - ok
12:09:19.0083 3232  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
12:09:19.0083 3232  Modem - ok
12:09:19.0130 3232  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:09:19.0130 3232  monitor - ok
12:09:19.0176 3232  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:09:19.0176 3232  mouclass - ok
12:09:19.0208 3232  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:09:19.0208 3232  mouhid - ok
12:09:19.0270 3232  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:09:19.0286 3232  mountmgr - ok
12:09:19.0301 3232  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:09:19.0301 3232  mpio - ok
12:09:19.0332 3232  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:09:19.0332 3232  mpsdrv - ok
12:09:19.0348 3232  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:09:19.0348 3232  MRxDAV - ok
12:09:19.0379 3232  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:09:19.0379 3232  mrxsmb - ok
12:09:19.0410 3232  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:09:19.0410 3232  mrxsmb10 - ok
12:09:19.0426 3232  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:09:19.0426 3232  mrxsmb20 - ok
12:09:19.0442 3232  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:09:19.0442 3232  msahci - ok
12:09:19.0457 3232  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:09:19.0457 3232  msdsm - ok
12:09:19.0504 3232  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
12:09:19.0504 3232  MSDTC - ok
12:09:19.0535 3232  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:09:19.0535 3232  Msfs - ok
12:09:19.0551 3232  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:09:19.0551 3232  mshidkmdf - ok
12:09:19.0582 3232  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:09:19.0598 3232  msisadrv - ok
12:09:19.0629 3232  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:09:19.0629 3232  MSiSCSI - ok
12:09:19.0644 3232  msiserver - ok
12:09:19.0676 3232  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:09:19.0676 3232  MSK80Service - ok
12:09:19.0738 3232  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:09:19.0738 3232  MSKSSRV - ok
12:09:19.0785 3232  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:09:19.0785 3232  MSPCLOCK - ok
12:09:19.0800 3232  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:09:19.0800 3232  MSPQM - ok
12:09:19.0847 3232  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:09:19.0894 3232  MsRPC - ok
12:09:19.0925 3232  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:09:19.0925 3232  mssmbios - ok
12:09:19.0941 3232  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:09:19.0941 3232  MSTEE - ok
12:09:19.0956 3232  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:09:19.0956 3232  MTConfig - ok
12:09:19.0972 3232  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:09:19.0972 3232  Mup - ok
12:09:20.0035 3232  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
12:09:20.0050 3232  napagent - ok
12:09:20.0081 3232  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:09:20.0097 3232  NativeWifiP - ok
12:09:20.0253 3232  [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
12:09:20.0300 3232  NAUpdate - ok
12:09:20.0471 3232  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:09:20.0518 3232  NDIS - ok
12:09:20.0565 3232  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:09:20.0565 3232  NdisCap - ok
12:09:20.0627 3232  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:09:20.0627 3232  NdisTapi - ok
12:09:20.0680 3232  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:09:20.0680 3232  Ndisuio - ok
12:09:20.0715 3232  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:09:20.0718 3232  NdisWan - ok
12:09:20.0733 3232  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:09:20.0733 3232  NDProxy - ok
12:09:20.0745 3232  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:09:20.0745 3232  NetBIOS - ok
12:09:20.0788 3232  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:09:20.0790 3232  NetBT - ok
12:09:20.0798 3232  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
12:09:20.0800 3232  Netlogon - ok
12:09:20.0835 3232  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
12:09:20.0838 3232  Netman - ok
12:09:20.0865 3232  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:09:20.0918 3232  NetMsmqActivator - ok
12:09:20.0920 3232  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:09:20.0923 3232  NetPipeActivator - ok
12:09:21.0010 3232  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
12:09:21.0015 3232  netprofm - ok
12:09:21.0020 3232  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:09:21.0020 3232  NetTcpActivator - ok
12:09:21.0025 3232  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:09:21.0028 3232  NetTcpPortSharing - ok
12:09:21.0048 3232  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:09:21.0053 3232  nfrd960 - ok
12:09:21.0118 3232  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:09:21.0120 3232  NlaSvc - ok
12:09:21.0130 3232  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:09:21.0130 3232  Npfs - ok
12:09:21.0135 3232  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
12:09:21.0138 3232  nsi - ok
12:09:21.0145 3232  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:09:21.0145 3232  nsiproxy - ok
12:09:21.0298 3232  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:09:21.0330 3232  Ntfs - ok
12:09:21.0330 3232  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
12:09:21.0330 3232  Null - ok
12:09:21.0361 3232  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:09:21.0361 3232  nvraid - ok
12:09:21.0376 3232  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:09:21.0392 3232  nvstor - ok
12:09:21.0408 3232  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:09:21.0408 3232  nv_agp - ok
12:09:21.0423 3232  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:09:21.0423 3232  ohci1394 - ok
12:09:21.0454 3232  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:09:21.0454 3232  ose - ok
12:09:21.0876 3232  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:09:21.0954 3232  osppsvc - ok
12:09:21.0969 3232  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:09:21.0985 3232  p2pimsvc - ok
12:09:22.0016 3232  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:09:22.0032 3232  p2psvc - ok
12:09:22.0047 3232  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
12:09:22.0047 3232  Parport - ok
12:09:22.0078 3232  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:09:22.0078 3232  partmgr - ok
12:09:22.0094 3232  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:09:22.0094 3232  PcaSvc - ok
12:09:22.0281 3232  [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
12:09:22.0359 3232  PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
12:09:22.0375 3232  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
12:09:22.0375 3232  pci - ok
12:09:22.0406 3232  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
12:09:22.0406 3232  pciide - ok
12:09:22.0437 3232  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:09:22.0453 3232  pcmcia - ok
12:09:22.0468 3232  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:09:22.0484 3232  pcw - ok
12:09:22.0500 3232  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:09:22.0500 3232  PEAUTH - ok
12:09:22.0562 3232  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:09:22.0562 3232  PerfHost - ok
12:09:22.0627 3232  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
12:09:22.0705 3232  pla - ok
12:09:22.0814 3232  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:09:22.0830 3232  PlugPlay - ok
12:09:22.0845 3232  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:09:22.0845 3232  PNRPAutoReg - ok
12:09:22.0892 3232  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:09:22.0908 3232  PNRPsvc - ok
12:09:22.0939 3232  [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64         C:\Windows\system32\DRIVERS\point64.sys
12:09:22.0939 3232  Point64 - ok
12:09:22.0986 3232  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:09:23.0001 3232  PolicyAgent - ok
12:09:23.0033 3232  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
12:09:23.0033 3232  Power - ok
12:09:23.0064 3232  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:09:23.0064 3232  PptpMiniport - ok
12:09:23.0064 3232  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
12:09:23.0079 3232  Processor - ok
12:09:23.0111 3232  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:09:23.0111 3232  ProfSvc - ok
12:09:23.0111 3232  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:09:23.0111 3232  ProtectedStorage - ok
12:09:23.0157 3232  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:09:23.0157 3232  Psched - ok
12:09:23.0173 3232  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:09:23.0189 3232  PxHlpa64 - ok
12:09:23.0235 3232  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:09:23.0251 3232  ql2300 - ok
12:09:23.0267 3232  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:09:23.0267 3232  ql40xx - ok
12:09:23.0298 3232  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
12:09:23.0298 3232  QWAVE - ok
12:09:23.0313 3232  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:09:23.0313 3232  QWAVEdrv - ok
12:09:23.0313 3232  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:09:23.0313 3232  RasAcd - ok
12:09:23.0329 3232  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:09:23.0329 3232  RasAgileVpn - ok
12:09:23.0345 3232  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
12:09:23.0345 3232  RasAuto - ok
12:09:23.0360 3232  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:09:23.0360 3232  Rasl2tp - ok
12:09:23.0391 3232  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
12:09:23.0407 3232  RasMan - ok
12:09:23.0423 3232  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:09:23.0423 3232  RasPppoe - ok
12:09:23.0438 3232  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:09:23.0438 3232  RasSstp - ok
12:09:23.0469 3232  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:09:23.0469 3232  rdbss - ok
12:09:23.0485 3232  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
12:09:23.0485 3232  rdpbus - ok
12:09:23.0501 3232  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:09:23.0501 3232  RDPCDD - ok
12:09:23.0516 3232  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:09:23.0516 3232  RDPENCDD - ok
12:09:23.0516 3232  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:09:23.0516 3232  RDPREFMP - ok
12:09:23.0547 3232  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:09:23.0547 3232  RDPWD - ok
12:09:23.0563 3232  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:09:23.0563 3232  rdyboost - ok
12:09:23.0579 3232  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:09:23.0579 3232  RemoteAccess - ok
12:09:23.0625 3232  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:09:23.0641 3232  RemoteRegistry - ok
12:09:23.0719 3232  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
12:09:23.0750 3232  RoxMediaDB12OEM - ok
12:09:23.0781 3232  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
12:09:23.0781 3232  RoxWatch12 - ok
12:09:23.0797 3232  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:09:23.0797 3232  RpcEptMapper - ok
12:09:23.0844 3232  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
12:09:23.0844 3232  RpcLocator - ok
12:09:23.0859 3232  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
12:09:23.0859 3232  RpcSs - ok
12:09:23.0891 3232  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:09:23.0891 3232  rspndr - ok
12:09:23.0891 3232  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
12:09:23.0906 3232  SamSs - ok
12:09:23.0922 3232  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:09:23.0922 3232  sbp2port - ok
12:09:23.0937 3232  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:09:23.0937 3232  SCardSvr - ok
12:09:23.0953 3232  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:09:23.0953 3232  scfilter - ok
12:09:23.0984 3232  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
12:09:24.0000 3232  Schedule - ok
12:09:24.0015 3232  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:09:24.0015 3232  SCPolicySvc - ok
12:09:24.0031 3232  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:09:24.0031 3232  SDRSVC - ok
12:09:24.0047 3232  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:09:24.0047 3232  secdrv - ok
12:09:24.0062 3232  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
12:09:24.0078 3232  seclogon - ok
12:09:24.0093 3232  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
12:09:24.0093 3232  SENS - ok
12:09:24.0109 3232  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:09:24.0109 3232  SensrSvc - ok
12:09:24.0125 3232  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:09:24.0125 3232  Serenum - ok
12:09:24.0171 3232  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
12:09:24.0171 3232  Serial - ok
12:09:24.0171 3232  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:09:24.0171 3232  sermouse - ok
12:09:24.0203 3232  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:09:24.0203 3232  SessionEnv - ok
12:09:24.0203 3232  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:09:24.0203 3232  sffdisk - ok
12:09:24.0203 3232  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:09:24.0203 3232  sffp_mmc - ok
12:09:24.0218 3232  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:09:24.0218 3232  sffp_sd - ok
12:09:24.0218 3232  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:09:24.0218 3232  sfloppy - ok
12:09:24.0249 3232  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
12:09:24.0249 3232  Sftfs - ok
12:09:24.0377 3232  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:09:24.0377 3232  sftlist - ok
12:09:24.0408 3232  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:09:24.0408 3232  Sftplay - ok
12:09:24.0423 3232  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:09:24.0423 3232  Sftredir - ok
12:09:24.0751 3232  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:09:24.0907 3232  SftService - ok
12:09:24.0923 3232  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
12:09:24.0923 3232  Sftvol - ok
12:09:25.0001 3232  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:09:25.0001 3232  sftvsa - ok
12:09:25.0016 3232  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:09:25.0032 3232  ShellHWDetection - ok
12:09:25.0047 3232  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:09:25.0047 3232  SiSRaid2 - ok
12:09:25.0047 3232  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:09:25.0063 3232  SiSRaid4 - ok
12:09:25.0079 3232  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:09:25.0079 3232  Smb - ok
12:09:25.0110 3232  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:09:25.0110 3232  SNMPTRAP - ok
12:09:25.0110 3232  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:09:25.0125 3232  spldr - ok
12:09:25.0188 3232  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
12:09:25.0203 3232  Spooler - ok
12:09:25.0515 3232  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
12:09:25.0578 3232  sppsvc - ok
12:09:25.0593 3232  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:09:25.0609 3232  sppuinotify - ok
12:09:25.0640 3232  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:09:25.0640 3232  srv - ok
12:09:25.0671 3232  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:09:25.0671 3232  srv2 - ok
12:09:25.0671 3232  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:09:25.0671 3232  srvnet - ok
12:09:25.0718 3232  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:09:25.0718 3232  SSDPSRV - ok
12:09:25.0718 3232  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:09:25.0718 3232  SstpSvc - ok
12:09:25.0734 3232  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:09:25.0734 3232  stexstor - ok
12:09:25.0796 3232  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
12:09:25.0796 3232  stisvc - ok
12:09:25.0843 3232  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:09:25.0843 3232  stllssvr - ok
12:09:25.0859 3232  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:09:25.0859 3232  swenum - ok
12:09:25.0921 3232  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
12:09:25.0937 3232  swprv - ok
12:09:26.0030 3232  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
12:09:26.0030 3232  SysMain - ok
12:09:26.0061 3232  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:09:26.0061 3232  TabletInputService - ok
12:09:26.0077 3232  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:09:26.0093 3232  TapiSrv - ok
12:09:26.0139 3232  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
12:09:26.0139 3232  TBS - ok
12:09:26.0233 3232  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:09:26.0295 3232  Tcpip - ok
12:09:26.0373 3232  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:09:26.0373 3232  TCPIP6 - ok
12:09:26.0450 3232  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:09:26.0452 3232  tcpipreg - ok
12:09:26.0485 3232  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:09:26.0490 3232  TDPIPE - ok
12:09:26.0510 3232  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:09:26.0515 3232  TDTCP - ok
12:09:26.0530 3232  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:09:26.0532 3232  tdx - ok
12:09:26.0545 3232  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:09:26.0545 3232  TermDD - ok
12:09:26.0595 3232  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
12:09:26.0612 3232  TermService - ok
12:09:26.0620 3232  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
12:09:26.0620 3232  Themes - ok
12:09:26.0640 3232  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:09:26.0640 3232  THREADORDER - ok
12:09:26.0647 3232  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
12:09:26.0650 3232  TrkWks - ok
12:09:26.0690 3232  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:09:26.0690 3232  TrustedInstaller - ok
12:09:26.0715 3232  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:09:26.0722 3232  tssecsrv - ok
12:09:26.0747 3232  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:09:26.0750 3232  TsUsbFlt - ok
12:09:26.0772 3232  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:09:26.0780 3232  TsUsbGD - ok
12:09:26.0817 3232  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:09:26.0820 3232  tunnel - ok
12:09:26.0825 3232  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:09:26.0825 3232  uagp35 - ok
12:09:26.0860 3232  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:09:26.0885 3232  udfs - ok
12:09:26.0917 3232  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:09:26.0935 3232  UI0Detect - ok
12:09:26.0975 3232  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:09:26.0977 3232  uliagpkx - ok
12:09:27.0005 3232  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:09:27.0005 3232  umbus - ok
12:09:27.0025 3232  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:09:27.0027 3232  UmPass - ok
12:09:27.0075 3232  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
12:09:27.0080 3232  UMVPFSrv - ok
12:09:27.0102 3232  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
12:09:27.0105 3232  upnphost - ok
12:09:27.0120 3232  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:09:27.0120 3232  usbaudio - ok
12:09:27.0151 3232  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:09:27.0166 3232  usbccgp - ok
12:09:27.0182 3232  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:09:27.0198 3232  usbcir - ok
12:09:27.0229 3232  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:09:27.0229 3232  usbehci - ok
12:09:27.0291 3232  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:09:27.0291 3232  usbhub - ok
12:09:27.0307 3232  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:09:27.0307 3232  usbohci - ok
12:09:27.0327 3232  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
12:09:27.0330 3232  usbprint - ok
12:09:27.0340 3232  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:09:27.0342 3232  USBSTOR - ok
12:09:27.0363 3232  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:09:27.0366 3232  usbuhci - ok
12:09:27.0373 3232  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
12:09:27.0373 3232  UxSms - ok
12:09:27.0394 3232  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
12:09:27.0394 3232  VaultSvc - ok
12:09:27.0399 3232  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:09:27.0399 3232  vdrvroot - ok
12:09:27.0414 3232  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
12:09:27.0430 3232  vds - ok
12:09:27.0445 3232  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:09:27.0445 3232  vga - ok
12:09:27.0461 3232  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:09:27.0461 3232  VgaSave - ok
12:09:27.0492 3232  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:09:27.0508 3232  vhdmp - ok
12:09:27.0508 3232  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:09:27.0508 3232  viaide - ok
12:09:27.0539 3232  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:09:27.0539 3232  volmgr - ok
12:09:27.0586 3232  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:09:27.0601 3232  volmgrx - ok
12:09:27.0617 3232  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:09:27.0617 3232  volsnap - ok
12:09:27.0648 3232  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:09:27.0648 3232  vsmraid - ok
12:09:27.0664 3232  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
12:09:27.0695 3232  VSS - ok
12:09:27.0711 3232  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:09:27.0711 3232  vwifibus - ok
12:09:27.0742 3232  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:09:27.0742 3232  vwififlt - ok
12:09:27.0773 3232  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
12:09:27.0789 3232  W32Time - ok
12:09:27.0789 3232  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:09:27.0804 3232  WacomPen - ok
12:09:27.0820 3232  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:09:27.0820 3232  WANARP - ok
12:09:27.0820 3232  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:09:27.0835 3232  Wanarpv6 - ok
12:09:27.0898 3232  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:09:27.0913 3232  WatAdminSvc - ok
12:09:27.0945 3232  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
12:09:27.0960 3232  wbengine - ok
12:09:27.0976 3232  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:09:27.0976 3232  WbioSrvc - ok
12:09:27.0991 3232  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:09:27.0991 3232  wcncsvc - ok
12:09:28.0007 3232  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:09:28.0007 3232  WcsPlugInService - ok
12:09:28.0023 3232  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
12:09:28.0023 3232  Wd - ok
12:09:28.0038 3232  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:09:28.0054 3232  Wdf01000 - ok
12:09:28.0069 3232  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:09:28.0069 3232  WdiServiceHost - ok
12:09:28.0069 3232  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:09:28.0085 3232  WdiSystemHost - ok
12:09:28.0085 3232  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
12:09:28.0101 3232  WebClient - ok
12:09:28.0101 3232  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:09:28.0101 3232  Wecsvc - ok
12:09:28.0116 3232  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:09:28.0132 3232  wercplsupport - ok
12:09:28.0132 3232  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:09:28.0132 3232  WerSvc - ok
12:09:28.0147 3232  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:09:28.0147 3232  WfpLwf - ok
12:09:28.0179 3232  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
12:09:28.0179 3232  WimFltr - ok
12:09:28.0194 3232  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:09:28.0194 3232  WIMMount - ok
12:09:28.0210 3232  WinHttpAutoProxySvc - ok
12:09:28.0257 3232  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:09:28.0257 3232  Winmgmt - ok
12:09:28.0366 3232  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:09:28.0397 3232  WinRM - ok
12:09:28.0444 3232  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:09:28.0444 3232  WinUsb - ok
12:09:28.0475 3232  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:09:28.0491 3232  Wlansvc - ok
12:09:28.0553 3232  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:09:28.0569 3232  wlcrasvc - ok
12:09:28.0631 3232  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:09:28.0647 3232  wlidsvc - ok
12:09:28.0647 3232  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:09:28.0647 3232  WmiAcpi - ok
12:09:28.0678 3232  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:09:28.0678 3232  wmiApSrv - ok
12:09:28.0693 3232  WMPNetworkSvc - ok
12:09:28.0725 3232  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:09:28.0725 3232  WPCSvc - ok
12:09:28.0740 3232  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:09:28.0740 3232  WPDBusEnum - ok
12:09:28.0740 3232  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:09:28.0740 3232  ws2ifsl - ok
12:09:28.0756 3232  WSearch - ok
12:09:28.0803 3232  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:09:28.0849 3232  wuauserv - ok
12:09:28.0881 3232  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:09:28.0881 3232  WudfPf - ok
12:09:28.0881 3232  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:09:28.0881 3232  WUDFRd - ok
12:09:28.0896 3232  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:09:28.0912 3232  wudfsvc - ok
12:09:28.0974 3232  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:09:28.0974 3232  WwanSvc - ok
12:09:29.0083 3232  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:09:29.0083 3232  YahooAUService - ok
12:09:29.0083 3232  ================ Scan global ===============================
12:09:29.0115 3232  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:09:29.0146 3232  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:09:29.0161 3232  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:09:29.0177 3232  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:09:29.0193 3232  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:09:29.0193 3232  [Global] - ok
12:09:29.0193 3232  ================ Scan MBR ==================================
12:09:29.0208 3232  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:09:29.0442 3232  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:09:29.0442 3232  \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:09:29.0442 3232  ================ Scan VBR ==================================
12:09:29.0442 3232  [ 8DE8BB76658F862570B2D11D3B47980D ] \Device\Harddisk0\DR0\Partition1
12:09:29.0458 3232  \Device\Harddisk0\DR0\Partition1 - ok
12:09:29.0473 3232  [ 868C2B5AEF51EA27D95619D9C0E88432 ] \Device\Harddisk0\DR0\Partition2
12:09:29.0473 3232  \Device\Harddisk0\DR0\Partition2 - ok
12:09:29.0473 3232  ================ Scan active images ========================
12:09:29.0473 3232  [ 3E588B60EC061686BA05D33574A344C6 ] C:\WINDOWS\System32\drivers\crashdmp.sys
12:09:29.0473 3232  C:\WINDOWS\System32\drivers\crashdmp.sys - ok
12:09:29.0489 3232  [ 814DB88F2641691575A455CF25354098 ] C:\WINDOWS\System32\drivers\dumpfve.sys
12:09:29.0489 3232  C:\WINDOWS\System32\drivers\dumpfve.sys - ok
12:09:29.0489 3232  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] C:\WINDOWS\System32\drivers\iaStor.sys
12:09:29.0489 3232  C:\WINDOWS\System32\drivers\iaStor.sys - ok
12:09:29.0489 3232  [ 16A47CE2DECC9B099349A5F840654746 ] C:\WINDOWS\System32\drivers\beep.sys
12:09:29.0489 3232  C:\WINDOWS\System32\drivers\beep.sys - ok
12:09:29.0489 3232  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\WINDOWS\System32\drivers\cdrom.sys
12:09:29.0489 3232  C:\WINDOWS\System32\drivers\cdrom.sys - ok
12:09:29.0505 3232  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\WINDOWS\System32\drivers\null.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\null.sys - ok
12:09:29.0505 3232  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\WINDOWS\System32\drivers\msfs.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\msfs.sys - ok
12:09:29.0505 3232  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\WINDOWS\System32\drivers\npfs.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\npfs.sys - ok
12:09:29.0505 3232  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\WINDOWS\System32\drivers\RDPCDD.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\RDPCDD.sys - ok
12:09:29.0505 3232  [ BB5971A4F00659529A5C44831AF22365 ] C:\WINDOWS\System32\drivers\RDPENCDD.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\RDPENCDD.sys - ok
12:09:29.0505 3232  [ 216F3FA57533D98E1F74DED70113177A ] C:\WINDOWS\System32\drivers\RDPREFMP.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\RDPREFMP.sys - ok
12:09:29.0505 3232  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\WINDOWS\System32\drivers\tdi.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\tdi.sys - ok
12:09:29.0505 3232  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\WINDOWS\System32\drivers\tdx.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\tdx.sys - ok
12:09:29.0505 3232  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\WINDOWS\System32\drivers\vga.sys
12:09:29.0505 3232  C:\WINDOWS\System32\drivers\vga.sys - ok
12:09:29.0520 3232  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\WINDOWS\System32\drivers\videoprt.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\videoprt.sys - ok
12:09:29.0520 3232  [ FC438D1430B28618E2D0C7C332A710AD ] C:\WINDOWS\System32\drivers\watchdog.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\watchdog.sys - ok
12:09:29.0520 3232  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\WINDOWS\System32\drivers\afd.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\afd.sys - ok
12:09:29.0520 3232  [ 09594D1089C523423B32A4229263F068 ] C:\WINDOWS\System32\drivers\netbt.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\netbt.sys - ok
12:09:29.0520 3232  [ 0557CF5A2556BD58E26384169D72438D ] C:\WINDOWS\System32\drivers\pacer.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\pacer.sys - ok
12:09:29.0520 3232  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\WINDOWS\System32\drivers\vwififlt.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\vwififlt.sys - ok
12:09:29.0520 3232  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\WINDOWS\System32\drivers\wfplwf.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\wfplwf.sys - ok
12:09:29.0520 3232  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\WINDOWS\System32\drivers\dfsc.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\dfsc.sys - ok
12:09:29.0520 3232  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\WINDOWS\System32\drivers\discache.sys
12:09:29.0520 3232  C:\WINDOWS\System32\drivers\discache.sys - ok
12:09:29.0536 3232  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\WINDOWS\System32\drivers\mssmbios.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\mssmbios.sys - ok
12:09:29.0536 3232  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\WINDOWS\System32\drivers\netbios.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\netbios.sys - ok
12:09:29.0536 3232  [ E7F5AE18AF4168178A642A9247C63001 ] C:\WINDOWS\System32\drivers\nsiproxy.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\nsiproxy.sys - ok
12:09:29.0536 3232  [ 77F665941019A1594D887A74F301FA2F ] C:\WINDOWS\System32\drivers\rdbss.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\rdbss.sys - ok
12:09:29.0536 3232  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\WINDOWS\System32\drivers\termdd.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\termdd.sys - ok
12:09:29.0536 3232  [ 356AFD78A6ED4457169241AC3965230C ] C:\WINDOWS\System32\drivers\wanarp.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\wanarp.sys - ok
12:09:29.0536 3232  [ 51F027DFFEDFB8D763FABFFA06B56E6D ] C:\WINDOWS\System32\drivers\atikmpag.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\atikmpag.sys - ok
12:09:29.0536 3232  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\WINDOWS\System32\drivers\blbdrive.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\blbdrive.sys - ok
12:09:29.0536 3232  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\WINDOWS\System32\drivers\tunnel.sys
12:09:29.0536 3232  C:\WINDOWS\System32\drivers\tunnel.sys - ok
12:09:29.0551 3232  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\WINDOWS\System32\ntdll.dll
12:09:29.0551 3232  C:\WINDOWS\System32\ntdll.dll - ok
12:09:29.0551 3232  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\WINDOWS\System32\smss.exe
12:09:29.0551 3232  C:\WINDOWS\System32\smss.exe - ok
12:09:29.0551 3232  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\WINDOWS\System32\autochk.exe
12:09:29.0551 3232  C:\WINDOWS\System32\autochk.exe - ok
12:09:29.0551 3232  [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] C:\WINDOWS\System32\drivers\atikmdag.sys
12:09:29.0551 3232  C:\WINDOWS\System32\drivers\atikmdag.sys - ok
12:09:29.0551 3232  [ F5BEE30450E18E6B83A5012C100616FD ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:09:29.0551 3232  C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
12:09:29.0551 3232  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\WINDOWS\System32\drivers\dxgmms1.sys
12:09:29.0551 3232  C:\WINDOWS\System32\drivers\dxgmms1.sys - ok
12:09:29.0551 3232  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\WINDOWS\System32\drivers\hdaudbus.sys
12:09:29.0551 3232  C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
12:09:29.0551 3232  [ 1C6E73FC46B509EFF9D0086AA37132DF ] C:\WINDOWS\System32\drivers\HECIx64.sys
12:09:29.0551 3232  C:\WINDOWS\System32\drivers\HECIx64.sys - ok
12:09:29.0551 3232  [ C025055FE7B87701EB042095DF1A2D7B ] C:\WINDOWS\System32\drivers\usbehci.sys
12:09:29.0551 3232  C:\WINDOWS\System32\drivers\usbehci.sys - ok
12:09:29.0567 3232  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\WINDOWS\System32\drivers\usbport.sys
12:09:29.0567 3232  C:\WINDOWS\System32\drivers\usbport.sys - ok
12:09:29.0567 3232  [ 8B5D16D20774FC3727F44E161BE2C0AC ] C:\WINDOWS\System32\drivers\BCMWL664.SYS
12:09:29.0567 3232  C:\WINDOWS\System32\drivers\BCMWL664.SYS - ok
12:09:29.0567 3232  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\WINDOWS\System32\drivers\CompositeBus.sys
12:09:29.0567 3232  C:\WINDOWS\System32\drivers\CompositeBus.sys - ok
12:09:29.0567 3232  [ ADA036632C664CAA754079041CF1F8C1 ] C:\WINDOWS\System32\drivers\intelppm.sys
12:09:29.0567 3232  C:\WINDOWS\System32\drivers\intelppm.sys - ok
12:09:29.0567 3232  [ 12E27942DBB7C91880163634B0D8A776 ] C:\WINDOWS\System32\drivers\k57nd60a.sys
12:09:29.0567 3232  C:\WINDOWS\System32\drivers\k57nd60a.sys - ok
12:09:29.0567 3232  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\WINDOWS\System32\drivers\vwifibus.sys
12:09:29.0567 3232  C:\WINDOWS\System32\drivers\vwifibus.sys - ok
12:09:29.0567 3232  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\WINDOWS\System32\drivers\agilevpn.sys
12:09:29.0567 3232  C:\WINDOWS\System32\drivers\agilevpn.sys - ok
12:09:29.0567 3232  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\WINDOWS\System32\drivers\ndistapi.sys
12:09:29.0567 3232  C:\WINDOWS\System32\drivers\ndistapi.sys - ok
12:09:29.0583 3232  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\WINDOWS\System32\drivers\ndiswan.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\ndiswan.sys - ok
12:09:29.0583 3232  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\WINDOWS\System32\drivers\rasl2tp.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
12:09:29.0583 3232  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\WINDOWS\System32\drivers\raspppoe.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\raspppoe.sys - ok
12:09:29.0583 3232  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\WINDOWS\System32\drivers\raspptp.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\raspptp.sys - ok
12:09:29.0583 3232  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\WINDOWS\System32\drivers\rassstp.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\rassstp.sys - ok
12:09:29.0583 3232  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\WINDOWS\System32\drivers\kbdclass.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\kbdclass.sys - ok
12:09:29.0583 3232  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\WINDOWS\System32\drivers\ks.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\ks.sys - ok
12:09:29.0583 3232  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\WINDOWS\System32\drivers\mouclass.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\mouclass.sys - ok
12:09:29.0583 3232  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\WINDOWS\System32\drivers\swenum.sys
12:09:29.0583 3232  C:\WINDOWS\System32\drivers\swenum.sys - ok
12:09:29.0598 3232  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\WINDOWS\System32\drivers\umbus.sys
12:09:29.0598 3232  C:\WINDOWS\System32\drivers\umbus.sys - ok
12:09:29.0598 3232  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\WINDOWS\System32\Wldap32.dll
12:09:29.0598 3232  C:\WINDOWS\System32\Wldap32.dll - ok
12:09:29.0598 3232  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\WINDOWS\System32\drivers\usbhub.sys
12:09:29.0598 3232  C:\WINDOWS\System32\drivers\usbhub.sys - ok
12:09:29.0598 3232  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\WINDOWS\System32\msvcrt.dll
12:09:29.0598 3232  C:\WINDOWS\System32\msvcrt.dll - ok
12:09:29.0598 3232  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\WINDOWS\System32\drivers\ndproxy.sys
12:09:29.0598 3232  C:\WINDOWS\System32\drivers\ndproxy.sys - ok
12:09:29.0598 3232  [ DBB487D09F56C674430AC454FD8BCAB9 ] C:\WINDOWS\System32\drivers\AtihdW76.sys
12:09:29.0598 3232  C:\WINDOWS\System32\drivers\AtihdW76.sys - ok
12:09:29.0598 3232  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\WINDOWS\System32\drivers\drmk.sys
12:09:29.0598 3232  C:\WINDOWS\System32\drivers\drmk.sys - ok
12:09:29.0598 3232  [ 6869281E78CB31A43E969F06B57347C4 ] C:\WINDOWS\System32\drivers\ksthunk.sys
12:09:29.0598 3232  C:\WINDOWS\System32\drivers\ksthunk.sys - ok
12:09:29.0598 3232  [ 32E11315B5126921FFD9074840EF13D3 ] C:\WINDOWS\System32\drivers\portcls.sys
12:09:29.0598 3232  C:\WINDOWS\System32\drivers\portcls.sys - ok
12:09:29.0614 3232  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\WINDOWS\System32\imagehlp.dll
12:09:29.0614 3232  C:\WINDOWS\System32\imagehlp.dll - ok
12:09:29.0614 3232  [ FC727061C0F47C8059E88E05D5C8E381 ] C:\WINDOWS\System32\drivers\IntcDAud.sys
12:09:29.0614 3232  C:\WINDOWS\System32\drivers\IntcDAud.sys - ok
12:09:29.0614 3232  [ 235362D403D9D677514649D88DB31914 ] C:\WINDOWS\System32\drivers\RTKVHD64.sys
12:09:29.0614 3232  C:\WINDOWS\System32\drivers\RTKVHD64.sys - ok
12:09:29.0614 3232  [ 435E9C764E1EF70058580996452BE6A2 ] C:\WINDOWS\System32\wininet.dll
12:09:29.0614 3232  C:\WINDOWS\System32\wininet.dll - ok
12:09:29.0614 3232  [ EF1D39A70CAD1B7BEDC220480F26815C ] C:\WINDOWS\System32\drivers\mfeavfk.sys
12:09:29.0614 3232  C:\WINDOWS\System32\drivers\mfeavfk.sys - ok
12:09:29.0614 3232  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\WINDOWS\System32\setupapi.dll
12:09:29.0614 3232  C:\WINDOWS\System32\setupapi.dll - ok
12:09:29.0614 3232  [ 67972BFC8F23054BD23E1DE1450E40BD ] C:\WINDOWS\System32\drivers\mfefirek.sys
12:09:29.0614 3232  C:\WINDOWS\System32\drivers\mfefirek.sys - ok
12:09:29.0614 3232  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\WINDOWS\System32\rpcrt4.dll
12:09:29.0614 3232  C:\WINDOWS\System32\rpcrt4.dll - ok
12:09:29.0614 3232  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\WINDOWS\System32\gdi32.dll
12:09:29.0614 3232  C:\WINDOWS\System32\gdi32.dll - ok
12:09:29.0629 3232  [ D202223587518B13D72D68937B7E3F70 ] C:\WINDOWS\System32\lpk.dll
12:09:29.0629 3232  C:\WINDOWS\System32\lpk.dll - ok
12:09:29.0629 3232  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\WINDOWS\System32\ws2_32.dll
12:09:29.0629 3232  C:\WINDOWS\System32\ws2_32.dll - ok
12:09:29.0629 3232  [ 65C113214F7B05820F6D8A65B1485196 ] C:\WINDOWS\System32\kernel32.dll
12:09:29.0629 3232  C:\WINDOWS\System32\kernel32.dll - ok
12:09:29.0629 3232  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\WINDOWS\System32\usp10.dll
12:09:29.0629 3232  C:\WINDOWS\System32\usp10.dll - ok
12:09:29.0629 3232  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\WINDOWS\System32\user32.dll
12:09:29.0629 3232  C:\WINDOWS\System32\user32.dll - ok
12:09:29.0629 3232  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\WINDOWS\System32\ole32.dll
12:09:29.0629 3232  C:\WINDOWS\System32\ole32.dll - ok
12:09:29.0629 3232  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\WINDOWS\System32\advapi32.dll
12:09:29.0629 3232  C:\WINDOWS\System32\advapi32.dll - ok
12:09:29.0629 3232  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\WINDOWS\System32\sechost.dll
12:09:29.0629 3232  C:\WINDOWS\System32\sechost.dll - ok
12:09:29.0629 3232  [ 87BEA2616EFDEC6A1CB3BFCFB09D816A ] C:\WINDOWS\System32\urlmon.dll
12:09:29.0629 3232  C:\WINDOWS\System32\urlmon.dll - ok
12:09:29.0629 3232  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\WINDOWS\System32\imm32.dll
12:09:29.0629 3232  C:\WINDOWS\System32\imm32.dll - ok
12:09:29.0645 3232  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\WINDOWS\System32\normaliz.dll
12:09:29.0645 3232  C:\WINDOWS\System32\normaliz.dll - ok
12:09:29.0645 3232  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\WINDOWS\System32\nsi.dll
12:09:29.0645 3232  C:\WINDOWS\System32\nsi.dll - ok
12:09:29.0645 3232  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\WINDOWS\System32\clbcatq.dll
12:09:29.0645 3232  C:\WINDOWS\System32\clbcatq.dll - ok
12:09:29.0645 3232  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\WINDOWS\System32\psapi.dll
12:09:29.0645 3232  C:\WINDOWS\System32\psapi.dll - ok
12:09:29.0645 3232  [ C06B32165E23A72A898B7A89679AD754 ] C:\WINDOWS\System32\oleaut32.dll
12:09:29.0645 3232  C:\WINDOWS\System32\oleaut32.dll - ok
12:09:29.0645 3232  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\WINDOWS\System32\msctf.dll
12:09:29.0645 3232  C:\WINDOWS\System32\msctf.dll - ok
12:09:29.0645 3232  [ F431C3C86FCCC1C53814F043A6CAD825 ] C:\WINDOWS\System32\iertutil.dll
12:09:29.0645 3232  C:\WINDOWS\System32\iertutil.dll - ok
12:09:29.0645 3232  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\WINDOWS\System32\shell32.dll
12:09:29.0645 3232  C:\WINDOWS\System32\shell32.dll - ok
12:09:29.0645 3232  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\WINDOWS\System32\comdlg32.dll
12:09:29.0645 3232  C:\WINDOWS\System32\comdlg32.dll - ok
12:09:29.0661 3232  [ F7CE0C81C545364020ED8203CF0A633E ] C:\WINDOWS\System32\difxapi.dll
12:09:29.0661 3232  C:\WINDOWS\System32\difxapi.dll - ok
12:09:29.0661 3232  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\WINDOWS\System32\shlwapi.dll
12:09:29.0661 3232  C:\WINDOWS\System32\shlwapi.dll - ok
12:09:29.0661 3232  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\WINDOWS\System32\crypt32.dll
12:09:29.0661 3232  C:\WINDOWS\System32\crypt32.dll - ok
12:09:29.0661 3232  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\WINDOWS\System32\cfgmgr32.dll
12:09:29.0661 3232  C:\WINDOWS\System32\cfgmgr32.dll - ok
12:09:29.0661 3232  [ AA06902362B1422D7A7DA7061E07C624 ] C:\WINDOWS\System32\wintrust.dll
12:09:29.0661 3232  C:\WINDOWS\System32\wintrust.dll - ok
12:09:29.0661 3232  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\WINDOWS\System32\comctl32.dll
12:09:29.0661 3232  C:\WINDOWS\System32\comctl32.dll - ok
12:09:29.0661 3232  [ 06FEC9E8117103BB1141A560E98077DA ] C:\WINDOWS\System32\devobj.dll
12:09:29.0661 3232  C:\WINDOWS\System32\devobj.dll - ok
12:09:29.0661 3232  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\WINDOWS\System32\KernelBase.dll
12:09:29.0661 3232  C:\WINDOWS\System32\KernelBase.dll - ok
12:09:29.0661 3232  [ 884415BD4269C02EAF8E2613BF85500D ] C:\WINDOWS\System32\msasn1.dll
12:09:29.0661 3232  C:\WINDOWS\System32\msasn1.dll - ok
12:09:29.0676 3232  [ FE88B288356E7B47B74B13372ADD906D ] C:\WINDOWS\System32\drivers\winusb.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\winusb.sys - ok
12:09:29.0676 3232  [ E6CE7188CC47AE5DAFDAF552D370C52F ] C:\WINDOWS\System32\drivers\dc3d.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\dc3d.sys - ok
12:09:29.0676 3232  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\WINDOWS\System32\drivers\hidparse.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\hidparse.sys - ok
12:09:29.0676 3232  [ 19AD7990C0B67E48DAC5B26F99628223 ] C:\WINDOWS\System32\drivers\usbccgp.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\usbccgp.sys - ok
12:09:29.0676 3232  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\WINDOWS\System32\drivers\usbd.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\usbd.sys - ok
12:09:29.0676 3232  [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\WINDOWS\System32\drivers\WUDFRd.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\WUDFRd.sys - ok
12:09:29.0676 3232  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\WINDOWS\System32\drivers\hidclass.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\hidclass.sys - ok
12:09:29.0676 3232  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\WINDOWS\System32\drivers\hidusb.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\hidusb.sys - ok
12:09:29.0676 3232  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\WINDOWS\System32\drivers\kbdhid.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\kbdhid.sys - ok
12:09:29.0676 3232  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\WINDOWS\System32\drivers\mouhid.sys
12:09:29.0676 3232  C:\WINDOWS\System32\drivers\mouhid.sys - ok
12:09:29.0692 3232  [ 5BC4D480DD527EB0CF33A67A090A130E ] C:\WINDOWS\System32\drivers\point64.sys
12:09:29.0692 3232  C:\WINDOWS\System32\drivers\point64.sys - ok
12:09:29.0692 3232  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] C:\WINDOWS\System32\drivers\lvuvc64.sys
12:09:29.0692 3232  C:\WINDOWS\System32\drivers\lvuvc64.sys - ok
12:09:29.0692 3232  [ 9C278785347BCC991F8EA2999D90F58D ] C:\WINDOWS\SysWOW64\normaliz.dll
12:09:29.0692 3232  C:\WINDOWS\SysWOW64\normaliz.dll - ok
12:09:29.0692 3232  [ 0C85B2B6FB74B36A251792D45E0EF860 ] C:\WINDOWS\System32\drivers\lvrs64.sys
12:09:29.0692 3232  C:\WINDOWS\System32\drivers\lvrs64.sys - ok
12:09:29.0692 3232  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\WINDOWS\System32\drivers\USBAUDIO.sys
12:09:29.0692 3232  C:\WINDOWS\System32\drivers\USBAUDIO.sys - ok
12:09:29.0692 3232  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\WINDOWS\System32\drivers\dxapi.sys
12:09:29.0692 3232  C:\WINDOWS\System32\drivers\dxapi.sys - ok
12:09:29.0692 3232  [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\WINDOWS\System32\win32k.sys
12:09:29.0692 3232  C:\WINDOWS\System32\win32k.sys - ok
12:09:29.0692 3232  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\WINDOWS\System32\csrsrv.dll
12:09:29.0692 3232  C:\WINDOWS\System32\csrsrv.dll - ok
12:09:29.0692 3232  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\WINDOWS\System32\csrss.exe
12:09:29.0692 3232  C:\WINDOWS\System32\csrss.exe - ok
12:09:29.0707 3232  [ BA0CD8C393E8C9F83354106093832C7B ] C:\WINDOWS\System32\basesrv.dll
12:09:29.0707 3232  C:\WINDOWS\System32\basesrv.dll - ok
12:09:29.0707 3232  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\System32\winsrv.dll
12:09:29.0707 3232  C:\WINDOWS\System32\winsrv.dll - ok
12:09:29.0707 3232  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:09:29.0707 3232  C:\WINDOWS\System32\drivers\USBSTOR.SYS - ok
12:09:29.0707 3232  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\WINDOWS\System32\drivers\monitor.sys
12:09:29.0707 3232  C:\WINDOWS\System32\drivers\monitor.sys - ok
12:09:29.0707 3232  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\WINDOWS\System32\tsddd.dll
12:09:29.0707 3232  C:\WINDOWS\System32\tsddd.dll - ok
12:09:29.0707 3232  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\WINDOWS\System32\KBDUS.DLL
12:09:29.0707 3232  C:\WINDOWS\System32\KBDUS.DLL - ok
12:09:29.0707 3232  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\WINDOWS\System32\profapi.dll
12:09:29.0707 3232  C:\WINDOWS\System32\profapi.dll - ok
12:09:29.0707 3232  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\WINDOWS\System32\RpcRtRemote.dll
12:09:29.0707 3232  C:\WINDOWS\System32\RpcRtRemote.dll - ok
12:09:29.0707 3232  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\WINDOWS\System32\sxssrv.dll
12:09:29.0707 3232  C:\WINDOWS\System32\sxssrv.dll - ok
12:09:29.0723 3232  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\WINDOWS\System32\wininit.exe
12:09:29.0723 3232  C:\WINDOWS\System32\wininit.exe - ok
12:09:29.0723 3232  [ 05569A79BF4693670B709144382D02D4 ] C:\WINDOWS\System32\cdd.dll
12:09:29.0723 3232  C:\WINDOWS\System32\cdd.dll - ok
12:09:29.0723 3232  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\WINDOWS\System32\sxs.dll
12:09:29.0723 3232  C:\WINDOWS\System32\sxs.dll - ok
12:09:29.0723 3232  [ B26B1801356760841C3BC69F9F91537F ] C:\WINDOWS\System32\WlS0WndH.dll
12:09:29.0723 3232  C:\WINDOWS\System32\WlS0WndH.dll - ok
12:09:29.0723 3232  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\WINDOWS\System32\cryptbase.dll
12:09:29.0723 3232  C:\WINDOWS\System32\cryptbase.dll - ok
12:09:29.0723 3232  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\WINDOWS\System32\apphelp.dll
12:09:29.0723 3232  C:\WINDOWS\System32\apphelp.dll - ok
12:09:29.0723 3232  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\WINDOWS\System32\lsasrv.dll
12:09:29.0723 3232  C:\WINDOWS\System32\lsasrv.dll - ok
12:09:29.0723 3232  [ C118A82CD78818C29AB228366EBF81C3 ] C:\WINDOWS\System32\lsass.exe
12:09:29.0723 3232  C:\WINDOWS\System32\lsass.exe - ok
12:09:29.0723 3232  [ 9662EE182644511439F1C53745DC1C88 ] C:\WINDOWS\System32\lsm.exe
12:09:29.0723 3232  C:\WINDOWS\System32\lsm.exe - ok
12:09:29.0739 3232  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\WINDOWS\System32\services.exe
12:09:29.0739 3232  C:\WINDOWS\System32\services.exe - ok
12:09:29.0739 3232  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\WINDOWS\System32\sspisrv.dll
12:09:29.0739 3232  C:\WINDOWS\System32\sspisrv.dll - ok
12:09:29.0739 3232  [ 68083118797CAF30FB2EA3E71494D67E ] C:\WINDOWS\System32\sysntfy.dll
12:09:29.0739 3232  C:\WINDOWS\System32\sysntfy.dll - ok
12:09:29.0739 3232  [ DEE7267C5D232A3B816866872CE199E6 ] C:\WINDOWS\System32\wmsgapi.dll
12:09:29.0739 3232  C:\WINDOWS\System32\wmsgapi.dll - ok
12:09:29.0739 3232  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\WINDOWS\System32\sspicli.dll
12:09:29.0739 3232  C:\WINDOWS\System32\sspicli.dll - ok
12:09:29.0739 3232  [ A744BA6E04C8AA4592818178DBF89521 ] C:\WINDOWS\System32\samsrv.dll
12:09:29.0739 3232  C:\WINDOWS\System32\samsrv.dll - ok
12:09:29.0739 3232  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\WINDOWS\System32\scesrv.dll
12:09:29.0739 3232  C:\WINDOWS\System32\scesrv.dll - ok
12:09:29.0739 3232  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\WINDOWS\System32\scext.dll
12:09:29.0739 3232  C:\WINDOWS\System32\scext.dll - ok
12:09:29.0739 3232  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\WINDOWS\System32\secur32.dll
12:09:29.0739 3232  C:\WINDOWS\System32\secur32.dll - ok
12:09:29.0754 3232  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\WINDOWS\System32\winlogon.exe
12:09:29.0754 3232  C:\WINDOWS\System32\winlogon.exe - ok
12:09:29.0754 3232  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\WINDOWS\System32\winsta.dll
12:09:29.0754 3232  C:\WINDOWS\System32\winsta.dll - ok
12:09:29.0754 3232  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\WINDOWS\System32\srvcli.dll
12:09:29.0754 3232  C:\WINDOWS\System32\srvcli.dll - ok
12:09:29.0754 3232  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\WINDOWS\System32\authz.dll
12:09:29.0754 3232  C:\WINDOWS\System32\authz.dll - ok
12:09:29.0754 3232  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\WINDOWS\System32\cngaudit.dll
12:09:29.0754 3232  C:\WINDOWS\System32\cngaudit.dll - ok
12:09:29.0754 3232  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\WINDOWS\System32\cryptdll.dll
12:09:29.0754 3232  C:\WINDOWS\System32\cryptdll.dll - ok
12:09:29.0754 3232  [ 3C073B0C596A0AF84933E7406766B040 ] C:\WINDOWS\System32\wevtapi.dll
12:09:29.0754 3232  C:\WINDOWS\System32\wevtapi.dll - ok
12:09:29.0754 3232  [ 5F3307352216618221A17CFEF273EEE2 ] C:\WINDOWS\System32\ncrypt.dll
12:09:29.0754 3232  C:\WINDOWS\System32\ncrypt.dll - ok
12:09:29.0754 3232  [ B9A95365E52F421A20E1501935FADDA5 ] C:\WINDOWS\System32\bcrypt.dll
12:09:29.0754 3232  C:\WINDOWS\System32\bcrypt.dll - ok
12:09:29.0754 3232  [ 02B64609F865A39365FF88580DF11738 ] C:\WINDOWS\System32\msprivs.dll
12:09:29.0754 3232  C:\WINDOWS\System32\msprivs.dll - ok
12:09:29.0770 3232  [ C6505DE3561537BA1004D638C2F93F2F ] C:\WINDOWS\System32\netjoin.dll
12:09:29.0770 3232  C:\WINDOWS\System32\netjoin.dll - ok
12:09:29.0770 3232  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\WINDOWS\System32\negoexts.dll
12:09:29.0770 3232  C:\WINDOWS\System32\negoexts.dll - ok
12:09:29.0770 3232  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\WINDOWS\System32\kerberos.dll
12:09:29.0770 3232  C:\WINDOWS\System32\kerberos.dll - ok
12:09:29.0770 3232  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\WINDOWS\System32\atmfd.dll
12:09:29.0770 3232  C:\WINDOWS\System32\atmfd.dll - ok
12:09:29.0770 3232  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\WINDOWS\System32\cryptsp.dll
12:09:29.0770 3232  C:\WINDOWS\System32\cryptsp.dll - ok
12:09:29.0770 3232  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\WINDOWS\System32\mswsock.dll
12:09:29.0770 3232  C:\WINDOWS\System32\mswsock.dll - ok
12:09:29.0770 3232  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\WINDOWS\System32\wship6.dll
12:09:29.0770 3232  C:\WINDOWS\System32\wship6.dll - ok
12:09:29.0770 3232  [ EF12B8385AA2849999008A977918F96B ] C:\WINDOWS\System32\msv1_0.dll
12:09:29.0770 3232  C:\WINDOWS\System32\msv1_0.dll - ok
12:09:29.0770 3232  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\WINDOWS\System32\netlogon.dll
12:09:29.0770 3232  C:\WINDOWS\System32\netlogon.dll - ok
12:09:29.0785 3232  [ 492D07D79E7024CA310867B526D9636D ] C:\WINDOWS\System32\dnsapi.dll
12:09:29.0785 3232  C:\WINDOWS\System32\dnsapi.dll - ok
12:09:29.0785 3232  [ 8FFE297B8449386E7B6851458B6E474E ] C:\WINDOWS\System32\logoncli.dll
12:09:29.0785 3232  C:\WINDOWS\System32\logoncli.dll - ok
12:09:29.0785 3232  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\WINDOWS\System32\schannel.dll
12:09:29.0785 3232  C:\WINDOWS\System32\schannel.dll - ok
12:09:29.0785 3232  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\WINDOWS\System32\wdigest.dll
12:09:29.0785 3232  C:\WINDOWS\System32\wdigest.dll - ok
12:09:29.0785 3232  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\WINDOWS\System32\rsaenh.dll
12:09:29.0785 3232  C:\WINDOWS\System32\rsaenh.dll - ok
12:09:29.0785 3232  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\WINDOWS\System32\TSpkg.dll
12:09:29.0785 3232  C:\WINDOWS\System32\TSpkg.dll - ok
12:09:29.0785 3232  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\WINDOWS\System32\bcryptprimitives.dll
12:09:29.0785 3232  C:\WINDOWS\System32\bcryptprimitives.dll - ok
12:09:29.0785 3232  [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\WINDOWS\System32\LIVESSP.DLL
12:09:29.0785 3232  C:\WINDOWS\System32\LIVESSP.DLL - ok
12:09:29.0785 3232  [ E08088A97F95345E181C3DFCE2C615EF ] C:\WINDOWS\System32\pku2u.dll
12:09:29.0785 3232  C:\WINDOWS\System32\pku2u.dll - ok
12:09:29.0801 3232  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\WINDOWS\System32\credssp.dll
12:09:29.0801 3232  C:\WINDOWS\System32\credssp.dll - ok
12:09:29.0801 3232  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\WINDOWS\System32\efslsaext.dll
12:09:29.0801 3232  C:\WINDOWS\System32\efslsaext.dll - ok
12:09:29.0801 3232  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\WINDOWS\System32\ubpm.dll
12:09:29.0801 3232  C:\WINDOWS\System32\ubpm.dll - ok
12:09:29.0801 3232  [ ED78427259134C63ED69804D2132B86C ] C:\WINDOWS\System32\scecli.dll
12:09:29.0801 3232  C:\WINDOWS\System32\scecli.dll - ok
12:09:29.0801 3232  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\WINDOWS\System32\svchost.exe
12:09:29.0801 3232  C:\WINDOWS\System32\svchost.exe - ok
12:09:29.0801 3232  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\WINDOWS\System32\devrtl.dll
12:09:29.0801 3232  C:\WINDOWS\System32\devrtl.dll - ok
12:09:29.0801 3232  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\WINDOWS\System32\gpapi.dll
12:09:29.0801 3232  C:\WINDOWS\System32\gpapi.dll - ok
12:09:29.0801 3232  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\WINDOWS\System32\SPInf.dll
12:09:29.0801 3232  C:\WINDOWS\System32\SPInf.dll - ok
12:09:29.0801 3232  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\WINDOWS\System32\umpnpmgr.dll
12:09:29.0801 3232  C:\WINDOWS\System32\umpnpmgr.dll - ok
12:09:29.0801 3232  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\WINDOWS\System32\userenv.dll
12:09:29.0801 3232  C:\WINDOWS\System32\userenv.dll - ok
12:09:29.0817 3232  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\WINDOWS\System32\umpo.dll
12:09:29.0817 3232  C:\WINDOWS\System32\umpo.dll - ok
12:09:29.0817 3232  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\WINDOWS\System32\pcwum.dll
12:09:29.0817 3232  C:\WINDOWS\System32\pcwum.dll - ok
12:09:29.0817 3232  [ 716175021BDA290504CE434273F666BC ] C:\WINDOWS\System32\powrprof.dll
12:09:29.0817 3232  C:\WINDOWS\System32\powrprof.dll - ok
12:09:29.0817 3232  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\WINDOWS\System32\drivers\luafv.sys
12:09:29.0817 3232  C:\WINDOWS\System32\drivers\luafv.sys - ok
12:09:29.0817 3232  [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\WINDOWS\System32\drivers\Sftvollh.sys
12:09:29.0817 3232  C:\WINDOWS\System32\drivers\Sftvollh.sys - ok
12:09:29.0817 3232  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\WINDOWS\System32\RpcEpMap.dll
12:09:29.0817 3232  C:\WINDOWS\System32\RpcEpMap.dll - ok
12:09:29.0817 3232  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\WINDOWS\System32\rpcss.dll
12:09:29.0817 3232  C:\WINDOWS\System32\rpcss.dll - ok
12:09:29.0817 3232  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\WINDOWS\System32\wshqos.dll
12:09:29.0817 3232  C:\WINDOWS\System32\wshqos.dll - ok
12:09:29.0817 3232  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\WINDOWS\System32\WSHTCPIP.DLL
12:09:29.0817 3232  C:\WINDOWS\System32\WSHTCPIP.DLL - ok
12:09:29.0832 3232  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\WINDOWS\System32\authui.dll
12:09:29.0832 3232  C:\WINDOWS\System32\authui.dll - ok
12:09:29.0832 3232  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\WINDOWS\System32\LogonUI.exe
12:09:29.0832 3232  C:\WINDOWS\System32\LogonUI.exe - ok
12:09:29.0832 3232  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\WINDOWS\System32\cryptui.dll
12:09:29.0832 3232  C:\WINDOWS\System32\cryptui.dll - ok
12:09:29.0832 3232  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\WINDOWS\System32\FirewallAPI.dll
12:09:29.0832 3232  C:\WINDOWS\System32\FirewallAPI.dll - ok
12:09:29.0832 3232  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\WINDOWS\System32\version.dll
12:09:29.0832 3232  C:\WINDOWS\System32\version.dll - ok
12:09:29.0832 3232  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:09:29.0832 3232  C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:09:29.0832 3232  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\WINDOWS\System32\samlib.dll
12:09:29.0832 3232  C:\WINDOWS\System32\samlib.dll - ok
12:09:29.0832 3232  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\WINDOWS\System32\shacct.dll
12:09:29.0832 3232  C:\WINDOWS\System32\shacct.dll - ok
12:09:29.0832 3232  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\WINDOWS\System32\propsys.dll
12:09:29.0832 3232  C:\WINDOWS\System32\propsys.dll - ok
12:09:29.0848 3232  [ D29E998E8277666982B4F0303BF4E7AF ] C:\WINDOWS\System32\uxtheme.dll
12:09:29.0848 3232  C:\WINDOWS\System32\uxtheme.dll - ok
12:09:29.0848 3232  [ 179E8401224D557ECFF3695F2016EA5B ] C:\WINDOWS\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
12:09:29.0848 3232  C:\WINDOWS\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
12:09:29.0848 3232  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\WINDOWS\System32\dui70.dll
12:09:29.0848 3232  C:\WINDOWS\System32\dui70.dll - ok
12:09:29.0848 3232  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\WINDOWS\System32\duser.dll
12:09:29.0848 3232  C:\WINDOWS\System32\duser.dll - ok
12:09:29.0848 3232  [ D7F1EF374A90709B31591823B002F918 ] C:\WINDOWS\System32\SndVolSSO.dll
12:09:29.0848 3232  C:\WINDOWS\System32\SndVolSSO.dll - ok
12:09:29.0848 3232  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\WINDOWS\System32\hid.dll
12:09:29.0848 3232  C:\WINDOWS\System32\hid.dll - ok
12:09:29.0848 3232  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\WINDOWS\System32\MMDevAPI.dll
12:09:29.0848 3232  C:\WINDOWS\System32\MMDevAPI.dll - ok
12:09:29.0848 3232  [ DA1B7075260F3872585BFCDD668C648B ] C:\WINDOWS\System32\dwmapi.dll
12:09:29.0848 3232  C:\WINDOWS\System32\dwmapi.dll - ok
12:09:29.0848 3232  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\WINDOWS\System32\xmllite.dll
12:09:29.0848 3232  C:\WINDOWS\System32\xmllite.dll - ok
12:09:29.0863 3232  [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\WINDOWS\System32\WindowsCodecs.dll
12:09:29.0863 3232  C:\WINDOWS\System32\WindowsCodecs.dll - ok
12:09:29.0863 3232  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\WINDOWS\System32\VaultCredProvider.dll
12:09:29.0863 3232  C:\WINDOWS\System32\VaultCredProvider.dll - ok
12:09:29.0863 3232  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\WINDOWS\System32\winbrand.dll
12:09:29.0863 3232  C:\WINDOWS\System32\winbrand.dll - ok
12:09:29.0863 3232  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\WINDOWS\System32\wtsapi32.dll
12:09:29.0863 3232  C:\WINDOWS\System32\wtsapi32.dll - ok
12:09:29.0863 3232  [ CA2985996BB49924B677113DF95CFEA7 ] C:\WINDOWS\System32\SmartcardCredentialProvider.dll
12:09:29.0863 3232  C:\WINDOWS\System32\SmartcardCredentialProvider.dll - ok
12:09:29.0863 3232  [ BF352E73615F5461AA6884472435A544 ] C:\WINDOWS\System32\BioCredProv.dll
12:09:29.0863 3232  C:\WINDOWS\System32\BioCredProv.dll - ok
12:09:29.0863 3232  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\WINDOWS\System32\credui.dll
12:09:29.0863 3232  C:\WINDOWS\System32\credui.dll - ok
12:09:29.0863 3232  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\WINDOWS\System32\winbio.dll
12:09:29.0863 3232  C:\WINDOWS\System32\winbio.dll - ok
12:09:29.0863 3232  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\WINDOWS\System32\certCredProvider.dll
12:09:29.0863 3232  C:\WINDOWS\System32\certCredProvider.dll - ok
12:09:29.0879 3232  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\WINDOWS\System32\netapi32.dll
12:09:29.0879 3232  C:\WINDOWS\System32\netapi32.dll - ok
12:09:29.0879 3232  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\WINDOWS\System32\netutils.dll
12:09:29.0879 3232  C:\WINDOWS\System32\netutils.dll - ok
12:09:29.0879 3232  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\WINDOWS\System32\samcli.dll
12:09:29.0879 3232  C:\WINDOWS\System32\samcli.dll - ok
12:09:29.0879 3232  [ 44B9C66177651F3F53C87B665D58D17A ] C:\WINDOWS\System32\vaultcli.dll
12:09:29.0879 3232  C:\WINDOWS\System32\vaultcli.dll - ok
12:09:29.0879 3232  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\WINDOWS\System32\wkscli.dll
12:09:29.0879 3232  C:\WINDOWS\System32\wkscli.dll - ok
12:09:29.0879 3232  [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
12:09:29.0879 3232  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
12:09:29.0879 3232  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\WINDOWS\System32\rasplap.dll
12:09:29.0879 3232  C:\WINDOWS\System32\rasplap.dll - ok
12:09:29.0879 3232  [ 019CD868461B646E09BDF04474C19341 ] C:\WINDOWS\System32\rasapi32.dll
12:09:29.0879 3232  C:\WINDOWS\System32\rasapi32.dll - ok
12:09:29.0879 3232  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\WINDOWS\System32\rasman.dll
12:09:29.0879 3232  C:\WINDOWS\System32\rasman.dll - ok
12:09:29.0895 3232  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\WINDOWS\System32\rtutils.dll
12:09:29.0895 3232  C:\WINDOWS\System32\rtutils.dll - ok
12:09:29.0895 3232  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\WINDOWS\System32\wevtsvc.dll
12:09:29.0895 3232  C:\WINDOWS\System32\wevtsvc.dll - ok
12:09:29.0895 3232  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\WINDOWS\System32\audiosrv.dll
12:09:29.0895 3232  C:\WINDOWS\System32\audiosrv.dll - ok
12:09:29.0895 3232  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\WINDOWS\System32\profsvc.dll
12:09:29.0895 3232  C:\WINDOWS\System32\profsvc.dll - ok
12:09:29.0895 3232  [ 78A1E65207484B7F8D3217507745F47C ] C:\WINDOWS\System32\avrt.dll
12:09:29.0895 3232  C:\WINDOWS\System32\avrt.dll - ok
12:09:29.0895 3232  [ E40E80D0304A73E8D269F7141D77250B ] C:\WINDOWS\System32\mmcss.dll
12:09:29.0895 3232  C:\WINDOWS\System32\mmcss.dll - ok
12:09:29.0895 3232  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\WINDOWS\System32\adtschema.dll
12:09:29.0895 3232  C:\WINDOWS\System32\adtschema.dll - ok
12:09:29.0895 3232  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\WINDOWS\System32\wlansvc.dll
12:09:29.0895 3232  C:\WINDOWS\System32\wlansvc.dll - ok
12:09:29.0895 3232  [ 50544D04AD845C43130B70212EC05CCD ] C:\WINDOWS\System32\microsoft-windows-kernel-power-events.dll
12:09:29.0895 3232  C:\WINDOWS\System32\microsoft-windows-kernel-power-events.dll - ok
12:09:29.0910 3232  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\WINDOWS\System32\WUDFPlatform.dll
12:09:29.0910 3232  C:\WINDOWS\System32\WUDFPlatform.dll - ok
12:09:29.0910 3232  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\WINDOWS\System32\drivers\fltMgr.sys
12:09:29.0910 3232  C:\WINDOWS\System32\drivers\fltMgr.sys - ok
12:09:29.0910 3232  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\WINDOWS\System32\netprofm.dll
12:09:29.0910 3232  C:\WINDOWS\System32\netprofm.dll - ok
12:09:29.0910 3232  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\WINDOWS\System32\PSHED.DLL
12:09:29.0910 3232  C:\WINDOWS\System32\PSHED.DLL - ok
12:09:29.0910 3232  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\WINDOWS\System32\microsoft-windows-kernel-processor-power-events.dll
12:09:29.0910 3232  C:\WINDOWS\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:09:29.0910 3232  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\WINDOWS\System32\audiodg.exe
12:09:29.0910 3232  C:\WINDOWS\System32\audiodg.exe - ok
12:09:29.0910 3232  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\WINDOWS\System32\ntmarta.dll
12:09:29.0910 3232  C:\WINDOWS\System32\ntmarta.dll - ok
12:09:29.0910 3232  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\WINDOWS\System32\gpsvc.dll
12:09:29.0910 3232  C:\WINDOWS\System32\gpsvc.dll - ok
12:09:29.0910 3232  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\WINDOWS\System32\ksuser.dll
12:09:29.0910 3232  C:\WINDOWS\System32\ksuser.dll - ok
12:09:29.0910 3232  [ 1473768973453DE50DC738C2955FC4DD ] C:\WINDOWS\System32\wdmaud.drv
12:09:29.0910 3232  C:\WINDOWS\System32\wdmaud.drv - ok
12:09:29.0926 3232  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\WINDOWS\System32\winmm.dll
12:09:29.0926 3232  C:\WINDOWS\System32\winmm.dll - ok
12:09:29.0926 3232  [ 58775492FFD419248B08325E583C527F ] C:\WINDOWS\System32\atl.dll
12:09:29.0926 3232  C:\WINDOWS\System32\atl.dll - ok
12:09:29.0926 3232  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\WINDOWS\System32\AudioSes.dll
12:09:29.0926 3232  C:\WINDOWS\System32\AudioSes.dll - ok
12:09:29.0926 3232  [ CA2A0750ED830678997695FF61B04C30 ] C:\WINDOWS\System32\midimap.dll
12:09:29.0926 3232  C:\WINDOWS\System32\midimap.dll - ok
12:09:29.0926 3232  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\WINDOWS\System32\msacm32.dll
12:09:29.0926 3232  C:\WINDOWS\System32\msacm32.dll - ok
12:09:29.0926 3232  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\WINDOWS\System32\msacm32.drv
12:09:29.0926 3232  C:\WINDOWS\System32\msacm32.drv - ok
12:09:29.0926 3232  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\WINDOWS\System32\nlaapi.dll
12:09:29.0926 3232  C:\WINDOWS\System32\nlaapi.dll - ok
12:09:29.0926 3232  [ F0344071948D1A1FA732231785A0664C ] C:\WINDOWS\System32\themeservice.dll
12:09:29.0926 3232  C:\WINDOWS\System32\themeservice.dll - ok
12:09:29.0926 3232  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\WINDOWS\System32\AudioEng.dll
12:09:29.0926 3232  C:\WINDOWS\System32\AudioEng.dll - ok
12:09:29.0941 3232  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\WINDOWS\System32\dsrole.dll
12:09:29.0941 3232  C:\WINDOWS\System32\dsrole.dll - ok
12:09:29.0941 3232  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\WINDOWS\System32\es.dll
12:09:29.0941 3232  C:\WINDOWS\System32\es.dll - ok
12:09:29.0941 3232  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\WINDOWS\System32\slc.dll
12:09:29.0941 3232  C:\WINDOWS\System32\slc.dll - ok
12:09:29.0941 3232  [ C1395286B822E306B4FE1568A8A77813 ] C:\WINDOWS\System32\AUDIOKSE.dll
12:09:29.0941 3232  C:\WINDOWS\System32\AUDIOKSE.dll - ok
12:09:29.0941 3232  [ 1A47D52E303B7543E4E6026595B95422 ] C:\WINDOWS\System32\comres.dll
12:09:29.0941 3232  C:\WINDOWS\System32\comres.dll - ok
12:09:29.0941 3232  [ 1538831CF8AD2979A04C423779465827 ] C:\WINDOWS\System32\drivers\lltdio.sys
12:09:29.0941 3232  C:\WINDOWS\System32\drivers\lltdio.sys - ok
12:09:29.0941 3232  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\WINDOWS\System32\Sens.dll
12:09:29.0941 3232  C:\WINDOWS\System32\Sens.dll - ok
12:09:29.0941 3232  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\WINDOWS\System32\uxsms.dll
12:09:29.0941 3232  C:\WINDOWS\System32\uxsms.dll - ok
12:09:29.0941 3232  [ 136185F9FB2CC61E573E676AA5402356 ] C:\WINDOWS\System32\drivers\ndisuio.sys
12:09:29.0941 3232  C:\WINDOWS\System32\drivers\ndisuio.sys - ok
12:09:29.0941 3232  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\WINDOWS\System32\drivers\nwifi.sys
12:09:29.0941 3232  C:\WINDOWS\System32\drivers\nwifi.sys - ok
12:09:29.0957 3232  [ DDC86E4F8E7456261E637E3552E804FF ] C:\WINDOWS\System32\drivers\rspndr.sys
12:09:29.0957 3232  C:\WINDOWS\System32\drivers\rspndr.sys - ok
12:09:29.0957 3232  [ 2B81776DA02017A37FE26C662827470E ] C:\WINDOWS\System32\IPHLPAPI.DLL
12:09:29.0957 3232  C:\WINDOWS\System32\IPHLPAPI.DLL - ok
12:09:29.0957 3232  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\WINDOWS\System32\lmhsvc.dll
12:09:29.0957 3232  C:\WINDOWS\System32\lmhsvc.dll - ok
12:09:29.0957 3232  [ 5CD5919930841EB81C92FEF84C3721F6 ] C:\WINDOWS\System32\MBWrp64.dll
12:09:29.0957 3232  C:\WINDOWS\System32\MBWrp64.dll - ok
 


Edited by saul1236, 17 February 2013 - 01:29 PM.


#4 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 17 February 2013 - 01:30 PM

12:09:29.0957 3232 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\WINDOWS\System32\nsisvc.dll
12:09:29.0957 3232 C:\WINDOWS\System32\nsisvc.dll - ok
12:09:29.0957 3232 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\WINDOWS\System32\dhcpcore.dll
12:09:29.0957 3232 C:\WINDOWS\System32\dhcpcore.dll - ok
12:09:29.0957 3232 [ 96370C4E30CC48E88D04C93C0BC042EB ] C:\WINDOWS\System32\MBTHX64.dll
12:09:29.0957 3232 C:\WINDOWS\System32\MBTHX64.dll - ok
12:09:29.0957 3232 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\WINDOWS\System32\nrpsrv.dll
12:09:29.0957 3232 C:\WINDOWS\System32\nrpsrv.dll - ok
12:09:29.0957 3232 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\WINDOWS\System32\winnsi.dll
12:09:29.0957 3232 C:\WINDOWS\System32\winnsi.dll - ok
12:09:29.0973 3232 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\WINDOWS\System32\dhcpcore6.dll
12:09:29.0973 3232 C:\WINDOWS\System32\dhcpcore6.dll - ok
12:09:29.0973 3232 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\WINDOWS\System32\dhcpcsvc.dll
12:09:29.0973 3232 C:\WINDOWS\System32\dhcpcsvc.dll - ok
12:09:29.0973 3232 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\WINDOWS\System32\dnsrslvr.dll
12:09:29.0973 3232 C:\WINDOWS\System32\dnsrslvr.dll - ok
12:09:29.0973 3232 [ 87356377F31DA5F20A833811CD59499C ] C:\WINDOWS\System32\eapphost.dll
12:09:29.0973 3232 C:\WINDOWS\System32\eapphost.dll - ok
12:09:29.0973 3232 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\WINDOWS\System32\eapsvc.dll
12:09:29.0973 3232 C:\WINDOWS\System32\eapsvc.dll - ok
12:09:29.0973 3232 [ 0040C486584A8E582C861CFB57AB5387 ] C:\WINDOWS\System32\FWPUCLNT.DLL
12:09:29.0973 3232 C:\WINDOWS\System32\FWPUCLNT.DLL - ok
12:09:29.0973 3232 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\WINDOWS\System32\keyiso.dll
12:09:29.0973 3232 C:\WINDOWS\System32\keyiso.dll - ok
12:09:29.0973 3232 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\WINDOWS\System32\umb.dll
12:09:29.0973 3232 C:\WINDOWS\System32\umb.dll - ok
12:09:29.0973 3232 [ A648C4A06DE367065B24056D067B4460 ] C:\WINDOWS\System32\wlanmsm.dll
12:09:29.0973 3232 C:\WINDOWS\System32\wlanmsm.dll - ok
12:09:29.0988 3232 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\WINDOWS\System32\wlansec.dll
12:09:29.0988 3232 C:\WINDOWS\System32\wlansec.dll - ok
12:09:29.0988 3232 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\WINDOWS\System32\dhcpcsvc6.dll
12:09:29.0988 3232 C:\WINDOWS\System32\dhcpcsvc6.dll - ok
12:09:29.0988 3232 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\WINDOWS\System32\dnsext.dll
12:09:29.0988 3232 C:\WINDOWS\System32\dnsext.dll - ok
12:09:29.0988 3232 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\WINDOWS\System32\eappprxy.dll
12:09:29.0988 3232 C:\WINDOWS\System32\eappprxy.dll - ok
12:09:29.0988 3232 [ 25D74864274539330DCC4234140D11AF ] C:\WINDOWS\System32\MBAPO64.dll
12:09:29.0988 3232 C:\WINDOWS\System32\MBAPO64.dll - ok
12:09:29.0988 3232 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\WINDOWS\System32\onex.dll
12:09:29.0988 3232 C:\WINDOWS\System32\onex.dll - ok
12:09:29.0988 3232 [ 0D753307D274F3688BD21C377B616700 ] C:\WINDOWS\System32\eappcfg.dll
12:09:29.0988 3232 C:\WINDOWS\System32\eappcfg.dll - ok
12:09:29.0988 3232 [ 97E43F324BE1503CB2FFB058534688DA ] C:\WINDOWS\System32\l2gpstore.dll
12:09:29.0988 3232 C:\WINDOWS\System32\l2gpstore.dll - ok
12:09:29.0988 3232 [ EBB3AF12156D523A0581A143B546143F ] C:\WINDOWS\System32\RtkAPO64.dll
12:09:29.0988 3232 C:\WINDOWS\System32\RtkAPO64.dll - ok
12:09:29.0988 3232 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\WINDOWS\System32\UXInit.dll
12:09:29.0988 3232 C:\WINDOWS\System32\UXInit.dll - ok
12:09:30.0004 3232 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\WINDOWS\System32\WinSCard.dll
12:09:30.0004 3232 C:\WINDOWS\System32\WinSCard.dll - ok
12:09:30.0004 3232 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\WINDOWS\System32\wlanutil.dll
12:09:30.0004 3232 C:\WINDOWS\System32\wlanutil.dll - ok
12:09:30.0004 3232 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\WINDOWS\System32\wlgpclnt.dll
12:09:30.0004 3232 C:\WINDOWS\System32\wlgpclnt.dll - ok
12:09:30.0004 3232 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\WINDOWS\System32\msxml6.dll
12:09:30.0004 3232 C:\WINDOWS\System32\msxml6.dll - ok
12:09:30.0004 3232 [ AAF932B4011D14052955D4B212A4DA8D ] C:\WINDOWS\System32\shsvcs.dll
12:09:30.0004 3232 C:\WINDOWS\System32\shsvcs.dll - ok
12:09:30.0004 3232 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\WINDOWS\System32\wlanext.exe
12:09:30.0004 3232 C:\WINDOWS\System32\wlanext.exe - ok
12:09:30.0004 3232 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\WINDOWS\System32\WMALFXGFXDSP.dll
12:09:30.0004 3232 C:\WINDOWS\System32\WMALFXGFXDSP.dll - ok
12:09:30.0004 3232 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\WINDOWS\System32\conhost.exe
12:09:30.0004 3232 C:\WINDOWS\System32\conhost.exe - ok
12:09:30.0004 3232 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\WINDOWS\System32\imageres.dll
12:09:30.0004 3232 C:\WINDOWS\System32\imageres.dll - ok
12:09:30.0019 3232 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\WINDOWS\System32\schedsvc.dll
12:09:30.0019 3232 C:\WINDOWS\System32\schedsvc.dll - ok
12:09:30.0019 3232 [ 95CAE3D82E682CB56BF6F02D281C4E08 ] C:\WINDOWS\System32\bcmihvsrv64.dll
12:09:30.0019 3232 C:\WINDOWS\System32\bcmihvsrv64.dll - ok
12:09:30.0019 3232 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\WINDOWS\System32\ktmw32.dll
12:09:30.0019 3232 C:\WINDOWS\System32\ktmw32.dll - ok
12:09:30.0019 3232 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\WINDOWS\System32\mfplat.dll
12:09:30.0019 3232 C:\WINDOWS\System32\mfplat.dll - ok
12:09:30.0019 3232 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\WINDOWS\System32\fveapi.dll
12:09:30.0019 3232 C:\WINDOWS\System32\fveapi.dll - ok
12:09:30.0019 3232 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\WINDOWS\System32\fvecerts.dll
12:09:30.0019 3232 C:\WINDOWS\System32\fvecerts.dll - ok
12:09:30.0019 3232 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\WINDOWS\System32\taskcomp.dll
12:09:30.0019 3232 C:\WINDOWS\System32\taskcomp.dll - ok
12:09:30.0019 3232 [ 694865362F0965779F92BCFE97712323 ] C:\WINDOWS\System32\tbs.dll
12:09:30.0019 3232 C:\WINDOWS\System32\tbs.dll - ok
12:09:30.0019 3232 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\WINDOWS\System32\drivers\http.sys
12:09:30.0019 3232 C:\WINDOWS\System32\drivers\http.sys - ok
12:09:30.0035 3232 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\WINDOWS\System32\spoolsv.exe
12:09:30.0035 3232 C:\WINDOWS\System32\spoolsv.exe - ok
12:09:30.0035 3232 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\WINDOWS\System32\drivers\bowser.sys
12:09:30.0035 3232 C:\WINDOWS\System32\drivers\bowser.sys - ok
12:09:30.0035 3232 [ A5D9106A73DC88564C825D317CAC68AC ] C:\WINDOWS\System32\drivers\mrxsmb.sys
12:09:30.0035 3232 C:\WINDOWS\System32\drivers\mrxsmb.sys - ok
12:09:30.0035 3232 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\WINDOWS\System32\drivers\srvnet.sys
12:09:30.0035 3232 C:\WINDOWS\System32\drivers\srvnet.sys - ok
12:09:30.0035 3232 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\WINDOWS\System32\drivers\mrxsmb10.sys
12:09:30.0035 3232 C:\WINDOWS\System32\drivers\mrxsmb10.sys - ok
12:09:30.0035 3232 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\WINDOWS\System32\drivers\mrxsmb20.sys
12:09:30.0035 3232 C:\WINDOWS\System32\drivers\mrxsmb20.sys - ok
12:09:30.0035 3232 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\WINDOWS\System32\drivers\srv2.sys
12:09:30.0035 3232 C:\WINDOWS\System32\drivers\srv2.sys - ok
12:09:30.0035 3232 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\WINDOWS\System32\wiarpc.dll
12:09:30.0035 3232 C:\WINDOWS\System32\wiarpc.dll - ok
12:09:30.0035 3232 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\WINDOWS\System32\wkssvc.dll
12:09:30.0035 3232 C:\WINDOWS\System32\wkssvc.dll - ok
12:09:30.0051 3232 [ 357BE883C5236BFC7341CB9E82308908 ] C:\WINDOWS\System32\wlanapi.dll
12:09:30.0051 3232 C:\WINDOWS\System32\wlanapi.dll - ok
12:09:30.0051 3232 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\WINDOWS\System32\drivers\srv.sys
12:09:30.0051 3232 C:\WINDOWS\System32\drivers\srv.sys - ok
12:09:30.0051 3232 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\WINDOWS\System32\browser.dll
12:09:30.0051 3232 C:\WINDOWS\System32\browser.dll - ok
12:09:30.0051 3232 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\WINDOWS\System32\srvsvc.dll
12:09:30.0051 3232 C:\WINDOWS\System32\srvsvc.dll - ok
12:09:30.0051 3232 [ 81749E073AC5857B044A686B406E5244 ] C:\WINDOWS\System32\clusapi.dll
12:09:30.0051 3232 C:\WINDOWS\System32\clusapi.dll - ok
12:09:30.0051 3232 [ 03706015DB44368375AEBE6339490E66 ] C:\WINDOWS\System32\netcfgx.dll
12:09:30.0051 3232 C:\WINDOWS\System32\netcfgx.dll - ok
12:09:30.0051 3232 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\WINDOWS\System32\netmsg.dll
12:09:30.0051 3232 C:\WINDOWS\System32\netmsg.dll - ok
12:09:30.0051 3232 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\WINDOWS\System32\sscore.dll
12:09:30.0051 3232 C:\WINDOWS\System32\sscore.dll - ok
12:09:30.0051 3232 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\WINDOWS\System32\resutils.dll
12:09:30.0051 3232 C:\WINDOWS\System32\resutils.dll - ok
12:09:30.0066 3232 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
12:09:30.0066 3232 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
12:09:30.0066 3232 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\WINDOWS\System32\cryptsvc.dll
12:09:30.0066 3232 C:\WINDOWS\System32\cryptsvc.dll - ok
12:09:30.0066 3232 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\WINDOWS\System32\dps.dll
12:09:30.0066 3232 C:\WINDOWS\System32\dps.dll - ok
12:09:30.0066 3232 [ 802496CB59A30349F9A6DD22D6947644 ] C:\WINDOWS\System32\FDResPub.dll
12:09:30.0066 3232 C:\WINDOWS\System32\FDResPub.dll - ok
12:09:30.0066 3232 [ 74CE2EBE64AB78904E33DD4C5F21611F ] C:\WINDOWS\System32\mfevtps.exe
12:09:30.0066 3232 C:\WINDOWS\System32\mfevtps.exe - ok
12:09:30.0066 3232 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\WINDOWS\System32\sfc.dll
12:09:30.0066 3232 C:\WINDOWS\System32\sfc.dll - ok
12:09:30.0066 3232 [ 895C9AB0A855547445C4181195230757 ] C:\WINDOWS\System32\sfc_os.dll
12:09:30.0066 3232 C:\WINDOWS\System32\sfc_os.dll - ok
12:09:30.0066 3232 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\WINDOWS\System32\taskschd.dll
12:09:30.0066 3232 C:\WINDOWS\System32\taskschd.dll - ok
12:09:30.0066 3232 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\WINDOWS\System32\webservices.dll
12:09:30.0066 3232 C:\WINDOWS\System32\webservices.dll - ok
12:09:30.0082 3232 [ F1B205F932F62F94506A5F332C895DAF ] C:\WINDOWS\System32\WSDApi.dll
12:09:30.0082 3232 C:\WINDOWS\System32\WSDApi.dll - ok
12:09:30.0082 3232 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\WINDOWS\System32\cryptnet.dll
12:09:30.0082 3232 C:\WINDOWS\System32\cryptnet.dll - ok
12:09:30.0082 3232 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\WINDOWS\System32\fundisc.dll
12:09:30.0082 3232 C:\WINDOWS\System32\fundisc.dll - ok
12:09:30.0082 3232 [ 8AD77806D336673F270DB31645267293 ] C:\WINDOWS\System32\nlasvc.dll
12:09:30.0082 3232 C:\WINDOWS\System32\nlasvc.dll - ok
12:09:30.0082 3232 [ 3AEAA8B561E63452C655DC0584922257 ] C:\WINDOWS\System32\pcasvc.dll
12:09:30.0082 3232 C:\WINDOWS\System32\pcasvc.dll - ok
12:09:30.0082 3232 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\WINDOWS\System32\rasadhlp.dll
12:09:30.0082 3232 C:\WINDOWS\System32\rasadhlp.dll - ok
12:09:30.0082 3232 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\WINDOWS\System32\drivers\PEAuth.sys
12:09:30.0082 3232 C:\WINDOWS\System32\drivers\PEAuth.sys - ok
12:09:30.0082 3232 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\WINDOWS\System32\drivers\secdrv.sys
12:09:30.0082 3232 C:\WINDOWS\System32\drivers\secdrv.sys - ok
12:09:30.0082 3232 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\WINDOWS\System32\ncsi.dll
12:09:30.0082 3232 C:\WINDOWS\System32\ncsi.dll - ok
12:09:30.0097 3232 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\WINDOWS\System32\webio.dll
12:09:30.0097 3232 C:\WINDOWS\System32\webio.dll - ok
12:09:30.0097 3232 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\WINDOWS\System32\winhttp.dll
12:09:30.0097 3232 C:\WINDOWS\System32\winhttp.dll - ok
12:09:30.0097 3232 [ C6CC9297BD53E5229653303E556AA539 ] C:\WINDOWS\System32\drivers\Sftfslh.sys
12:09:30.0097 3232 C:\WINDOWS\System32\drivers\Sftfslh.sys - ok
12:09:30.0097 3232 [ 1727B2A2F379A32B864C096FA794AADC ] C:\WINDOWS\System32\aepic.dll
12:09:30.0097 3232 C:\WINDOWS\System32\aepic.dll - ok
12:09:30.0097 3232 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\WINDOWS\System32\drivers\Sftplaylh.sys
12:09:30.0097 3232 C:\WINDOWS\System32\drivers\Sftplaylh.sys - ok
12:09:30.0097 3232 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:09:30.0097 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
12:09:30.0097 3232 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\WINDOWS\SysWOW64\ntdll.dll
12:09:30.0097 3232 C:\WINDOWS\SysWOW64\ntdll.dll - ok
12:09:30.0097 3232 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\WINDOWS\System32\vssapi.dll
12:09:30.0097 3232 C:\WINDOWS\System32\vssapi.dll - ok
12:09:30.0097 3232 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\WINDOWS\System32\wow64.dll
12:09:30.0097 3232 C:\WINDOWS\System32\wow64.dll - ok
12:09:30.0113 3232 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\WINDOWS\System32\wow64cpu.dll
12:09:30.0113 3232 C:\WINDOWS\System32\wow64cpu.dll - ok
12:09:30.0113 3232 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\WINDOWS\System32\wow64win.dll
12:09:30.0113 3232 C:\WINDOWS\System32\wow64win.dll - ok
12:09:30.0113 3232 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\WINDOWS\SysWOW64\kernel32.dll
12:09:30.0113 3232 C:\WINDOWS\SysWOW64\kernel32.dll - ok
12:09:30.0113 3232 [ 95E2376B3323F062EB562B8586D0F14A ] C:\WINDOWS\SysWOW64\advapi32.dll
12:09:30.0113 3232 C:\WINDOWS\SysWOW64\advapi32.dll - ok
12:09:30.0113 3232 [ E954A79D6A754A5475582CACED1565E6 ] C:\WINDOWS\SysWOW64\KernelBase.dll
12:09:30.0113 3232 C:\WINDOWS\SysWOW64\KernelBase.dll - ok
12:09:30.0113 3232 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\WINDOWS\SysWOW64\msvcrt.dll
12:09:30.0113 3232 C:\WINDOWS\SysWOW64\msvcrt.dll - ok
12:09:30.0113 3232 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\WINDOWS\SysWOW64\rpcrt4.dll
12:09:30.0113 3232 C:\WINDOWS\SysWOW64\rpcrt4.dll - ok
12:09:30.0113 3232 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\WINDOWS\SysWOW64\sechost.dll
12:09:30.0113 3232 C:\WINDOWS\SysWOW64\sechost.dll - ok
12:09:30.0113 3232 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\WINDOWS\SysWOW64\cryptbase.dll
12:09:30.0113 3232 C:\WINDOWS\SysWOW64\cryptbase.dll - ok
12:09:30.0113 3232 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\WINDOWS\SysWOW64\sspicli.dll
12:09:30.0113 3232 C:\WINDOWS\SysWOW64\sspicli.dll - ok
12:09:30.0129 3232 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\WINDOWS\SysWOW64\user32.dll
12:09:30.0129 3232 C:\WINDOWS\SysWOW64\user32.dll - ok
12:09:30.0129 3232 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\WINDOWS\System32\vsstrace.dll
12:09:30.0129 3232 C:\WINDOWS\System32\vsstrace.dll - ok
12:09:30.0129 3232 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\WINDOWS\System32\ssdpapi.dll
12:09:30.0129 3232 C:\WINDOWS\System32\ssdpapi.dll - ok
12:09:30.0129 3232 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\WINDOWS\SysWOW64\gdi32.dll
12:09:30.0129 3232 C:\WINDOWS\SysWOW64\gdi32.dll - ok
12:09:30.0129 3232 [ 384721EF4024890092625E20CADFAF85 ] C:\WINDOWS\SysWOW64\lpk.dll
12:09:30.0129 3232 C:\WINDOWS\SysWOW64\lpk.dll - ok
12:09:30.0129 3232 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\WINDOWS\SysWOW64\usp10.dll
12:09:30.0129 3232 C:\WINDOWS\SysWOW64\usp10.dll - ok
12:09:30.0129 3232 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
12:09:30.0129 3232 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
12:09:30.0129 3232 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
12:09:30.0129 3232 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
12:09:30.0144 3232 [ 928CF7268086631F54C3D8E17238C6DD ] C:\WINDOWS\SysWOW64\ole32.dll
12:09:30.0144 3232 C:\WINDOWS\SysWOW64\ole32.dll - ok
12:09:30.0144 3232 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\WINDOWS\SysWOW64\oleaut32.dll
12:09:30.0144 3232 C:\WINDOWS\SysWOW64\oleaut32.dll - ok
12:09:30.0144 3232 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\WINDOWS\SysWOW64\profapi.dll
12:09:30.0144 3232 C:\WINDOWS\SysWOW64\profapi.dll - ok
12:09:30.0144 3232 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\WINDOWS\SysWOW64\userenv.dll
12:09:30.0144 3232 C:\WINDOWS\SysWOW64\userenv.dll - ok
12:09:30.0144 3232 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\WINDOWS\SysWOW64\shell32.dll
12:09:30.0144 3232 C:\WINDOWS\SysWOW64\shell32.dll - ok
12:09:30.0144 3232 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
12:09:30.0144 3232 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
12:09:30.0144 3232 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\WINDOWS\System32\aeevts.dll
12:09:30.0144 3232 C:\WINDOWS\System32\aeevts.dll - ok
12:09:30.0144 3232 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\WINDOWS\SysWOW64\imm32.dll
12:09:30.0144 3232 C:\WINDOWS\SysWOW64\imm32.dll - ok
12:09:30.0144 3232 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\WINDOWS\SysWOW64\msctf.dll
12:09:30.0144 3232 C:\WINDOWS\SysWOW64\msctf.dll - ok
12:09:30.0160 3232 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\WINDOWS\SysWOW64\shlwapi.dll
12:09:30.0160 3232 C:\WINDOWS\SysWOW64\shlwapi.dll - ok
12:09:30.0160 3232 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\WINDOWS\System32\drivers\tcpipreg.sys
12:09:30.0160 3232 C:\WINDOWS\System32\drivers\tcpipreg.sys - ok
12:09:30.0160 3232 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\WINDOWS\System32\sysmain.dll
12:09:30.0160 3232 C:\WINDOWS\System32\sysmain.dll - ok
12:09:30.0160 3232 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\WINDOWS\System32\wiaservc.dll
12:09:30.0160 3232 C:\WINDOWS\System32\wiaservc.dll - ok
12:09:30.0160 3232 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\WINDOWS\SysWOW64\credssp.dll
12:09:30.0160 3232 C:\WINDOWS\SysWOW64\credssp.dll - ok
12:09:30.0160 3232 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\WINDOWS\SysWOW64\cryptsp.dll
12:09:30.0160 3232 C:\WINDOWS\SysWOW64\cryptsp.dll - ok
12:09:30.0160 3232 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\WINDOWS\SysWOW64\RpcRtRemote.dll
12:09:30.0160 3232 C:\WINDOWS\SysWOW64\RpcRtRemote.dll - ok
12:09:30.0160 3232 [ F93674263F6B07C77956E966953242D9 ] C:\WINDOWS\SysWOW64\secur32.dll
12:09:30.0160 3232 C:\WINDOWS\SysWOW64\secur32.dll - ok
12:09:30.0160 3232 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\WINDOWS\System32\wiatrace.dll
12:09:30.0160 3232 C:\WINDOWS\System32\wiatrace.dll - ok
12:09:30.0160 3232 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:09:30.0160 3232 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
12:09:30.0175 3232 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\WINDOWS\System32\trkwks.dll
12:09:30.0175 3232 C:\WINDOWS\System32\trkwks.dll - ok
12:09:30.0175 3232 [ 19B07E7E8915D701225DA41CB3877306 ] C:\WINDOWS\System32\wbem\WMIsvc.dll
12:09:30.0175 3232 C:\WINDOWS\System32\wbem\WMIsvc.dll - ok
12:09:30.0175 3232 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\WINDOWS\System32\wbemcomn.dll
12:09:30.0175 3232 C:\WINDOWS\System32\wbemcomn.dll - ok
12:09:30.0175 3232 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\WINDOWS\System32\wbem\WinMgmtR.dll
12:09:30.0175 3232 C:\WINDOWS\System32\wbem\WinMgmtR.dll - ok
12:09:30.0175 3232 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\WINDOWS\System32\wbem\WmiDcPrv.dll
12:09:30.0175 3232 C:\WINDOWS\System32\wbem\WmiDcPrv.dll - ok
12:09:30.0175 3232 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\WINDOWS\System32\wbem\fastprox.dll
12:09:30.0175 3232 C:\WINDOWS\System32\wbem\fastprox.dll - ok
12:09:30.0175 3232 [ EE26D130808D16C0E417BBBED0451B34 ] C:\WINDOWS\System32\ntdsapi.dll
12:09:30.0175 3232 C:\WINDOWS\System32\ntdsapi.dll - ok
12:09:30.0175 3232 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\WINDOWS\System32\wbem\wbemprox.dll
12:09:30.0175 3232 C:\WINDOWS\System32\wbem\wbemprox.dll - ok
12:09:30.0175 3232 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\WINDOWS\System32\wbem\wbemcore.dll
12:09:30.0175 3232 C:\WINDOWS\System32\wbem\wbemcore.dll - ok
12:09:30.0191 3232 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
12:09:30.0191 3232 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
12:09:30.0191 3232 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\WINDOWS\System32\SensApi.dll
12:09:30.0191 3232 C:\WINDOWS\System32\SensApi.dll - ok
12:09:30.0191 3232 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\WINDOWS\System32\wer.dll
12:09:30.0191 3232 C:\WINDOWS\System32\wer.dll - ok
12:09:30.0191 3232 [ 087D8668C71634A3A3761135ABF16EEE ] C:\WINDOWS\System32\wbem\esscli.dll
12:09:30.0191 3232 C:\WINDOWS\System32\wbem\esscli.dll - ok
12:09:30.0191 3232 [ 23EA22ACADD66D7F1E18A4AA72BE6158 ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
12:09:30.0191 3232 C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe - ok
12:09:30.0191 3232 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\WINDOWS\System32\wbem\wbemsvc.dll
12:09:30.0191 3232 C:\WINDOWS\System32\wbem\wbemsvc.dll - ok
12:09:30.0191 3232 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\WINDOWS\System32\wbem\wmiutils.dll
12:09:30.0191 3232 C:\WINDOWS\System32\wbem\wmiutils.dll - ok
12:09:30.0191 3232 [ 1F4070CD7B8AFFC4E8E4204277ABBC0D ] C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll
12:09:30.0191 3232 C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll - ok
12:09:30.0207 3232 [ 295657F93F6B19DEEA804048E1CB4FF9 ] C:\WINDOWS\System32\lz32.dll
12:09:30.0207 3232 C:\WINDOWS\System32\lz32.dll - ok
12:09:30.0207 3232 [ B2F557D8A8DE88CD5A5241DE740CBA28 ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll
12:09:30.0207 3232 C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll - ok
12:09:30.0207 3232 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\WINDOWS\System32\wbem\repdrvfs.dll
12:09:30.0207 3232 C:\WINDOWS\System32\wbem\repdrvfs.dll - ok
12:09:30.0207 3232 [ EA866D30F01676C3BE9FA83888DF8A02 ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll
12:09:30.0207 3232 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll - ok
12:09:30.0207 3232 [ 992D1AA9D6B8B36F975509A1F878447A ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll
12:09:30.0207 3232 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll - ok
12:09:30.0207 3232 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\WINDOWS\System32\shfolder.dll
12:09:30.0207 3232 C:\WINDOWS\System32\shfolder.dll - ok
12:09:30.0207 3232 [ BAE7CF8793626723452C2F3E966BE2EA ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll
12:09:30.0207 3232 C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll - ok
12:09:30.0207 3232 [ B37B3C1A2B92921CBC0A460A07324298 ] C:\Program Files\Common Files\mcafee\systemcore\ftl.dll
12:09:30.0207 3232 C:\Program Files\Common Files\mcafee\systemcore\ftl.dll - ok
12:09:30.0207 3232 [ 3E5B586603599C04C2F44C56CA37744A ] C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll
12:09:30.0207 3232 C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll - ok
12:09:30.0222 3232 [ B6F1513C78CC8ECE1AC2B74C8206F025 ] C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll
12:09:30.0222 3232 C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll - ok
12:09:30.0222 3232 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\WINDOWS\System32\wbem\WmiPrvSD.dll
12:09:30.0222 3232 C:\WINDOWS\System32\wbem\WmiPrvSD.dll - ok
12:09:30.0222 3232 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\WINDOWS\System32\ncobjapi.dll
12:09:30.0222 3232 C:\WINDOWS\System32\ncobjapi.dll - ok
12:09:30.0222 3232 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\WINDOWS\System32\wbem\wbemess.dll
12:09:30.0222 3232 C:\WINDOWS\System32\wbem\wbemess.dll - ok
12:09:30.0222 3232 [ 8B9D76F72F48880DC1A6A0A920969EB4 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
12:09:30.0222 3232 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
12:09:30.0222 3232 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\WINDOWS\System32\msxml3.dll
12:09:30.0222 3232 C:\WINDOWS\System32\msxml3.dll - ok
12:09:30.0222 3232 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
12:09:30.0222 3232 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
12:09:30.0222 3232 [ 3CBBB569730EFD069B4BD253DDD4AD58 ] C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
12:09:30.0222 3232 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe - ok
12:09:30.0238 3232 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:09:30.0238 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
12:09:30.0238 3232 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
12:09:30.0238 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
12:09:30.0238 3232 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
12:09:30.0238 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
12:09:30.0238 3232 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\WINDOWS\SysWOW64\mpr.dll
12:09:30.0238 3232 C:\WINDOWS\SysWOW64\mpr.dll - ok
12:09:30.0238 3232 [ 494DC8A189A5191BB9F8B527C0369901 ] C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll
12:09:30.0238 3232 C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll - ok
12:09:30.0238 3232 [ 49F9973C0745C42E0D974AEB75A5DAF2 ] C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll
12:09:30.0238 3232 C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll - ok
12:09:30.0238 3232 [ 7760899D95C2D1AAC5C1D34AF41A11C7 ] C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll
12:09:30.0238 3232 C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll - ok
12:09:30.0238 3232 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
12:09:30.0238 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
12:09:30.0253 3232 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\WINDOWS\SysWOW64\netapi32.dll
12:09:30.0253 3232 C:\WINDOWS\SysWOW64\netapi32.dll - ok
12:09:30.0253 3232 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\WINDOWS\SysWOW64\netutils.dll
12:09:30.0253 3232 C:\WINDOWS\SysWOW64\netutils.dll - ok
12:09:30.0253 3232 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\WINDOWS\SysWOW64\srvcli.dll
12:09:30.0253 3232 C:\WINDOWS\SysWOW64\srvcli.dll - ok
12:09:30.0253 3232 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\WINDOWS\SysWOW64\wkscli.dll
12:09:30.0253 3232 C:\WINDOWS\SysWOW64\wkscli.dll - ok
12:09:30.0253 3232 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
12:09:30.0253 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
12:09:30.0269 3232 [ 7E964A50D95F0BDE2472EF6A77D5B33E ] C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll
12:09:30.0269 3232 C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll - ok
12:09:30.0269 3232 [ 19323081FA4018C9C1AEBF08114BEA11 ] C:\WINDOWS\System32\drivers\mfeapfk.sys
12:09:30.0269 3232 C:\WINDOWS\System32\drivers\mfeapfk.sys - ok
12:09:30.0269 3232 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
12:09:30.0269 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
12:09:30.0269 3232 [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\WINDOWS\SysWOW64\iertutil.dll
12:09:30.0269 3232 C:\WINDOWS\SysWOW64\iertutil.dll - ok
12:09:30.0269 3232 [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\WINDOWS\SysWOW64\wininet.dll
12:09:30.0269 3232 C:\WINDOWS\SysWOW64\wininet.dll - ok
12:09:30.0269 3232 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
12:09:30.0269 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
12:09:30.0269 3232 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\WINDOWS\SysWOW64\SensApi.dll
12:09:30.0269 3232 C:\WINDOWS\SysWOW64\SensApi.dll - ok
12:09:30.0269 3232 [ BE157C3800DA3010EFC48280ECF81C16 ] C:\WINDOWS\SysWOW64\urlmon.dll
12:09:30.0269 3232 C:\WINDOWS\SysWOW64\urlmon.dll - ok
12:09:30.0269 3232 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\WINDOWS\SysWOW64\crypt32.dll
12:09:30.0269 3232 C:\WINDOWS\SysWOW64\crypt32.dll - ok
12:09:30.0285 3232 [ A90DC9ABD65DB1A8902F361103029952 ] C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\IPHLPAPI.DLL - ok
12:09:30.0285 3232 [ 6377051C63D5552A311935C67E9FDFDC ] C:\WINDOWS\SysWOW64\nsi.dll
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\nsi.dll - ok
12:09:30.0285 3232 [ CFF35B879D1618D42C86644C717BA947 ] C:\WINDOWS\SysWOW64\winnsi.dll
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\winnsi.dll - ok
12:09:30.0285 3232 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\WINDOWS\SysWOW64\msasn1.dll
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\msasn1.dll - ok
12:09:30.0285 3232 [ CA9F7888B524D8100B977C81F44C3234 ] C:\WINDOWS\SysWOW64\winhttp.dll
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\winhttp.dll - ok
12:09:30.0285 3232 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\WINDOWS\SysWOW64\webio.dll
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\webio.dll - ok
12:09:30.0285 3232 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\WINDOWS\SysWOW64\ws2_32.dll
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\ws2_32.dll - ok
12:09:30.0285 3232 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\WINDOWS\SysWOW64\wsock32.dll
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\wsock32.dll - ok
12:09:30.0285 3232 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\WINDOWS\SysWOW64\logoncli.dll
12:09:30.0285 3232 C:\WINDOWS\SysWOW64\logoncli.dll - ok
12:09:30.0300 3232 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\WINDOWS\SysWOW64\msi.dll
12:09:30.0300 3232 C:\WINDOWS\SysWOW64\msi.dll - ok
12:09:30.0300 3232 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\WINDOWS\SysWOW64\wintrust.dll
12:09:30.0300 3232 C:\WINDOWS\SysWOW64\wintrust.dll - ok
12:09:30.0300 3232 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\WINDOWS\SysWOW64\fltLib.dll
12:09:30.0300 3232 C:\WINDOWS\SysWOW64\fltLib.dll - ok
12:09:30.0300 3232 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\WINDOWS\System32\drivers\Sftredirlh.sys
12:09:30.0300 3232 C:\WINDOWS\System32\drivers\Sftredirlh.sys - ok
12:09:30.0300 3232 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\WINDOWS\SysWOW64\schannel.dll
12:09:30.0300 3232 C:\WINDOWS\SysWOW64\schannel.dll - ok
12:09:30.0300 3232 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\WINDOWS\System32\dssenh.dll
12:09:30.0300 3232 C:\WINDOWS\System32\dssenh.dll - ok
12:09:30.0300 3232 [ FF5688D309347F2720911D8796912834 ] C:\WINDOWS\SysWOW64\clbcatq.dll
12:09:30.0300 3232 C:\WINDOWS\SysWOW64\clbcatq.dll - ok
12:09:30.0300 3232 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\WINDOWS\SysWOW64\msxml6.dll
12:09:30.0300 3232 C:\WINDOWS\SysWOW64\msxml6.dll - ok
12:09:30.0300 3232 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\WINDOWS\SysWOW64\rsaenh.dll
12:09:30.0300 3232 C:\WINDOWS\SysWOW64\rsaenh.dll - ok
12:09:30.0316 3232 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
12:09:30.0316 3232 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
12:09:30.0316 3232 [ 702254574E7E52052DE39408457B7149 ] C:\WINDOWS\SysWOW64\version.dll
12:09:30.0316 3232 C:\WINDOWS\SysWOW64\version.dll - ok
12:09:30.0316 3232 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
12:09:30.0316 3232 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
12:09:30.0316 3232 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\WINDOWS\SysWOW64\wtsapi32.dll
12:09:30.0316 3232 C:\WINDOWS\SysWOW64\wtsapi32.dll - ok
12:09:30.0316 3232 [ 108C2CFA5527458C096A699929ECBD80 ] C:\WINDOWS\SysWOW64\credui.dll
12:09:30.0316 3232 C:\WINDOWS\SysWOW64\credui.dll - ok
12:09:30.0316 3232 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\WINDOWS\SysWOW64\dbghelp.dll
12:09:30.0316 3232 C:\WINDOWS\SysWOW64\dbghelp.dll - ok
12:09:30.0316 3232 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\WINDOWS\SysWOW64\oleacc.dll
12:09:30.0316 3232 C:\WINDOWS\SysWOW64\oleacc.dll - ok
12:09:30.0316 3232 [ A543AC1F7138376D778D630A35FCBC4C ] C:\WINDOWS\SysWOW64\psapi.dll
12:09:30.0316 3232 C:\WINDOWS\SysWOW64\psapi.dll - ok
12:09:30.0316 3232 [ 7717F84F483002815490033BF069DABD ] C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
12:09:30.0316 3232 C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
12:09:30.0331 3232 [ 565A30B70BE8A9B171839003F2D69683 ] C:\WINDOWS\SysWOW64\hlink.dll
12:09:30.0331 3232 C:\WINDOWS\SysWOW64\hlink.dll - ok
12:09:30.0331 3232 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\WINDOWS\SysWOW64\setupapi.dll
12:09:30.0331 3232 C:\WINDOWS\SysWOW64\setupapi.dll - ok
12:09:30.0331 3232 [ F436E847FA799ECD75AD8C313673F450 ] C:\WINDOWS\SysWOW64\cfgmgr32.dll
12:09:30.0331 3232 C:\WINDOWS\SysWOW64\cfgmgr32.dll - ok
12:09:30.0331 3232 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\WINDOWS\SysWOW64\devobj.dll
12:09:30.0331 3232 C:\WINDOWS\SysWOW64\devobj.dll - ok
12:09:30.0331 3232 [ 352B3DC62A0D259A82A052238425C872 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:09:30.0331 3232 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:09:30.0331 3232 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
12:09:30.0331 3232 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
12:09:30.0331 3232 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
12:09:30.0331 3232 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
12:09:30.0331 3232 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\WINDOWS\SysWOW64\cryptdll.dll
12:09:30.0331 3232 C:\WINDOWS\SysWOW64\cryptdll.dll - ok
12:09:30.0331 3232 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\WINDOWS\SysWOW64\msv1_0.dll
12:09:30.0331 3232 C:\WINDOWS\SysWOW64\msv1_0.dll - ok
12:09:30.0347 3232 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\WINDOWS\SysWOW64\msxml3.dll
12:09:30.0347 3232 C:\WINDOWS\SysWOW64\msxml3.dll - ok
12:09:30.0347 3232 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\WINDOWS\System32\diagperf.dll
12:09:30.0347 3232 C:\WINDOWS\System32\diagperf.dll - ok
12:09:30.0347 3232 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\WINDOWS\System32\drivers\WUDFPf.sys
12:09:30.0347 3232 C:\WINDOWS\System32\drivers\WUDFPf.sys - ok
12:09:30.0347 3232 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\WINDOWS\System32\hidserv.dll
12:09:30.0347 3232 C:\WINDOWS\System32\hidserv.dll - ok
12:09:30.0347 3232 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\WINDOWS\System32\perftrack.dll
12:09:30.0347 3232 C:\WINDOWS\System32\perftrack.dll - ok
12:09:30.0347 3232 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\WINDOWS\System32\wdi.dll
12:09:30.0347 3232 C:\WINDOWS\System32\wdi.dll - ok
12:09:30.0347 3232 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\WINDOWS\System32\wpdbusenum.dll
12:09:30.0347 3232 C:\WINDOWS\System32\wpdbusenum.dll - ok
12:09:30.0347 3232 [ B20F051B03A966392364C83F009F7D17 ] C:\WINDOWS\System32\WUDFSvc.dll
12:09:30.0347 3232 C:\WINDOWS\System32\WUDFSvc.dll - ok
12:09:30.0347 3232 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\WINDOWS\System32\PortableDeviceApi.dll
12:09:30.0347 3232 C:\WINDOWS\System32\PortableDeviceApi.dll - ok
12:09:30.0363 3232 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\WINDOWS\System32\PortableDeviceConnectApi.dll
12:09:30.0363 3232 C:\WINDOWS\System32\PortableDeviceConnectApi.dll - ok
12:09:30.0363 3232 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\WINDOWS\System32\WUDFHost.exe
12:09:30.0363 3232 C:\WINDOWS\System32\WUDFHost.exe - ok
12:09:30.0363 3232 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\WINDOWS\System32\Apphlpdm.dll
12:09:30.0363 3232 C:\WINDOWS\System32\Apphlpdm.dll - ok
12:09:30.0363 3232 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\WINDOWS\System32\pnpts.dll
12:09:30.0363 3232 C:\WINDOWS\System32\pnpts.dll - ok
12:09:30.0363 3232 [ E811F8510B133E70CF6E509FB809824F ] C:\WINDOWS\System32\wdiasqmmodule.dll
12:09:30.0363 3232 C:\WINDOWS\System32\wdiasqmmodule.dll - ok
12:09:30.0363 3232 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\WINDOWS\System32\WUDFx.dll
12:09:30.0363 3232 C:\WINDOWS\System32\WUDFx.dll - ok
12:09:30.0363 3232 [ C97BBC1F50B859CD729DD8FED715CCB1 ] C:\WINDOWS\System32\drivers\UMDF\WpdMtpDr.dll
12:09:30.0363 3232 C:\WINDOWS\System32\drivers\UMDF\WpdMtpDr.dll - ok
12:09:30.0363 3232 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\WINDOWS\System32\PortableDeviceClassExtension.dll
12:09:30.0363 3232 C:\WINDOWS\System32\PortableDeviceClassExtension.dll - ok
12:09:30.0363 3232 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\WINDOWS\System32\PortableDeviceTypes.dll
12:09:30.0363 3232 C:\WINDOWS\System32\PortableDeviceTypes.dll - ok
12:09:30.0378 3232 [ 8AF921B8072B495E02E42825D7D3AEC2 ] C:\WINDOWS\System32\WpdMtp.dll
12:09:30.0378 3232 C:\WINDOWS\System32\WpdMtp.dll - ok
12:09:30.0378 3232 [ 5D0F03EEF3205F66ECFBE72A7CBBAD1F ] C:\WINDOWS\System32\winusb.dll
12:09:30.0378 3232 C:\WINDOWS\System32\winusb.dll - ok
12:09:30.0378 3232 [ 8652C38F5028E1E987DAD6FBEF4DA55F ] C:\WINDOWS\System32\WpdMtpUS.dll
12:09:30.0378 3232 C:\WINDOWS\System32\WpdMtpUS.dll - ok
12:09:30.0378 3232 [ F41831D2A3D6E2152525EA3F75316ACD ] C:\WINDOWS\System32\wpd_ci.dll
12:09:30.0378 3232 C:\WINDOWS\System32\wpd_ci.dll - ok
12:09:30.0378 3232 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\WINDOWS\System32\dimsjob.dll
12:09:30.0378 3232 C:\WINDOWS\System32\dimsjob.dll - ok
12:09:30.0378 3232 [ 639774C9ACD063F028F6084ABF5593AD ] C:\WINDOWS\System32\taskhost.exe
12:09:30.0378 3232 C:\WINDOWS\System32\taskhost.exe - ok
12:09:30.0378 3232 [ F7073C962C4FB7C415565DDE109DE49F ] C:\WINDOWS\System32\npmproxy.dll
12:09:30.0378 3232 C:\WINDOWS\System32\npmproxy.dll - ok
12:09:30.0378 3232 [ 58A0CDABEA255616827B1C22C9994466 ] C:\WINDOWS\System32\NapiNSP.dll
12:09:30.0378 3232 C:\WINDOWS\System32\NapiNSP.dll - ok
12:09:30.0378 3232 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\WINDOWS\System32\pnrpnsp.dll
12:09:30.0378 3232 C:\WINDOWS\System32\pnrpnsp.dll - ok
12:09:30.0378 3232 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\WINDOWS\System32\winrnr.dll
12:09:30.0378 3232 C:\WINDOWS\System32\winrnr.dll - ok
12:09:30.0394 3232 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\WINDOWS\System32\dllhost.exe
12:09:30.0394 3232 C:\WINDOWS\System32\dllhost.exe - ok
12:09:30.0394 3232 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
12:09:30.0394 3232 C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
12:09:30.0394 3232 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\WINDOWS\System32\IDStore.dll
12:09:30.0394 3232 C:\WINDOWS\System32\IDStore.dll - ok
12:09:30.0394 3232 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\WINDOWS\System32\mpr.dll
12:09:30.0394 3232 C:\WINDOWS\System32\mpr.dll - ok
12:09:30.0394 3232 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\WINDOWS\System32\PlaySndSrv.dll
12:09:30.0394 3232 C:\WINDOWS\System32\PlaySndSrv.dll - ok
12:09:30.0394 3232 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\WINDOWS\System32\taskeng.exe
12:09:30.0394 3232 C:\WINDOWS\System32\taskeng.exe - ok
12:09:30.0394 3232 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\WINDOWS\System32\localspl.dll
12:09:30.0394 3232 C:\WINDOWS\System32\localspl.dll - ok
12:09:30.0394 3232 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\WINDOWS\System32\spoolss.dll
12:09:30.0394 3232 C:\WINDOWS\System32\spoolss.dll - ok
12:09:30.0394 3232 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\WINDOWS\System32\userinit.exe
12:09:30.0394 3232 C:\WINDOWS\System32\userinit.exe - ok
12:09:30.0409 3232 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\WINDOWS\System32\winspool.drv
12:09:30.0409 3232 C:\WINDOWS\System32\winspool.drv - ok
12:09:30.0409 3232 [ 55E6B8B79E8697B9EA54325F2CACFDE4 ] C:\WINDOWS\System32\cpwmon64.dll
12:09:30.0409 3232 C:\WINDOWS\System32\cpwmon64.dll - ok
12:09:30.0409 3232 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\WINDOWS\System32\dwm.exe
12:09:30.0409 3232 C:\WINDOWS\System32\dwm.exe - ok
12:09:30.0409 3232 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\WINDOWS\System32\dwmcore.dll
12:09:30.0409 3232 C:\WINDOWS\System32\dwmcore.dll - ok
12:09:30.0409 3232 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\WINDOWS\System32\dwmredir.dll
12:09:30.0409 3232 C:\WINDOWS\System32\dwmredir.dll - ok
12:09:30.0409 3232 [ 19E41CCCEE697CC9465396B370929792 ] C:\WINDOWS\System32\FXSMON.dll
12:09:30.0409 3232 C:\WINDOWS\System32\FXSMON.dll - ok
12:09:30.0409 3232 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\WINDOWS\System32\PrintIsolationProxy.dll
12:09:30.0409 3232 C:\WINDOWS\System32\PrintIsolationProxy.dll - ok
12:09:30.0409 3232 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\WINDOWS\System32\snmpapi.dll
12:09:30.0409 3232 C:\WINDOWS\System32\snmpapi.dll - ok
12:09:30.0409 3232 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\WINDOWS\System32\tcpmon.dll
12:09:30.0409 3232 C:\WINDOWS\System32\tcpmon.dll - ok
12:09:30.0425 3232 [ DF72A9936D0C3F517083119648814B09 ] C:\WINDOWS\System32\usbmon.dll
12:09:30.0425 3232 C:\WINDOWS\System32\usbmon.dll - ok
12:09:30.0425 3232 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\WINDOWS\System32\WSDMon.dll
12:09:30.0425 3232 C:\WINDOWS\System32\WSDMon.dll - ok
12:09:30.0425 3232 [ FFF9D00CF16397C64317F213484F94BD ] C:\WINDOWS\System32\wsnmp32.dll
12:09:30.0425 3232 C:\WINDOWS\System32\wsnmp32.dll - ok
12:09:30.0425 3232 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\WINDOWS\System32\fdPnp.dll
12:09:30.0425 3232 C:\WINDOWS\System32\fdPnp.dll - ok
12:09:30.0425 3232 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\WINDOWS\System32\inetpp.dll
12:09:30.0425 3232 C:\WINDOWS\System32\inetpp.dll - ok
12:09:30.0425 3232 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\WINDOWS\System32\spool\prtprocs\x64\winprint.dll
12:09:30.0425 3232 C:\WINDOWS\System32\spool\prtprocs\x64\winprint.dll - ok
12:09:30.0425 3232 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\WINDOWS\System32\win32spl.dll
12:09:30.0425 3232 C:\WINDOWS\System32\win32spl.dll - ok
12:09:30.0425 3232 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\WINDOWS\explorer.exe
12:09:30.0425 3232 C:\WINDOWS\explorer.exe - ok
12:09:30.0425 3232 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\WINDOWS\System32\cscapi.dll
12:09:30.0425 3232 C:\WINDOWS\System32\cscapi.dll - ok
12:09:30.0425 3232 [ E1374D37477322D4956604711008C69D ] C:\WINDOWS\System32\d3d10_1.dll
12:09:30.0425 3232 C:\WINDOWS\System32\d3d10_1.dll - ok
12:09:30.0441 3232 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\WINDOWS\System32\d3d10_1core.dll
12:09:30.0441 3232 C:\WINDOWS\System32\d3d10_1core.dll - ok
12:09:30.0441 3232 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\WINDOWS\System32\dxgi.dll
12:09:30.0441 3232 C:\WINDOWS\System32\dxgi.dll - ok
12:09:30.0441 3232 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\WINDOWS\System32\mgmtapi.dll
12:09:30.0441 3232 C:\WINDOWS\System32\mgmtapi.dll - ok
12:09:30.0441 3232 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\WINDOWS\System32\spool\drivers\x64\3\unidrvui.dll
12:09:30.0441 3232 C:\WINDOWS\System32\spool\drivers\x64\3\unidrvui.dll - ok
12:09:30.0441 3232 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\WINDOWS\System32\tcpmib.dll
12:09:30.0441 3232 C:\WINDOWS\System32\tcpmib.dll - ok
12:09:30.0441 3232 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\WINDOWS\System32\PrintIsolationHost.exe
12:09:30.0441 3232 C:\WINDOWS\System32\PrintIsolationHost.exe - ok
12:09:30.0441 3232 [ 7E1CF52C347D8755E5CA5ED0E99B401E ] C:\WINDOWS\System32\mfc42.dll
12:09:30.0441 3232 C:\WINDOWS\System32\mfc42.dll - ok
12:09:30.0441 3232 [ EF84F5BF80981AA0B37700A6610C64CD ] C:\WINDOWS\System32\spool\drivers\x64\3\brci08ui.dll
12:09:30.0441 3232 C:\WINDOWS\System32\spool\drivers\x64\3\brci08ui.dll - ok
12:09:30.0441 3232 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\WINDOWS\System32\spool\drivers\x64\3\UNIDRV.DLL
12:09:30.0441 3232 C:\WINDOWS\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
12:09:30.0456 3232 [ D86B959B6B9093A56FF423F24E0885D5 ] C:\WINDOWS\System32\aticfx64.dll
12:09:30.0456 3232 C:\WINDOWS\System32\aticfx64.dll - ok
12:09:30.0456 3232 [ 0C7000247E010C77D93560E7D5CCE482 ] C:\WINDOWS\System32\atidxx64.dll
12:09:30.0456 3232 C:\WINDOWS\System32\atidxx64.dll - ok
12:09:30.0456 3232 [ DC814074668BC00F0494A0C64479246D ] C:\WINDOWS\System32\atiuxp64.dll
12:09:30.0456 3232 C:\WINDOWS\System32\atiuxp64.dll - ok
12:09:30.0456 3232 [ EED05D42D91835064703E2318552ED25 ] C:\WINDOWS\System32\ExplorerFrame.dll
12:09:30.0456 3232 C:\WINDOWS\System32\ExplorerFrame.dll - ok
12:09:30.0456 3232 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\WINDOWS\System32\HotStartUserAgent.dll
12:09:30.0456 3232 C:\WINDOWS\System32\HotStartUserAgent.dll - ok
12:09:30.0456 3232 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\WINDOWS\System32\MsCtfMonitor.dll
12:09:30.0456 3232 C:\WINDOWS\System32\MsCtfMonitor.dll - ok
12:09:30.0456 3232 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\WINDOWS\System32\msutb.dll
12:09:30.0456 3232 C:\WINDOWS\System32\msutb.dll - ok
12:09:30.0456 3232 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\WINDOWS\System32\odbc32.dll
12:09:30.0456 3232 C:\WINDOWS\System32\odbc32.dll - ok
12:09:30.0456 3232 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\WINDOWS\System32\odbcint.dll
12:09:30.0456 3232 C:\WINDOWS\System32\odbcint.dll - ok
12:09:30.0472 3232 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\WINDOWS\System32\certcli.dll
12:09:30.0472 3232 C:\WINDOWS\System32\certcli.dll - ok
12:09:30.0472 3232 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\WINDOWS\System32\pautoenr.dll
12:09:30.0472 3232 C:\WINDOWS\System32\pautoenr.dll - ok
12:09:30.0472 3232 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:09:30.0472 3232 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
12:09:30.0472 3232 [ 263B26106606A010CF877472B535E4BB ] C:\WINDOWS\System32\CertEnroll.dll
12:09:30.0472 3232 C:\WINDOWS\System32\CertEnroll.dll - ok
12:09:30.0472 3232 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\WINDOWS\System32\TSChannel.dll
12:09:30.0472 3232 C:\WINDOWS\System32\TSChannel.dll - ok
12:09:30.0472 3232 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
12:09:30.0472 3232 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
12:09:30.0472 3232 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\WINDOWS\System32\EhStorShell.dll
12:09:30.0472 3232 C:\WINDOWS\System32\EhStorShell.dll - ok
12:09:30.0472 3232 [ 1D63F4366288B8A7595397E27010FD44 ] C:\WINDOWS\System32\IconCodecService.dll
12:09:30.0472 3232 C:\WINDOWS\System32\IconCodecService.dll - ok
12:09:30.0487 3232 [ 037A719DAD50603202C978CD802623E4 ] C:\WINDOWS\System32\ntshrui.dll
12:09:30.0487 3232 C:\WINDOWS\System32\ntshrui.dll - ok
12:09:30.0487 3232 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\WINDOWS\System32\appinfo.dll
12:09:30.0487 3232 C:\WINDOWS\System32\appinfo.dll - ok
12:09:30.0487 3232 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\WINDOWS\SysWOW64\imagehlp.dll
12:09:30.0487 3232 C:\WINDOWS\SysWOW64\imagehlp.dll - ok
12:09:30.0487 3232 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\WINDOWS\System32\uDWM.dll
12:09:30.0487 3232 C:\WINDOWS\System32\uDWM.dll - ok
12:09:30.0487 3232 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\WINDOWS\SysWOW64\cscapi.dll
12:09:30.0487 3232 C:\WINDOWS\SysWOW64\cscapi.dll - ok
12:09:30.0487 3232 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\WINDOWS\SysWOW64\ntmarta.dll
12:09:30.0487 3232 C:\WINDOWS\SysWOW64\ntmarta.dll - ok
12:09:30.0487 3232 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\WINDOWS\SysWOW64\Wldap32.dll
12:09:30.0487 3232 C:\WINDOWS\SysWOW64\Wldap32.dll - ok
12:09:30.0487 3232 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
12:09:30.0487 3232 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
12:09:30.0487 3232 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\WINDOWS\SysWOW64\apphelp.dll
12:09:30.0487 3232 C:\WINDOWS\SysWOW64\apphelp.dll - ok
12:09:30.0503 3232 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
12:09:30.0503 3232 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
12:09:30.0503 3232 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\WINDOWS\SysWOW64\mstask.dll
12:09:30.0503 3232 C:\WINDOWS\SysWOW64\mstask.dll - ok
12:09:30.0503 3232 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\WINDOWS\System32\dbghelp.dll
12:09:30.0503 3232 C:\WINDOWS\System32\dbghelp.dll - ok
12:09:30.0503 3232 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\WINDOWS\System32\ntprint.dll
12:09:30.0503 3232 C:\WINDOWS\System32\ntprint.dll - ok
12:09:30.0503 3232 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\WINDOWS\System32\runonce.exe
12:09:30.0503 3232 C:\WINDOWS\System32\runonce.exe - ok
12:09:30.0503 3232 [ D44741F65A1D71F65814A12CF6E2400A ] C:\WINDOWS\SysWOW64\runonce.exe
12:09:30.0503 3232 C:\WINDOWS\SysWOW64\runonce.exe - ok
12:09:30.0503 3232 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\WINDOWS\SysWOW64\uxtheme.dll
12:09:30.0503 3232 C:\WINDOWS\SysWOW64\uxtheme.dll - ok
12:09:30.0503 3232 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\WINDOWS\SysWOW64\propsys.dll
12:09:30.0503 3232 C:\WINDOWS\SysWOW64\propsys.dll - ok
12:09:30.0503 3232 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\WINDOWS\SysWOW64\cmd.exe
12:09:30.0503 3232 C:\WINDOWS\SysWOW64\cmd.exe - ok
12:09:30.0503 3232 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\WINDOWS\SysWOW64\winbrand.dll
12:09:30.0503 3232 C:\WINDOWS\SysWOW64\winbrand.dll - ok
12:09:30.0519 3232 [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\WINDOWS\SysWOW64\ieframe.dll
12:09:30.0519 3232 C:\WINDOWS\SysWOW64\ieframe.dll - ok
12:09:30.0519 3232 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\WINDOWS\SysWOW64\shdocvw.dll
12:09:30.0519 3232 C:\WINDOWS\SysWOW64\shdocvw.dll - ok
12:09:30.0519 3232 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Saul\AppData\Local\Temp\0A69A668-587A-415F-86C7-90E7528C82D4.exe
12:09:30.0519 3232 C:\Users\Saul\AppData\Local\Temp\0A69A668-587A-415F-86C7-90E7528C82D4.exe - ok
12:09:30.0519 3232 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\WINDOWS\SysWOW64\ncrypt.dll
12:09:30.0519 3232 C:\WINDOWS\SysWOW64\ncrypt.dll - ok
12:09:30.0519 3232 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\WINDOWS\SysWOW64\bcrypt.dll
12:09:30.0519 3232 C:\WINDOWS\SysWOW64\bcrypt.dll - ok
12:09:30.0519 3232 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\WINDOWS\SysWOW64\bcryptprimitives.dll
12:09:30.0519 3232 C:\WINDOWS\SysWOW64\bcryptprimitives.dll - ok
12:09:30.0519 3232 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\WINDOWS\System32\aelupsvc.dll
12:09:30.0519 3232 C:\WINDOWS\System32\aelupsvc.dll - ok
12:09:30.0519 3232 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\WINDOWS\System32\radardt.dll
12:09:30.0519 3232 C:\WINDOWS\System32\radardt.dll - ok
12:09:30.0519 3232 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\WINDOWS\SysWOW64\gpapi.dll
12:09:30.0519 3232 C:\WINDOWS\SysWOW64\gpapi.dll - ok
12:09:30.0534 3232 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\WINDOWS\SysWOW64\cryptnet.dll
12:09:30.0534 3232 C:\WINDOWS\SysWOW64\cryptnet.dll - ok
12:09:30.0534 3232 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\WINDOWS\SysWOW64\dwmapi.dll
12:09:30.0534 3232 C:\WINDOWS\SysWOW64\dwmapi.dll - ok
12:09:30.0534 3232 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\WINDOWS\SysWOW64\WindowsCodecs.dll
12:09:30.0534 3232 C:\WINDOWS\SysWOW64\WindowsCodecs.dll - ok
12:09:30.0534 3232 [ 846D0E4DB261CFAF363902E41498E961 ] C:\WINDOWS\SysWOW64\EhStorShell.dll
12:09:30.0534 3232 C:\WINDOWS\SysWOW64\EhStorShell.dll - ok
12:09:30.0534 3232 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\WINDOWS\SysWOW64\ntshrui.dll
12:09:30.0534 3232 C:\WINDOWS\SysWOW64\ntshrui.dll - ok
12:09:30.0534 3232 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\WINDOWS\SysWOW64\imageres.dll
12:09:30.0534 3232 C:\WINDOWS\SysWOW64\imageres.dll - ok
12:09:30.0534 3232 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\WINDOWS\SysWOW64\slc.dll
12:09:30.0534 3232 C:\WINDOWS\SysWOW64\slc.dll - ok
12:09:30.0534 3232 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\WINDOWS\System32\drivers\fastfat.sys
12:09:30.0534 3232 C:\WINDOWS\System32\drivers\fastfat.sys - ok
12:09:30.0534 3232 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\WINDOWS\SysWOW64\sfc.dll
12:09:30.0534 3232 C:\WINDOWS\SysWOW64\sfc.dll - ok
12:09:30.0550 3232 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\WINDOWS\SysWOW64\sfc_os.dll
12:09:30.0550 3232 C:\WINDOWS\SysWOW64\sfc_os.dll - ok
12:09:30.0550 3232 [ 162D247E995EAEBF3EF4289069E1111C ] C:\WINDOWS\SysWOW64\devrtl.dll
12:09:30.0550 3232 C:\WINDOWS\SysWOW64\devrtl.dll - ok
12:09:30.0550 3232 [ FB10715E4099AF9FA389C71873245226 ] C:\WINDOWS\System32\timedate.cpl
12:09:30.0550 3232 C:\WINDOWS\System32\timedate.cpl - ok
12:09:30.0550 3232 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\WINDOWS\System32\actxprxy.dll
12:09:30.0550 3232 C:\WINDOWS\System32\actxprxy.dll - ok
12:09:30.0550 3232 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\WINDOWS\System32\shdocvw.dll
12:09:30.0550 3232 C:\WINDOWS\System32\shdocvw.dll - ok
12:09:30.0550 3232 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\WINDOWS\System32\linkinfo.dll
12:09:30.0550 3232 C:\WINDOWS\System32\linkinfo.dll - ok
12:09:30.0550 3232 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\WINDOWS\System32\msftedit.dll
12:09:30.0550 3232 C:\WINDOWS\System32\msftedit.dll - ok
12:09:30.0550 3232 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\WINDOWS\SysWOW64\mswsock.dll
12:09:30.0550 3232 C:\WINDOWS\SysWOW64\mswsock.dll - ok
12:09:30.0550 3232 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\WINDOWS\SysWOW64\WSHTCPIP.DLL
12:09:30.0550 3232 C:\WINDOWS\SysWOW64\WSHTCPIP.DLL - ok
12:09:30.0565 3232 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
12:09:30.0565 3232 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
12:09:30.0565 3232 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\WINDOWS\System32\msls31.dll
12:09:30.0565 3232 C:\WINDOWS\System32\msls31.dll - ok
12:09:30.0565 3232 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\WINDOWS\SysWOW64\wship6.dll
12:09:30.0565 3232 C:\WINDOWS\SysWOW64\wship6.dll - ok
12:09:30.0565 3232 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\WINDOWS\SysWOW64\dnsapi.dll
12:09:30.0565 3232 C:\WINDOWS\SysWOW64\dnsapi.dll - ok
12:09:30.0565 3232 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:09:30.0565 3232 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:09:30.0565 3232 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
12:09:30.0565 3232 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
12:09:30.0565 3232 [ E62FF21F5B5F69CFA5BB2F97C03C0A5B ] C:\PROGRA~2\Dell\VIDEOS~1\MUITRA~1\STMTEN~1.DLL
12:09:30.0565 3232 C:\PROGRA~2\Dell\VIDEOS~1\MUITRA~1\STMTEN~1.DLL - ok
12:09:30.0565 3232 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\WINDOWS\SysWOW64\rasadhlp.dll
12:09:30.0565 3232 C:\WINDOWS\SysWOW64\rasadhlp.dll - ok
12:09:30.0565 3232 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\WINDOWS\System32\DeviceCenter.dll
12:09:30.0565 3232 C:\WINDOWS\System32\DeviceCenter.dll - ok
12:09:30.0581 3232 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
12:09:30.0581 3232 C:\WINDOWS\SysWOW64\FWPUCLNT.DLL - ok
12:09:30.0581 3232 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\WINDOWS\System32\gameux.dll
12:09:30.0581 3232 C:\WINDOWS\System32\gameux.dll - ok
12:09:30.0581 3232 [ EFE2A9C65D6C509E2CAB1CBDFA161852 ] C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe
12:09:30.0581 3232 C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe - ok
12:09:30.0581 3232 [ DD81D91FF3B0763C392422865C9AC12E ] C:\WINDOWS\System32\rundll32.exe
12:09:30.0581 3232 C:\WINDOWS\System32\rundll32.exe - ok
12:09:30.0581 3232 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\WINDOWS\SysWOW64\comdlg32.dll
12:09:30.0581 3232 C:\WINDOWS\SysWOW64\comdlg32.dll - ok
12:09:30.0581 3232 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\WINDOWS\System32\wpdshext.dll
12:09:30.0581 3232 C:\WINDOWS\System32\wpdshext.dll - ok
12:09:30.0581 3232 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\WINDOWS\SysWOW64\winspool.drv
12:09:30.0581 3232 C:\WINDOWS\SysWOW64\winspool.drv - ok
12:09:30.0581 3232 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\WINDOWS\SysWOW64\rundll32.exe
12:09:30.0581 3232 C:\WINDOWS\SysWOW64\rundll32.exe - ok
12:09:30.0581 3232 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\WINDOWS\SysWOW64\oledlg.dll
12:09:30.0581 3232 C:\WINDOWS\SysWOW64\oledlg.dll - ok
12:09:30.0597 3232 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\WINDOWS\AppPatch\AcLayers.dll
12:09:30.0597 3232 C:\WINDOWS\AppPatch\AcLayers.dll - ok
12:09:30.0597 3232 [ 7B559AF56634B36F3367470ECE590BE7 ] C:\Users\Saul\AppData\Roaming\ngwscu.dll
12:09:30.0597 3232 C:\Users\Saul\AppData\Roaming\ngwscu.dll - ok
12:09:30.0597 3232 [ BFC68382466436FAE8B7A27966FB98CB ] C:\WINDOWS\AppPatch\acwow64.dll
12:09:30.0597 3232 C:\WINDOWS\AppPatch\acwow64.dll - ok
12:09:30.0597 3232 [ 698EB1E5F8C66344D97C00B5699E871D ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
12:09:30.0597 3232 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
12:09:30.0597 3232 [ 35126DDDE8241C4C4A5F15F6CDDF4434 ] C:\WINDOWS\System32\ieframe.dll
12:09:30.0597 3232 C:\WINDOWS\System32\ieframe.dll - ok
12:09:30.0597 3232 [ 76175978C5725F9C6B16C40CF11EC857 ] C:\Users\Saul\AppData\Local\CrashDumps\CutePDF Writer\aivfgqwn.dll
12:09:30.0597 3232 C:\Users\Saul\AppData\Local\CrashDumps\CutePDF Writer\aivfgqwn.dll - ok
12:09:30.0597 3232 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\WINDOWS\SysWOW64\netprofm.dll
12:09:30.0597 3232 C:\WINDOWS\SysWOW64\netprofm.dll - ok
12:09:30.0597 3232 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\WINDOWS\SysWOW64\nlaapi.dll
12:09:30.0597 3232 C:\WINDOWS\SysWOW64\nlaapi.dll - ok
12:09:30.0597 3232 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\WINDOWS\SysWOW64\npmproxy.dll
12:09:30.0597 3232 C:\WINDOWS\SysWOW64\npmproxy.dll - ok
12:09:30.0612 3232 [ 0F4871B3BF0E48664A24D2717F2117A0 ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
12:09:30.0612 3232 C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
12:09:30.0612 3232 [ 7F73235D527DCF16C38578CD1CD9F7A8 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
12:09:30.0612 3232 C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
12:09:30.0612 3232 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\WINDOWS\SysWOW64\rasapi32.dll
12:09:30.0612 3232 C:\WINDOWS\SysWOW64\rasapi32.dll - ok
12:09:30.0612 3232 [ F7BC1D90C3A976A5259BD1A5D7D43038 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
12:09:30.0612 3232 C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
12:09:30.0612 3232 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\WINDOWS\SysWOW64\rasman.dll
12:09:30.0612 3232 C:\WINDOWS\SysWOW64\rasman.dll - ok
12:09:30.0612 3232 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\WINDOWS\SysWOW64\rtutils.dll
12:09:30.0612 3232 C:\WINDOWS\SysWOW64\rtutils.dll - ok
12:09:30.0612 3232 [ F8D269134EEC097B7E47C818AF4862A7 ] C:\WINDOWS\SysWOW64\ieui.dll
12:09:30.0612 3232 C:\WINDOWS\SysWOW64\ieui.dll - ok
12:09:30.0612 3232 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\WINDOWS\SysWOW64\msimg32.dll
12:09:30.0612 3232 C:\WINDOWS\SysWOW64\msimg32.dll - ok
12:09:30.0612 3232 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\WINDOWS\SysWOW64\winmm.dll
12:09:30.0612 3232 C:\WINDOWS\SysWOW64\winmm.dll - ok
12:09:30.0628 3232 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\WINDOWS\System32\SearchIndexer.exe
12:09:30.0628 3232 C:\WINDOWS\System32\SearchIndexer.exe - ok
12:09:30.0628 3232 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\WINDOWS\SysWOW64\xmllite.dll
12:09:30.0628 3232 C:\WINDOWS\SysWOW64\xmllite.dll - ok
12:09:30.0628 3232 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\WINDOWS\System32\tquery.dll
12:09:30.0628 3232 C:\WINDOWS\System32\tquery.dll - ok
12:09:30.0628 3232 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\WINDOWS\SysWOW64\ExplorerFrame.dll
12:09:30.0628 3232 C:\WINDOWS\SysWOW64\ExplorerFrame.dll - ok
12:09:30.0628 3232 [ C97434C851C4821BD92D2831FDF1ECBE ] C:\WINDOWS\SysWOW64\mshtml.dll
12:09:30.0628 3232 C:\WINDOWS\SysWOW64\mshtml.dll - ok
12:09:30.0628 3232 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\WINDOWS\SysWOW64\duser.dll
12:09:30.0628 3232 C:\WINDOWS\SysWOW64\duser.dll - ok
12:09:30.0628 3232 [ EE06B85BC69F18826302348A2AD089E0 ] C:\WINDOWS\SysWOW64\dui70.dll
12:09:30.0628 3232 C:\WINDOWS\SysWOW64\dui70.dll - ok
12:09:30.0628 3232 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\WINDOWS\System32\mssrch.dll
12:09:30.0628 3232 C:\WINDOWS\System32\mssrch.dll - ok
12:09:30.0628 3232 [ CF636C92B762B26F0B39B38E92380A09 ] C:\WINDOWS\System32\oleacc.dll
12:09:30.0628 3232 C:\WINDOWS\System32\oleacc.dll - ok
12:09:30.0628 3232 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\WINDOWS\System32\esent.dll
12:09:30.0628 3232 C:\WINDOWS\System32\esent.dll - ok
12:09:30.0643 3232 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Users\Saul\AppData\Local\Google\Update\GoogleUpdate.exe
12:09:30.0643 3232 C:\Users\Saul\AppData\Local\Google\Update\GoogleUpdate.exe - ok
12:09:30.0643 3232 [ 69754747274B76E7FAF287239333D7E6 ] C:\WINDOWS\System32\msiltcfg.dll
12:09:30.0643 3232 C:\WINDOWS\System32\msiltcfg.dll - ok
12:09:30.0643 3232 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\WINDOWS\System32\msi.dll
12:09:30.0643 3232 C:\WINDOWS\System32\msi.dll - ok
12:09:30.0643 3232 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Users\Saul\AppData\Local\Google\Update\1.3.21.135\goopdate.dll
12:09:30.0643 3232 C:\Users\Saul\AppData\Local\Google\Update\1.3.21.135\goopdate.dll - ok
12:09:30.0643 3232 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\WINDOWS\System32\msidle.dll
12:09:30.0643 3232 C:\WINDOWS\System32\msidle.dll - ok
12:09:30.0643 3232 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\WINDOWS\System32\mssprxy.dll
12:09:30.0643 3232 C:\WINDOWS\System32\mssprxy.dll - ok
12:09:30.0643 3232 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\WINDOWS\SysWOW64\mssprxy.dll
12:09:30.0643 3232 C:\WINDOWS\SysWOW64\mssprxy.dll - ok
12:09:30.0643 3232 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Users\Saul\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
12:09:30.0643 3232 C:\Users\Saul\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
12:09:30.0659 3232 [ 24F4B480F335A6C724AF352253C5D98B ] C:\WINDOWS\System32\thumbcache.dll
12:09:30.0659 3232 C:\WINDOWS\System32\thumbcache.dll - ok
12:09:30.0659 3232 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\WINDOWS\System32\networkexplorer.dll
12:09:30.0659 3232 C:\WINDOWS\System32\networkexplorer.dll - ok
12:09:30.0659 3232 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\WINDOWS\System32\en-US\tquery.dll.mui
12:09:30.0659 3232 C:\WINDOWS\System32\en-US\tquery.dll.mui - ok
12:09:30.0659 3232 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Users\Saul\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
12:09:30.0659 3232 C:\Users\Saul\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
12:09:30.0659 3232 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\WINDOWS\SysWOW64\d2d1.dll
12:09:30.0659 3232 C:\WINDOWS\SysWOW64\d2d1.dll - ok
12:09:30.0659 3232 [ A29D734F650F958424743BE3BAA052C8 ] C:\WINDOWS\SysWOW64\DWrite.dll
12:09:30.0659 3232 C:\WINDOWS\SysWOW64\DWrite.dll - ok
12:09:30.0659 3232 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\WINDOWS\System32\FntCache.dll
12:09:30.0659 3232 C:\WINDOWS\System32\FntCache.dll - ok
12:09:30.0659 3232 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\WINDOWS\SysWOW64\sxs.dll
12:09:30.0659 3232 C:\WINDOWS\SysWOW64\sxs.dll - ok
12:09:30.0659 3232 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\WINDOWS\System32\stobject.dll
12:09:30.0659 3232 C:\WINDOWS\System32\stobject.dll - ok
12:09:30.0675 3232 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\WINDOWS\System32\batmeter.dll
12:09:30.0675 3232 C:\WINDOWS\System32\batmeter.dll - ok
12:09:30.0675 3232 [ 26D652191B51854E66084DDAEE69EC65 ] C:\WINDOWS\System32\verifier.dll
12:09:30.0675 3232 C:\WINDOWS\System32\verifier.dll - ok
12:09:30.0675 3232 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\WINDOWS\System32\prnfldr.dll
12:09:30.0675 3232 C:\WINDOWS\System32\prnfldr.dll - ok
12:09:30.0675 3232 [ 41DF7355A5A907E2C1D7804EC028965D ] C:\WINDOWS\System32\wermgr.exe
12:09:30.0675 3232 C:\WINDOWS\System32\wermgr.exe - ok
12:09:30.0675 3232 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\WINDOWS\System32\DXP.dll
12:09:30.0675 3232 C:\WINDOWS\System32\DXP.dll - ok
12:09:30.0675 3232 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\WINDOWS\System32\drivers\UMDF\WpdFs.dll
12:09:30.0675 3232 C:\WINDOWS\System32\drivers\UMDF\WpdFs.dll - ok
12:09:30.0675 3232 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\WINDOWS\System32\Syncreg.dll
12:09:30.0675 3232 C:\WINDOWS\System32\Syncreg.dll - ok
12:09:30.0675 3232 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\WINDOWS\System32\WMVCORE.DLL
12:09:30.0675 3232 C:\WINDOWS\System32\WMVCORE.DLL - ok
12:09:30.0675 3232 [ C836175870E00ACC546066632E15BD10 ] C:\WINDOWS\ehome\ehSSO.dll
12:09:30.0675 3232 C:\WINDOWS\ehome\ehSSO.dll - ok
12:09:30.0675 3232 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\WINDOWS\System32\netshell.dll
12:09:30.0675 3232 C:\WINDOWS\System32\netshell.dll - ok
12:09:30.0690 3232 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\WINDOWS\System32\WMASF.DLL
12:09:30.0690 3232 C:\WINDOWS\System32\WMASF.DLL - ok
12:09:30.0690 3232 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\WINDOWS\System32\AltTab.dll
12:09:30.0690 3232 C:\WINDOWS\System32\AltTab.dll - ok
12:09:30.0690 3232 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\WINDOWS\System32\pnidui.dll
12:09:30.0690 3232 C:\WINDOWS\System32\pnidui.dll - ok
12:09:30.0690 3232 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\WINDOWS\System32\QUTIL.DLL
12:09:30.0690 3232 C:\WINDOWS\System32\QUTIL.DLL - ok
12:09:30.0690 3232 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\WINDOWS\System32\WPDShServiceObj.dll
12:09:30.0690 3232 C:\WINDOWS\System32\WPDShServiceObj.dll - ok
12:09:30.0690 3232 [ 101797BA603D227946B4B5109867EB19 ] C:\WINDOWS\System32\SyncCenter.dll
12:09:30.0690 3232 C:\WINDOWS\System32\SyncCenter.dll - ok
12:09:30.0690 3232 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\WINDOWS\System32\SearchProtocolHost.exe
12:09:30.0690 3232 C:\WINDOWS\System32\SearchProtocolHost.exe - ok
12:09:30.0690 3232 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\WINDOWS\SysWOW64\dxgi.dll
12:09:30.0690 3232 C:\WINDOWS\SysWOW64\dxgi.dll - ok
12:09:30.0706 3232 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\WINDOWS\SysWOW64\d3d10_1.dll
12:09:30.0706 3232 C:\WINDOWS\SysWOW64\d3d10_1.dll - ok
12:09:30.0706 3232 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\WINDOWS\SysWOW64\d3d10_1core.dll
12:09:30.0706 3232 C:\WINDOWS\SysWOW64\d3d10_1core.dll - ok
12:09:30.0706 3232 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\WINDOWS\System32\msshooks.dll
12:09:30.0706 3232 C:\WINDOWS\System32\msshooks.dll - ok
12:09:30.0706 3232 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\WINDOWS\System32\SearchFilterHost.exe
12:09:30.0706 3232 C:\WINDOWS\System32\SearchFilterHost.exe - ok
12:09:30.0706 3232 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\WINDOWS\System32\bthprops.cpl
12:09:30.0706 3232 C:\WINDOWS\System32\bthprops.cpl - ok
12:09:30.0706 3232 [ 14C61CCDDD8EDCD29011504FD73F8545 ] C:\WINDOWS\SysWOW64\aticfx32.dll
12:09:30.0706 3232 C:\WINDOWS\SysWOW64\aticfx32.dll - ok
12:09:30.0706 3232 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\WINDOWS\System32\mscoree.dll
12:09:30.0706 3232 C:\WINDOWS\System32\mscoree.dll - ok
12:09:30.0706 3232 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
12:09:30.0706 3232 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
12:09:30.0706 3232 [ 5B6FE3F0427B95487CAF0594DD94171F ] C:\WINDOWS\SysWOW64\atiuxpag.dll
12:09:30.0706 3232 C:\WINDOWS\SysWOW64\atiuxpag.dll - ok
12:09:30.0721 3232 [ 8569E35D00F45972E506502EEE622BA4 ] C:\WINDOWS\System32\srchadmin.dll
12:09:30.0721 3232 C:\WINDOWS\System32\srchadmin.dll - ok
12:09:30.0721 3232 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\WINDOWS\System32\mssph.dll
12:09:30.0721 3232 C:\WINDOWS\System32\mssph.dll - ok
12:09:30.0721 3232 [ 408D4E8329B51193FD71D5952B4962E3 ] C:\WINDOWS\SysWOW64\atidxx32.dll
12:09:30.0721 3232 C:\WINDOWS\SysWOW64\atidxx32.dll - ok
12:09:30.0721 3232 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\WINDOWS\System32\webcheck.dll
12:09:30.0721 3232 C:\WINDOWS\System32\webcheck.dll - ok
12:09:30.0721 3232 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\WINDOWS\System32\mapi32.dll
12:09:30.0721 3232 C:\WINDOWS\System32\mapi32.dll - ok
12:09:30.0721 3232 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\WINDOWS\System32\mlang.dll
12:09:30.0721 3232 C:\WINDOWS\System32\mlang.dll - ok
12:09:30.0721 3232 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\WINDOWS\System32\hgcpl.dll
12:09:30.0721 3232 C:\WINDOWS\System32\hgcpl.dll - ok
12:09:30.0721 3232 [ 908ACB1F594274965A53926B10C81E89 ] C:\WINDOWS\System32\provsvc.dll
12:09:30.0721 3232 C:\WINDOWS\System32\provsvc.dll - ok
12:09:30.0721 3232 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\WINDOWS\System32\fdPHost.dll
12:09:30.0721 3232 C:\WINDOWS\System32\fdPHost.dll - ok
12:09:30.0737 3232 [ 171D7DB433314A868507C4326E8209DC ] C:\WINDOWS\System32\fdWSD.dll
12:09:30.0737 3232 C:\WINDOWS\System32\fdWSD.dll - ok
12:09:30.0737 3232 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\WINDOWS\System32\fdSSDP.dll
12:09:30.0737 3232 C:\WINDOWS\System32\fdSSDP.dll - ok
12:09:30.0737 3232 [ 27B9E163740A226B65E4B9E186117911 ] C:\Program Files\Windows Portable Devices\sqmapi.dll
12:09:30.0737 3232 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
12:09:30.0737 3232 [ 847D3AE376C0817161A14A82C8922A9E ] C:\WINDOWS\System32\netman.dll
12:09:30.0737 3232 C:\WINDOWS\System32\netman.dll - ok
12:09:30.0737 3232 [ D2155709E336C3BC15729EB87FEC6064 ] C:\WINDOWS\System32\rasdlg.dll
12:09:30.0737 3232 C:\WINDOWS\System32\rasdlg.dll - ok
12:09:30.0737 3232 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\WINDOWS\System32\mprapi.dll
12:09:30.0737 3232 C:\WINDOWS\System32\mprapi.dll - ok
12:09:30.0737 3232 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\WINDOWS\System32\dot3api.dll
12:09:30.0737 3232 C:\WINDOWS\System32\dot3api.dll - ok
12:09:30.0737 3232 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\WINDOWS\System32\wlanhlp.dll
12:09:30.0737 3232 C:\WINDOWS\System32\wlanhlp.dll - ok
12:09:30.0737 3232 [ 3B367397320C26DBA890B260F80D1B1B ] C:\WINDOWS\System32\hnetcfg.dll
12:09:30.0737 3232 C:\WINDOWS\System32\hnetcfg.dll - ok
12:09:30.0753 3232 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:09:30.0753 3232 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:09:30.0753 3232 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\WINDOWS\System32\WWanAPI.dll
12:09:30.0753 3232 C:\WINDOWS\System32\WWanAPI.dll - ok
12:09:30.0753 3232 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\WINDOWS\System32\wwapi.dll
12:09:30.0753 3232 C:\WINDOWS\System32\wwapi.dll - ok
12:09:30.0753 3232 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\WINDOWS\System32\QAGENT.DLL
12:09:30.0753 3232 C:\WINDOWS\System32\QAGENT.DLL - ok
12:09:30.0753 3232 [ 9E94814109A822D4618E8A0A7BD2F722 ] C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20121219002038.dll
12:09:30.0753 3232 C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20121219002038.dll - ok
12:09:30.0753 3232 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:09:30.0753 3232 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:09:30.0753 3232 [ C079169E6A07FC4412475C02969EB9CE ] C:\WINDOWS\SysWOW64\jscript9.dll
12:09:30.0753 3232 C:\WINDOWS\SysWOW64\jscript9.dll - ok
12:09:30.0753 3232 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:09:30.0753 3232 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:09:30.0753 3232 [ 8843B6A1B8E102841B2DFF02805C5CEC ] C:\WINDOWS\SysWOW64\jscript.dll
12:09:30.0753 3232 C:\WINDOWS\SysWOW64\jscript.dll - ok
12:09:30.0768 3232 [ CDBFCB9A88E130F1138F80B01C56B680 ] C:\WINDOWS\SysWOW64\vbscript.dll
12:09:30.0768 3232 C:\WINDOWS\SysWOW64\vbscript.dll - ok
12:09:30.0768 3232 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\WINDOWS\SysWOW64\msimtf.dll
12:09:30.0768 3232 C:\WINDOWS\SysWOW64\msimtf.dll - ok
12:09:30.0768 3232 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\WINDOWS\SysWOW64\mlang.dll
12:09:30.0768 3232 C:\WINDOWS\SysWOW64\mlang.dll - ok
12:09:30.0768 3232 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\WINDOWS\System32\FXSST.dll
12:09:30.0768 3232 C:\WINDOWS\System32\FXSST.dll - ok
12:09:30.0768 3232 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\WINDOWS\System32\wsock32.dll
12:09:30.0768 3232 C:\WINDOWS\System32\wsock32.dll - ok
12:09:30.0768 3232 [ 2C1055E2C6D42753241FB2A129136994 ] C:\WINDOWS\System32\drmv2clt.dll
12:09:30.0768 3232 C:\WINDOWS\System32\drmv2clt.dll - ok
12:09:30.0768 3232 [ 423982DD851406A52B6399DDB196C606 ] C:\WINDOWS\System32\wmdrmdev.dll
12:09:30.0768 3232 C:\WINDOWS\System32\wmdrmdev.dll - ok
12:09:30.0768 3232 [ 650CAEA856943E29F25A25D31E004B18 ] C:\WINDOWS\System32\FXSAPI.dll
12:09:30.0768 3232 C:\WINDOWS\System32\FXSAPI.dll - ok
12:09:30.0768 3232 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\WINDOWS\System32\FXSRESM.dll
12:09:30.0768 3232 C:\WINDOWS\System32\FXSRESM.dll - ok
12:09:30.0784 3232 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\WINDOWS\System32\FXSSVC.exe
12:09:30.0784 3232 C:\WINDOWS\System32\FXSSVC.exe - ok
12:09:30.0784 3232 [ 35AAE2E841AA1A949775168E119482C9 ] C:\WINDOWS\SysWOW64\msls31.dll
12:09:30.0784 3232 C:\WINDOWS\SysWOW64\msls31.dll - ok
12:09:30.0784 3232 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\WINDOWS\System32\wmp.dll
12:09:30.0784 3232 C:\WINDOWS\System32\wmp.dll - ok
12:09:30.0784 3232 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\WINDOWS\System32\wmploc.DLL
12:09:30.0784 3232 C:\WINDOWS\System32\wmploc.DLL - ok
12:09:30.0784 3232 [ 66E4246FEF8C364611F9782AA0809F42 ] C:\Program Files\Internet Explorer\ieproxy.dll
12:09:30.0784 3232 C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:09:30.0784 3232 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Saul\Desktop\tdsskiller.exe
12:09:30.0784 3232 C:\Users\Saul\Desktop\tdsskiller.exe - ok
12:09:30.0784 3232 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\WINDOWS\System32\consent.exe
12:09:30.0784 3232 C:\WINDOWS\System32\consent.exe - ok
12:09:30.0784 3232 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\WINDOWS\System32\drivers\95686944.sys
12:09:30.0784 3232 C:\WINDOWS\System32\drivers\95686944.sys - ok
12:09:30.0784 3232 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\WINDOWS\System32\msimg32.dll
12:09:30.0784 3232 C:\WINDOWS\System32\msimg32.dll - ok
12:09:30.0799 3232 [ 3819AD4329303EAC88480CA16A650735 ] C:\WINDOWS\System32\UIAnimation.dll
12:09:30.0799 3232 C:\WINDOWS\System32\UIAnimation.dll - ok
12:09:30.0799 3232 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\WINDOWS\SysWOW64\riched20.dll
12:09:30.0799 3232 C:\WINDOWS\SysWOW64\riched20.dll - ok
12:09:30.0799 3232 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\WINDOWS\System32\blackbox.dll
12:09:30.0799 3232 C:\WINDOWS\System32\blackbox.dll - ok
12:09:30.0799 3232 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\WINDOWS\System32\upnp.dll
12:09:30.0799 3232 C:\WINDOWS\System32\upnp.dll - ok
12:09:30.0799 3232 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\WINDOWS\System32\ssdpsrv.dll
12:09:30.0799 3232 C:\WINDOWS\System32\ssdpsrv.dll - ok
12:09:30.0799 3232 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\WINDOWS\System32\wmpps.dll
12:09:30.0799 3232 C:\WINDOWS\System32\wmpps.dll - ok
12:09:30.0799 3232 [ F149E8CAE538DBF7059B00326673F602 ] C:\WINDOWS\System32\wmpmde.dll
12:09:30.0799 3232 C:\WINDOWS\System32\wmpmde.dll - ok
12:09:30.0799 3232 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\WINDOWS\System32\httpapi.dll
12:09:30.0799 3232 C:\WINDOWS\System32\httpapi.dll - ok
12:09:30.0799 3232 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\WINDOWS\System32\WinSATAPI.dll
12:09:30.0799 3232 C:\WINDOWS\System32\WinSATAPI.dll - ok
12:09:30.0799 3232 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\WINDOWS\System32\MSMPEG2ENC.DLL
12:09:30.0799 3232 C:\WINDOWS\System32\MSMPEG2ENC.DLL - ok
12:09:30.0815 3232 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\WINDOWS\System32\devenum.dll
12:09:30.0815 3232 C:\WINDOWS\System32\devenum.dll - ok
12:09:30.0815 3232 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\WINDOWS\System32\msdmo.dll
12:09:30.0815 3232 C:\WINDOWS\System32\msdmo.dll - ok
12:09:30.0815 3232 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\WINDOWS\System32\upnphost.dll
12:09:30.0815 3232 C:\WINDOWS\System32\upnphost.dll - ok
12:09:30.0815 3232 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\WINDOWS\System32\wbem\WmiPrvSE.exe
12:09:30.0815 3232 C:\WINDOWS\System32\wbem\WmiPrvSE.exe - ok
12:09:30.0815 3232 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\WINDOWS\System32\wbem\wmiprov.dll
12:09:30.0815 3232 C:\WINDOWS\System32\wbem\wmiprov.dll - ok
12:09:30.0815 3232 [ 71E68F2443A80BD4DA89181889C457EA ] C:\WINDOWS\System32\udhisapi.dll
12:09:30.0815 3232 C:\WINDOWS\System32\udhisapi.dll - ok
12:09:30.0815 3232 [ 5F639198C4137075DA50E61C23963C11 ] C:\WINDOWS\System32\drprov.dll
12:09:30.0815 3232 C:\WINDOWS\System32\drprov.dll - ok
12:09:30.0815 3232 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\WINDOWS\System32\davclnt.dll
12:09:30.0815 3232 C:\WINDOWS\System32\davclnt.dll - ok
12:09:30.0815 3232 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\WINDOWS\System32\ntlanman.dll
12:09:30.0815 3232 C:\WINDOWS\System32\ntlanman.dll - ok
12:09:30.0831 3232 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\WINDOWS\System32\davhlpr.dll
12:09:30.0831 3232 C:\WINDOWS\System32\davhlpr.dll - ok
12:09:30.0831 3232 ============================================================
12:09:30.0831 3232 Scan finished
12:09:30.0831 3232 ============================================================
12:09:30.0831 3252 Detected object count: 1
12:09:30.0831 3252 Actual detected object count: 1
12:09:36.0993 3252 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:09:36.0993 3252 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:25:24.0260 3452 Deinitialize success
 



#5 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 17 February 2013 - 02:08 PM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-17 12:32:51
-----------------------------
12:32:51.804    OS Version: Windows x64 6.1.7601 Service Pack 1
12:32:51.804    Number of processors: 8 586 0x2A07
12:32:51.804    ComputerName: SAUL-PC  UserName: Saul
12:32:54.497    Initialize success
12:35:03.019    AVAST engine defs: 13021700
12:57:00.333    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:57:00.336    Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
12:57:00.348    Disk 0 MBR read successfully
12:57:00.351    Disk 0 MBR scan
12:57:00.357    Disk 0 Windows 7 default MBR code
12:57:00.361    Disk 0 Partition 1 00     DE Dell Utility MSDOS5.0       39 MB offset 63
12:57:00.370    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        13568 MB offset 81920
12:57:00.385    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       940260 MB offset 27869184
12:57:00.398    Disk 0 scanning C:\Windows\system32\drivers
12:57:08.375    Service scanning
12:57:21.881    Modules scanning
12:57:21.889    Disk 0 trace - called modules:
12:57:21.919    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:57:22.250    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009ddc060]
12:57:22.256    3 CLASSPNP.SYS[fffff880011c043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80074af050]
12:57:26.939    AVAST engine scan C:\Windows
12:57:30.469    AVAST engine scan C:\Windows\system32
12:59:56.449    AVAST engine scan C:\Windows\system32\drivers
13:00:08.029    AVAST engine scan C:\Users\Saul
13:05:27.316    Disk 0 MBR has been saved successfully to "C:\Users\Saul\Desktop\MBR.dat"
13:05:27.320    The log file has been saved successfully to "C:\Users\Saul\Desktop\aswMBR.txt"


 

 



#6 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 17 February 2013 - 02:58 PM

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\301E.tmp Win64/Olmarik.AR trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\301F.tmp Win64/Olmarik.AR trojan cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOXZTX28\7zip_installer_d793193.exe probably a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Saul\AppData\Local\ff872185-5f38-4a79-9036-6525922b18f8.crx JS/Redirector.NCG trojan deleted - quarantined
C:\Users\Saul\AppData\Local\Google\Chrome\User Data\Default\Default\aagddcdjgfgdggdagcgggbdddedigcdb\background.js Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\Saul\AppData\Local\Temp\jar_cache4560002101278066085.tmp multiple threats deleted - quarantined
C:\Users\Saul\AppData\Local\Temp\jar_cache4667903596358731759.tmp multiple threats deleted - quarantined
C:\Users\Saul\AppData\Local\Temp\jar_cache8002705506413920872.tmp multiple threats deleted - quarantined
C:\Users\Saul\AppData\Local\Temp\~!#448F.tmp a variant of Win32/Injector.ACSF trojan cleaned by deleting - quarantined
C:\Users\Saul\AppData\Roaming\ngwscu.dll a variant of Win32/Medfos.KF trojan cleaned by deleting (after the next restart) - quarantined

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:24 AM

Posted 17 February 2013 - 02:59 PM

Run TDSSkiller again and select DELETE for TDSSFilesystem

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#8 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 17 February 2013 - 05:26 PM

Hi,

 

" DELETE for TDSSFilesystem"

Did You mean i should select "detect" by the TDSS option. or do u mean delete? If so, where do i selct delete?

 

 

Never Mind I got it.

 

Ill do all these things a lil later today.


Edited by saul1236, 17 February 2013 - 05:28 PM.


#9 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 18 February 2013 - 12:30 AM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.18.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Saul :: SAUL-PC [administrator]

Protection: Enabled

2/17/2013 11:27:17 PM
mbam-log-2013-02-17 (23-27-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 247332
Time elapsed: 2 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Saul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Antivirus Professional (Rogue.FakeAV) -> Quarantined and deleted successfully.

Files Detected: 1
C:\Users\Saul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Antivirus Professional\Disk Antivirus Professional.lnk (Rogue.FakeAV) -> Quarantined and deleted successfully.

(end)



#10 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 18 February 2013 - 12:35 AM

MiniToolBox by Farbar  Version:10-01-2013
Ran by Saul (administrator) on 17-02-2013 at 23:34:57
Running from "C:\Users\Saul\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Saul-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
   Physical Address. . . . . . . . . : 9C-B7-0D-4D-51-41
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::84ee:6d20:5305:bf49%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 17, 2013 11:19:03 PM
   Lease Expires . . . . . . . . . . : Monday, February 18, 2013 11:19:05 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 228374285
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-C6-22-E0-D4-BE-D9-93-1F-FE
   DNS Servers . . . . . . . . . . . : 167.206.254.1
                                       167.206.254.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : D4-BE-D9-93-1F-FE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{503275F4-8065-4AA8-A820-0BE4E6408AF4}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{769DE6A9-64F4-424F-9FA4-58BC79F637D4}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  vdns1.srv.hcvlny.cv.net
Address:  167.206.254.1

Name:    google.com
Addresses:  2607:f8b0:4006:803::1003
   173.194.43.0
   173.194.43.2
   173.194.43.14
   173.194.43.1
   173.194.43.4
   173.194.43.6
   173.194.43.5
   173.194.43.8
   173.194.43.3
   173.194.43.7
   173.194.43.9


Pinging google.com [173.194.43.32] with 32 bytes of data:
Reply from 173.194.43.32: bytes=32 time=18ms TTL=55
Reply from 173.194.43.32: bytes=32 time=17ms TTL=55

Ping statistics for 173.194.43.32:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 18ms, Average = 17ms
Server:  vdns1.srv.hcvlny.cv.net
Address:  167.206.254.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=146ms TTL=47
Reply from 206.190.36.45: bytes=32 time=94ms TTL=49

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 94ms, Maximum = 146ms, Average = 120ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...9c b7 0d 4d 51 41 ......DW1501 Wireless-N WLAN Half-Mini Card
 11...d4 be d9 93 1f fe ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.102     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.102    281
    192.168.1.102  255.255.255.255         On-link     192.168.1.102    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.102    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.102    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.102    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::84ee:6d20:5305:bf49/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/17/2013 11:20:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 06:08:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 03:42:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 01:13:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83c8a
Exception code: 0xe06d7363
Fault offset: 0x0000c41f
Faulting process id: 0x7c0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/17/2013 00:52:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/17/2013 00:09:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 00:04:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 11:56:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 11:41:55 AM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0002b5f0
Faulting process id: 0xcc4
Faulting application start time: 0xrundll32.exe0
Faulting application path: rundll32.exe1
Faulting module path: rundll32.exe2
Report Id: rundll32.exe3

Error: (02/17/2013 11:32:21 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/17/2013 11:20:19 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (02/17/2013 11:20:19 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (02/17/2013 11:19:07 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
07945257

Error: (02/17/2013 11:19:02 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (02/17/2013 11:19:02 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (02/17/2013 11:19:02 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (02/17/2013 11:19:02 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (02/17/2013 11:19:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (02/17/2013 10:57:41 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (02/17/2013 10:57:41 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (02/17/2013 11:20:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 06:08:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 03:42:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 01:13:18 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1646450ec971bKERNELBASE.dll6.1.7601.1801550b83c8ae06d73630000c41f7c001ce0d412118bc20C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\syswow64\KERNELBASE.dll15c78703-7936-11e2-93a1-d4bed9931ffe

Error: (02/17/2013 00:52:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/17/2013 00:09:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 00:04:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 11:56:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2013 11:41:55 AM) (Source: Application Error)(User: )
Description: rundll32.exe6.1.7600.163854a5bc637ole32.dll6.1.7601.175144ce7b96fc00000050002b5f0cc401ce0d3484bd07eaC:\Windows\SysWOW64\rundll32.exeC:\Windows\syswow64\ole32.dll519934e3-7929-11e2-ad6a-d4bed9931ffe

Error: (02/17/2013 11:32:21 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-02-17 02:48:17.075
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-17 02:48:17.071
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-17 02:48:17.068
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-13 21:27:28.824
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-13 21:27:28.824
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-13 21:27:28.814
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-13 20:41:31.685
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-13 20:41:31.682
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-13 20:41:31.680
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-11 11:03:08.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\System Volume Information\SystemRestore\FRStaging\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader X MUI (Version: 10.0.0)
CheckWriter (Version: 6.0)
Consumer In-Home Service Agreement (Version: 2.0.0)
CutePDF Writer 3.0 (Version:  3.0)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.61)
Dell DataSafe Local Backup (Version: 9.4.61)
Dell Digital Delivery (Version: 2.2.4000.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Stage (Version: 1.5.201.0)
Dell Support Center (Version: 3.2.6032.125)
Dell VideoStage  (Version: 1.2.0.1712)
DirectX 9 Runtime (Version: 1.00.0000)
DW WLAN Card (Version: 5.60.48.35)
ESET Online Scanner v3
Google Chrome (Version: 24.0.1312.57)
Google Talk Plugin (Version: 3.13.2.11592)
Google Update Helper (Version: 1.3.21.135)
High-Definition Video Playback (Version: 7.3.10000.0.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Java™ 6 Update 27 (Version: 6.0.270)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee SecurityCenter (Version: 11.6.443)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 2.0.162.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
Nero 10 Movie ThemePack Basic (Version: 10.2.10200.0.0)
Nero Control Center 10 (Version: 10.6.12500.0.5)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10800)
Nero Core Components 10 (Version: 2.0.20000.9.12)
Nero Update (Version: 11.0.11500.28.0)
PhotoShowExpress (Version: 2.0.063)
PlayReady PC Runtime x86 (Version: 1.3.0)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Shared C Run-time for x64 (Version: 10.0.0)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SyncUP (Version: 10.2.15400)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Messenger
Yahoo! Software Update

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 8174.45 MB
Available physical RAM: 6539.98 MB
Total Pagefile: 16347.08 MB
Available Pagefile: 14306.51 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.58 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:843.17 GB) NTFS

========================= Users: ========================================

User accounts for \\SAUL-PC

Administrator            Guest                    s2                      
Saul                    


**** End of log ****



#11 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 18 February 2013 - 12:37 AM

Farbar Service Scanner Version: 15-02-2013
Ran by Saul (administrator) on 17-02-2013 at 23:37:14
Running from "C:\Users\Saul\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-02-13 11:21] - [2013-01-03 00:00] - 1913192 ____A (Microsoft Corporation) B62A953F2BF3922C8764A29C34A22899

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



#12 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 18 February 2013 - 12:40 AM

# AdwCleaner v2.112 - Logfile created 02/17/2013 at 23:39:29
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Saul - SAUL-PC
# Boot Mode : Normal
# Running from : C:\Users\Saul\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\GamesBar
Folder Found : C:\ProgramData\APN
Folder Found : C:\ProgramData\Tarma Installer

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\wecarereminder
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Saul\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1787 octets] - [17/02/2013 23:39:29]

########## EOF - C:\AdwCleaner[R1].txt - [1847 octets] ##########



#13 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 18 February 2013 - 12:51 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.4 (02.16.2013:1)
OS: Windows 7 Home Premium x64
Ran by Saul on Sun 02/17/2013 at 23:43:55.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2269180880-3171830630-3957410486-1001\software\microsoft\internet explorer\searchscopes\\DefaultScope

 

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{2e94b700-eafb-4c9e-a696-77200aa3f89b}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{36377dd7-b3eb-42f5-986f-680baf59ba9d}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d824f0de-3d60-4f57-9eb1-66033ecd8abb}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Program Files (x86)\gamesagogo_w3i"
Successfully deleted: [Folder] "C:\Program Files (x86)\gamesbar"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

~~~ Chrome

Dumping contents of C:\Users\Saul\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\Saul\appdata\local\Google\Chrome\User Data\Default\Default\aagddcdjgfgdggdagcgggbdddedigcdb
C:\Users\Saul\appdata\local\Google\Chrome\User Data\Default\Default\aagddcdjgfgdggdagcgggbdddedigcdb\ContentScript.js
C:\Users\Saul\appdata\local\Google\Chrome\User Data\Default\Default\aagddcdjgfgdggdagcgggbdddedigcdb\manifest.json

Successfully deleted: [Folder] C:\Users\Saul\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/17/2013 at 23:50:08.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#14 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 18 February 2013 - 12:54 AM

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/17/2013 11:53:03 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]

Checking Windows Service Integrity:

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

 * BFE [Missing Service]
 * iphlpsvc [Missing Service]
 * MpsSvc [Missing Service]
 * WinDefend [Missing Service]
 * wscsvc [Missing Service]

 * SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 02/17/2013 11:53:09 PM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)



#15 saul1236

saul1236
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 18 February 2013 - 12:59 AM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)123abc.exe\mbamgui.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "CutePDF Writer" "ATL Module for Windows (ANSI)" "Microsoft Corporation" "c:\users\saul\appdata\local\crashdumps\cutepdf writer\aivfgqwn.dll"
+ "DW7" "" "" "File not found: C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\saul\appdata\local\google\update\googleupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)123abc.exe\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)123abc.exe\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20121219002038.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20121219002038.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2269180880-3171830630-3957410486-1001Core" "Google Installer" "Google Inc." "c:\users\saul\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2269180880-3171830630-3957410486-1001UA" "Google Installer" "Google Inc." "c:\users\saul\appdata\local\google\update\googleupdate.exe"
+ "\JavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_ipoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft mouse and keyboard center\ipoint.exe"
+ "\Microsoft_Hardware_Launch_itype_exe" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft mouse and keyboard center\itype.exe"
+ "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" "Microsoft Mouse and Keyboard Center" "Microsoft" "c:\program files\microsoft mouse and keyboard center\mousekeyboardcenter.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)123abc.exe\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)123abc.exe\mbamservice.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "07945257" "" "" "File not found: system32\drivers\18082789.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw76.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "hitmanpro37" "HitmanPro 3.7 Support Driver" "" "c:\windows\system32\drivers\hitmanpro37.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCDSRVC{1E208CE0-FB7451FF-06020200}_0" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\dell support center\pcdsrvc_x64.pkms"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Half Size to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmwriter.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mediaanalyser.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic" "c:\program files (x86)\roxio\oem\videocore 12\roxfilewriterwrapper.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmasync.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mgirawwriter.dll"
+ "Roxio RealD to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mginullip.ax"
+ "Roxio StereoSource Cropper" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Integrate" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Video Rotater," "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mvwcdsutil.dll"
+ "Sonic Audio Resampler" "Audio Resampler Direct Show Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_trans_audio_samplerate_ds.ax"
+ "Sonic Cinemaster® Audio Decoder 4.3 (No Dolby)" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemasteraudiond.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC12)" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\oem\common\sonichddemuxer.dll"
+ "Sonic MPEG Multiplexer" "MPEG Multiplexer-Plus DS Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_mux_mp2_ds.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\c12oem_dec_mp2v_ds.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files (x86)\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon64.dll"
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users