Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

User MRU lists - Chinese symbols?


  • This topic is locked This topic is locked
93 replies to this topic

#1 tobytigger

tobytigger

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 01 March 2013 - 10:55 PM

I ran Wisecare365 to clean my registry and it found User MRU lists that all seemed harmless - except for about 4-5 entries that had Chinese characters which I could not copy and paste off of the  Wisecare 365 report.  I exported the report to a txt file but the chinese gets translated to boxes.  I then installed the microsoft Simple Chinese language pack and the boxes became question marks along with what looks like one chinese alpha.

 

Here's an example:  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\txt\0 ???箔?????t : User MRU Lists

 

It just dawned on me the MRU entry could be from the Wisecare software?  Question is should I be concerned about these entries? Tried to google but nothing really came up that was helpful to understand what these might be.  Thanks,



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,960 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:57 AM

Posted 04 March 2013 - 09:13 AM

Greetings tobytigger and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:

  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps are a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and let me know.
  • When you post your reply, do not use the StartNewTopic.gif button but use the AddReply.gif button instead.
  • In the upper right hand corner of the topic you will see the WatchTopic.gif button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.

===================================================

Helping me Help You

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

===================================================

Additional Information

  • If you have since resolved the original problem you were having, I would appreciate you letting me know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and I will guide you.
    • Explain as best you can what happens with your computer, i.e. it beeps three times, the the black screen starts then goes blank, etc
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.

===================================================

Create DDS.txt and Attach.txt

I need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.

DDS.com
DDS.pif

  • Double click on the DDS.gif icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Please copy and paste the contents of both results in your post.
  • Close the program window, and delete the program from your desktop.

You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • DDS.txt
  • Attach.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,960 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:57 AM

Posted 07 March 2013 - 10:22 AM

Greetings tobytigger,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 tobytigger

tobytigger
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 10 March 2013 - 07:49 PM

Hi Gary,
 
Copied below are the DDS and Activity reports.
 
Thanks,
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 10.17.2
Run by Evan at 19:44:19 on 2013-03-10
Microsoft Windows 7 Ultimate   6.1.7601.1.936.86.1033.18.3933.1907 [GMT -5:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER Service.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Evan\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SMART-ER.lnk - C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{AAC0CCA9-CFA6-4EB4-8255-B09BA1AC9905} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AAC0CCA9-CFA6-4EB4-8255-B09BA1AC9905}\25F63756E60234573747F6D6562702143636563737 : DHCPNameServer = 10.0.10.1
TCP: Interfaces\{AAC0CCA9-CFA6-4EB4-8255-B09BA1AC9905}\27C6163713136377 : DHCPNameServer = 10.108.2.102 10.108.2.101
TCP: Interfaces\{AAC0CCA9-CFA6-4EB4-8255-B09BA1AC9905}\3416279626F657 : DHCPNameServer = 4.2.2.2 4.2.2.1
TCP: Interfaces\{AAC0CCA9-CFA6-4EB4-8255-B09BA1AC9905}\7425F4F46554D41435455425D20534F5E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{AAC0CCA9-CFA6-4EB4-8255-B09BA1AC9905}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{D07E89F8-18C5-4466-80E7-020A4EEA35FB} : DHCPNameServer = 10.108.2.102 10.108.2.101
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-7-26 49752]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-23 135984]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 SMART-ERService;SMART-ER Service;C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER Service.exe [2007-6-4 69632]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-8-23 3342640]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-3-15 145408]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2013-3-1 580648]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-6-15 25928]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-8-23 272688]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-3 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-3 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-31 1255736]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
S4 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service --> C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [?]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-25 399432]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-18 676936]
S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
.
=============== File Associations ===============
.
ShellExec: BitComet_x64.exe: open="C:\Program Files (x86)\BitComet\BitComet_x64.exe"
.
=============== Created Last 30 ================
.
2013-03-10 23:26:29 293888 ----a-w- C:\Windows\System32\CNC620L.DLL
2013-03-10 23:26:29 229888 ----a-w- C:\Windows\System32\CNC620O.DLL
2013-03-10 23:26:28 92672 ----a-w- C:\Windows\System32\CNC620I.DLL
2013-03-10 23:26:28 1354240 ----a-w- C:\Windows\System32\CNC620C.DLL
2013-03-09 03:47:44 -------- d-----w- C:\Users\Evan\AppData\Roaming\QuickScan
2013-03-06 12:58:46 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-03 14:41:34 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-03-03 14:41:34 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-03-03 14:41:34 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-03-03 14:41:33 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-03-03 14:41:33 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-03-03 14:41:33 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-03-03 14:41:33 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-03-03 14:39:00 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-03-03 14:39:00 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-03-03 14:39:00 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-03-03 14:39:00 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-03-02 02:32:53 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2013-03-02 02:17:05 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpengine.dll
2013-03-02 00:10:19 -------- d-----w- C:\Users\Evan\AppData\Roaming\Wise Care 365
2013-03-02 00:07:36 -------- d-----w- C:\Program Files (x86)\Wise
2013-03-01 23:55:37 -------- d-----w- C:\Users\Evan\AppData\Roaming\GlarySoft
2013-03-01 23:52:05 -------- d-----w- C:\Program Files (x86)\Glary Utilities
2013-02-28 02:04:08 -------- d-----w- C:\Users\Evan\Email to ellie
2013-02-25 00:36:17 -------- d-----w- C:\Program Files\iPod
2013-02-25 00:36:16 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-25 00:36:16 -------- d-----w- C:\Program Files\iTunes
2013-02-25 00:36:16 -------- d-----w- C:\Program Files (x86)\iTunes
2013-02-20 04:21:38 -------- d-----w- C:\Windows\SysWow64\Adobe
2013-02-18 05:32:20 -------- d--h--w- C:\Windows\System32\WLANProfiles
2013-02-18 05:29:46 -------- d-----w- C:\Users\Evan\AppData\Roaming\Intel
2013-02-18 05:29:31 -------- d-----w- C:\Users\Evan\Roaming
2013-02-18 05:29:31 -------- d-----w- C:\ProgramData\Roaming
2013-02-18 05:27:24 -------- d-----w- C:\Program Files\Common Files\Intel
2013-02-18 05:27:24 -------- d-----w- C:\Program Files (x86)\Cisco
2013-02-18 05:20:45 -------- d-----w- C:\Users\Evan\SystemRequirementsLab
2013-02-18 01:58:52 366080 ----a-w- C:\Windows\SysWow64\CNMNPPM.DLL
2013-02-18 01:58:52 252416 ----a-w- C:\Windows\System32\CNMN6PPM.DLL
2013-02-18 01:58:52 152064 ----a-w- C:\Windows\System32\CNMN6UI.DLL
2013-02-17 21:30:13 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 21:30:13 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 21:27:24 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-17 21:27:24 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-17 21:27:23 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-17 21:27:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-17 21:27:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-17 21:27:23 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-17 21:27:17 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-17 21:27:16 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-17 21:27:16 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-17 21:27:11 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-17 21:27:11 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-17 21:27:10 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-15 22:31:23 186432 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-02-15 22:31:23 186432 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 03:51:01 -------- d-----w- C:\Users\Evan\AppData\Roaming\Free-PDF-to-Word.com
2013-02-15 03:50:59 -------- d-----w- C:\Program Files (x86)\Free PDF to Word Converter
2013-02-15 03:50:39 -------- d-----w- C:\Users\Evan\AppData\Local\Coupon Companion Plugin
2013-02-09 16:56:42 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-02-09 16:56:42 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-02-09 16:56:42 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-02-09 16:56:42 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-02-09 16:54:38 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-02-09 16:54:37 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-02-09 16:54:35 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-02-09 16:54:35 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-02-09 16:54:34 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-02-09 16:54:34 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-02-09 16:54:01 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2013-02-09 16:54:00 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-02-09 16:34:47 -------- d-----w- C:\Program Files\IDT
.
==================== Find3M  ====================
.
2013-03-06 12:58:36 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-03-06 12:58:36 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-30 00:15:06 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll
2013-01-30 00:15:06 828872 ----a-w- C:\Windows\System32\msvcr110.dll
2013-01-30 00:15:06 661448 ----a-w- C:\Windows\System32\msvcp110.dll
2013-01-30 00:15:06 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll
2013-01-30 00:15:06 354264 ----a-w- C:\Windows\System32\vccorlib110.dll
2013-01-30 00:15:06 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll
2013-01-30 00:15:04 50800 ----a-w- C:\Windows\System32\drivers\point64.sys
2013-01-21 17:12:12 2177664 ----a-w- C:\Windows\System32\coin93.dll
2013-01-17 07:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-13 19:50:38 6112864 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-12-13 19:50:36 54784 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
.
============= FINISH: 19:44:58.79 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume3
Install Date: 5/30/2011 11:28:50 PM
System Uptime: 3/10/2013 6:32:27 PM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0D176M
Processor: Pentium® Dual-Core CPU       T4200  @ 2.00GHz | U2E1 | 1600/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 301.41 GiB free.
D: is FIXED (NTFS) - 0 GiB total, 0.047 GiB free.
E: is FIXED (NTFS) - 15 GiB total, 14.381 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: HID-compliant mouse
Device ID: HID\VID_413C&PID_8158&COL01\7&28F9A7D&0&0000
Manufacturer: Microsoft
Name: HID-compliant mouse
PNP Device ID: HID\VID_413C&PID_8158&COL01\7&28F9A7D&0&0000
Service: mouhid
.
==== System Restore Points ===================
.
RP149: 2/27/2013 5:18:52 PM - Windows Update
RP150: 3/1/2013 6:19:35 PM - Created by Wise Care 365
RP151: 3/1/2013 8:16:46 PM - Windows Update
RP152: 3/1/2013 8:30:31 PM - Windows Update
RP153: 3/1/2013 8:31:59 PM - DCInstallRestorePoint
RP154: 3/1/2013 8:55:07 PM - Windows Update
RP155: 3/3/2013 8:18:31 AM - Language Pack Removal
RP156: 3/3/2013 8:38:31 AM - Windows Update
RP157: 3/6/2013 6:56:57 AM - Installed Java 7 Update 17
RP158: 3/7/2013 9:59:41 PM - Installed TurboTax 2012 wrapper
RP159: 3/7/2013 10:10:38 PM - Installed TurboTax 2012 wwiiper
RP160: 3/7/2013 10:11:14 PM - Installed TurboTax 2012 wiliper
.
==== Installed Programs ======================
.
AC3Filter 2.5b
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.6)
Adobe Shockwave Player 12.0
Amazon Kindle
Any Video Converter 3.5.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics Disk Defrag
BitComet 1.29
Bonjour
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP620 series MP Drivers
CCleaner
Dell Support Center
Dell Touchpad
DivX Setup
DVDStyler v2.3
eReg
ESET Online Scanner v3
ffdshow (remove only)
Free Studio version 5.2.0
Free Video to DVD Converter version 5.0.17.903
Freemake Video Converter version 3.1.2
Glary Utilities 2.53.0.1726
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
HDD Raw Copy Tool v1.02
Honda ESM
iCloud
IDT Audio
ImgBurn
inSSIDer
inSSIDer 3
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel? PROSet/Wireless WiFi Software
iTunes
Java 7 Update 17
Java Auto Updater
JavaFX 2.1.1
Job Cost Estimator
Logitech Harmony Remote Software 7
Malwarebytes Anti-Malware version 1.65.0.1400
Media Player Codec Pack 4.2.3
MediaInfo 0.7.61
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Sync Framework 2.0 Core Components (x64) ENU 
Microsoft Sync Framework 2.0 Provider Services (x64) ENU 
Microsoft VC90 CRT + OMP
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Picasa 3
PowerISO
Quickset64
QuickTime
Recuva
RICOH Media Driver ver.2.07.01.00
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Skype Click to Call
Skype? 6.1
SMART-ER
SUPERAntiSpyware
swMSM
SyncToy 2.1 (x64)
System Requirements Lab for Intel
TurboTax 2008
TurboTax 2008 wiliper
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2011
TurboTax 2011 wiliper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2011 wwiiper
TurboTax 2012
TurboTax 2012 wiliper
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
TurboTax 2012 wwiiper
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VC80CRTRedist - 8.0.50727.6195
VirtualLab Client 6.0.4
WinAVI All in One Converter
Wise Care 365 version 2.23
μTorrent
.
==== Event Viewer Messages From Past Week ========
.
3/8/2013 9:29:39 PM, Error: ACPI [13]  - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
3/10/2013 6:42:25 PM, Error: Service Control Manager [7023]  - The Peer Name Resolution Protocol service terminated with the following error:  %%-2140993535
3/10/2013 6:42:25 PM, Error: Service Control Manager [7001]  - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:  %%-2140993535
3/10/2013 6:42:25 PM, Error: Microsoft-Windows-PNRPSvc [102]  - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
3/10/2013 4:25:33 PM, Error: Service Control Manager [7034]  - The Intuit Update Service v4 service terminated unexpectedly.  It has done this 1 time(s).
3/10/2013 2:58:20 PM, Error: Service Control Manager [7030]  - The Canon IJ Wireless Setup Assistant Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
3/10/2013 2:53:12 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user Evan-PC\Guest SID (S-1-5-21-3523121294-644124245-167260036-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,960 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:57 AM

Posted 10 March 2013 - 10:22 PM

Greetings,

Let's address a few things in this first post. There are a couple of cautions I would like to offer then a few steps for you to take.

Please consider and perform the following for me.

===================================================

No Antivirus Program Installed

-------------------
  • Please download and install an antivirus program, and make sure that you keep it updated.
  • New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software. Two good antivirus programs free for non-commercial home use are avast! Free Antivirus and Avira AntiVir Personal - Free Antivirus.
  • You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent and Bit Torrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent and Bit Torrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Delete
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[S1].txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Run Combofix in Vista/7

--------------------

Combofix is a very powerful tool and special attention must be taken to allow it to work properly. Please pay careful attention to the following instructions.

sUBs, the author of Combofix, recommends you to uninstall AVG or CA Internet Security before running the program. If you have either of these programs on your computer please uninstall them using AppRemover which can be downloaded here. We will be sure to reinstall the Antivirus program once we are finished using Combofix.
  • Please download ComboFix from one of these locations:

BleepingComputer
ForoSpyware

  • Save Combofix.exe to your Desktop <-- Important!!!
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts. It is important you do not mouseclick while the program is running or it may stall.
Note #1: Often times it may appear as if ComboFix has stopped working. To verify it is still running please do one of the following below. If, based on the below, you have concluded ComboFix has stopped running please stop and advise me.
  • Check your computer clock. If it is still running then so is ComboFix
  • Open Task Manager and select the Applications Tab. If the status of AutoScan is Running, then ComboFix is running
  • Open Task Manager and select the Processes Tab. Under Image Name look for files ending in .3xe. If there are fluctuating numbers under CPU and Mem Usage then ComboFix is running
Note #2: If you receive the following error "Illegal operation attempted on a registery key that has been marked for deletion" please just restart your computer to resolve this issue

If Combofix fails to run properly using the above instructions please attempt the following:
  • Right click on the Combofix icon on your desktop and select Delete
  • Download a new copy but rename it to freshcopy.exe first, then save it to your desktop
  • Now download RKill.exe (or RKill renamed as iExplore.exe if the first one doesn't work properly) and save it to your desktop
  • Restart your computer in Safe Mode
  • Right click on RKill (or iExplore) and select Run as Administrator. If you are using Windows XP simply double click the icon
  • A black DOS screen should flash and disappear. If not, try to launch the program with the second file. If neither works please stop and let me know
  • When RKill is finished running you will be presented with a text file and a copy will be saved on your desktop. Copy and paste the contents of this report in your reply
  • Do not reboot your computer
  • Double click the freshcopy.exe icon (renamed Combofix file)
  • When finished, it will produce a log. Please copy and paste the C:\Combofix.txt log information in your next reply
  • If you disabled your antivirus please enable it again. If you uninstalled it please wait for instructions to reinstall it
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • Combofix log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 tobytigger

tobytigger
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 11 March 2013 - 07:57 PM

Oh My,
 
Copied below are the logs you requested.  I did get an error message after running Combofix so followed your instructions and ran in safe mode with fresh copy.  
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Ultimate x64
Ran by Evan on 03/11/2013 Mon at  9:06:35.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ Services
 
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/11/2013 Mon at  9:15:22.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v2.114 - Logfile created 03/11/2013 at 09:00:48
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Evan - EVAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Evan\Downloads\adwcleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Folder Deleted : C:\Users\Evan\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Evan\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Evan\AppData\Roaming\dvdvideosoftiehelpers
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16464
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v [Unable to get version]
 
File : C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\xvill1ib.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\Ellie\AppData\Roaming\Mozilla\Firefox\Profiles\yswnjjd3.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v25.0.1364.97
 
File : C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [1317 octets] - [11/03/2013 08:54:52]
AdwCleaner[S1].txt - [1256 octets] - [11/03/2013 09:00:48]
 
########## EOF - C:\AdwCleaner[S1].txt - [1316 octets] ##########
 
ComboFix 13-03-11.01 - Evan 1/2013 Mon   9:45.2.2 - x64 MINIMAL
Microsoft Windows 7 Ultimate   6.1.7601.1.936.86.1033.18.3933.2887 [GMT -5:00]
执行位置: c:\users\Evan\Desktop\freshcopy.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * 成功创造新还原点
.
.
(((((((((((((((((((((((((((((((((((((((   被删除的档案   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\PCDr\6032\AddOnDownloaded\1abc6cc6-7642-443e-ad9d-336734fd2832.dll
c:\programdata\PCDr\6032\AddOnDownloaded\69eaa8a4-3131-4718-aad0-994ebde678d1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9192d3e9-aa66-4560-a2e3-209867aafd30.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d4ffe1c0-8021-4dfa-bf52-cb9224f001ce.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e238f8f5-5f0a-478f-b96a-d15f6f6cac94.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f8b3befb-ca07-4bff-8777-f565b237979f.dll
c:\programdata\Roaming
.
.
(((((((((((((((((((((((((  2013-02-11 至 2013-03-11 的新的档案  )))))))))))))))))))))))))))))))
.
.
2013-03-11 14:56 . 2013-03-11 14:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-03-11 14:56 . 2013-03-11 14:56 -------- d-----w- c:\users\Jeffrey\AppData\Local\temp
2013-03-11 14:56 . 2013-03-11 14:56 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-03-11 14:56 . 2013-03-11 14:56 -------- d-----w- c:\users\Ellie\AppData\Local\temp
2013-03-11 14:56 . 2013-03-11 14:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-11 14:06 . 2013-03-11 14:06 -------- d-----w- c:\windows\ERUNT
2013-03-11 14:05 . 2013-03-11 14:05 -------- d-----w- C:\JRT
2013-03-11 13:55 . 2013-03-11 13:55 -------- d-----w- C:\Bleeping computer
2013-03-10 23:26 . 2013-03-10 23:26 -------- d--h--w- c:\programdata\CanonBJ
2013-03-10 23:26 . 2013-03-10 23:26 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-03-10 23:26 . 2009-11-30 21:40 293888 ----a-w- c:\windows\system32\CNC620L.DLL
2013-03-10 23:26 . 2007-03-15 19:13 229888 ----a-w- c:\windows\system32\CNC620O.DLL
2013-03-10 23:26 . 2009-12-11 18:19 1354240 ----a-w- c:\windows\system32\CNC620C.DLL
2013-03-10 23:26 . 2009-12-11 18:19 92672 ----a-w- c:\windows\system32\CNC620I.DLL
2013-03-10 23:26 . 2013-03-10 23:26 -------- d--h--w- c:\program files\CanonBJ
2013-03-10 19:53 . 2013-03-10 19:53 -------- d-----w- c:\users\Guest\AppData\Roaming\Intel
2013-03-09 03:47 . 2013-03-09 23:27 -------- d-----w- c:\users\Evan\AppData\Roaming\QuickScan
2013-03-06 12:58 . 2013-03-06 12:58 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-03 14:41 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-03-03 14:41 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-03-03 14:41 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-03-03 14:41 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-03-03 14:41 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-03-03 14:41 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-03-03 14:41 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-03-03 14:39 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-03-03 14:39 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-03-03 14:39 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-03-03 14:39 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-03-02 02:32 . 2013-03-02 02:32 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center
2013-03-02 02:17 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpengine.dll
2013-03-02 00:10 . 2013-03-11 01:40 -------- d-----w- c:\users\Evan\AppData\Roaming\Wise Care 365
2013-03-02 00:07 . 2013-03-02 00:07 -------- d-----w- c:\program files (x86)\Wise
2013-03-01 23:55 . 2013-03-10 21:53 -------- d-----w- c:\users\Evan\AppData\Roaming\GlarySoft
2013-03-01 23:52 . 2013-03-01 23:52 -------- d-----w- c:\program files (x86)\Glary Utilities
2013-02-28 02:04 . 2013-02-28 18:08 -------- d-----w- c:\users\Evan\Email to ellie
2013-02-25 00:36 . 2013-02-25 00:36 -------- d-----w- c:\program files\iPod
2013-02-25 00:36 . 2013-02-25 00:37 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-25 00:36 . 2013-02-25 00:37 -------- d-----w- c:\program files\iTunes
2013-02-25 00:36 . 2013-02-25 00:37 -------- d-----w- c:\program files (x86)\iTunes
2013-02-20 04:21 . 2013-02-20 04:21 -------- d-----w- c:\windows\SysWow64\Adobe
2013-02-18 23:05 . 2013-02-18 23:05 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-02-18 05:32 . 2013-02-18 05:32 -------- d--h--w- c:\windows\system32\WLANProfiles
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Evan\AppData\Roaming\Intel
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Public\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Jeffrey\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Guest\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Evan\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Ellie\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Default\Roaming
2013-02-18 05:27 . 2013-02-18 05:30 -------- d-----w- c:\program files\Intel
2013-02-18 05:27 . 2013-02-18 05:27 -------- d-----w- c:\programdata\Intel
2013-02-18 05:27 . 2013-02-18 05:27 -------- d-----w- c:\program files\Common Files\Intel
2013-02-18 05:27 . 2013-02-18 05:27 -------- d-----w- c:\program files (x86)\Cisco
2013-02-18 05:20 . 2013-02-18 05:20 -------- d-----w- c:\users\Evan\SystemRequirementsLab
2013-02-18 01:58 . 2012-08-30 17:18 152064 ----a-w- c:\windows\system32\CNMN6UI.DLL
2013-02-18 01:58 . 2012-08-30 17:18 252416 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2013-02-18 01:58 . 2012-08-30 17:15 366080 ----a-w- c:\windows\SysWow64\CNMNPPM.DLL
2013-02-17 21:30 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 21:30 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 21:27 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-17 21:27 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-17 21:27 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-17 21:27 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-17 21:27 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-17 21:27 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-17 21:27 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-17 21:27 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-17 21:27 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-17 21:27 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-17 21:27 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-17 21:27 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 03:51 . 2013-02-15 03:51 -------- d-----w- c:\users\Evan\AppData\Roaming\Free-PDF-to-Word.com
2013-02-15 03:50 . 2013-02-15 04:08 -------- d-----w- c:\program files (x86)\Free PDF to Word Converter
2013-02-09 16:56 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-02-09 16:56 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-02-09 16:56 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-02-09 16:56 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-02-09 16:54 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-02-09 16:54 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-02-09 16:54 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-02-09 16:54 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-02-09 16:54 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-02-09 16:54 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-02-09 16:54 . 2012-10-04 17:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2013-02-09 16:54 . 2012-10-04 17:41 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-02-09 16:54 . 2012-10-04 15:21 338432 ----a-w- c:\windows\system32\conhost.exe
2013-02-09 16:34 . 2013-02-09 16:34 -------- d-----w- c:\program files\IDT
.
.
.
((((((((((((((((((((((((((((((((((((((((   在三个月内被修改的档案   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-06 12:58 . 2012-06-09 05:00 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-06 12:58 . 2011-06-25 16:16 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-05 04:49 . 2011-05-31 04:46 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-30 00:15 . 2013-01-30 00:15 862664 ----a-w- c:\windows\SysWow64\msvcr110.dll
2013-01-30 00:15 . 2013-01-30 00:15 828872 ----a-w- c:\windows\system32\msvcr110.dll
2013-01-30 00:15 . 2013-01-30 00:15 661448 ----a-w- c:\windows\system32\msvcp110.dll
2013-01-30 00:15 . 2013-01-30 00:15 534480 ----a-w- c:\windows\SysWow64\msvcp110.dll
2013-01-30 00:15 . 2013-01-30 00:15 354264 ----a-w- c:\windows\system32\vccorlib110.dll
2013-01-30 00:15 . 2013-01-30 00:15 251864 ----a-w- c:\windows\SysWow64\vccorlib110.dll
2013-01-30 00:15 . 2013-01-30 00:15 50800 ----a-w- c:\windows\system32\drivers\point64.sys
2013-01-21 17:12 . 2013-01-21 17:12 2177664 ----a-w- c:\windows\system32\coin93.dll
2013-01-17 07:28 . 2011-05-31 04:37 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-17 21:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-13 19:50 . 2012-12-13 19:50 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-12-13 19:50 . 2012-12-13 19:50 54784 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
.
.
(((((((((((((((((((((((((((((((((((((   重要登入点   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白与合法缺省登录将不会被显示 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-31 39408]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2010-01-19 124256]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SMART-ER.lnk - c:\program files (x86)\Apricorn\SMART-ER\SMART-ER.exe [2007-6-4 323584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 AMPPALR3;Intel? Centrino? Wireless Bluetooth? + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
R2 SMART-ERService;SMART-ER Service;c:\program files (x86)\Apricorn\SMART-ER\SMART-ER Service.exe [2007-06-04 69632]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [2012-07-17 580648]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-08-23 3342640]
R3 AMPPAL;Intel? Centrino? Wireless Bluetooth? + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 AMPPALP;Intel? Centrino? Wireless Bluetooth? + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-31 1255736]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2010-11-09 49752]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-11-27 75904]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2013-01-30 50800]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-25 12:32 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
 ‘计划任务’ 文件夹 里的内容
.
2013-03-06 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2013-03-01 21:58]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 14:12]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 14:12]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3523121294-644124245-167260036-1001Core.job
- c:\users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-31 06:05]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3523121294-644124245-167260036-1001UA.job
- c:\users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-31 06:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-14 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-14 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-14 418336]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- 而外的扫描 -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
完成时间: 2013-03-11  09:59:16
ComboFix-quarantined-files.txt  2013-03-11 14:59
.
Pre-Run: 324,003,049,472 bytes free
Post-Run: 323,254,558,720 bytes free
.
- - End Of File - - F3FD6B64DB6BFB8105B84A501F65FB1D
 
Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/11/2013 09:43:29 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * Base Filtering Engine (BFE) is not Running.
   Startup Type set to: Automatic
 
 * DHCP Client (Dhcp) is not Running.
   Startup Type set to: Automatic
 
 * DNS Client (Dnscache) is not Running.
   Startup Type set to: Automatic
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Automatic
 
 * Network Connections (Netman) is not Running.
   Startup Type set to: Manual
 
 * Network Store Interface Service (nsi) is not Running.
   Startup Type set to: Automatic
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Ancillary Function Driver for Winsock (AFD) is not Running.
   Startup Type set to: System
 
 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual
 
 * NetBT (NetBT) is not Running.
   Startup Type set to: System
 
 * NSI proxy service driver. (nsiproxy) is not Running.
   Startup Type set to: System
 
 * NetIO Legacy TDI Support Driver (tdx) is not Running.
   Startup Type set to: System
 
 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 03/11/2013 09:43:40 AM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)
 

Edited by tobytigger, 11 March 2013 - 08:00 PM.


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,960 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:57 AM

Posted 11 March 2013 - 08:18 PM

Thanks for the information. Please do this next then rerun Combofix and post the results

===================================================


Temporary File Cleaner (TFC)

--------------------
  • Download TFC by OldTimer to your desktop.
  • Close any open windows
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run
  • Click the Start button to begin the process
  • Allow TFC to run uninterrupted
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean
NOTE: It's normal for the computer to boot more slowly the first time after running TFC

TFC will clear out all temporary folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. TFC only cleans temporary folders and will not clean URL history, prefetch, or cookies


===================================================

Things I would like to see in your next reply. :thumbsup2:
  • Combofix log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 tobytigger

tobytigger
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 11 March 2013 - 09:08 PM

Here's the Combofix after running TFC.   Thanks again.

 

 

 

 

ComboFix 13-03-11.01 - Evan 1/2013 Mon  20:50:11.3.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.936.86.1033.18.3933.2705 [GMT -5:00]
执行位置: c:\users\Evan\Desktop\freshcopy.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   被删除的档案   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\1abc6cc6-7642-443e-ad9d-336734fd2832.dll
c:\programdata\PCDr\6032\AddOnDownloaded\69eaa8a4-3131-4718-aad0-994ebde678d1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9192d3e9-aa66-4560-a2e3-209867aafd30.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d4ffe1c0-8021-4dfa-bf52-cb9224f001ce.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e238f8f5-5f0a-478f-b96a-d15f6f6cac94.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f8b3befb-ca07-4bff-8777-f565b237979f.dll
.
.
(((((((((((((((((((((((((  2013-02-12 至 2013-03-12 的新的档案  )))))))))))))))))))))))))))))))
.
.
2013-03-12 02:02 . 2013-03-12 02:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-03-12 02:02 . 2013-03-12 02:02 -------- d-----w- c:\users\Jeffrey\AppData\Local\temp
2013-03-12 02:02 . 2013-03-12 02:02 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-03-12 02:02 . 2013-03-12 02:02 -------- d-----w- c:\users\Ellie\AppData\Local\temp
2013-03-12 02:02 . 2013-03-12 02:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-11 14:06 . 2013-03-11 14:06 -------- d-----w- c:\windows\ERUNT
2013-03-11 14:05 . 2013-03-11 14:05 -------- d-----w- C:\JRT
2013-03-11 13:55 . 2013-03-11 13:55 -------- d-----w- C:\Bleeping computer
2013-03-10 23:26 . 2013-03-10 23:26 -------- d--h--w- c:\programdata\CanonBJ
2013-03-10 23:26 . 2013-03-10 23:26 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-03-10 23:26 . 2009-11-30 21:40 293888 ----a-w- c:\windows\system32\CNC620L.DLL
2013-03-10 23:26 . 2007-03-15 19:13 229888 ----a-w- c:\windows\system32\CNC620O.DLL
2013-03-10 23:26 . 2009-12-11 18:19 1354240 ----a-w- c:\windows\system32\CNC620C.DLL
2013-03-10 23:26 . 2009-12-11 18:19 92672 ----a-w- c:\windows\system32\CNC620I.DLL
2013-03-10 23:26 . 2013-03-10 23:26 -------- d--h--w- c:\program files\CanonBJ
2013-03-10 19:53 . 2013-03-10 19:53 -------- d-----w- c:\users\Guest\AppData\Roaming\Intel
2013-03-09 03:47 . 2013-03-09 23:27 -------- d-----w- c:\users\Evan\AppData\Roaming\QuickScan
2013-03-06 12:58 . 2013-03-06 12:58 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-03 14:41 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-03-03 14:41 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-03-03 14:41 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-03-03 14:41 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-03-03 14:41 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-03-03 14:41 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-03-03 14:41 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-03-03 14:39 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-03-03 14:39 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-03-03 14:39 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-03-03 14:39 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-03-02 02:32 . 2013-03-02 02:32 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center
2013-03-02 02:17 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpengine.dll
2013-03-02 00:10 . 2013-03-11 01:40 -------- d-----w- c:\users\Evan\AppData\Roaming\Wise Care 365
2013-03-02 00:07 . 2013-03-02 00:07 -------- d-----w- c:\program files (x86)\Wise
2013-03-01 23:55 . 2013-03-10 21:53 -------- d-----w- c:\users\Evan\AppData\Roaming\GlarySoft
2013-03-01 23:52 . 2013-03-01 23:52 -------- d-----w- c:\program files (x86)\Glary Utilities
2013-02-28 02:04 . 2013-02-28 18:08 -------- d-----w- c:\users\Evan\Email to ellie
2013-02-25 00:36 . 2013-02-25 00:36 -------- d-----w- c:\program files\iPod
2013-02-25 00:36 . 2013-02-25 00:37 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-25 00:36 . 2013-02-25 00:37 -------- d-----w- c:\program files\iTunes
2013-02-25 00:36 . 2013-02-25 00:37 -------- d-----w- c:\program files (x86)\iTunes
2013-02-20 04:21 . 2013-02-20 04:21 -------- d-----w- c:\windows\SysWow64\Adobe
2013-02-18 23:05 . 2013-02-18 23:05 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-02-18 05:32 . 2013-02-18 05:32 -------- d--h--w- c:\windows\system32\WLANProfiles
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Evan\AppData\Roaming\Intel
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Public\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Jeffrey\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Guest\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Evan\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Ellie\Roaming
2013-02-18 05:29 . 2013-02-18 05:29 -------- d-----w- c:\users\Default\Roaming
2013-02-18 05:27 . 2013-02-18 05:30 -------- d-----w- c:\program files\Intel
2013-02-18 05:27 . 2013-02-18 05:27 -------- d-----w- c:\programdata\Intel
2013-02-18 05:27 . 2013-02-18 05:27 -------- d-----w- c:\program files\Common Files\Intel
2013-02-18 05:27 . 2013-02-18 05:27 -------- d-----w- c:\program files (x86)\Cisco
2013-02-18 05:20 . 2013-02-18 05:20 -------- d-----w- c:\users\Evan\SystemRequirementsLab
2013-02-18 01:58 . 2012-08-30 17:18 152064 ----a-w- c:\windows\system32\CNMN6UI.DLL
2013-02-18 01:58 . 2012-08-30 17:18 252416 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2013-02-18 01:58 . 2012-08-30 17:15 366080 ----a-w- c:\windows\SysWow64\CNMNPPM.DLL
2013-02-17 21:30 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 21:30 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 21:27 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-17 21:27 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-17 21:27 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-17 21:27 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-17 21:27 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-17 21:27 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-17 21:27 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-17 21:27 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-17 21:27 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-17 21:27 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-17 21:27 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-17 21:27 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 03:51 . 2013-02-15 03:51 -------- d-----w- c:\users\Evan\AppData\Roaming\Free-PDF-to-Word.com
2013-02-15 03:50 . 2013-02-15 04:08 -------- d-----w- c:\program files (x86)\Free PDF to Word Converter
.
.
.
((((((((((((((((((((((((((((((((((((((((   在三个月内被修改的档案   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-06 12:58 . 2012-06-09 05:00 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-06 12:58 . 2011-06-25 16:16 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-05 04:49 . 2011-05-31 04:46 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-30 00:15 . 2013-01-30 00:15 862664 ----a-w- c:\windows\SysWow64\msvcr110.dll
2013-01-30 00:15 . 2013-01-30 00:15 828872 ----a-w- c:\windows\system32\msvcr110.dll
2013-01-30 00:15 . 2013-01-30 00:15 661448 ----a-w- c:\windows\system32\msvcp110.dll
2013-01-30 00:15 . 2013-01-30 00:15 534480 ----a-w- c:\windows\SysWow64\msvcp110.dll
2013-01-30 00:15 . 2013-01-30 00:15 354264 ----a-w- c:\windows\system32\vccorlib110.dll
2013-01-30 00:15 . 2013-01-30 00:15 251864 ----a-w- c:\windows\SysWow64\vccorlib110.dll
2013-01-30 00:15 . 2013-01-30 00:15 50800 ----a-w- c:\windows\system32\drivers\point64.sys
2013-01-21 17:12 . 2013-01-21 17:12 2177664 ----a-w- c:\windows\system32\coin93.dll
2013-01-17 07:28 . 2011-05-31 04:37 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-17 21:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2013-02-09 16:56 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2013-02-09 16:56 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2013-02-09 16:56 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2013-02-09 16:56 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-13 19:50 . 2012-12-13 19:50 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-12-13 19:50 . 2012-12-13 19:50 54784 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
.
.
(((((((((((((((((((((((((((((((((((((   重要登入点   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白与合法缺省登录将不会被显示 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-31 39408]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2010-01-19 124256]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SMART-ER.lnk - c:\program files (x86)\Apricorn\SMART-ER\SMART-ER.exe [2007-6-4 323584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [2012-07-17 580648]
R3 AMPPALP;Intel? Centrino? Wireless Bluetooth? + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-31 1255736]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2010-11-09 49752]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 AMPPALR3;Intel? Centrino? Wireless Bluetooth? + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 SMART-ERService;SMART-ER Service;c:\program files (x86)\Apricorn\SMART-ER\SMART-ER Service.exe [2007-06-04 69632]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-08-23 3342640]
S3 AMPPAL;Intel? Centrino? Wireless Bluetooth? + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-11-27 75904]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2013-01-30 50800]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-25 12:32 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
 ‘计划任务’ 文件夹 里的内容
.
2013-03-06 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2013-03-01 21:58]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 14:12]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 14:12]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3523121294-644124245-167260036-1001Core.job
- c:\users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-31 06:05]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3523121294-644124245-167260036-1001UA.job
- c:\users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-31 06:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-14 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-14 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-14 418336]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- 而外的扫描 -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
完成时间: 2013-03-11  21:04:34
ComboFix-quarantined-files.txt  2013-03-12 02:04
ComboFix2.txt  2013-03-11 14:59
.
Pre-Run: 324,044,685,312 bytes free
Post-Run: 323,731,714,048 bytes free
.
- - End Of File - - 0BBDDC0088E042B2AD98B8AA5D3C4BEC


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,960 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:57 AM

Posted 11 March 2013 - 10:00 PM

Greetings,

Looks like we still have some work to do. Some of the entries Combofix removed have come back upon reboot.

Please do this for me.

===================================================

Running TDSSKiller with Changed Parameters

--------------------
  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now

2012081514h0118.png

  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue

tds6.jpg

  • Click Reboot computer
  • Please zip and attach in your reply the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)
===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.

aswMBR1.png

  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.

aswMBR2.png

  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • TDSSKiller log
  • aswMBR log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 tobytigger

tobytigger
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 12 March 2013 - 02:12 PM

I posted the logs last night but just checked the thread and see they are not there.  Just tried to repost but no luck apparently.   I'm copying and pasting both TDSS and aswMBR but should the TDSS log be attached?  Thanks



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,960 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:57 AM

Posted 12 March 2013 - 02:14 PM

If you can copy and paste that is preferable but whatever you need to do to post that is fine. If for some reason you just can't do it let me know.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 tobytigger

tobytigger
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 12 March 2013 - 03:58 PM

I've been attempting to post the logs with no luck.   I paste, hit post and get "Saving post".   When I ran TDSS last night, I found 2 logs in root dir.  I've posted the shorter of the 2 logs to see if I can post anything.  Should I try to post the other log in two parts?
 
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-11 23:36:00
-----------------------------
23:36:00.248    OS Version: Windows x64 6.1.7601 Service Pack 1
23:36:00.249    Number of processors: 2 586 0x170A
23:36:00.251    ComputerName: EVAN-PC  UserName: Evan
23:36:02.591    Initialize success
23:38:15.894    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:38:15.900    Disk 0 Vendor:   Size: 0MB BusType: 0
23:38:15.924    Disk 0 MBR read successfully
23:38:15.928    Disk 0 MBR scan
23:38:15.932    Disk 0 Windows 7 default MBR code
23:38:15.936    Disk 0 MBR hidden
23:38:15.950    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS           70 MB offset 2048
23:38:15.961    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        15360 MB offset 145408
23:38:15.971    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       461508 MB offset 31602688
23:38:15.996    Disk 0 scanning C:\Windows\system32\drivers
23:38:23.757    Service scanning
23:38:37.631    Modules scanning
23:38:37.645    Disk 0 trace - called modules:
23:38:37.674    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
23:38:38.014    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c312d0]
23:38:38.023    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800469b600]
23:38:38.032    Scan finished successfully
23:41:52.086    Disk 0 MBR has been saved successfully to "C:\Users\Evan\Desktop\MBR.dat"
23:41:52.096    The log file has been saved successfully to "C:\Users\Evan\Desktop\aswMBR.txt"
 
22:56:29.0874 6112  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:56:30.0185 6112  ============================================================
22:56:30.0185 6112  Current date / time: 2013/03/11 22:56:30.0185
22:56:30.0185 6112  SystemInfo:
22:56:30.0185 6112  
22:56:30.0185 6112  OS Version: 6.1.7601 ServicePack: 1.0
22:56:30.0186 6112  Product type: Workstation
22:56:30.0186 6112  ComputerName: EVAN-PC
22:56:30.0186 6112  UserName: Evan
22:56:30.0186 6112  Windows directory: C:\Windows
22:56:30.0186 6112  System windows directory: C:\Windows
22:56:30.0186 6112  Running under WOW64
22:56:30.0186 6112  Processor architecture: Intel x64
22:56:30.0186 6112  Number of processors: 2
22:56:30.0186 6112  Page size: 0x1000
22:56:30.0186 6112  Boot type: Normal boot
22:56:30.0186 6112  ============================================================
22:56:31.0452 6112  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:56:31.0463 6112  ============================================================
22:56:31.0463 6112  \Device\Harddisk0\DR0:
22:56:31.0463 6112  MBR partitions:
22:56:31.0463 6112  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23000
22:56:31.0463 6112  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
22:56:31.0463 6112  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x38562000
22:56:31.0463 6112  ============================================================
22:56:31.0495 6112  C: <-> \Device\Harddisk0\DR0\Partition3
22:56:31.0521 6112  D: <-> \Device\Harddisk0\DR0\Partition1
22:56:31.0549 6112  E: <-> \Device\Harddisk0\DR0\Partition2
22:56:31.0549 6112  ============================================================
22:56:31.0549 6112  Initialize success
22:56:31.0549 6112  ============================================================
22:57:08.0842 6108  Deinitialize success
 


#13 tobytigger

tobytigger
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 12 March 2013 - 04:00 PM

23:00:36.0341 3616  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:00:36.0840 3616  ============================================================
23:00:36.0840 3616  Current date / time: 2013/03/11 23:00:36.0840
23:00:36.0840 3616  SystemInfo:
23:00:36.0840 3616  
23:00:36.0840 3616  OS Version: 6.1.7601 ServicePack: 1.0
23:00:36.0840 3616  Product type: Workstation
23:00:36.0840 3616  ComputerName: EVAN-PC
23:00:36.0840 3616  UserName: Evan
23:00:36.0840 3616  Windows directory: C:\Windows
23:00:36.0840 3616  System windows directory: C:\Windows
23:00:36.0840 3616  Running under WOW64
23:00:36.0840 3616  Processor architecture: Intel x64
23:00:36.0840 3616  Number of processors: 2
23:00:36.0840 3616  Page size: 0x1000
23:00:36.0840 3616  Boot type: Normal boot
23:00:36.0840 3616  ============================================================
23:00:52.0705 3616  BG loaded
23:00:54.0102 3616  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:00:54.0112 3616  ============================================================
23:00:54.0112 3616  \Device\Harddisk0\DR0:
23:00:54.0112 3616  MBR partitions:
23:00:54.0112 3616  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23000
23:00:54.0112 3616  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
23:00:54.0112 3616  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x38562000
23:00:54.0112 3616  ============================================================
23:00:54.0262 3616  C: <-> \Device\Harddisk0\DR0\Partition3
23:00:54.0322 3616  D: <-> \Device\Harddisk0\DR0\Partition1
23:00:54.0342 3616  E: <-> \Device\Harddisk0\DR0\Partition2
23:00:54.0342 3616  ============================================================
23:00:54.0352 3616  Initialize success
23:00:54.0352 3616  ============================================================
23:01:10.0475 2644  ============================================================
23:01:10.0475 2644  Scan started
23:01:10.0475 2644  Mode: Manual; TDLFS; 
23:01:10.0475 2644  ============================================================
23:01:13.0533 2644  ================ Scan system memory ========================
23:01:13.0533 2644  System memory - ok
23:01:13.0533 2644  ================ Scan services =============================
23:01:13.0876 2644  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
23:01:13.0876 2644  !SASCORE - ok
23:01:14.0125 2644  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:01:14.0125 2644  1394ohci - ok
23:01:14.0172 2644  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:01:14.0203 2644  ACPI - ok
23:01:14.0235 2644  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:01:14.0235 2644  AcpiPmi - ok
23:01:14.0437 2644  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:01:14.0437 2644  AdobeARMservice - ok
23:01:14.0531 2644  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:01:14.0531 2644  adp94xx - ok
23:01:14.0625 2644  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:01:14.0640 2644  adpahci - ok
23:01:14.0671 2644  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:01:14.0687 2644  adpu320 - ok
23:01:14.0734 2644  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:01:14.0749 2644  AeLookupSvc - ok
23:01:14.0874 2644  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:01:14.0874 2644  AFD - ok
23:01:14.0937 2644  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:01:14.0952 2644  agp440 - ok
23:01:14.0999 2644  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:01:14.0999 2644  ALG - ok
23:01:15.0030 2644  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:01:15.0030 2644  aliide - ok
23:01:15.0093 2644  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:01:15.0093 2644  amdide - ok
23:01:15.0139 2644  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:01:15.0155 2644  AmdK8 - ok
23:01:15.0186 2644  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:01:15.0186 2644  AmdPPM - ok
23:01:15.0358 2644  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:01:15.0358 2644  amdsata - ok
23:01:15.0405 2644  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:01:15.0420 2644  amdsbs - ok
23:01:15.0436 2644  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:01:15.0436 2644  amdxata - ok
23:01:15.0529 2644  [ 18A8E8A19CD826D31D2E74E740220001 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
23:01:15.0529 2644  AMPPAL - ok
23:01:15.0545 2644  [ 18A8E8A19CD826D31D2E74E740220001 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
23:01:15.0545 2644  AMPPALP - ok
23:01:15.0763 2644  [ B4837176B2DBBC8E3D6F31D4853EEAEB ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
23:01:15.0763 2644  AMPPALR3 - ok
23:01:15.0857 2644  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:01:15.0857 2644  AppID - ok
23:01:15.0888 2644  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:01:15.0904 2644  AppIDSvc - ok
23:01:16.0013 2644  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:01:16.0013 2644  Appinfo - ok
23:01:16.0169 2644  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:01:16.0169 2644  Apple Mobile Device - ok
23:01:16.0247 2644  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:01:16.0263 2644  AppMgmt - ok
23:01:16.0309 2644  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:01:16.0325 2644  arc - ok
23:01:16.0341 2644  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:01:16.0341 2644  arcsas - ok
23:01:16.0372 2644  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:01:16.0387 2644  AsyncMac - ok
23:01:16.0403 2644  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:01:16.0403 2644  atapi - ok
23:01:16.0575 2644  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:01:16.0575 2644  AudioEndpointBuilder - ok
23:01:16.0621 2644  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:01:16.0637 2644  AudioSrv - ok
23:01:16.0731 2644  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:01:16.0731 2644  AxInstSV - ok
23:01:16.0777 2644  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:01:16.0809 2644  b06bdrv - ok
23:01:16.0887 2644  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:01:16.0887 2644  b57nd60a - ok
23:01:16.0949 2644  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:01:16.0949 2644  BDESVC - ok
23:01:16.0980 2644  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:01:16.0980 2644  Beep - ok
23:01:17.0105 2644  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:01:17.0121 2644  BFE - ok
23:01:17.0199 2644  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
23:01:17.0199 2644  BITS - ok
23:01:17.0230 2644  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:01:17.0230 2644  blbdrive - ok
23:01:17.0401 2644  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:01:17.0401 2644  Bonjour Service - ok
23:01:17.0464 2644  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:01:17.0464 2644  bowser - ok
23:01:17.0495 2644  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:01:17.0511 2644  BrFiltLo - ok
23:01:17.0511 2644  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:01:17.0511 2644  BrFiltUp - ok
23:01:17.0604 2644  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:01:17.0620 2644  BridgeMP - ok
23:01:17.0729 2644  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:01:17.0729 2644  Browser - ok
23:01:17.0776 2644  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:01:17.0776 2644  Brserid - ok
23:01:17.0807 2644  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:01:17.0807 2644  BrSerWdm - ok
23:01:17.0823 2644  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:01:17.0823 2644  BrUsbMdm - ok
23:01:17.0838 2644  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:01:17.0838 2644  BrUsbSer - ok
23:01:17.0838 2644  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:01:17.0854 2644  BTHMODEM - ok
23:01:17.0901 2644  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:01:17.0901 2644  bthserv - ok
23:01:17.0994 2644  [ B9D49E4288F56C053B4C12D2F9042948 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
23:01:17.0994 2644  BTHSSecurityMgr - ok
23:01:18.0041 2644  catchme - ok
23:01:18.0057 2644  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:01:18.0072 2644  cdfs - ok
23:01:18.0150 2644  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:01:18.0150 2644  cdrom - ok
23:01:18.0228 2644  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:01:18.0228 2644  CertPropSvc - ok
23:01:18.0259 2644  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:01:18.0259 2644  circlass - ok
23:01:18.0291 2644  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:01:18.0291 2644  CLFS - ok
23:01:18.0431 2644  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:01:18.0431 2644  clr_optimization_v2.0.50727_32 - ok
23:01:18.0634 2644  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:01:18.0634 2644  clr_optimization_v2.0.50727_64 - ok
23:01:18.0821 2644  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:01:18.0915 2644  clr_optimization_v4.0.30319_32 - ok
23:01:19.0008 2644  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:01:19.0008 2644  clr_optimization_v4.0.30319_64 - ok
23:01:19.0055 2644  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:01:19.0071 2644  CmBatt - ok
23:01:19.0086 2644  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:01:19.0086 2644  cmdide - ok
23:01:19.0133 2644  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
23:01:19.0149 2644  CNG - ok
23:01:19.0195 2644  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:01:19.0195 2644  Compbatt - ok
23:01:19.0242 2644  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:01:19.0273 2644  CompositeBus - ok
23:01:19.0289 2644  COMSysApp - ok
23:01:19.0414 2644  [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
23:01:19.0414 2644  cpudrv64 - ok
23:01:19.0445 2644  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:01:19.0445 2644  crcdisk - ok
23:01:19.0507 2644  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:01:19.0507 2644  CryptSvc - ok
23:01:19.0554 2644  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
23:01:19.0554 2644  CSC - ok
23:01:19.0601 2644  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
23:01:19.0617 2644  CscService - ok
23:01:19.0679 2644  [ BA25D4B9B067248F7CAC416E855D706B ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
23:01:19.0679 2644  dc3d - ok
23:01:19.0726 2644  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:01:19.0726 2644  DcomLaunch - ok
23:01:19.0757 2644  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:01:19.0773 2644  defragsvc - ok
23:01:19.0804 2644  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:01:19.0804 2644  DfsC - ok
23:01:19.0835 2644  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:01:19.0835 2644  Dhcp - ok
23:01:19.0866 2644  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:01:19.0866 2644  discache - ok
23:01:19.0897 2644  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:01:19.0897 2644  Disk - ok
23:01:19.0929 2644  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:01:19.0929 2644  Dnscache - ok
23:01:19.0960 2644  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:01:19.0960 2644  dot3svc - ok
23:01:19.0991 2644  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:01:19.0991 2644  DPS - ok
23:01:20.0038 2644  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:01:20.0053 2644  drmkaud - ok
23:01:20.0163 2644  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:01:20.0178 2644  DXGKrnl - ok
23:01:20.0209 2644  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:01:20.0209 2644  EapHost - ok
23:01:20.0443 2644  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:01:20.0537 2644  ebdrv - ok
23:01:20.0584 2644  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:01:20.0584 2644  EFS - ok
23:01:20.0740 2644  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:01:20.0787 2644  ehRecvr - ok
23:01:20.0818 2644  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:01:20.0833 2644  ehSched - ok
23:01:20.0911 2644  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:01:20.0927 2644  elxstor - ok
23:01:20.0958 2644  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:01:20.0958 2644  ErrDev - ok
23:01:21.0067 2644  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:01:21.0083 2644  EventSystem - ok
23:01:21.0192 2644  [ 770B15B8261A444B817F296EC27CE71E ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:01:21.0192 2644  EvtEng - ok
23:01:22.0050 2644  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:01:22.0050 2644  exfat - ok
23:01:22.0113 2644  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:01:22.0113 2644  fastfat - ok
23:01:22.0191 2644  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:01:22.0191 2644  Fax - ok
23:01:22.0222 2644  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:01:22.0222 2644  fdc - ok
23:01:22.0300 2644  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:01:22.0300 2644  fdPHost - ok
23:01:22.0331 2644  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:01:22.0347 2644  FDResPub - ok
23:01:23.0563 2644  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:01:23.0579 2644  FileInfo - ok
23:01:23.0595 2644  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:01:23.0595 2644  Filetrace - ok
23:01:23.0626 2644  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:01:23.0626 2644  flpydisk - ok
23:01:23.0688 2644  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:01:23.0704 2644  FltMgr - ok
23:01:23.0844 2644  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
23:01:23.0860 2644  FontCache - ok
23:01:23.0938 2644  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:01:23.0938 2644  FontCache3.0.0.0 - ok
23:01:23.0969 2644  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:01:23.0969 2644  FsDepends - ok
23:01:24.0016 2644  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:01:24.0016 2644  Fs_Rec - ok
23:01:24.0063 2644  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:01:24.0078 2644  fvevol - ok
23:01:24.0094 2644  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:01:24.0094 2644  gagp30kx - ok
23:01:24.0125 2644  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:01:24.0141 2644  GEARAspiWDM - ok
23:01:24.0203 2644  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:01:24.0203 2644  gpsvc - ok
23:01:24.0312 2644  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:01:24.0312 2644  gupdate - ok
23:01:24.0375 2644  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:01:24.0390 2644  gupdatem - ok
23:01:24.0468 2644  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:01:24.0484 2644  gusvc - ok
23:01:24.0515 2644  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:01:24.0515 2644  hcw85cir - ok
23:01:24.0577 2644  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:01:24.0577 2644  HdAudAddService - ok
23:01:24.0609 2644  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:01:24.0609 2644  HDAudBus - ok
23:01:24.0640 2644  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:01:24.0640 2644  HidBatt - ok
23:01:24.0655 2644  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:01:24.0655 2644  HidBth - ok
23:01:24.0671 2644  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:01:24.0687 2644  HidIr - ok
23:01:24.0718 2644  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
23:01:24.0718 2644  hidserv - ok
23:01:24.0765 2644  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:01:24.0765 2644  HidUsb - ok
23:01:24.0796 2644  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:01:24.0796 2644  hkmsvc - ok
23:01:24.0858 2644  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:01:24.0858 2644  HomeGroupListener - ok
23:01:24.0889 2644  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:01:24.0889 2644  HomeGroupProvider - ok
23:01:24.0921 2644  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:01:24.0921 2644  HpSAMD - ok
23:01:24.0967 2644  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:01:24.0983 2644  HTTP - ok
23:01:25.0014 2644  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:01:25.0014 2644  hwpolicy - ok
23:01:25.0045 2644  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:01:25.0045 2644  i8042prt - ok
23:01:25.0155 2644  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:01:25.0170 2644  iaStorV - ok
23:01:25.0279 2644  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:01:25.0295 2644  idsvc - ok
23:01:26.0153 2644  [ 8814F0B9A09C647D3D7BE735450E7B4C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:01:26.0247 2644  igfx - ok
23:01:26.0278 2644  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:01:26.0293 2644  iirsp - ok
23:01:26.0325 2644  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:01:26.0340 2644  IKEEXT - ok
23:01:26.0449 2644  [ B014CE58F0A8048D3924BA8D5CCBC5F1 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
23:01:26.0449 2644  IntcHdmiAddService - ok
23:01:26.0481 2644  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:01:26.0481 2644  intelide - ok
23:01:26.0496 2644  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:01:26.0496 2644  intelppm - ok
23:01:26.0605 2644  [ 1A263BD87C082FA7AB38093014C8FC79 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
23:01:26.0605 2644  IntuitUpdateService - ok
23:01:26.0699 2644  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
23:01:26.0699 2644  IntuitUpdateServiceV4 - ok
23:01:26.0730 2644  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:01:26.0746 2644  IPBusEnum - ok
23:01:26.0793 2644  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:01:26.0793 2644  IpFilterDriver - ok
23:01:26.0886 2644  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:01:26.0886 2644  iphlpsvc - ok
23:01:26.0933 2644  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:01:26.0949 2644  IPMIDRV - ok
23:01:26.0980 2644  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:01:26.0995 2644  IPNAT - ok
23:01:27.0136 2644  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:01:27.0136 2644  iPod Service - ok
23:01:27.0183 2644  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:01:27.0183 2644  IRENUM - ok
23:01:27.0198 2644  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:01:27.0198 2644  isapnp - ok
23:01:27.0261 2644  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:01:27.0276 2644  iScsiPrt - ok
23:01:27.0354 2644  [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
23:01:27.0370 2644  k57nd60a - ok
23:01:27.0385 2644  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:01:27.0385 2644  kbdclass - ok
23:01:27.0417 2644  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:01:27.0432 2644  kbdhid - ok
23:01:27.0448 2644  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:01:27.0448 2644  KeyIso - ok
23:01:27.0495 2644  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:01:27.0495 2644  KSecDD - ok
23:01:27.0541 2644  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:01:27.0541 2644  KSecPkg - ok
23:01:27.0573 2644  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:01:27.0573 2644  ksthunk - ok
23:01:27.0651 2644  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:01:27.0666 2644  KtmRm - ok
23:01:27.0744 2644  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:01:27.0760 2644  LanmanServer - ok
23:01:27.0791 2644  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:01:27.0807 2644  LanmanWorkstation - ok
23:01:27.0869 2644  [ 24E09882BA51B9830AE029888A3AAF18 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
23:01:27.0869 2644  LHidFilt - ok
23:01:27.0931 2644  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:01:27.0931 2644  lltdio - ok
23:01:27.0978 2644  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:01:27.0994 2644  lltdsvc - ok
23:01:28.0025 2644  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:01:28.0025 2644  lmhosts - ok
23:01:28.0041 2644  [ 2F94325D8C10E2B715F3D753C2422AAC ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
23:01:28.0041 2644  LMouFilt - ok
23:01:28.0103 2644  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:01:28.0119 2644  LSI_FC - ok
23:01:28.0134 2644  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:01:28.0150 2644  LSI_SAS - ok
23:01:28.0150 2644  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:01:28.0165 2644  LSI_SAS2 - ok
23:01:28.0181 2644  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:01:28.0197 2644  LSI_SCSI - ok
23:01:28.0228 2644  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:01:28.0228 2644  luafv - ok
23:01:28.0306 2644  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:01:28.0306 2644  MBAMProtector - ok
23:01:28.0384 2644  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:01:28.0384 2644  MBAMScheduler - ok
23:01:28.0462 2644  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:01:28.0509 2644  MBAMService - ok
23:01:28.0540 2644  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:01:28.0540 2644  Mcx2Svc - ok
23:01:28.0571 2644  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:01:28.0571 2644  megasas - ok
23:01:28.0618 2644  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:01:28.0618 2644  MegaSR - ok
23:01:28.0649 2644  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:01:28.0649 2644  MMCSS - ok
23:01:28.0665 2644  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:01:28.0680 2644  Modem - ok
23:01:28.0727 2644  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:01:28.0727 2644  monitor - ok
23:01:28.0774 2644  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:01:28.0774 2644  mouclass - ok
23:01:28.0805 2644  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:01:28.0805 2644  mouhid - ok
23:01:28.0852 2644  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:01:28.0852 2644  mountmgr - ok
23:01:28.0883 2644  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:01:28.0883 2644  mpio - ok
23:01:28.0899 2644  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:01:28.0899 2644  mpsdrv - ok
23:01:29.0023 2644  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:01:29.0023 2644  MpsSvc - ok
23:01:29.0070 2644  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:01:29.0070 2644  MRxDAV - ok
23:01:29.0101 2644  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:01:29.0101 2644  mrxsmb - ok
23:01:29.0148 2644  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:01:29.0164 2644  mrxsmb10 - ok
23:01:29.0179 2644  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:01:29.0179 2644  mrxsmb20 - ok
23:01:29.0226 2644  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:01:29.0226 2644  msahci - ok
23:01:29.0242 2644  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:01:29.0257 2644  msdsm - ok
23:01:29.0289 2644  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:01:29.0289 2644  MSDTC - ok
23:01:29.0335 2644  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:01:29.0335 2644  Msfs - ok
23:01:29.0351 2644  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:01:29.0351 2644  mshidkmdf - ok
23:01:29.0382 2644  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:01:29.0398 2644  msisadrv - ok
23:01:29.0445 2644  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:01:29.0460 2644  MSiSCSI - ok
23:01:29.0460 2644  msiserver - ok
23:01:29.0507 2644  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:01:29.0507 2644  MSKSSRV - ok
23:01:29.0538 2644  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:01:29.0554 2644  MSPCLOCK - ok
23:01:29.0569 2644  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:01:29.0585 2644  MSPQM - ok
23:01:29.0663 2644  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:01:29.0694 2644  MsRPC - ok
23:01:29.0725 2644  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:01:29.0725 2644  mssmbios - ok
23:01:29.0757 2644  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:01:29.0757 2644  MSTEE - ok
23:01:29.0772 2644  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:01:29.0788 2644  MTConfig - ok
23:01:29.0803 2644  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:01:29.0819 2644  Mup - ok
23:01:29.0897 2644  [ 7B5094DF1671E35D2F2EDDBF12D3D77D ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:01:29.0897 2644  MyWiFiDHCPDNS - ok
23:01:29.0959 2644  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:01:29.0975 2644  napagent - ok
23:01:30.0037 2644  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:01:30.0053 2644  NativeWifiP - ok
23:01:30.0162 2644  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:01:30.0193 2644  NDIS - ok
23:01:30.0240 2644  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:01:30.0240 2644  NdisCap - ok
23:01:30.0271 2644  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:01:30.0271 2644  NdisTapi - ok
23:01:30.0334 2644  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:01:30.0334 2644  Ndisuio - ok
23:01:30.0365 2644  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:01:30.0365 2644  NdisWan - ok
23:01:30.0396 2644  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:01:30.0396 2644  NDProxy - ok
23:01:30.0443 2644  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:01:30.0443 2644  NetBIOS - ok
23:01:30.0490 2644  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:01:30.0490 2644  NetBT - ok
23:01:30.0505 2644  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:01:30.0521 2644  Netlogon - ok
23:01:30.0599 2644  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:01:30.0599 2644  Netman - ok
23:01:30.0661 2644  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:01:30.0661 2644  netprofm - ok
23:01:30.0693 2644  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:01:30.0708 2644  NetTcpPortSharing - ok
23:01:31.0036 2644  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
23:01:31.0145 2644  netw5v64 - ok
23:01:31.0613 2644  [ 1D974430131627AD97BD28E5746C2EC1 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
23:01:31.0675 2644  NETwNs64 - ok
23:01:31.0722 2644  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:01:31.0738 2644  nfrd960 - ok
23:01:31.0785 2644  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:01:31.0785 2644  NlaSvc - ok
23:01:31.0800 2644  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:01:31.0800 2644  Npfs - ok
23:01:31.0847 2644  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:01:31.0847 2644  nsi - ok
23:01:31.0878 2644  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:01:31.0878 2644  nsiproxy - ok
23:01:32.0034 2644  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:01:32.0081 2644  Ntfs - ok
23:01:32.0112 2644  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:01:32.0112 2644  Null - ok
23:01:32.0143 2644  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:01:32.0143 2644  nvraid - ok
23:01:32.0206 2644  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:01:32.0206 2644  nvstor - ok
23:01:32.0237 2644  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:01:32.0237 2644  nv_agp - ok
23:01:32.0440 2644  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:01:32.0455 2644  odserv - ok
23:01:32.0502 2644  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:01:32.0502 2644  ohci1394 - ok
23:01:32.0549 2644  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:01:32.0565 2644  ose - ok
23:01:32.0611 2644  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:01:32.0611 2644  p2pimsvc - ok
23:01:32.0689 2644  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:01:32.0721 2644  p2psvc - ok
23:01:32.0752 2644  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:01:32.0752 2644  Parport - ok
23:01:32.0783 2644  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:01:32.0783 2644  partmgr - ok
23:01:32.0830 2644  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:01:32.0830 2644  PcaSvc - ok
23:01:32.0877 2644  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:01:32.0892 2644  pci - ok
23:01:32.0923 2644  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:01:32.0939 2644  pciide - ok
23:01:32.0955 2644  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:01:32.0955 2644  pcmcia - ok
23:01:32.0986 2644  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:01:32.0986 2644  pcw - ok
23:01:33.0095 2644  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:01:33.0095 2644  PEAUTH - ok
23:01:33.0282 2644  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:01:33.0329 2644  PeerDistSvc - ok
23:01:34.0140 2644  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:01:34.0140 2644  PerfHost - ok
23:01:34.0343 2644  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:01:34.0390 2644  pla - ok
23:01:34.0452 2644  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:01:34.0452 2644  PlugPlay - ok
23:01:34.0499 2644  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:01:34.0515 2644  PNRPAutoReg - ok
23:01:34.0546 2644  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:01:34.0546 2644  PNRPsvc - ok
23:01:34.0608 2644  [ 34A8FAE065249F85A67A3215FF5ECB34 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
23:01:34.0608 2644  Point64 - ok
23:01:34.0671 2644  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:01:34.0686 2644  PolicyAgent - ok
23:01:34.0717 2644  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:01:34.0733 2644  Power - ok
23:01:34.0764 2644  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:01:34.0780 2644  PptpMiniport - ok
23:01:34.0795 2644  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:01:34.0795 2644  Processor - ok
23:01:34.0842 2644  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:01:34.0842 2644  ProfSvc - ok
23:01:34.0873 2644  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:01:34.0873 2644  ProtectedStorage - ok
23:01:34.0920 2644  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:01:34.0920 2644  Psched - ok
23:01:35.0045 2644  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:01:35.0092 2644  ql2300 - ok
23:01:35.0107 2644  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:01:35.0123 2644  ql40xx - ok
23:01:35.0154 2644  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:01:35.0154 2644  QWAVE - ok
23:01:35.0170 2644  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:01:35.0185 2644  QWAVEdrv - ok
23:01:35.0201 2644  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:01:35.0201 2644  RasAcd - ok
23:01:35.0232 2644  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:01:35.0232 2644  RasAgileVpn - ok
23:01:35.0263 2644  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:01:35.0263 2644  RasAuto - ok
23:01:35.0295 2644  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:01:35.0295 2644  Rasl2tp - ok
23:01:35.0310 2644  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:01:35.0326 2644  RasMan - ok
23:01:35.0341 2644  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:01:35.0341 2644  RasPppoe - ok
23:01:35.0357 2644  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:01:35.0357 2644  RasSstp - ok
23:01:35.0388 2644  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:01:35.0404 2644  rdbss - ok
23:01:35.0419 2644  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:01:35.0419 2644  rdpbus - ok
23:01:35.0435 2644  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:01:35.0435 2644  RDPCDD - ok
23:01:35.0482 2644  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:01:35.0482 2644  RDPDR - ok
23:01:35.0513 2644  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:01:35.0513 2644  RDPENCDD - ok
23:01:35.0544 2644  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:01:35.0544 2644  RDPREFMP - ok
23:01:35.0591 2644  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:01:35.0591 2644  RdpVideoMiniport - ok
23:01:35.0653 2644  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:01:35.0669 2644  RDPWD - ok
23:01:35.0700 2644  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:01:35.0700 2644  rdyboost - ok
23:01:35.0747 2644  [ 992E3160D3AB2D8F083B6808D73A4016 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:01:35.0747 2644  RegSrvc - ok
23:01:35.0763 2644  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:01:35.0778 2644  RemoteAccess - ok
23:01:35.0809 2644  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:01:35.0809 2644  RemoteRegistry - ok
23:01:35.0841 2644  [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
23:01:35.0841 2644  rimmptsk - ok
23:01:35.0856 2644  [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
23:01:35.0856 2644  rimsptsk - ok
23:01:35.0903 2644  [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
23:01:35.0903 2644  rismxdp - ok
23:01:35.0919 2644  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:01:35.0919 2644  RpcEptMapper - ok
23:01:35.0965 2644  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:01:35.0965 2644  RpcLocator - ok
23:01:36.0012 2644  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:01:36.0012 2644  RpcSs - ok
23:01:36.0043 2644  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:01:36.0043 2644  rspndr - ok
23:01:36.0075 2644  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:01:36.0075 2644  s3cap - ok
23:01:36.0090 2644  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:01:36.0090 2644  SamSs - ok
23:01:36.0231 2644  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:01:36.0231 2644  SASDIFSV - ok
23:01:36.0262 2644  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:01:36.0262 2644  SASKUTIL - ok
23:01:36.0293 2644  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:01:36.0293 2644  sbp2port - ok
23:01:36.0340 2644  [ 7E07D2A5B910C71D6474E9AA0EAA1825 ] SBRE            C:\Windows\system32\drivers\SBREdrv.sys
23:01:36.0340 2644  SBRE - ok
23:01:36.0402 2644  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:01:36.0418 2644  SCardSvr - ok
23:01:36.0480 2644  [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
23:01:36.0480 2644  SCDEmu - ok
23:01:36.0511 2644  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:01:36.0511 2644  scfilter - ok
23:01:36.0667 2644  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:01:36.0683 2644  Schedule - ok
23:01:36.0730 2644  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:01:36.0730 2644  SCPolicySvc - ok
23:01:36.0808 2644  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
23:01:36.0808 2644  sdbus - ok
23:01:36.0870 2644  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:01:36.0886 2644  SDRSVC - ok
23:01:36.0933 2644  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:01:36.0933 2644  secdrv - ok
23:01:36.0964 2644  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:01:36.0979 2644  seclogon - ok
23:01:37.0011 2644  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
23:01:37.0011 2644  SENS - ok
23:01:37.0042 2644  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:01:37.0042 2644  SensrSvc - ok
23:01:37.0057 2644  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:01:37.0057 2644  Serenum - ok
23:01:37.0089 2644  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:01:37.0089 2644  Serial - ok
23:01:37.0135 2644  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:01:37.0135 2644  sermouse - ok
23:01:37.0182 2644  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:01:37.0182 2644  SessionEnv - ok
23:01:37.0213 2644  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
23:01:37.0229 2644  sffdisk - ok
23:01:37.0245 2644  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:01:37.0245 2644  sffp_mmc - ok
23:01:37.0276 2644  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
23:01:37.0276 2644  sffp_sd - ok
23:01:37.0291 2644  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:01:37.0291 2644  sfloppy - ok
23:01:37.0354 2644  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:01:37.0354 2644  SharedAccess - ok
23:01:37.0385 2644  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:01:37.0385 2644  ShellHWDetection - ok
23:01:37.0416 2644  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:01:37.0416 2644  SiSRaid2 - ok
23:01:37.0447 2644  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:01:37.0447 2644  SiSRaid4 - ok
23:01:37.0759 2644  [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:01:37.0775 2644  Skype C2C Service - ok
23:01:37.0884 2644  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:01:37.0884 2644  SkypeUpdate - ok
23:01:37.0947 2644  [ 659C3E88522968255A99322F1A96AFB7 ] SMART-ERService C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER Service.exe
23:01:37.0962 2644  SMART-ERService - ok
23:01:37.0993 2644  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:01:37.0993 2644  Smb - ok
23:01:38.0103 2644  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:01:38.0103 2644  SNMPTRAP - ok
23:01:38.0134 2644  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:01:38.0134 2644  spldr - ok
23:01:38.0181 2644  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:01:38.0196 2644  Spooler - ok
23:01:38.0305 2644  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:01:38.0399 2644  sppsvc - ok
23:01:38.0430 2644  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:01:38.0430 2644  sppuinotify - ok
23:01:38.0477 2644  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:01:38.0477 2644  srv - ok
23:01:38.0493 2644  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:01:38.0493 2644  srv2 - ok
23:01:38.0524 2644  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:01:38.0524 2644  srvnet - ok
23:01:38.0555 2644  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:01:38.0555 2644  SSDPSRV - ok
23:01:38.0586 2644  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:01:38.0586 2644  SstpSvc - ok
23:01:38.0617 2644  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:01:38.0617 2644  stexstor - ok
23:01:38.0695 2644  [ CAF5A9708671B14B9670260735B22C4E ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
23:01:38.0695 2644  STHDA - ok
23:01:38.0742 2644  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
23:01:38.0742 2644  StillCam - ok
23:01:38.0773 2644  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:01:38.0789 2644  stisvc - ok
23:01:38.0820 2644  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:01:38.0820 2644  storflt - ok
23:01:38.0851 2644  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:01:38.0851 2644  storvsc - ok
23:01:38.0883 2644  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:01:38.0883 2644  swenum - ok
23:01:38.0945 2644  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:01:38.0976 2644  swprv - ok
23:01:38.0992 2644  Synth3dVsc - ok
23:01:39.0039 2644  [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
23:01:39.0039 2644  SynTP - ok
23:01:39.0101 2644  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:01:39.0117 2644  SysMain - ok
23:01:39.0163 2644  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:01:39.0163 2644  TabletInputService - ok
23:01:39.0195 2644  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:01:39.0210 2644  TapiSrv - ok
23:01:39.0226 2644  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:01:39.0226 2644  TBS - ok
23:01:39.0304 2644  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:01:39.0351 2644  Tcpip - ok
23:01:39.0475 2644  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:01:39.0491 2644  TCPIP6 - ok
23:01:39.0585 2644  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:01:39.0585 2644  tcpipreg - ok
23:01:39.0617 2644  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:01:39.0617 2644  TDPIPE - ok
23:01:39.0679 2644  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:01:39.0679 2644  TDTCP - ok
23:01:39.0710 2644  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:01:39.0710 2644  tdx - ok
23:01:39.0742 2644  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:01:39.0742 2644  TermDD - ok
23:01:39.0835 2644  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:01:39.0866 2644  TermService - ok
23:01:39.0898 2644  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:01:39.0929 2644  Themes - ok
23:01:39.0960 2644  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:01:39.0960 2644  THREADORDER - ok
23:01:39.0976 2644  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:01:39.0991 2644  TrkWks - ok
23:01:40.0085 2644  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:01:40.0085 2644  TrustedInstaller - ok
23:01:40.0116 2644  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:01:40.0116 2644  tssecsrv - ok
23:01:40.0210 2644  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:01:40.0210 2644  TsUsbFlt - ok
23:01:40.0225 2644  tsusbhub - ok
23:01:40.0256 2644  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:01:40.0256 2644  tunnel - ok
23:01:40.0303 2644  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:01:40.0303 2644  uagp35 - ok
23:01:40.0319 2644  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:01:40.0334 2644  udfs - ok
23:01:40.0381 2644  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:01:40.0381 2644  UI0Detect - ok
23:01:40.0412 2644  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:01:40.0412 2644  uliagpkx - ok
23:01:40.0428 2644  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:01:40.0428 2644  umbus - ok
23:01:40.0459 2644  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:01:40.0459 2644  UmPass - ok
23:01:40.0490 2644  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
23:01:40.0506 2644  UmRdpService - ok
23:01:40.0522 2644  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:01:40.0522 2644  upnphost - ok
23:01:40.0568 2644  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:01:40.0568 2644  USBAAPL64 - ok
23:01:40.0600 2644  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:01:40.0600 2644  usbccgp - ok
23:01:40.0662 2644  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:01:40.0662 2644  usbcir - ok
23:01:40.0693 2644  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:01:40.0709 2644  usbehci - ok
23:01:40.0740 2644  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:01:40.0756 2644  usbhub - ok
23:01:40.0771 2644  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:01:40.0771 2644  usbohci - ok
23:01:40.0787 2644  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:01:40.0787 2644  usbprint - ok
23:01:40.0818 2644  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:01:40.0818 2644  usbscan - ok
23:01:40.0849 2644  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:01:40.0849 2644  USBSTOR - ok
23:01:40.0865 2644  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:01:40.0865 2644  usbuhci - ok
23:01:40.0958 2644  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:01:40.0958 2644  usbvideo - ok
23:01:40.0974 2644  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:01:40.0990 2644  UxSms - ok
23:01:41.0005 2644  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:01:41.0005 2644  VaultSvc - ok
23:01:41.0021 2644  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:01:41.0036 2644  vdrvroot - ok
23:01:41.0068 2644  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:01:41.0083 2644  vds - ok
23:01:41.0114 2644  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:01:41.0114 2644  vga - ok
23:01:41.0130 2644  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:01:41.0130 2644  VgaSave - ok
23:01:41.0146 2644  VGPU - ok
23:01:41.0192 2644  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:01:41.0192 2644  vhdmp - ok
23:01:41.0208 2644  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:01:41.0208 2644  viaide - ok
23:01:41.0239 2644  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:01:41.0255 2644  vmbus - ok
23:01:41.0270 2644  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:01:41.0270 2644  VMBusHID - ok
23:01:41.0302 2644  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:01:41.0302 2644  volmgr - ok
23:01:41.0333 2644  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:01:41.0333 2644  volmgrx - ok
23:01:41.0364 2644  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:01:41.0364 2644  volsnap - ok
23:01:41.0380 2644  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:01:41.0395 2644  vsmraid - ok
23:01:41.0473 2644  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:01:41.0536 2644  VSS - ok
23:01:41.0551 2644  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:01:41.0551 2644  vwifibus - ok
23:01:41.0598 2644  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:01:41.0598 2644  vwififlt - ok
23:01:41.0629 2644  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:01:41.0629 2644  vwifimp - ok
23:01:41.0692 2644  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:01:41.0723 2644  W32Time - ok
23:01:41.0754 2644  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:01:41.0754 2644  WacomPen - ok
23:01:41.0785 2644  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:01:41.0785 2644  WANARP - ok
23:01:41.0801 2644  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:01:41.0801 2644  Wanarpv6 - ok
23:01:41.0894 2644  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:01:41.0941 2644  WatAdminSvc - ok
23:01:42.0082 2644  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:01:42.0113 2644  wbengine - ok
23:01:42.0144 2644  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:01:42.0160 2644  WbioSrvc - ok
23:01:42.0191 2644  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:01:42.0206 2644  wcncsvc - ok
23:01:42.0238 2644  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:01:42.0238 2644  WcsPlugInService - ok
23:01:42.0269 2644  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:01:42.0269 2644  Wd - ok
23:01:42.0378 2644  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:01:42.0409 2644  Wdf01000 - ok
23:01:42.0440 2644  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:01:42.0440 2644  WdiServiceHost - ok
23:01:42.0456 2644  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:01:42.0456 2644  WdiSystemHost - ok
23:01:42.0472 2644  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:01:42.0487 2644  WebClient - ok
23:01:42.0518 2644  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:01:42.0518 2644  Wecsvc - ok
23:01:42.0550 2644  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:01:42.0550 2644  wercplsupport - ok
23:01:42.0596 2644  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:01:42.0596 2644  WerSvc - ok
23:01:42.0628 2644  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:01:42.0628 2644  WfpLwf - ok
23:01:42.0659 2644  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:01:42.0659 2644  WIMMount - ok
23:01:42.0690 2644  WinDefend - ok
23:01:42.0690 2644  WinHttpAutoProxySvc - ok
23:01:42.0768 2644  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:01:42.0768 2644  Winmgmt - ok
23:01:42.0846 2644  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:01:42.0908 2644  WinRM - ok
23:01:42.0986 2644  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:01:42.0986 2644  WinUsb - ok
23:01:43.0049 2644  [ F514C1C9D814F3DB46A17C59EA8214B2 ] WiseBootAssistant C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
23:01:43.0049 2644  WiseBootAssistant - ok
23:01:43.0189 2644  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:01:43.0189 2644  Wlansvc - ok
23:01:43.0236 2644  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:01:43.0236 2644  WmiAcpi - ok
23:01:43.0298 2644  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:01:43.0314 2644  wmiApSrv - ok
23:01:43.0345 2644  WMPNetworkSvc - ok
23:01:43.0361 2644  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:01:43.0361 2644  WPCSvc - ok
23:01:43.0392 2644  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:01:43.0408 2644  WPDBusEnum - ok
23:01:43.0423 2644  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:01:43.0423 2644  ws2ifsl - ok
23:01:43.0454 2644  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
23:01:43.0454 2644  wscsvc - ok
23:01:43.0454 2644  WSearch - ok
23:01:43.0626 2644  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:01:43.0657 2644  wuauserv - ok
23:01:43.0688 2644  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:01:43.0688 2644  WudfPf - ok
23:01:43.0751 2644  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:01:43.0766 2644  WUDFRd - ok
23:01:43.0798 2644  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:01:43.0813 2644  wudfsvc - ok
23:01:43.0844 2644  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:01:43.0844 2644  WwanSvc - ok
23:01:44.0156 2644  [ 9FA1347D0E96998C3793F51BB94D7AC3 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
23:01:44.0188 2644  ZeroConfigService - ok
23:01:44.0234 2644  ================ Scan global ===============================
23:01:44.0234 2644  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:01:44.0281 2644  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:01:44.0312 2644  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:01:44.0344 2644  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:01:44.0390 2644  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:01:44.0390 2644  [Global] - ok
23:01:44.0390 2644  ================ Scan MBR ==================================
23:01:44.0422 2644  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:01:45.0888 2644  \Device\Harddisk0\DR0 - ok
23:01:45.0888 2644  ================ Scan VBR ==================================
23:01:45.0935 2644  [ 6629A36A9D75677778354DF42678EC2E ] \Device\Harddisk0\DR0\Partition1
23:01:45.0950 2644  \Device\Harddisk0\DR0\Partition1 - ok
23:01:45.0966 2644  [ B7786F7BDA592402275070CD7817E9DB ] \Device\Harddisk0\DR0\Partition2
23:01:45.0966 2644  \Device\Harddisk0\DR0\Partition2 - ok
23:01:45.0982 2644  [ EE44844A376DCD0FAE2C74B48414279B ] \Device\Harddisk0\DR0\Partition3
23:01:45.0982 2644  \Device\Harddisk0\DR0\Partition3 - ok
23:01:45.0982 2644  ================ Scan active images ========================
23:01:45.0997 2644  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
23:01:45.0997 2644  C:\Windows\System32\drivers\crashdmp.sys - ok
23:01:45.0997 2644  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
23:01:45.0997 2644  C:\Windows\System32\drivers\Dumpata.sys - ok
23:01:46.0013 2644  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
23:01:46.0013 2644  C:\Windows\System32\drivers\dumpfve.sys - ok
23:01:46.0013 2644  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
23:01:46.0013 2644  C:\Windows\System32\drivers\msahci.sys - ok
23:01:46.0028 2644  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
23:01:46.0028 2644  C:\Windows\System32\drivers\cdrom.sys - ok
23:01:46.0044 2644  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
23:01:46.0044 2644  C:\Windows\System32\drivers\beep.sys - ok
23:01:46.0044 2644  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
23:01:46.0044 2644  C:\Windows\System32\drivers\null.sys - ok
23:01:46.0060 2644  [ 7E07D2A5B910C71D6474E9AA0EAA1825 ] C:\Windows\System32\drivers\SBREDrv.sys
23:01:46.0060 2644  C:\Windows\System32\drivers\SBREDrv.sys - ok
23:01:46.0060 2644  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
23:01:46.0060 2644  C:\Windows\System32\drivers\videoprt.sys - ok
23:01:46.0075 2644  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
23:01:46.0075 2644  C:\Windows\System32\drivers\watchdog.sys - ok
23:01:46.0091 2644  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
23:01:46.0091 2644  C:\Windows\System32\drivers\msfs.sys - ok
23:01:46.0091 2644  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
23:01:46.0091 2644  C:\Windows\System32\drivers\npfs.sys - ok
23:01:46.0106 2644  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
23:01:46.0106 2644  C:\Windows\System32\drivers\RDPCDD.sys - ok
23:01:46.0122 2644  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
23:01:46.0122 2644  C:\Windows\System32\drivers\RDPENCDD.sys - ok
23:01:46.0122 2644  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
23:01:46.0122 2644  C:\Windows\System32\drivers\RDPREFMP.sys - ok
23:01:46.0138 2644  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
23:01:46.0138 2644  C:\Windows\System32\drivers\vga.sys - ok
23:01:46.0138 2644  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
23:01:46.0138 2644  C:\Windows\System32\drivers\tdi.sys - ok
23:01:46.0153 2644  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
23:01:46.0153 2644  C:\Windows\System32\drivers\tdx.sys - ok
23:01:46.0153 2644  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
23:01:46.0153 2644  C:\Windows\System32\drivers\afd.sys - ok
23:01:46.0169 2644  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
23:01:46.0169 2644  C:\Windows\System32\drivers\netbt.sys - ok
23:01:46.0169 2644  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
23:01:46.0169 2644  C:\Windows\System32\drivers\wfplwf.sys - ok
23:01:46.0184 2644  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
23:01:46.0184 2644  C:\Windows\System32\drivers\ws2ifsl.sys - ok
23:01:46.0184 2644  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
23:01:46.0184 2644  C:\Windows\System32\drivers\netbios.sys - ok
23:01:46.0200 2644  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
23:01:46.0200 2644  C:\Windows\System32\drivers\pacer.sys - ok
23:01:46.0200 2644  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
23:01:46.0200 2644  C:\Windows\System32\drivers\vwififlt.sys - ok
23:01:46.0216 2644  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
23:01:46.0216 2644  C:\Windows\System32\drivers\wanarp.sys - ok
23:01:46.0216 2644  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
23:01:46.0216 2644  C:\Windows\System32\drivers\termdd.sys - ok
23:01:46.0231 2644  [ B2F50286DC82B93C013E3FC57BA1A956 ] C:\Windows\System32\drivers\scdemu.sys
23:01:46.0231 2644  C:\Windows\System32\drivers\scdemu.sys - ok
23:01:46.0231 2644  [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
23:01:46.0231 2644  C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
23:01:46.0247 2644  [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
23:01:46.0247 2644  C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
23:01:46.0262 2644  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
23:01:46.0262 2644  C:\Windows\System32\drivers\rdbss.sys - ok
23:01:46.0262 2644  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
23:01:46.0262 2644  C:\Windows\System32\drivers\discache.sys - ok
23:01:46.0262 2644  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
23:01:46.0262 2644  C:\Windows\System32\drivers\mssmbios.sys - ok
23:01:46.0278 2644  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
23:01:46.0278 2644  C:\Windows\System32\drivers\nsiproxy.sys - ok
23:01:46.0294 2644  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
23:01:46.0294 2644  C:\Windows\System32\drivers\csc.sys - ok
23:01:46.0294 2644  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
23:01:46.0294 2644  C:\Windows\System32\drivers\blbdrive.sys - ok
23:01:46.0309 2644  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
23:01:46.0309 2644  C:\Windows\System32\drivers\dfsc.sys - ok
23:01:46.0309 2644  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
23:01:46.0309 2644  C:\Windows\System32\drivers\tunnel.sys - ok
23:01:46.0325 2644  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
23:01:46.0325 2644  C:\Windows\System32\ntdll.dll - ok
23:01:46.0325 2644  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
23:01:46.0325 2644  C:\Windows\System32\smss.exe - ok
23:01:46.0340 2644  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
23:01:46.0340 2644  C:\Windows\System32\autochk.exe - ok
23:01:46.0340 2644  [ 8814F0B9A09C647D3D7BE735450E7B4C ] C:\Windows\System32\drivers\igdkmd64.sys
23:01:46.0340 2644  C:\Windows\System32\drivers\igdkmd64.sys - ok
23:01:46.0356 2644  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
23:01:46.0356 2644  C:\Windows\System32\drivers\dxgkrnl.sys - ok
23:01:46.0356 2644  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
23:01:46.0356 2644  C:\Windows\System32\drivers\dxgmms1.sys - ok
23:01:46.0372 2644  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
23:01:46.0372 2644  C:\Windows\System32\drivers\usbehci.sys - ok
23:01:46.0372 2644  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
23:01:46.0372 2644  C:\Windows\System32\drivers\usbport.sys - ok
23:01:46.0387 2644  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
23:01:46.0387 2644  C:\Windows\System32\drivers\usbuhci.sys - ok
23:01:46.0387 2644  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
23:01:46.0387 2644  C:\Windows\System32\drivers\hdaudbus.sys - ok
23:01:46.0403 2644  [ 1D974430131627AD97BD28E5746C2EC1 ] C:\Windows\System32\drivers\NETwNs64.sys
23:01:46.0403 2644  C:\Windows\System32\drivers\NETwNs64.sys - ok
23:01:46.0403 2644  [ 7DBAFE10C1B777305C80BEA42FBDA710 ] C:\Windows\System32\drivers\k57nd60a.sys
23:01:46.0403 2644  C:\Windows\System32\drivers\k57nd60a.sys - ok
23:01:46.0418 2644  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
23:01:46.0418 2644  C:\Windows\System32\drivers\vwifibus.sys - ok
23:01:46.0434 2644  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
23:01:46.0434 2644  C:\Windows\System32\drivers\1394ohci.sys - ok
23:01:46.0434 2644  [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] C:\Windows\System32\drivers\rimmpx64.sys
23:01:46.0434 2644  C:\Windows\System32\drivers\rimmpx64.sys - ok
23:01:46.0450 2644  [ 67F50C31713106FD1B0F286F86AA2B2E ] C:\Windows\System32\drivers\rimspx64.sys
23:01:46.0450 2644  C:\Windows\System32\drivers\rimspx64.sys - ok
23:01:46.0450 2644  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] C:\Windows\System32\drivers\sdbus.sys
23:01:46.0450 2644  C:\Windows\System32\drivers\sdbus.sys - ok
23:01:46.0465 2644  [ 4D7EF3D46346EC4C58784DB964B365DE ] C:\Windows\System32\drivers\rixdpx64.sys
23:01:46.0465 2644  C:\Windows\System32\drivers\rixdpx64.sys - ok
23:01:46.0465 2644  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
23:01:46.0465 2644  C:\Windows\System32\drivers\i8042prt.sys - ok
23:01:46.0481 2644  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
23:01:46.0481 2644  C:\Windows\System32\drivers\kbdclass.sys - ok
23:01:46.0481 2644  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
23:01:46.0481 2644  C:\Windows\System32\drivers\usbd.sys - ok
23:01:46.0496 2644  [ 639B57DC871BE4B86283027FAF1F4E30 ] C:\Windows\System32\drivers\SynTP.sys
23:01:46.0496 2644  C:\Windows\System32\drivers\SynTP.sys - ok
23:01:46.0496 2644  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
23:01:46.0496 2644  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
23:01:46.0512 2644  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
23:01:46.0512 2644  C:\Windows\System32\drivers\intelppm.sys - ok
23:01:46.0512 2644  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
23:01:46.0512 2644  C:\Windows\System32\drivers\mouclass.sys - ok
23:01:46.0528 2644  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
23:01:46.0528 2644  C:\Windows\System32\drivers\CmBatt.sys - ok
23:01:46.0528 2644  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
23:01:46.0528 2644  C:\Windows\System32\drivers\wmiacpi.sys - ok
23:01:46.0543 2644  [ 18A8E8A19CD826D31D2E74E740220001 ] C:\Windows\System32\drivers\AmpPal.sys
23:01:46.0543 2644  C:\Windows\System32\drivers\AmpPal.sys - ok
23:01:46.0543 2644  [ DECACB6921DED1A38642642685D77DAC ] C:\Windows\System32\drivers\serscan.sys
23:01:46.0543 2644  C:\Windows\System32\drivers\serscan.sys - ok
23:01:46.0559 2644  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
23:01:46.0559 2644  C:\Windows\System32\drivers\ks.sys - ok
23:01:46.0559 2644  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
23:01:46.0559 2644  C:\Windows\System32\drivers\ksthunk.sys - ok
23:01:46.0574 2644  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
23:01:46.0574 2644  C:\Windows\System32\drivers\CompositeBus.sys - ok
23:01:46.0574 2644  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
23:01:46.0574 2644  C:\Windows\System32\drivers\agilevpn.sys - ok
23:01:46.0590 2644  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
23:01:46.0590 2644  C:\Windows\System32\drivers\ndistapi.sys - ok
23:01:46.0590 2644  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
23:01:46.0590 2644  C:\Windows\System32\drivers\rasl2tp.sys - ok
23:01:46.0606 2644  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
23:01:46.0606 2644  C:\Windows\System32\drivers\ndiswan.sys - ok
23:01:46.0606 2644  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
23:01:46.0606 2644  C:\Windows\System32\drivers\raspppoe.sys - ok
23:01:46.0621 2644  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
23:01:46.0621 2644  C:\Windows\System32\drivers\raspptp.sys - ok
23:01:46.0621 2644  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
23:01:46.0621 2644  C:\Windows\System32\drivers\rassstp.sys - ok
23:01:46.0637 2644  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
23:01:46.0637 2644  C:\Windows\System32\drivers\rdpbus.sys - ok
23:01:46.0652 2644  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
23:01:46.0652 2644  C:\Windows\System32\drivers\swenum.sys - ok
23:01:46.0652 2644  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
23:01:46.0652 2644  C:\Windows\System32\drivers\umbus.sys - ok
23:01:46.0668 2644  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
23:01:46.0668 2644  C:\Windows\System32\drivers\usbhub.sys - ok
23:01:46.0668 2644  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
23:01:46.0668 2644  C:\Windows\System32\lpk.dll - ok
23:01:46.0684 2644  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
23:01:46.0684 2644  C:\Windows\System32\setupapi.dll - ok
23:01:46.0684 2644  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
23:01:46.0684 2644  C:\Windows\System32\comdlg32.dll - ok
23:01:46.0699 2644  [ F431C3C86FCCC1C53814F043A6CAD825 ] C:\Windows\System32\iertutil.dll
23:01:46.0699 2644  C:\Windows\System32\iertutil.dll - ok
23:01:46.0699 2644  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
23:01:46.0699 2644  C:\Windows\System32\imm32.dll - ok
23:01:46.0715 2644  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
23:01:46.0715 2644  C:\Windows\System32\nsi.dll - ok
23:01:46.0715 2644  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
23:01:46.0715 2644  C:\Windows\System32\Wldap32.dll - ok
23:01:46.0730 2644  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
23:01:46.0730 2644  C:\Windows\System32\shell32.dll - ok
23:01:46.0730 2644  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
23:01:46.0730 2644  C:\Windows\System32\gdi32.dll - ok
23:01:46.0746 2644  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
23:01:46.0746 2644  C:\Windows\System32\user32.dll - ok
23:01:46.0746 2644  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
23:01:46.0746 2644  C:\Windows\System32\msctf.dll - ok
23:01:46.0762 2644  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
23:01:46.0762 2644  C:\Windows\System32\psapi.dll - ok
23:01:46.0762 2644  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
23:01:46.0762 2644  C:\Windows\System32\rpcrt4.dll - ok
23:01:46.0777 2644  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
23:01:46.0777 2644  C:\Windows\System32\oleaut32.dll - ok
23:01:46.0777 2644  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
23:01:46.0777 2644  C:\Windows\System32\usp10.dll - ok
23:01:46.0793 2644  [ 87BEA2616EFDEC6A1CB3BFCFB09D816A ] C:\Windows\System32\urlmon.dll
23:01:46.0793 2644  C:\Windows\System32\urlmon.dll - ok
23:01:46.0793 2644  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
23:01:46.0793 2644  C:\Windows\System32\advapi32.dll - ok
23:01:46.0808 2644  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
23:01:46.0808 2644  C:\Windows\System32\shlwapi.dll - ok
23:01:46.0808 2644  [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
23:01:46.0808 2644  C:\Windows\System32\kernel32.dll - ok
23:01:46.0824 2644  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
23:01:46.0824 2644  C:\Windows\System32\clbcatq.dll - ok
23:01:46.0824 2644  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
23:01:46.0824 2644  C:\Windows\System32\normaliz.dll - ok
23:01:46.0840 2644  [ 435E9C764E1EF70058580996452BE6A2 ] C:\Windows\System32\wininet.dll
23:01:46.0840 2644  C:\Windows\System32\wininet.dll - ok
23:01:46.0840 2644  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
23:01:46.0840 2644  C:\Windows\System32\difxapi.dll - ok
23:01:46.0855 2644  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
23:01:46.0855 2644  C:\Windows\System32\msvcrt.dll - ok
23:01:46.0855 2644  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
23:01:46.0855 2644  C:\Windows\System32\ole32.dll - ok
23:01:46.0871 2644  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
23:01:46.0871 2644  C:\Windows\System32\ws2_32.dll - ok
23:01:46.0871 2644  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
23:01:46.0871 2644  C:\Windows\System32\imagehlp.dll - ok
23:01:46.0886 2644  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
23:01:46.0886 2644  C:\Windows\System32\sechost.dll - ok
23:01:46.0886 2644  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
23:01:46.0886 2644  C:\Windows\System32\crypt32.dll - ok
23:01:46.0902 2644  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
23:01:46.0902 2644  C:\Windows\System32\wintrust.dll - ok
23:01:46.0902 2644  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
23:01:46.0902 2644  C:\Windows\System32\cfgmgr32.dll - ok
23:01:46.0918 2644  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
23:01:46.0918 2644  C:\Windows\System32\devobj.dll - ok
23:01:46.0918 2644  [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
23:01:46.0918 2644  C:\Windows\System32\KernelBase.dll - ok
23:01:46.0933 2644  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
23:01:46.0933 2644  C:\Windows\System32\comctl32.dll - ok
23:01:46.0933 2644  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
23:01:46.0933 2644  C:\Windows\System32\msasn1.dll - ok
23:01:46.0949 2644  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
23:01:46.0949 2644  C:\Windows\System32\drivers\ndproxy.sys - ok
23:01:46.0949 2644  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
23:01:46.0949 2644  C:\Windows\System32\drivers\drmk.sys - ok
23:01:46.0964 2644  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
23:01:46.0964 2644  C:\Windows\System32\drivers\portcls.sys - ok
23:01:46.0980 2644  [ CAF5A9708671B14B9670260735B22C4E ] C:\Windows\System32\drivers\stwrt64.sys
23:01:46.0980 2644  C:\Windows\System32\drivers\stwrt64.sys - ok
23:01:46.0980 2644  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
23:01:46.0980 2644  C:\Windows\SysWOW64\normaliz.dll - ok
23:01:46.0996 2644  [ B014CE58F0A8048D3924BA8D5CCBC5F1 ] C:\Windows\System32\drivers\IntcHdmi.sys
23:01:46.0996 2644  C:\Windows\System32\drivers\IntcHdmi.sys - ok
23:01:46.0996 2644  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
23:01:46.0996 2644  C:\Windows\System32\drivers\dxapi.sys - ok
23:01:47.0011 2644  [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
23:01:47.0011 2644  C:\Windows\System32\win32k.sys - ok
23:01:47.0011 2644  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
23:01:47.0011 2644  C:\Windows\System32\csrsrv.dll - ok
23:01:47.0027 2644  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
23:01:47.0027 2644  C:\Windows\System32\csrss.exe - ok
23:01:47.0027 2644  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
23:01:47.0027 2644  C:\Windows\System32\basesrv.dll - ok
23:01:47.0042 2644  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
23:01:47.0042 2644  C:\Windows\System32\winsrv.dll - ok
23:01:47.0042 2644  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
23:01:47.0042 2644  C:\Windows\System32\drivers\monitor.sys - ok
23:01:47.0058 2644  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
23:01:47.0058 2644  C:\Windows\System32\sxssrv.dll - ok
23:01:47.0058 2644  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
23:01:47.0058 2644  C:\Windows\System32\tsddd.dll - ok
23:01:47.0074 2644  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
23:01:47.0074 2644  C:\Windows\System32\wininit.exe - ok
23:01:47.0074 2644  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
23:01:47.0074 2644  C:\Windows\System32\profapi.dll - ok
23:01:47.0089 2644  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
23:01:47.0089 2644  C:\Windows\System32\cdd.dll - ok
23:01:47.0089 2644  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
23:01:47.0089 2644  C:\Windows\System32\drivers\usbccgp.sys - ok
23:01:47.0105 2644  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
23:01:47.0105 2644  C:\Windows\System32\KBDUS.DLL - ok
23:01:47.0105 2644  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
23:01:47.0105 2644  C:\Windows\System32\RpcRtRemote.dll - ok
23:01:47.0120 2644  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
23:01:47.0120 2644  C:\Windows\System32\sxs.dll - ok
23:01:47.0120 2644  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
23:01:47.0120 2644  C:\Windows\System32\WlS0WndH.dll - ok
23:01:47.0136 2644  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
23:01:47.0136 2644  C:\Windows\System32\cryptbase.dll - ok
23:01:47.0136 2644  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
23:01:47.0136 2644  C:\Windows\System32\apphelp.dll - ok
23:01:47.0152 2644  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
23:01:47.0152 2644  C:\Windows\System32\lsass.exe - ok
23:01:47.0152 2644  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
23:01:47.0152 2644  C:\Windows\System32\lsm.exe - ok
23:01:47.0167 2644  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
23:01:47.0167 2644  C:\Windows\System32\services.exe - ok
23:01:47.0167 2644  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
23:01:47.0167 2644  C:\Windows\System32\sspisrv.dll - ok
23:01:47.0183 2644  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
23:01:47.0183 2644  C:\Windows\System32\sspicli.dll - ok
23:01:47.0183 2644  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
23:01:47.0183 2644  C:\Windows\System32\scesrv.dll - ok
23:01:47.0198 2644  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
23:01:47.0198 2644  C:\Windows\System32\scext.dll - ok
23:01:47.0198 2644  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
23:01:47.0198 2644  C:\Windows\System32\secur32.dll - ok
23:01:47.0214 2644  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
23:01:47.0214 2644  C:\Windows\System32\sysntfy.dll - ok
23:01:47.0214 2644  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
23:01:47.0214 2644  C:\Windows\System32\wmsgapi.dll - ok
23:01:47.0230 2644  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
23:01:47.0230 2644  C:\Windows\System32\srvcli.dll - ok
23:01:47.0245 2644  [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
23:01:47.0245 2644  C:\Windows\System32\lsasrv.dll - ok
23:01:47.0245 2644  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
23:01:47.0245 2644  C:\Windows\System32\samsrv.dll - ok
23:01:47.0261 2644  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
23:01:47.0261 2644  C:\Windows\System32\cryptdll.dll - ok
23:01:47.0261 2644  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
23:01:47.0261 2644  C:\Windows\System32\wevtapi.dll - ok
23:01:47.0276 2644  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
23:01:47.0276 2644  C:\Windows\System32\authz.dll - ok
23:01:47.0276 2644  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
23:01:47.0276 2644  C:\Windows\System32\bcrypt.dll - ok
23:01:47.0292 2644  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
23:01:47.0292 2644  C:\Windows\System32\cngaudit.dll - ok
23:01:47.0292 2644  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
23:01:47.0292 2644  C:\Windows\System32\ncrypt.dll - ok
23:01:47.0308 2644  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
23:01:47.0308 2644  C:\Windows\System32\msprivs.dll - ok
23:01:47.0308 2644  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
23:01:47.0308 2644  C:\Windows\System32\netjoin.dll - ok
23:01:47.0323 2644  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
23:01:47.0323 2644  C:\Windows\System32\negoexts.dll - ok
23:01:47.0323 2644  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
23:01:47.0323 2644  C:\Windows\System32\atmfd.dll - ok
23:01:47.0339 2644  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
23:01:47.0339 2644  C:\Windows\System32\kerberos.dll - ok
23:01:47.0339 2644  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
23:01:47.0339 2644  C:\Windows\System32\cryptsp.dll - ok
23:01:47.0354 2644  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
23:01:47.0354 2644  C:\Windows\System32\mswsock.dll - ok
23:01:47.0354 2644  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
23:01:47.0354 2644  C:\Windows\System32\wship6.dll - ok
23:01:47.0370 2644  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
23:01:47.0370 2644  C:\Windows\System32\msv1_0.dll - ok
23:01:47.0370 2644  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
23:01:47.0370 2644  C:\Windows\System32\netlogon.dll - ok
23:01:47.0386 2644  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
23:01:47.0386 2644  C:\Windows\System32\dnsapi.dll - ok
23:01:47.0386 2644  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
23:01:47.0386 2644  C:\Windows\System32\logoncli.dll - ok
23:01:47.0401 2644  [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
23:01:47.0401 2644  C:\Windows\System32\schannel.dll - ok
23:01:47.0401 2644  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
23:01:47.0401 2644  C:\Windows\System32\wdigest.dll - ok
23:01:47.0417 2644  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
23:01:47.0417 2644  C:\Windows\System32\rsaenh.dll - ok
23:01:47.0417 2644  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
23:01:47.0417 2644  C:\Windows\System32\TSpkg.dll - ok
23:01:47.0432 2644  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
23:01:47.0432 2644  C:\Windows\System32\pku2u.dll - ok
23:01:47.0432 2644  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
23:01:47.0432 2644  C:\Windows\System32\bcryptprimitives.dll - ok
23:01:47.0448 2644  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
23:01:47.0448 2644  C:\Windows\System32\credssp.dll - ok
23:01:47.0448 2644  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
23:01:47.0448 2644  C:\Windows\System32\efslsaext.dll - ok
23:01:47.0464 2644  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
23:01:47.0464 2644  C:\Windows\System32\ubpm.dll - ok
23:01:47.0464 2644  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
23:01:47.0464 2644  C:\Windows\System32\winlogon.exe - ok
23:01:47.0479 2644  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
23:01:47.0479 2644  C:\Windows\System32\winsta.dll - ok
23:01:47.0479 2644  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
23:01:47.0479 2644  C:\Windows\System32\scecli.dll - ok
23:01:47.0495 2644  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
23:01:47.0495 2644  C:\Windows\System32\svchost.exe - ok
23:01:47.0510 2644  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
23:01:47.0510 2644  C:\Windows\System32\umpnpmgr.dll - ok
23:01:47.0510 2644  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
23:01:47.0510 2644  C:\Windows\System32\devrtl.dll - ok
23:01:47.0526 2644  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
23:01:47.0526 2644  C:\Windows\System32\SPInf.dll - ok
23:01:47.0526 2644  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
23:01:47.0526 2644  C:\Windows\System32\userenv.dll - ok
23:01:47.0542 2644  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
23:01:47.0542 2644  C:\Windows\System32\gpapi.dll - ok
23:01:47.0542 2644  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
23:01:47.0542 2644  C:\Windows\System32\umpo.dll - ok
23:01:47.0557 2644  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
23:01:47.0557 2644  C:\Windows\System32\pcwum.dll - ok
23:01:47.0557 2644  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
23:01:47.0557 2644  C:\Windows\System32\powrprof.dll - ok
23:01:47.0573 2644  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
23:01:47.0573 2644  C:\Windows\System32\drivers\usbvideo.sys - ok
23:01:47.0573 2644  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
23:01:47.0573 2644  C:\Windows\System32\drivers\luafv.sys - ok
23:01:47.0588 2644  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
23:01:47.0588 2644  C:\Windows\System32\rpcss.dll - ok
23:01:47.0588 2644  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
23:01:47.0588 2644  C:\Windows\System32\RpcEpMap.dll - ok
23:01:47.0604 2644  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
23:01:47.0604 2644  C:\Windows\System32\wshqos.dll - ok
23:01:47.0604 2644  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
23:01:47.0604 2644  C:\Windows\System32\WSHTCPIP.DLL - ok
23:01:47.0620 2644  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
23:01:47.0620 2644  C:\Windows\System32\drivers\hidparse.sys - ok
23:01:47.0620 2644  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
23:01:47.0620 2644  C:\Windows\System32\FirewallAPI.dll - ok
23:01:47.0635 2644  [ BA25D4B9B067248F7CAC416E855D706B ] C:\Windows\System32\drivers\dc3d.sys
23:01:47.0635 2644  C:\Windows\System32\drivers\dc3d.sys - ok
23:01:47.0635 2644  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
23:01:47.0635 2644  C:\Windows\System32\version.dll - ok
23:01:47.0651 2644  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
23:01:47.0651 2644  C:\Windows\System32\wevtsvc.dll - ok
23:01:47.0651 2644  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
23:01:47.0651 2644  C:\Windows\System32\LogonUI.exe - ok
23:01:47.0666 2644  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
23:01:47.0666 2644  C:\Windows\System32\avrt.dll - ok
23:01:47.0666 2644  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
23:01:47.0666 2644  C:\Windows\System32\mmcss.dll - ok
23:01:47.0682 2644  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
23:01:47.0682 2644  C:\Windows\System32\audiosrv.dll - ok
23:01:47.0682 2644  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
23:01:47.0682 2644  C:\Windows\System32\drivers\hidclass.sys - ok
23:01:47.0698 2644  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
23:01:47.0698 2644  C:\Windows\System32\drivers\hidusb.sys - ok
23:01:47.0713 2644  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
23:01:47.0713 2644  C:\Windows\System32\FntCache.dll - ok
23:01:47.0713 2644  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
23:01:47.0713 2644  C:\Windows\System32\drivers\kbdhid.sys - ok
23:01:47.0729 2644  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
23:01:47.0729 2644  C:\Windows\System32\drivers\mouhid.sys - ok
23:01:47.0729 2644  [ 34A8FAE065249F85A67A3215FF5ECB34 ] C:\Windows\System32\drivers\point64.sys
23:01:47.0729 2644  C:\Windows\System32\drivers\point64.sys - ok
23:01:47.0744 2644  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
23:01:47.0744 2644  C:\Windows\System32\MMDevAPI.dll - ok
23:01:47.0744 2644  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
23:01:47.0744 2644  C:\Windows\System32\propsys.dll - ok
23:01:47.0760 2644  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
23:01:47.0760 2644  C:\Windows\System32\authui.dll - ok
23:01:47.0760 2644  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
23:01:47.0760 2644  C:\Windows\System32\audiodg.exe - ok
23:01:47.0776 2644  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
23:01:47.0776 2644  C:\Windows\System32\ntmarta.dll - ok
23:01:47.0776 2644  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
23:01:47.0776 2644  C:\Windows\System32\cscsvc.dll - ok
23:01:47.0791 2644  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
23:01:47.0791 2644  C:\Windows\System32\profsvc.dll - ok
23:01:47.0791 2644  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
23:01:47.0791 2644  C:\Windows\System32\adtschema.dll - ok
23:01:47.0807 2644  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
23:01:47.0807 2644  C:\Windows\System32\wlansvc.dll - ok
23:01:47.0807 2644  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
23:01:47.0807 2644  C:\Windows\System32\atl.dll - ok
23:01:47.0822 2644  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
23:01:47.0822 2644  C:\Windows\System32\themeservice.dll - ok
23:01:47.0822 2644  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
23:01:47.0822 2644  C:\Windows\System32\gpsvc.dll - ok
23:01:47.0838 2644  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
23:01:47.0838 2644  C:\Windows\System32\PeerDist.dll - ok
23:01:47.0854 2644  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
23:01:47.0854 2644  C:\Windows\System32\taskschd.dll - ok
23:01:47.0854 2644  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
23:01:47.0854 2644  C:\Windows\System32\nlaapi.dll - ok
23:01:47.0854 2644  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
23:01:47.0854 2644  C:\Windows\System32\dsrole.dll - ok
23:01:47.0869 2644  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
23:01:47.0869 2644  C:\Windows\System32\slc.dll - ok
23:01:47.0869 2644  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
23:01:47.0869 2644  C:\Windows\System32\mstask.dll - ok
23:01:47.0885 2644  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
23:01:47.0885 2644  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
23:01:47.0885 2644  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
23:01:47.0885 2644  C:\Windows\System32\es.dll - ok
23:01:47.0900 2644  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
23:01:47.0900 2644  C:\Windows\System32\Sens.dll - ok
23:01:47.0900 2644  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
23:01:47.0900 2644  C:\Windows\System32\drivers\lltdio.sys - ok
23:01:47.0916 2644  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
23:01:47.0916 2644  C:\Windows\System32\uxsms.dll - ok
23:01:47.0916 2644  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
23:01:47.0916 2644  C:\Windows\System32\wtsapi32.dll - ok
23:01:47.0932 2644  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
23:01:47.0932 2644  C:\Windows\System32\drivers\nwifi.sys - ok
23:01:47.0947 2644  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
23:01:47.0947 2644  C:\Windows\System32\drivers\ndisuio.sys - ok
23:01:47.0947 2644  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
23:01:47.0947 2644  C:\Windows\System32\drivers\rspndr.sys - ok
23:01:47.0963 2644  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
23:01:47.0963 2644  C:\Windows\System32\cryptui.dll - ok
23:01:47.0963 2644  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
23:01:47.0963 2644  C:\Windows\System32\samlib.dll - ok
23:01:47.0978 2644  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
23:01:47.0978 2644  C:\Windows\System32\shacct.dll - ok
23:01:47.0978 2644  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
23:01:47.0978 2644  C:\Windows\System32\uxtheme.dll - ok
23:01:47.0994 2644  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs


#14 tobytigger

tobytigger
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 12 March 2013 - 04:02 PM

Here's the other half of the TDSS log:

 

 

23:01:47.0994 2644  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
23:01:47.0994 2644  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
23:01:47.0994 2644  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
23:01:47.0994 2644  C:\Windows\System32\dui70.dll - ok
23:01:48.0010 2644  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
23:01:48.0010 2644  C:\Windows\System32\duser.dll - ok
23:01:48.0010 2644  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
23:01:48.0010 2644  C:\Windows\System32\hid.dll - ok
23:01:48.0025 2644  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
23:01:48.0025 2644  C:\Windows\System32\SndVolSSO.dll - ok
23:01:48.0025 2644  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
23:01:48.0025 2644  C:\Windows\System32\comres.dll - ok
23:01:48.0041 2644  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
23:01:48.0041 2644  C:\Windows\System32\nsisvc.dll - ok
23:01:48.0041 2644  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
23:01:48.0041 2644  C:\Windows\System32\dwmapi.dll - ok
23:01:48.0056 2644  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
23:01:48.0056 2644  C:\Windows\System32\IPHLPAPI.DLL - ok
23:01:48.0056 2644  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
23:01:48.0056 2644  C:\Windows\System32\lmhsvc.dll - ok
23:01:48.0072 2644  [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
23:01:48.0072 2644  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
23:01:48.0072 2644  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
23:01:48.0072 2644  C:\Windows\System32\nrpsrv.dll - ok
23:01:48.0088 2644  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
23:01:48.0088 2644  C:\Windows\System32\winnsi.dll - ok
23:01:48.0103 2644  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
23:01:48.0103 2644  C:\Windows\System32\xmllite.dll - ok
23:01:48.0103 2644  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
23:01:48.0103 2644  C:\Windows\System32\dhcpcore.dll - ok
23:01:48.0119 2644  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
23:01:48.0119 2644  C:\Windows\System32\dnsrslvr.dll - ok
23:01:48.0119 2644  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
23:01:48.0119 2644  C:\Windows\System32\eapphost.dll - ok
23:01:48.0119 2644  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
23:01:48.0119 2644  C:\Windows\System32\eapsvc.dll - ok
23:01:48.0134 2644  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
23:01:48.0134 2644  C:\Windows\System32\keyiso.dll - ok
23:01:48.0134 2644  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
23:01:48.0134 2644  C:\Windows\System32\FWPUCLNT.DLL - ok
23:01:48.0150 2644  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
23:01:48.0150 2644  C:\Windows\System32\netprofm.dll - ok
23:01:48.0150 2644  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
23:01:48.0150 2644  C:\Windows\System32\umb.dll - ok
23:01:48.0166 2644  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
23:01:48.0166 2644  C:\Windows\System32\WindowsCodecs.dll - ok
23:01:48.0166 2644  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
23:01:48.0166 2644  C:\Windows\System32\dhcpcore6.dll - ok
23:01:48.0181 2644  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
23:01:48.0181 2644  C:\Windows\System32\dnsext.dll - ok
23:01:48.0197 2644  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
23:01:48.0197 2644  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
23:01:48.0197 2644  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
23:01:48.0197 2644  C:\Windows\System32\dhcpcsvc.dll - ok
23:01:48.0212 2644  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
23:01:48.0212 2644  C:\Windows\System32\drivers\fltMgr.sys - ok
23:01:48.0212 2644  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
23:01:48.0212 2644  C:\Windows\System32\dhcpcsvc6.dll - ok
23:01:48.0228 2644  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
23:01:48.0228 2644  C:\Windows\System32\MPSSVC.dll - ok
23:01:48.0228 2644  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
23:01:48.0228 2644  C:\Windows\System32\PSHED.DLL - ok
23:01:48.0244 2644  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
23:01:48.0275 2644  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
23:01:48.0275 2644  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
23:01:48.0275 2644  C:\Windows\System32\winbrand.dll - ok
23:01:48.0290 2644  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
23:01:48.0290 2644  C:\Windows\System32\wlanmsm.dll - ok
23:01:48.0290 2644  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
23:01:48.0290 2644  C:\Windows\System32\wlansec.dll - ok
23:01:48.0306 2644  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
23:01:48.0306 2644  C:\Windows\System32\eappprxy.dll - ok
23:01:48.0306 2644  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
23:01:48.0306 2644  C:\Windows\System32\onex.dll - ok
23:01:48.0322 2644  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
23:01:48.0322 2644  C:\Windows\System32\eappcfg.dll - ok
23:01:48.0337 2644  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
23:01:48.0337 2644  C:\Windows\System32\l2gpstore.dll - ok
23:01:48.0337 2644  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
23:01:48.0337 2644  C:\Windows\System32\wlanutil.dll - ok
23:01:48.0353 2644  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
23:01:48.0353 2644  C:\Windows\System32\wlgpclnt.dll - ok
23:01:48.0353 2644  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
23:01:48.0353 2644  C:\Windows\System32\WinSCard.dll - ok
23:01:48.0368 2644  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
23:01:48.0368 2644  C:\Windows\System32\msxml6.dll - ok
23:01:48.0368 2644  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
23:01:48.0368 2644  C:\Windows\System32\shsvcs.dll - ok
23:01:48.0384 2644  [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
23:01:48.0384 2644  C:\Windows\System32\wlanext.exe - ok
23:01:48.0384 2644  [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
23:01:48.0384 2644  C:\Windows\System32\conhost.exe - ok
23:01:48.0384 2644  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
23:01:48.0384 2644  C:\Windows\System32\schedsvc.dll - ok
23:01:48.0400 2644  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
23:01:48.0400 2644  C:\Windows\System32\netapi32.dll - ok
23:01:48.0400 2644  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
23:01:48.0400 2644  C:\Windows\System32\netutils.dll - ok
23:01:48.0415 2644  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
23:01:48.0415 2644  C:\Windows\System32\wkscli.dll - ok
23:01:48.0415 2644  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
23:01:48.0415 2644  C:\Windows\System32\ktmw32.dll - ok
23:01:48.0431 2644  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
23:01:48.0431 2644  C:\Windows\System32\VaultCredProvider.dll - ok
23:01:48.0446 2644  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
23:01:48.0446 2644  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
23:01:48.0446 2644  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
23:01:48.0446 2644  C:\Windows\System32\BioCredProv.dll - ok
23:01:48.0462 2644  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
23:01:48.0462 2644  C:\Windows\System32\winbio.dll - ok
23:01:48.0462 2644  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
23:01:48.0462 2644  C:\Windows\System32\credui.dll - ok
23:01:48.0478 2644  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
23:01:48.0478 2644  C:\Windows\System32\vaultcli.dll - ok
23:01:48.0478 2644  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
23:01:48.0478 2644  C:\Windows\System32\fveapi.dll - ok
23:01:48.0493 2644  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
23:01:48.0493 2644  C:\Windows\System32\fvecerts.dll - ok
23:01:48.0493 2644  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
23:01:48.0493 2644  C:\Windows\System32\tbs.dll - ok
23:01:48.0509 2644  [ E24385AE5B23E711D9AA9ACA6B0F2AB5 ] C:\Windows\System32\iwmssvc.dll
23:01:48.0509 2644  C:\Windows\System32\iwmssvc.dll - ok
23:01:48.0509 2644  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
23:01:48.0509 2644  C:\Windows\System32\taskcomp.dll - ok
23:01:48.0524 2644  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
23:01:48.0524 2644  C:\Windows\System32\wiarpc.dll - ok
23:01:48.0524 2644  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
23:01:48.0524 2644  C:\Windows\System32\samcli.dll - ok
23:01:48.0540 2644  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
23:01:48.0540 2644  C:\Windows\System32\certCredProvider.dll - ok
23:01:48.0540 2644  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
23:01:48.0540 2644  C:\Windows\System32\rasapi32.dll - ok
23:01:48.0556 2644  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
23:01:48.0556 2644  C:\Windows\System32\rasplap.dll - ok
23:01:48.0556 2644  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
23:01:48.0556 2644  C:\Windows\System32\rasman.dll - ok
23:01:48.0571 2644  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
23:01:48.0571 2644  C:\Windows\System32\rtutils.dll - ok
23:01:48.0571 2644  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
23:01:48.0571 2644  C:\Windows\System32\UXInit.dll - ok
23:01:48.0587 2644  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
23:01:48.0587 2644  C:\Windows\System32\oleacc.dll - ok
23:01:48.0587 2644  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
23:01:48.0587 2644  C:\Windows\System32\UIAutomationCore.dll - ok
23:01:48.0602 2644  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
23:01:48.0602 2644  C:\Windows\System32\drivers\http.sys - ok
23:01:48.0602 2644  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
23:01:48.0602 2644  C:\Windows\System32\spoolsv.exe - ok
23:01:48.0618 2644  [ C64F44923E61534A45BFEB324141B46C ] C:\Windows\System32\mfc100.dll
23:01:48.0618 2644  C:\Windows\System32\mfc100.dll - ok
23:01:48.0618 2644  [ AED6D63CFA5A3EF7021AF9C457FEE994 ] C:\Windows\System32\msvcr100.dll
23:01:48.0618 2644  C:\Windows\System32\msvcr100.dll - ok
23:01:48.0634 2644  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
23:01:48.0634 2644  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
23:01:48.0634 2644  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
23:01:48.0634 2644  C:\Windows\System32\msimg32.dll - ok
23:01:48.0649 2644  [ CAED4A65CAF1EF80AA81E9B135326658 ] C:\Windows\System32\msvcp100.dll
23:01:48.0649 2644  C:\Windows\System32\msvcp100.dll - ok
23:01:48.0649 2644  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
23:01:48.0649 2644  C:\Windows\System32\imageres.dll - ok
23:01:48.0665 2644  [ D56DE559D44C42074B97B2C5624E9FE9 ] C:\Windows\System32\mfc100enu.dll
23:01:48.0665 2644  C:\Windows\System32\mfc100enu.dll - ok
23:01:48.0665 2644  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
23:01:48.0665 2644  C:\Windows\System32\wlanapi.dll - ok
23:01:48.0680 2644  [ E21909A796D369C0205D884D9A66E1D8 ] C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll
23:01:48.0680 2644  C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll - ok
23:01:48.0696 2644  [ 65B6BA944E411886A733AC9A85ADFA64 ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
23:01:48.0696 2644  C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
23:01:48.0696 2644  [ C615AAACF079FE33462B83B0F10291E3 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll
23:01:48.0696 2644  C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll - ok
23:01:48.0712 2644  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
23:01:48.0712 2644  C:\Windows\System32\BFE.DLL - ok
23:01:48.0712 2644  [ 8C0A5BABFE9828B391F4FC4CE98DC636 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
23:01:48.0712 2644  C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
23:01:48.0727 2644  [ EEAA82CEE423960F38AEAAE2DEC3382C ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll
23:01:48.0727 2644  C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll - ok
23:01:48.0727 2644  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
23:01:48.0727 2644  C:\Windows\System32\winspool.drv - ok
23:01:48.0743 2644  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
23:01:48.0743 2644  C:\Windows\System32\winmm.dll - ok
23:01:48.0743 2644  [ 1301307E5CE05873774A3AF9F7C8E4EF ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll
23:01:48.0743 2644  C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll - ok
23:01:48.0758 2644  [ 3F85DF27C89501FDC00CF8E28636E05E ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll
23:01:48.0758 2644  C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll - ok
23:01:48.0758 2644  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
23:01:48.0758 2644  C:\Windows\System32\drivers\bowser.sys - ok
23:01:48.0774 2644  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
23:01:48.0774 2644  C:\Windows\System32\drivers\mpsdrv.sys - ok
23:01:48.0774 2644  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
23:01:48.0774 2644  C:\Windows\System32\drivers\mrxsmb.sys - ok
23:01:48.0790 2644  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
23:01:48.0790 2644  C:\Windows\System32\drivers\mrxsmb10.sys - ok
23:01:48.0790 2644  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
23:01:48.0790 2644  C:\Windows\System32\drivers\mrxsmb20.sys - ok
23:01:48.0805 2644  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
23:01:48.0805 2644  C:\Windows\System32\wfapigp.dll - ok
23:01:48.0805 2644  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
23:01:48.0805 2644  C:\Windows\System32\wkssvc.dll - ok
23:01:48.0821 2644  [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
23:01:48.0821 2644  C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
23:01:48.0821 2644  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
23:01:48.0821 2644  C:\Windows\System32\mscms.dll - ok
23:01:48.0836 2644  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
23:01:48.0836 2644  C:\Windows\System32\pcasvc.dll - ok
23:01:48.0852 2644  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
23:01:48.0852 2644  C:\Windows\System32\snmptrap.exe - ok
23:01:48.0852 2644  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
23:01:48.0852 2644  C:\Windows\System32\netcfgx.dll - ok
23:01:48.0868 2644  [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
23:01:48.0868 2644  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
23:01:48.0868 2644  [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:01:48.0868 2644  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
23:01:48.0883 2644  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
23:01:48.0883 2644  C:\Windows\SysWOW64\ntdll.dll - ok
23:01:48.0883 2644  [ C5365AAB393A79FB171D9EA90257DC14 ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
23:01:48.0883 2644  C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
23:01:48.0899 2644  [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
23:01:48.0899 2644  C:\Windows\System32\wow64.dll - ok
23:01:48.0899 2644  [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
23:01:48.0899 2644  C:\Windows\System32\wow64win.dll - ok
23:01:48.0914 2644  [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
23:01:48.0914 2644  C:\Windows\System32\wow64cpu.dll - ok
23:01:48.0914 2644  [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
23:01:48.0914 2644  C:\Windows\SysWOW64\kernel32.dll - ok
23:01:48.0930 2644  [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
23:01:48.0930 2644  C:\Windows\SysWOW64\KernelBase.dll - ok
23:01:48.0930 2644  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
23:01:48.0930 2644  C:\Windows\SysWOW64\user32.dll - ok
23:01:48.0946 2644  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
23:01:48.0946 2644  C:\Windows\SysWOW64\gdi32.dll - ok
23:01:48.0946 2644  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
23:01:48.0946 2644  C:\Windows\SysWOW64\lpk.dll - ok
23:01:48.0961 2644  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
23:01:48.0961 2644  C:\Windows\SysWOW64\usp10.dll - ok
23:01:48.0961 2644  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
23:01:48.0961 2644  C:\Windows\System32\PeerDistSh.dll - ok
23:01:48.0977 2644  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
23:01:48.0977 2644  C:\Windows\SysWOW64\msvcrt.dll - ok
23:01:48.0977 2644  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
23:01:48.0977 2644  C:\Windows\SysWOW64\advapi32.dll - ok
23:01:48.0992 2644  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
23:01:48.0992 2644  C:\Windows\SysWOW64\rpcrt4.dll - ok
23:01:48.0992 2644  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
23:01:48.0992 2644  C:\Windows\SysWOW64\sechost.dll - ok
23:01:49.0008 2644  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
23:01:49.0008 2644  C:\Windows\System32\provsvc.dll - ok
23:01:49.0008 2644  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
23:01:49.0008 2644  C:\Windows\System32\sstpsvc.dll - ok
23:01:49.0024 2644  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
23:01:49.0024 2644  C:\Windows\SysWOW64\cryptbase.dll - ok
23:01:49.0024 2644  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
23:01:49.0024 2644  C:\Windows\SysWOW64\shell32.dll - ok
23:01:49.0039 2644  [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
23:01:49.0039 2644  C:\Windows\SysWOW64\sspicli.dll - ok
23:01:49.0039 2644  [ A506795358BC6190C533FF611A90776F ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
23:01:49.0039 2644  C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
23:01:49.0055 2644  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
23:01:49.0055 2644  C:\Windows\SysWOW64\shlwapi.dll - ok
23:01:49.0055 2644  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
23:01:49.0055 2644  C:\Windows\SysWOW64\ole32.dll - ok
23:01:49.0070 2644  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
23:01:49.0070 2644  C:\Windows\SysWOW64\oleaut32.dll - ok
23:01:49.0070 2644  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
23:01:49.0070 2644  C:\Windows\SysWOW64\crypt32.dll - ok
23:01:49.0086 2644  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
23:01:49.0086 2644  C:\Windows\SysWOW64\msasn1.dll - ok
23:01:49.0086 2644  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
23:01:49.0086 2644  C:\Windows\SysWOW64\wintrust.dll - ok
23:01:49.0102 2644  [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
23:01:49.0102 2644  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
23:01:49.0117 2644  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
23:01:49.0117 2644  C:\Windows\SysWOW64\imm32.dll - ok
23:01:49.0117 2644  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
23:01:49.0117 2644  C:\Windows\SysWOW64\msctf.dll - ok
23:01:49.0133 2644  [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:01:49.0133 2644  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
23:01:49.0133 2644  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
23:01:49.0133 2644  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
23:01:49.0148 2644  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
23:01:49.0148 2644  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
23:01:49.0148 2644  [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
23:01:49.0148 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
23:01:49.0164 2644  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
23:01:49.0164 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
23:01:49.0164 2644  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
23:01:49.0164 2644  C:\Windows\SysWOW64\version.dll - ok
23:01:49.0180 2644  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
23:01:49.0180 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
23:01:49.0180 2644  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
23:01:49.0180 2644  C:\Windows\SysWOW64\ws2_32.dll - ok
23:01:49.0195 2644  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
23:01:49.0195 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
23:01:49.0195 2644  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
23:01:49.0195 2644  C:\Windows\SysWOW64\nsi.dll - ok
23:01:49.0211 2644  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
23:01:49.0211 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
23:01:49.0226 2644  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
23:01:49.0226 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
23:01:49.0226 2644  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
23:01:49.0226 2644  C:\Windows\SysWOW64\wsock32.dll - ok
23:01:49.0242 2644  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
23:01:49.0242 2644  C:\Windows\SysWOW64\winmm.dll - ok
23:01:49.0242 2644  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
23:01:49.0242 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
23:01:49.0258 2644  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
23:01:49.0258 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
23:01:49.0258 2644  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
23:01:49.0258 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
23:01:49.0273 2644  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
23:01:49.0273 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
23:01:49.0273 2644  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
23:01:49.0273 2644  C:\Windows\SysWOW64\profapi.dll - ok
23:01:49.0289 2644  [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
23:01:49.0289 2644  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
23:01:49.0289 2644  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
23:01:49.0289 2644  C:\Windows\SysWOW64\setupapi.dll - ok
23:01:49.0304 2644  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
23:01:49.0304 2644  C:\Windows\SysWOW64\cfgmgr32.dll - ok
23:01:49.0304 2644  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
23:01:49.0304 2644  C:\Windows\SysWOW64\devobj.dll - ok
23:01:49.0320 2644  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
23:01:49.0320 2644  C:\Windows\SysWOW64\dnssd.dll - ok
23:01:49.0336 2644  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
23:01:49.0336 2644  C:\Windows\SysWOW64\userenv.dll - ok
23:01:49.0336 2644  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
23:01:49.0336 2644  C:\Windows\SysWOW64\wtsapi32.dll - ok
23:01:49.0351 2644  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
23:01:49.0351 2644  C:\Windows\SysWOW64\ntmarta.dll - ok
23:01:49.0351 2644  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
23:01:49.0351 2644  C:\Windows\SysWOW64\Wldap32.dll - ok
23:01:49.0367 2644  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
23:01:49.0367 2644  C:\Program Files\Bonjour\mDNSResponder.exe - ok
23:01:49.0367 2644  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
23:01:49.0367 2644  C:\Windows\SysWOW64\mswsock.dll - ok
23:01:49.0382 2644  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
23:01:49.0382 2644  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
23:01:49.0382 2644  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
23:01:49.0382 2644  C:\Windows\System32\cryptsvc.dll - ok
23:01:49.0398 2644  [ 770B15B8261A444B817F296EC27CE71E ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:01:49.0398 2644  C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
23:01:49.0398 2644  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
23:01:49.0398 2644  C:\Windows\System32\dps.dll - ok
23:01:49.0414 2644  [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
23:01:49.0414 2644  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
23:01:49.0414 2644  [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\SysWOW64\wininet.dll
23:01:49.0414 2644  C:\Windows\SysWOW64\wininet.dll - ok
23:01:49.0429 2644  [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\SysWOW64\iertutil.dll
23:01:49.0429 2644  C:\Windows\SysWOW64\iertutil.dll - ok
23:01:49.0429 2644  [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\SysWOW64\urlmon.dll
23:01:49.0429 2644  C:\Windows\SysWOW64\urlmon.dll - ok
23:01:49.0445 2644  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
23:01:49.0445 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
23:01:49.0445 2644  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
23:01:49.0445 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
23:01:49.0460 2644  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
23:01:49.0460 2644  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
23:01:49.0460 2644  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
23:01:49.0460 2644  C:\Windows\SysWOW64\winnsi.dll - ok
23:01:49.0476 2644  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
23:01:49.0476 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
23:01:49.0492 2644  [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
23:01:49.0492 2644  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
23:01:49.0492 2644  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
23:01:49.0492 2644  C:\Windows\System32\cryptnet.dll - ok
23:01:49.0507 2644  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
23:01:49.0507 2644  C:\Windows\System32\vssapi.dll - ok
23:01:49.0507 2644  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
23:01:49.0507 2644  C:\Windows\System32\vsstrace.dll - ok
23:01:49.0523 2644  [ 8C584D713BAE435A5B12D40C72AE0FA6 ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
23:01:49.0523 2644  C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
23:01:49.0523 2644  [ A791013008942584D48F91EEB1F3B0D1 ] C:\Program Files\Intel\WiFi\bin\iWrap.exe
23:01:49.0523 2644  C:\Program Files\Intel\WiFi\bin\iWrap.exe - ok
23:01:49.0538 2644  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
23:01:49.0538 2644  C:\Windows\System32\FDResPub.dll - ok
23:01:49.0538 2644  [ 0DCF16B1449811EFA47AB52CAC84093C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:01:49.0538 2644  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
23:01:49.0554 2644  [ 923BB61D913C37EAB1570F236CCDCE41 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
23:01:49.0554 2644  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
23:01:49.0554 2644  [ AEBDB652D9273AD61E10C5D8F51C86FB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
23:01:49.0554 2644  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
23:01:49.0570 2644  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
23:01:49.0570 2644  C:\Windows\System32\drivers\vwifimp.sys - ok
23:01:49.0570 2644  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
23:01:49.0570 2644  C:\Windows\System32\WSDApi.dll - ok
23:01:49.0585 2644  [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
23:01:49.0585 2644  C:\Windows\System32\msiexec.exe - ok
23:01:49.0585 2644  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
23:01:49.0585 2644  C:\Windows\System32\msi.dll - ok
23:01:49.0601 2644  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
23:01:49.0601 2644  C:\Windows\SysWOW64\cryptsp.dll - ok
23:01:49.0601 2644  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
23:01:49.0601 2644  C:\Windows\SysWOW64\rsaenh.dll - ok
23:01:49.0616 2644  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
23:01:49.0616 2644  C:\Windows\System32\webservices.dll - ok
23:01:49.0616 2644  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
23:01:49.0616 2644  C:\Windows\System32\oledlg.dll - ok
23:01:49.0632 2644  [ FB24438F64BAF5198EE7648B51FD3AB0 ] C:\Windows\System32\cacls.exe
23:01:49.0632 2644  C:\Windows\System32\cacls.exe - ok
23:01:49.0648 2644  [ 3306930FD3AC4ABB17A6DFC9222467F1 ] C:\Windows\AppPatch\AppPatch64\AcLayers.dll
23:01:49.0648 2644  C:\Windows\AppPatch\AppPatch64\AcLayers.dll - ok
23:01:49.0648 2644  [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
23:01:49.0648 2644  C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
23:01:49.0663 2644  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
23:01:49.0663 2644  C:\Windows\System32\mpr.dll - ok
23:01:49.0663 2644  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
23:01:49.0663 2644  C:\Windows\System32\sfc.dll - ok
23:01:49.0679 2644  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
23:01:49.0679 2644  C:\Windows\System32\nlasvc.dll - ok
23:01:49.0679 2644  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
23:01:49.0679 2644  C:\Windows\System32\sfc_os.dll - ok
23:01:49.0694 2644  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
23:01:49.0694 2644  C:\Windows\System32\netman.dll - ok
23:01:49.0694 2644  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
23:01:49.0694 2644  C:\Windows\System32\ncsi.dll - ok
23:01:49.0710 2644  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
23:01:49.0710 2644  C:\Windows\System32\winhttp.dll - ok
23:01:49.0710 2644  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
23:01:49.0710 2644  C:\Windows\System32\webio.dll - ok
23:01:49.0726 2644  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
23:01:49.0726 2644  C:\Windows\System32\drivers\PEAuth.sys - ok
23:01:49.0726 2644  [ 992E3160D3AB2D8F083B6808D73A4016 ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:01:49.0726 2644  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
23:01:49.0741 2644  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
23:01:49.0741 2644  C:\Windows\System32\aepic.dll - ok
23:01:49.0741 2644  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
23:01:49.0741 2644  C:\Windows\System32\ssdpapi.dll - ok
23:01:49.0757 2644  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
23:01:49.0757 2644  C:\Windows\System32\drivers\secdrv.sys - ok
23:01:49.0757 2644  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
23:01:49.0757 2644  C:\Windows\System32\seclogon.dll - ok
23:01:49.0772 2644  [ 23E3C83DFF7B09A97B01A85ED8A44478 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:01:49.0772 2644  C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
23:01:49.0772 2644  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
23:01:49.0772 2644  C:\Windows\SysWOW64\winhttp.dll - ok
23:01:49.0788 2644  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
23:01:49.0788 2644  C:\Windows\SysWOW64\webio.dll - ok
23:01:49.0804 2644  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
23:01:49.0804 2644  C:\Windows\SysWOW64\clbcatq.dll - ok
23:01:49.0804 2644  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files (x86)\Skype\Updater\Updater.exe
23:01:49.0804 2644  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
23:01:49.0804 2644  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
23:01:49.0804 2644  C:\Windows\SysWOW64\psapi.dll - ok
23:01:49.0819 2644  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
23:01:49.0819 2644  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
23:01:49.0835 2644  [ 659C3E88522968255A99322F1A96AFB7 ] C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER Service.exe
23:01:49.0835 2644  C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER Service.exe - ok
23:01:49.0835 2644  [ 39A9CC4F2E90FFD869E704DDCC1C669E ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
23:01:49.0835 2644  C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
23:01:49.0850 2644  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
23:01:49.0850 2644  C:\Windows\System32\aeevts.dll - ok
23:01:49.0850 2644  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
23:01:49.0850 2644  C:\Windows\System32\wsock32.dll - ok
23:01:49.0866 2644  [ 6F30937924D4A165F108F1C7FC2B2B56 ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
23:01:49.0866 2644  C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
23:01:49.0866 2644  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
23:01:49.0866 2644  C:\Windows\System32\wbem\wbemprox.dll - ok
23:01:49.0882 2644  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
23:01:49.0882 2644  C:\Windows\System32\drivers\srvnet.sys - ok
23:01:49.0882 2644  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
23:01:49.0882 2644  C:\Windows\System32\drivers\tcpipreg.sys - ok
23:01:49.0897 2644  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
23:01:49.0897 2644  C:\Windows\System32\httpapi.dll - ok
23:01:49.0897 2644  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
23:01:49.0897 2644  C:\Windows\System32\wiaservc.dll - ok
23:01:49.0913 2644  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
23:01:49.0913 2644  C:\Windows\System32\tapisrv.dll - ok
23:01:49.0913 2644  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
23:01:49.0913 2644  C:\Windows\System32\wiatrace.dll - ok
23:01:49.0928 2644  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
23:01:49.0928 2644  C:\Windows\System32\fundisc.dll - ok
23:01:49.0928 2644  [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
23:01:49.0928 2644  C:\Windows\System32\wsdchngr.dll - ok
23:01:49.0944 2644  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
23:01:49.0944 2644  C:\Windows\System32\sysmain.dll - ok
23:01:49.0944 2644  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
23:01:49.0944 2644  C:\Windows\System32\trkwks.dll - ok
23:01:49.0960 2644  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
23:01:49.0960 2644  C:\Windows\System32\wbem\WMIsvc.dll - ok
23:01:49.0960 2644  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
23:01:49.0960 2644  C:\Windows\System32\wbemcomn.dll - ok
23:01:49.0975 2644  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
23:01:49.0975 2644  C:\Windows\System32\wbem\WinMgmtR.dll - ok
23:01:49.0975 2644  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
23:01:49.0975 2644  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
23:01:49.0991 2644  [ F514C1C9D814F3DB46A17C59EA8214B2 ] C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
23:01:49.0991 2644  C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe - ok
23:01:49.0991 2644  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
23:01:49.0991 2644  C:\Windows\SysWOW64\msimg32.dll - ok
23:01:50.0006 2644  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
23:01:50.0006 2644  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
23:01:50.0006 2644  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
23:01:50.0006 2644  C:\Windows\System32\fdPnp.dll - ok
23:01:50.0022 2644  [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
23:01:50.0022 2644  C:\Program Files\Windows Defender\MpSvc.dll - ok
23:01:50.0022 2644  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
23:01:50.0022 2644  C:\Windows\System32\wbem\fastprox.dll - ok
23:01:50.0038 2644  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
23:01:50.0038 2644  C:\Windows\System32\ntdsapi.dll - ok
23:01:50.0038 2644  [ 09B2DE095AF14E676817E6F4905A7290 ] C:\Program Files (x86)\Wise\Wise Care 365\WiseBootBooster.exe
23:01:50.0038 2644  C:\Program Files (x86)\Wise\Wise Care 365\WiseBootBooster.exe - ok
23:01:50.0053 2644  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
23:01:50.0053 2644  C:\Windows\System32\wbem\wbemcore.dll - ok
23:01:50.0069 2644  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
23:01:50.0069 2644  C:\Windows\System32\wbem\esscli.dll - ok
23:01:50.0069 2644  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
23:01:50.0069 2644  C:\Windows\System32\wbem\wbemsvc.dll - ok
23:01:50.0084 2644  [ 9FA1347D0E96998C3793F51BB94D7AC3 ] C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
23:01:50.0084 2644  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe - ok
23:01:50.0084 2644  [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
23:01:50.0084 2644  C:\Program Files\Windows Defender\MpClient.dll - ok
23:01:50.0100 2644  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
23:01:50.0100 2644  C:\Windows\System32\esent.dll - ok
23:01:50.0100 2644  [ 26A865C2E0A2D59583986E0E257E80DB ] C:\Windows\System32\CNC620C.DLL
23:01:50.0100 2644  C:\Windows\System32\CNC620C.DLL - ok
23:01:50.0116 2644  [ 30D4DD78BCD887F3A4AE43D1383F39F8 ] C:\Windows\System32\CNC620L.DLL
23:01:50.0116 2644  C:\Windows\System32\CNC620L.DLL - ok
23:01:50.0116 2644  [ AB8FDCAF3989C7C7D9B6104061DA2C37 ] C:\Windows\twain_32\MP620 series_000085E88E60\USDRESUS.DLL
23:01:50.0116 2644  C:\Windows\twain_32\MP620 series_000085E88E60\USDRESUS.DLL - ok
23:01:50.0131 2644  [ 4C023DCDC4F8AB2E9385A294BAEBD962 ] C:\Windows\twain_32\MP620 series\caddisnt.dll
23:01:50.0131 2644  C:\Windows\twain_32\MP620 series\caddisnt.dll - ok
23:01:50.0131 2644  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
23:01:50.0131 2644  C:\Windows\System32\wbem\wmiutils.dll - ok
23:01:50.0147 2644  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
23:01:50.0147 2644  C:\Windows\System32\wbem\repdrvfs.dll - ok
23:01:50.0147 2644  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
23:01:50.0147 2644  C:\Windows\SysWOW64\apphelp.dll - ok
23:01:50.0162 2644  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
23:01:50.0162 2644  C:\Windows\SysWOW64\comdlg32.dll - ok
23:01:50.0162 2644  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
23:01:50.0162 2644  C:\Windows\SysWOW64\mpr.dll - ok
23:01:50.0178 2644  [ 4374DF040ACD893720C4FE4CF412D7A7 ] C:\Windows\System32\CNMN6PPM.DLL
23:01:50.0178 2644  C:\Windows\System32\CNMN6PPM.DLL - ok
23:01:50.0178 2644  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
23:01:50.0178 2644  C:\Program Files\Bonjour\mdnsNSP.dll - ok
23:01:50.0194 2644  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
23:01:50.0194 2644  C:\Windows\System32\rasadhlp.dll - ok
23:01:50.0194 2644  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
23:01:50.0194 2644  C:\Windows\System32\localspl.dll - ok
23:01:50.0209 2644  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
23:01:50.0209 2644  C:\Windows\System32\spoolss.dll - ok
23:01:50.0225 2644  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
23:01:50.0225 2644  C:\Windows\System32\PrintIsolationProxy.dll - ok
23:01:50.0225 2644  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
23:01:50.0225 2644  C:\Windows\SysWOW64\uxtheme.dll - ok
23:01:50.0240 2644  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
23:01:50.0240 2644  C:\Windows\SysWOW64\dwmapi.dll - ok
23:01:50.0240 2644  [ A1676271F37E953A2C4FB8E1046AEA86 ] C:\Windows\System32\CNMLM9D.DLL
23:01:50.0272 2644  C:\Windows\System32\CNMLM9D.DLL - ok
23:01:50.0272 2644  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
23:01:50.0272 2644  C:\Windows\System32\FXSMON.dll - ok
23:01:50.0287 2644  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
23:01:50.0287 2644  C:\Windows\System32\tcpmon.dll - ok
23:01:50.0287 2644  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
23:01:50.0287 2644  C:\Windows\System32\snmpapi.dll - ok
23:01:50.0303 2644  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
23:01:50.0303 2644  C:\Windows\System32\wsnmp32.dll - ok
23:01:50.0318 2644  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
23:01:50.0318 2644  C:\Windows\System32\usbmon.dll - ok
23:01:50.0318 2644  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
23:01:50.0318 2644  C:\Windows\System32\WSDMon.dll - ok
23:01:50.0334 2644  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
23:01:50.0334 2644  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
23:01:50.0350 2644  [ 742170067278181FF7C901F76FA1F486 ] C:\Windows\System32\spool\prtprocs\x64\CNMPD9D.DLL
23:01:50.0350 2644  C:\Windows\System32\spool\prtprocs\x64\CNMPD9D.DLL - ok
23:01:50.0350 2644  [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
23:01:50.0350 2644  C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
23:01:50.0365 2644  [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
23:01:50.0365 2644  C:\Windows\System32\win32spl.dll - ok
23:01:50.0381 2644  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
23:01:50.0381 2644  C:\Windows\System32\iphlpsvc.dll - ok
23:01:50.0381 2644  [ D08F81AFC8746FAE8BB3D19523947AFA ] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
23:01:50.0381 2644  C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll - ok
23:01:50.0396 2644  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
23:01:50.0396 2644  C:\Windows\System32\drivers\srv2.sys - ok
23:01:50.0396 2644  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
23:01:50.0396 2644  C:\Windows\System32\drivers\srv.sys - ok
23:01:50.0412 2644  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
23:01:50.0412 2644  C:\Windows\System32\inetpp.dll - ok
23:01:50.0412 2644  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
23:01:50.0412 2644  C:\Windows\System32\sqmapi.dll - ok
23:01:50.0428 2644  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
23:01:50.0428 2644  C:\Windows\System32\wdscore.dll - ok
23:01:50.0428 2644  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
23:01:50.0428 2644  C:\Windows\System32\rasmans.dll - ok
23:01:50.0443 2644  [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
23:01:50.0443 2644  C:\Windows\System32\rastapi.dll - ok
23:01:50.0443 2644  [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
23:01:50.0443 2644  C:\Windows\System32\tapi32.dll - ok
23:01:50.0459 2644  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
23:01:50.0459 2644  C:\Windows\System32\srvsvc.dll - ok
23:01:50.0459 2644  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
23:01:50.0459 2644  C:\Windows\System32\browser.dll - ok
23:01:50.0474 2644  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
23:01:50.0474 2644  C:\Windows\System32\netmsg.dll - ok
23:01:50.0474 2644  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
23:01:50.0474 2644  C:\Windows\System32\sscore.dll - ok
23:01:50.0490 2644  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
23:01:50.0490 2644  C:\Windows\System32\clusapi.dll - ok
23:01:50.0490 2644  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
23:01:50.0490 2644  C:\Windows\System32\resutils.dll - ok
23:01:50.0506 2644  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
23:01:50.0506 2644  C:\Windows\System32\hnetcfg.dll - ok
23:01:50.0506 2644  [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
23:01:50.0506 2644  C:\Windows\System32\unimdm.tsp - ok
23:01:50.0521 2644  [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
23:01:50.0521 2644  C:\Windows\System32\uniplat.dll - ok
23:01:50.0521 2644  [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
23:01:50.0521 2644  C:\Windows\System32\kmddsp.tsp - ok
23:01:50.0537 2644  [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
23:01:50.0537 2644  C:\Windows\System32\hidphone.tsp - ok
23:01:50.0537 2644  [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
23:01:50.0537 2644  C:\Windows\System32\ndptsp.tsp - ok
23:01:50.0552 2644  [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
23:01:50.0552 2644  C:\Windows\System32\rasppp.dll - ok
23:01:50.0552 2644  [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
23:01:50.0552 2644  C:\Windows\System32\raschap.dll - ok
23:01:50.0568 2644  [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
23:01:50.0568 2644  C:\Windows\System32\vpnike.dll - ok
23:01:50.0568 2644  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
23:01:50.0568 2644  C:\Windows\System32\ipnathlp.dll - ok
23:01:50.0584 2644  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
23:01:50.0584 2644  C:\Windows\System32\mprapi.dll - ok
23:01:50.0584 2644  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
23:01:50.0584 2644  C:\Windows\System32\netshell.dll - ok
23:01:50.0599 2644  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
23:01:50.0599 2644  C:\Windows\SysWOW64\olepro32.dll - ok
23:01:50.0615 2644  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
23:01:50.0615 2644  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
23:01:50.0615 2644  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
23:01:50.0615 2644  C:\Windows\SysWOW64\propsys.dll - ok
23:01:50.0630 2644  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
23:01:50.0630 2644  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
23:01:50.0630 2644  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
23:01:50.0630 2644  C:\Windows\System32\ncobjapi.dll - ok
23:01:50.0646 2644  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
23:01:50.0646 2644  C:\Windows\System32\wbem\wbemess.dll - ok
23:01:50.0646 2644  [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
23:01:50.0646 2644  C:\Windows\System32\wbem\unsecapp.exe - ok
23:01:50.0662 2644  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
23:01:50.0662 2644  C:\Windows\System32\wbem\NCProv.dll - ok
23:01:50.0662 2644  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
23:01:50.0662 2644  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
23:01:50.0677 2644  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
23:01:50.0677 2644  C:\Windows\System32\npmproxy.dll - ok
23:01:50.0677 2644  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
23:01:50.0677 2644  C:\Windows\System32\wdi.dll - ok
23:01:50.0693 2644  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
23:01:50.0693 2644  C:\Windows\System32\wpdbusenum.dll - ok
23:01:50.0693 2644  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
23:01:50.0693 2644  C:\Windows\System32\qmgr.dll - ok
23:01:50.0708 2644  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
23:01:50.0708 2644  C:\Windows\System32\PortableDeviceApi.dll - ok
23:01:50.0708 2644  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
23:01:50.0708 2644  C:\Windows\System32\diagperf.dll - ok
23:01:50.0724 2644  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
23:01:50.0724 2644  C:\Windows\System32\perftrack.dll - ok
23:01:50.0724 2644  [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
23:01:50.0724 2644  C:\Windows\System32\bitsperf.dll - ok
23:01:50.0740 2644  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
23:01:50.0740 2644  C:\Windows\System32\Apphlpdm.dll - ok
23:01:50.0740 2644  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
23:01:50.0740 2644  C:\Windows\System32\wer.dll - ok
23:01:50.0755 2644  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
23:01:50.0755 2644  C:\Windows\System32\bitsigd.dll - ok
23:01:50.0755 2644  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
23:01:50.0755 2644  C:\Windows\System32\pnpts.dll - ok
23:01:50.0771 2644  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
23:01:50.0771 2644  C:\Windows\System32\upnp.dll - ok
23:01:50.0771 2644  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
23:01:50.0771 2644  C:\Windows\System32\wdiasqmmodule.dll - ok
23:01:50.0786 2644  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
23:01:50.0786 2644  C:\Windows\System32\ssdpsrv.dll - ok
23:01:50.0786 2644  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
23:01:50.0786 2644  C:\Windows\System32\ndiscapCfg.dll - ok
23:01:50.0802 2644  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
23:01:50.0802 2644  C:\Windows\System32\rascfg.dll - ok
23:01:50.0802 2644  [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
23:01:50.0802 2644  C:\Windows\System32\mprmsg.dll - ok
23:01:50.0818 2644  [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
23:01:50.0818 2644  C:\Windows\System32\tcpipcfg.dll - ok
23:01:50.0818 2644  [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
23:01:50.0818 2644  C:\Windows\System32\qmgrprxy.dll - ok
23:01:50.0833 2644  [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
23:01:50.0833 2644  C:\Windows\SysWOW64\qmgrprxy.dll - ok
23:01:50.0833 2644  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
23:01:50.0833 2644  C:\Windows\System32\cscapi.dll - ok
23:01:50.0849 2644  [ C0C65BEE2ADAB8A257766B56C048685E ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
23:01:50.0849 2644  C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
23:01:50.0849 2644  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
23:01:50.0849 2644  C:\Windows\System32\nci.dll - ok
23:01:50.0864 2644  [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
23:01:50.0864 2644  C:\Windows\System32\wlaninst.dll - ok
23:01:50.0864 2644  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
23:01:50.0864 2644  C:\Windows\System32\wwaninst.dll - ok
23:01:50.0880 2644  [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
23:01:50.0880 2644  C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
23:01:50.0880 2644  [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
23:01:50.0880 2644  C:\Windows\System32\mgmtapi.dll - ok
23:01:50.0896 2644  [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
23:01:50.0896 2644  C:\Windows\System32\PrintIsolationHost.exe - ok
23:01:50.0896 2644  [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
23:01:50.0896 2644  C:\Windows\System32\tcpmib.dll - ok
23:01:50.0911 2644  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
23:01:50.0911 2644  C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
23:01:50.0911 2644  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
23:01:50.0911 2644  C:\Windows\System32\wbem\wmiprov.dll - ok
23:01:50.0927 2644  [ 6797CEB7D07B09A0D79612657BCC6CCA ] C:\Windows\System32\spool\drivers\x64\3\HPZUIWN7.DLL
23:01:50.0927 2644  C:\Windows\System32\spool\drivers\x64\3\HPZUIWN7.DLL - ok
23:01:50.0927 2644  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
23:01:50.0927 2644  C:\Windows\System32\NapiNSP.dll - ok
23:01:50.0942 2644  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
23:01:50.0942 2644  C:\Windows\System32\pnrpnsp.dll - ok
23:01:50.0958 2644  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
23:01:50.0958 2644  C:\Windows\System32\winrnr.dll - ok
23:01:50.0958 2644  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
23:01:50.0958 2644  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
23:01:50.0974 2644  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
23:01:50.0974 2644  C:\Windows\System32\hidserv.dll - ok
23:01:50.0974 2644  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
23:01:50.0974 2644  C:\Windows\System32\taskhost.exe - ok
23:01:50.0989 2644  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
23:01:50.0989 2644  C:\Windows\System32\dimsjob.dll - ok
23:01:50.0989 2644  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
23:01:50.0989 2644  C:\Windows\System32\pautoenr.dll - ok
23:01:51.0005 2644  [ CDA59C183B3DB8CF35380836ADD74AAD ] C:\Windows\System32\compstui.dll
23:01:51.0005 2644  C:\Windows\System32\compstui.dll - ok
23:01:51.0005 2644  [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
23:01:51.0005 2644  C:\Windows\System32\spfileq.dll - ok
23:01:51.0020 2644  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
23:01:51.0020 2644  C:\Windows\System32\IPSECSVC.DLL - ok
23:01:51.0020 2644  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
23:01:51.0020 2644  C:\Windows\System32\FwRemoteSvr.dll - ok
23:01:51.0036 2644  [ 112749DEF58EA9B8F571B209E5F4C470 ] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
23:01:51.0036 2644  C:\Program Files\Intel\WiFi\bin\DbEngine.dll - ok
23:01:51.0036 2644  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
23:01:51.0036 2644  C:\Windows\System32\certcli.dll - ok
23:01:51.0052 2644  [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
23:01:51.0052 2644  C:\Program Files\Windows Defender\MpRTP.dll - ok
23:01:51.0052 2644  [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
23:01:51.0052 2644  C:\Windows\System32\tdh.dll - ok
23:01:51.0067 2644  [ 76A11F575782DBAE74F05B8796EF7F9D ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpengine.dll
23:01:51.0067 2644  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpengine.dll - ok
23:01:51.0067 2644  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
23:01:51.0067 2644  C:\Windows\System32\CertEnroll.dll - ok
23:01:51.0083 2644  [ 41E1832E816C8278AABE20ED24315B3E ] C:\Program Files\Intel\WiFi\bin\PanIHVInt.dll
23:01:51.0083 2644  C:\Program Files\Intel\WiFi\bin\PanIHVInt.dll - ok
23:01:51.0083 2644  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
23:01:51.0083 2644  C:\Windows\System32\msxml3.dll - ok
23:01:51.0098 2644  [ 436EB2742ED35C1ED9DDCB83C9BCF68A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpasbase.vdm
23:01:51.0098 2644  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpasbase.vdm - ok
23:01:51.0098 2644  [ 7C3B7C746A222B411A25F671A53DEECA ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpasdlta.vdm
23:01:51.0098 2644  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A36DB9A0-ED2B-4C68-83AD-1D27F7759548}\mpasdlta.vdm - ok
23:01:51.0114 2644  [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
23:01:51.0114 2644  C:\Program Files\Windows Defender\MsMpLics.dll - ok
23:01:51.0114 2644  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
23:01:51.0114 2644  C:\Windows\System32\wscapi.dll - ok
23:01:51.0130 2644  [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
23:01:51.0130 2644  C:\Windows\System32\wscisvif.dll - ok
23:01:51.0130 2644  [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
23:01:51.0130 2644  C:\Windows\System32\wscproxystub.dll - ok
23:01:51.0145 2644  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
23:01:51.0145 2644  C:\Windows\System32\dllhost.exe - ok
23:01:51.0161 2644  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
23:01:51.0161 2644  C:\Windows\System32\IDStore.dll - ok
23:01:51.0161 2644  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
23:01:51.0161 2644  C:\Windows\SysWOW64\winsta.dll - ok
23:01:51.0176 2644  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
23:01:51.0176 2644  C:\Windows\System32\PlaySndSrv.dll - ok
23:01:51.0176 2644  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
23:01:51.0176 2644  C:\Windows\System32\userinit.exe - ok
23:01:51.0192 2644  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
23:01:51.0192 2644  C:\Windows\System32\taskeng.exe - ok
23:01:51.0192 2644  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
23:01:51.0192 2644  C:\Windows\System32\dwm.exe - ok
23:01:51.0208 2644  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
23:01:51.0208 2644  C:\Windows\System32\dwmredir.dll - ok
23:01:51.0208 2644  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
23:01:51.0208 2644  C:\Windows\System32\dwmcore.dll - ok
23:01:51.0223 2644  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
23:01:51.0223 2644  C:\Windows\System32\MsCtfMonitor.dll - ok
23:01:51.0223 2644  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
23:01:51.0223 2644  C:\Windows\System32\msutb.dll - ok
23:01:51.0239 2644  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
23:01:51.0239 2644  C:\Windows\System32\HotStartUserAgent.dll - ok
23:01:51.0239 2644  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
23:01:51.0239 2644  C:\Windows\System32\d3d10_1.dll - ok
23:01:51.0254 2644  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
23:01:51.0254 2644  C:\Windows\System32\d3d10_1core.dll - ok
23:01:51.0254 2644  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
23:01:51.0254 2644  C:\Windows\System32\dxgi.dll - ok
23:01:51.0270 2644  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
23:01:51.0270 2644  C:\Windows\System32\d3d11.dll - ok
23:01:51.0270 2644  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
23:01:51.0270 2644  C:\Windows\System32\TSChannel.dll - ok
23:01:51.0286 2644  [ 4783BC9E09B35489A5384AC5DB074418 ] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
23:01:51.0286 2644  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe - ok
23:01:51.0301 2644  [ 28CCE4178312AEABBB5F98E708798433 ] C:\Windows\System32\igd10umd64.dll
23:01:51.0301 2644  C:\Windows\System32\igd10umd64.dll - ok
23:01:51.0301 2644  [ 6C8EB0C50C276FE26DB2058A836D0280 ] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
23:01:51.0301 2644  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe - ok
23:01:51.0301 2644  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
23:01:51.0301 2644  C:\Windows\explorer.exe - ok
23:01:51.0317 2644  [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Windows\System32\msvcp110.dll
23:01:51.0317 2644  C:\Windows\System32\msvcp110.dll - ok
23:01:51.0317 2644  [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Windows\System32\msvcr110.dll
23:01:51.0317 2644  C:\Windows\System32\msvcr110.dll - ok
23:01:51.0332 2644  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll
23:01:51.0332 2644  C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll - ok
23:01:51.0348 2644  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
23:01:51.0348 2644  C:\Windows\System32\dbghelp.dll - ok
23:01:51.0348 2644  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
23:01:51.0348 2644  C:\Windows\System32\ExplorerFrame.dll - ok
23:01:51.0364 2644  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
23:01:51.0364 2644  C:\Windows\System32\uDWM.dll - ok
23:01:51.0364 2644  [ C99C6E70B3625D0E5600B361007B6CA1 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
23:01:51.0364 2644  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
23:01:51.0379 2644  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
23:01:51.0379 2644  C:\Windows\System32\radardt.dll - ok
23:01:51.0379 2644  [ 8BC7F8F0B7AE856D910B3FDD895EC50E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
23:01:51.0379 2644  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
23:01:51.0395 2644  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
23:01:51.0395 2644  C:\Windows\System32\EhStorShell.dll - ok
23:01:51.0395 2644  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
23:01:51.0395 2644  C:\Windows\System32\cscui.dll - ok
23:01:51.0410 2644  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
23:01:51.0410 2644  C:\Windows\System32\cscdll.dll - ok
23:01:51.0410 2644  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
23:01:51.0410 2644  C:\Windows\System32\ntshrui.dll - ok
23:01:51.0426 2644  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
23:01:51.0426 2644  C:\Windows\System32\IconCodecService.dll - ok
23:01:51.0426 2644  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
23:01:51.0426 2644  C:\Windows\System32\runonce.exe - ok
23:01:51.0442 2644  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
23:01:51.0442 2644  C:\Windows\SysWOW64\runonce.exe - ok
23:01:51.0442 2644  [ A9E7EA6AFC08C0EE00B4E71A7704C646 ] C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll
23:01:51.0442 2644  C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll - ok
23:01:51.0457 2644  [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
23:01:51.0457 2644  C:\Windows\SysWOW64\secur32.dll - ok
23:01:51.0457 2644  [ 1C6F2BF5E6CD537CD5C25A30D6C49AC1 ] C:\Program Files (x86)\7-ZipPortable\App\7-Zip64\7zFM.exe
23:01:51.0457 2644  C:\Program Files (x86)\7-ZipPortable\App\7-Zip64\7zFM.exe - ok
23:01:51.0473 2644  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
23:01:51.0473 2644  C:\Windows\SysWOW64\cmd.exe - ok
23:01:51.0488 2644  [ 6A83403CDE15B2C7AA7DDB5138E31091 ] C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll
23:01:51.0488 2644  C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll - ok
23:01:51.0488 2644  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
23:01:51.0488 2644  C:\Windows\SysWOW64\winbrand.dll - ok
23:01:51.0504 2644  [ 8ACF67C60AFC9918FE12C1588AC3B8EF ] C:\Program Files\CCleaner\CCleaner64.exe
23:01:51.0504 2644  C:\Program Files\CCleaner\CCleaner64.exe - ok
23:01:51.0504 2644  [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\SysWOW64\ieframe.dll
23:01:51.0504 2644  C:\Windows\SysWOW64\ieframe.dll - ok
23:01:51.0520 2644  [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
23:01:51.0520 2644  C:\Program Files\DVD Maker\DVDMaker.exe - ok
23:01:51.0520 2644  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
23:01:51.0520 2644  C:\Windows\System32\aelupsvc.dll - ok
23:01:51.0535 2644  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
23:01:51.0535 2644  C:\Windows\SysWOW64\oleacc.dll - ok
23:01:51.0535 2644  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
23:01:51.0535 2644  C:\Windows\SysWOW64\shdocvw.dll - ok
23:01:51.0551 2644  [ 48A9B8A8AAFB0CCF8E3D994CF4A5B984 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
23:01:51.0551 2644  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe - ok
23:01:51.0551 2644  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Evan\AppData\Local\Temp\36320305-82AF-4A89-ADC1-5D4743A9DFC7.exe
23:01:51.0551 2644  C:\Users\Evan\AppData\Local\Temp\36320305-82AF-4A89-ADC1-5D4743A9DFC7.exe - ok
23:01:51.0566 2644  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
23:01:51.0566 2644  C:\Windows\SysWOW64\imagehlp.dll - ok
23:01:51.0566 2644  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
23:01:51.0566 2644  C:\Windows\SysWOW64\ncrypt.dll - ok
23:01:51.0582 2644  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
23:01:51.0582 2644  C:\Windows\SysWOW64\bcrypt.dll - ok
23:01:51.0582 2644  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
23:01:51.0598 2644  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
23:01:51.0598 2644  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
23:01:51.0598 2644  C:\Windows\SysWOW64\gpapi.dll - ok
23:01:51.0598 2644  [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
23:01:51.0598 2644  C:\Windows\SysWOW64\cryptnet.dll - ok
23:01:51.0613 2644  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
23:01:51.0613 2644  C:\Windows\SysWOW64\SensApi.dll - ok
23:01:51.0629 2644  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
23:01:51.0629 2644  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
23:01:51.0629 2644  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
23:01:51.0629 2644  C:\Windows\SysWOW64\EhStorShell.dll - ok
23:01:51.0644 2644  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
23:01:51.0644 2644  C:\Windows\SysWOW64\ntshrui.dll - ok
23:01:51.0644 2644  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
23:01:51.0644 2644  C:\Windows\SysWOW64\cscapi.dll - ok
23:01:51.0660 2644  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
23:01:51.0660 2644  C:\Windows\SysWOW64\slc.dll - ok
23:01:51.0660 2644  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
23:01:51.0660 2644  C:\Windows\SysWOW64\srvcli.dll - ok
23:01:51.0676 2644  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
23:01:51.0676 2644  C:\Windows\SysWOW64\imageres.dll - ok
23:01:51.0676 2644  [ 04ECDBFCFE16887E16CD4FE6B341EA88 ] C:\Program Files\Dell Support Center\pcdrcui.exe
23:01:51.0676 2644  C:\Program Files\Dell Support Center\pcdrcui.exe - ok
23:01:51.0691 2644  [ 7E5740243755C217DD4F4EEE1C05A33B ] C:\Program Files\Dell\QuickSet\quickset.exe
23:01:51.0691 2644  C:\Program Files\Dell\QuickSet\quickset.exe - ok
23:01:51.0691 2644  [ D5A3EB5ED95E36B643E55F9F489FC8FC ] C:\Program Files\IDT\WDM\sttray64.exe
23:01:51.0691 2644  C:\Program Files\IDT\WDM\sttray64.exe - ok
23:01:51.0707 2644  [ 87182EF2EDFBE69E01CAA9782E9EEE9A ] C:\Program Files\IDT\WDM\suhlp64.exe
23:01:51.0707 2644  C:\Program Files\IDT\WDM\suhlp64.exe - ok
23:01:51.0707 2644  [ 6C12BD722FFC94584348DD34F4059FC5 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
23:01:51.0707 2644  C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
23:01:51.0722 2644  [ 841D3672FA9416A3E050F3A2AB4D58C5 ] C:\Program Files\SyncToy 2.1\SyncToy.exe
23:01:51.0722 2644  C:\Program Files\SyncToy 2.1\SyncToy.exe - ok
23:01:51.0722 2644  [ 07A026874244D944D82B9265DA8D6384 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
23:01:51.0722 2644  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
23:01:51.0738 2644  [ BE8DA7A8E6F3C27D57E478B5044EBD4E ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
23:01:51.0738 2644  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
23:01:51.0754 2644  [ 78E8580D5C32E9627D1B69761B76ED72 ] C:\Program Files\Dell Support Center\uaclauncher.exe
23:01:51.0754 2644  C:\Program Files\Dell Support Center\uaclauncher.exe - ok
23:01:51.0754 2644  [ 715BFF236158F61C042928A53C0D5AA8 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
23:01:51.0754 2644  C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
23:01:51.0769 2644  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
23:01:51.0769 2644  C:\Windows\SysWOW64\sfc.dll - ok
23:01:51.0769 2644  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
23:01:51.0769 2644  C:\Windows\SysWOW64\sfc_os.dll - ok
23:01:51.0785 2644  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
23:01:51.0785 2644  C:\Windows\SysWOW64\devrtl.dll - ok
23:01:51.0785 2644  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
23:01:51.0785 2644  C:\Windows\SysWOW64\netutils.dll - ok
23:01:51.0800 2644  [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
23:01:51.0800 2644  C:\Windows\System32\ie4uinit.exe - ok
23:01:51.0800 2644  [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
23:01:51.0800 2644  C:\Windows\System32\iedkcs32.dll - ok
23:01:51.0816 2644  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
23:01:51.0816 2644  C:\Windows\System32\timedate.cpl - ok
23:01:51.0816 2644  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
23:01:51.0816 2644  C:\Windows\System32\actxprxy.dll - ok
23:01:51.0832 2644  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
23:01:51.0832 2644  C:\Windows\System32\shdocvw.dll - ok
23:01:51.0832 2644  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
23:01:51.0832 2644  C:\Windows\System32\linkinfo.dll - ok
23:01:51.0847 2644  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
23:01:51.0847 2644  C:\Windows\System32\msiltcfg.dll - ok
23:01:51.0847 2644  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
23:01:51.0847 2644  C:\Windows\SysWOW64\credssp.dll - ok
23:01:51.0863 2644  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
23:01:51.0863 2644  C:\Windows\SysWOW64\dnsapi.dll - ok
23:01:51.0863 2644  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
23:01:51.0863 2644  C:\Windows\SysWOW64\wship6.dll - ok
23:01:51.0878 2644  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
23:01:51.0878 2644  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
23:01:51.0878 2644  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
23:01:51.0878 2644  C:\Windows\SysWOW64\rasadhlp.dll - ok
23:01:51.0894 2644  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
23:01:51.0894 2644  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
23:01:51.0910 2644  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
23:01:51.0910 2644  C:\Windows\System32\msftedit.dll - ok
23:01:51.0910 2644  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
23:01:51.0910 2644  C:\Windows\System32\gameux.dll - ok
23:01:51.0910 2644  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
23:01:51.0910 2644  C:\Windows\System32\msls31.dll - ok
23:01:51.0925 2644  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
23:01:51.0925 2644  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
23:01:51.0925 2644  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
23:01:51.0925 2644  C:\Windows\System32\DeviceCenter.dll - ok
23:01:51.0941 2644  [ C093D574EADF8C38A55295DA499816FE ] C:\Windows\System32\igfxtray.exe
23:01:51.0941 2644  C:\Windows\System32\igfxtray.exe - ok
23:01:51.0941 2644  [ 8EDA58B6D705AB4A0C9F049A1DE5A505 ] C:\Windows\System32\SynCOM.dll
23:01:51.0941 2644  C:\Windows\System32\SynCOM.dll - ok
23:01:51.0956 2644  [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
23:01:51.0956 2644  C:\Windows\System32\mfc42u.dll - ok
23:01:51.0956 2644  [ 95CF8A61038892FAE2A5DE79044B0919 ] C:\Windows\System32\hccutils.dll
23:01:51.0956 2644  C:\Windows\System32\hccutils.dll - ok
23:01:51.0972 2644  [ 32AE4FFE4DFAA90531EDF1028A30A00A ] C:\Windows\System32\SynTPAPI.dll
23:01:51.0972 2644  C:\Windows\System32\SynTPAPI.dll - ok
23:01:51.0972 2644  [ F930BD0EF1692682585D231A3AD3C576 ] C:\Windows\System32\hkcmd.exe
23:01:51.0972 2644  C:\Windows\System32\hkcmd.exe - ok
23:01:51.0988 2644  [ 1B36E598B77FBAFD94BBB48A6F1758D2 ] C:\Windows\System32\igfxpers.exe
23:01:51.0988 2644  C:\Windows\System32\igfxpers.exe - ok
23:01:51.0988 2644  [ 8403FC72F30E6BFE257F51460F9F8A83 ] C:\Windows\System32\igfxsrvc.exe
23:01:52.0003 2644  C:\Windows\System32\igfxsrvc.exe - ok
23:01:52.0003 2644  [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
23:01:52.0003 2644  C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
23:01:52.0019 2644  [ 4EBB14D8F46CCF920D03BBF942723844 ] C:\Program Files\Synaptics\SynTP\DellTpad.exe
23:01:52.0019 2644  C:\Program Files\Synaptics\SynTP\DellTpad.exe - ok
23:01:52.0019 2644  [ B22CB67919EBAD88B0E8BB9CDA446010 ] C:\Windows\System32\StikyNot.exe
23:01:52.0019 2644  C:\Windows\System32\StikyNot.exe - ok
23:01:52.0034 2644  [ B90909154051BB0A83D9A25966F37B39 ] C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER.exe
23:01:52.0034 2644  C:\Program Files (x86)\Apricorn\SMART-ER\SMART-ER.exe - ok
23:01:52.0034 2644  [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
23:01:52.0034 2644  C:\Windows\System32\odbc32.dll - ok
23:01:52.0050 2644  [ AF358CA7A2FFD8BDC54F50622928B282 ] C:\Windows\System32\igfxsrvc.dll
23:01:52.0050 2644  C:\Windows\System32\igfxsrvc.dll - ok
23:01:52.0050 2644  [ D20329A6DF077567939C1401BCE1AB71 ] C:\Windows\System32\igfxdev.dll
23:01:52.0050 2644  C:\Windows\System32\igfxdev.dll - ok
23:01:52.0066 2644  [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:01:52.0066 2644  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
23:01:52.0066 2644  [ DD49535AFDF652DBE62CD59F62C1CBEB ] C:\Program Files\IDT\WDM\stlang64.dll
23:01:52.0066 2644  C:\Program Files\IDT\WDM\stlang64.dll - ok
23:01:52.0081 2644  [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
23:01:52.0081 2644  C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
23:01:52.0081 2644  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
23:01:52.0081 2644  C:\Windows\SysWOW64\rasapi32.dll - ok
23:01:52.0097 2644  [ 3AD0E5ECCD6101EA6E88576726C0D91A ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
23:01:52.0097 2644  C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE - ok
23:01:52.0097 2644  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
23:01:52.0097 2644  C:\Windows\SysWOW64\rasman.dll - ok
23:01:52.0112 2644  [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
23:01:52.0112 2644  C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
23:01:52.0112 2644  [ BCD9CBF0621F9A6767276A2E0BF1DD15 ] C:\Program Files (x86)\Google\Google Talk\googletalk.exe
23:01:52.0112 2644  C:\Program Files (x86)\Google\Google Talk\googletalk.exe - ok
23:01:52.0128 2644  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
23:01:52.0128 2644  C:\Windows\SysWOW64\rtutils.dll - ok
23:01:52.0128 2644  [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
23:01:52.0128 2644  C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
23:01:52.0144 2644  [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
23:01:52.0144 2644  C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
23:01:52.0144 2644  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
23:01:52.0144 2644  C:\Windows\SysWOW64\winspool.drv - ok
23:01:52.0159 2644  [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
23:01:52.0159 2644  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
23:01:52.0175 2644  [ 35126DDDE8241C4C4A5F15F6CDDF4434 ] C:\Windows\System32\ieframe.dll
23:01:52.0175 2644  C:\Windows\System32\ieframe.dll - ok
23:01:52.0175 2644  [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
23:01:52.0175 2644  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
23:01:52.0190 2644  [ AFAFD74780A0BB4EBE76CDE10C9CCE43 ] C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
23:01:52.0190 2644  C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll - ok
23:01:52.0190 2644  [ 579909E34B351C18EA93B332A547B5B1 ] C:\Windows\SysWOW64\CNMNPPM.DLL
23:01:52.0190 2644  C:\Windows\SysWOW64\CNMNPPM.DLL - ok
23:01:52.0206 2644  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
23:01:52.0206 2644  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
23:01:52.0206 2644  [ 698EB1E5F8C66344D97C00B5699E871D ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
23:01:52.0206 2644  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
23:01:52.0222 2644  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
23:01:52.0222 2644  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
23:01:52.0222 2644  [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
23:01:52.0222 2644  C:\Windows\SysWOW64\hhctrl.ocx - ok
23:01:52.0237 2644  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
23:01:52.0268 2644  C:\Windows\SysWOW64\riched20.dll - ok
23:01:52.0284 2644  [ 81800928E0F713DF31F3393CC26F4013 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
23:01:52.0284 2644  C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - ok
23:01:52.0284 2644  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
23:01:52.0284 2644  C:\Windows\SysWOW64\msacm32.dll - ok
23:01:52.0300 2644  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
23:01:52.0300 2644  C:\Windows\SysWOW64\cabinet.dll - ok
23:01:52.0300 2644  [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
23:01:52.0300 2644  C:\Windows\System32\odbcint.dll - ok
23:01:52.0315 2644  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
23:01:52.0315 2644  C:\Windows\System32\thumbcache.dll - ok
23:01:52.0331 2644  [ B5B73117A07E39A6133F4205BB57DA1B ] C:\Windows\System32\GfxUI.exe
23:01:52.0331 2644  C:\Windows\System32\GfxUI.exe - ok
23:01:52.0331 2644  [ F70A554333BCFAF67D20F1EC4D6A44B6 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
23:01:52.0331 2644  C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll - ok
23:01:52.0346 2644  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
23:01:52.0346 2644  C:\Windows\SysWOW64\sxs.dll - ok
23:01:52.0346 2644  [ 054C3D63885B2360EC834B9C3497867E ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
23:01:52.0346 2644  C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe - ok
23:01:52.0362 2644  [ 25CFD5B46A42A3C8DE2983DE93B0E807 ] C:\Windows\System32\stapi64.dll
23:01:52.0362 2644  C:\Windows\System32\stapi64.dll - ok
23:01:52.0362 2644  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
23:01:52.0362 2644  C:\Windows\System32\stobject.dll - ok
23:01:52.0378 2644  [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
23:01:52.0378 2644  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
23:01:52.0378 2644  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
23:01:52.0378 2644  C:\Windows\System32\batmeter.dll - ok
23:01:52.0393 2644  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:01:52.0393 2644  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
23:01:52.0393 2644  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
23:01:52.0393 2644  C:\Windows\System32\SearchIndexer.exe - ok
23:01:52.0409 2644  [ 48E0B5627E19A3AF49921D41E9C25794 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.dll
23:01:52.0409 2644  C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.dll - ok
23:01:52.0409 2644  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
23:01:52.0409 2644  C:\Windows\System32\tquery.dll - ok
23:01:52.0424 2644  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
23:01:52.0424 2644  C:\Windows\SysWOW64\msi.dll - ok
23:01:52.0424 2644  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
23:01:52.0424 2644  C:\Windows\System32\mscoree.dll - ok
23:01:52.0440 2644  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
23:01:52.0440 2644  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
23:01:52.0440 2644  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
23:01:52.0440 2644  C:\Windows\System32\networkexplorer.dll - ok
23:01:52.0456 2644  [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
23:01:52.0456 2644  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
23:01:52.0471 2644  [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
23:01:52.0471 2644  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
23:01:52.0471 2644  [ 5298ED7C7C56A683EDCC2A8AA1A4C475 ] C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtCore4.dll
23:01:52.0471 2644  C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtCore4.dll - ok
23:01:52.0487 2644  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
23:01:52.0487 2644  C:\Windows\System32\mssrch.dll - ok
23:01:52.0487 2644  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
23:01:52.0487 2644  C:\Windows\System32\prnfldr.dll - ok
23:01:52.0502 2644  [ 778D6ADBA6D49578EA45F600DAF4687B ] C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtGui4.dll
23:01:52.0502 2644  C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtGui4.dll - ok
23:01:52.0502 2644  [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
23:01:52.0502 2644  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
23:01:52.0518 2644  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
23:01:52.0518 2644  C:\Windows\System32\msidle.dll - ok
23:01:52.0518 2644  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] C:\Program Files\iPod\bin\iPodService.exe
23:01:52.0518 2644  C:\Program Files\iPod\bin\iPodService.exe - ok
23:01:52.0534 2644  [ AC142966D25A3F543340B8D7B7C7D1DD ] C:\PROGRA~1\MICROS~3\Office12\MSOHEVI.DLL
23:01:52.0534 2644  C:\PROGRA~1\MICROS~3\Office12\MSOHEVI.DLL - ok
23:01:52.0534 2644  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
23:01:52.0534 2644  C:\Windows\System32\mssprxy.dll - ok
23:01:52.0549 2644  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
23:01:52.0549 2644  C:\Windows\System32\wdmaud.drv - ok
23:01:52.0549 2644  [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
23:01:52.0549 2644  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
23:01:52.0565 2644  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
23:01:52.0565 2644  C:\Windows\System32\ksuser.dll - ok
23:01:52.0565 2644  [ B4E69051E313551F894C74B12042485D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
23:01:52.0580 2644  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
23:01:52.0580 2644  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
23:01:52.0580 2644  C:\Windows\System32\en-US\tquery.dll.mui - ok
23:01:52.0596 2644  [ 705E7AD90E25541F4CDA691AAE358B59 ] C:\Program Files\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.dll
23:01:52.0596 2644  C:\Program Files\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.dll - ok
23:01:52.0596 2644  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
23:01:52.0596 2644  C:\Windows\System32\DXP.dll - ok
23:01:52.0612 2644  [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
23:01:52.0612 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
23:01:52.0612 2644  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
23:01:52.0612 2644  C:\Windows\System32\AudioSes.dll - ok
23:01:52.0627 2644  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
23:01:52.0627 2644  C:\Windows\System32\Syncreg.dll - ok
23:01:52.0627 2644  [ D732760C00A1B5BCFA4705E10F1F3F59 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
23:01:52.0627 2644  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll - ok
23:01:52.0643 2644  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
23:01:52.0643 2644  C:\Windows\ehome\ehSSO.dll - ok
23:01:52.0643 2644  [ 2AEA0A806F7C1848AAAC1473241B0394 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
23:01:52.0643 2644  C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll - ok
23:01:52.0658 2644  [ 9D18C01DB929E266BEF674BAF05327F7 ] C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtNetwork4.dll
23:01:52.0658 2644  C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtNetwork4.dll - ok
23:01:52.0658 2644  [ 759459C1F63DB26A697F2FAFFB6E53FA ] C:\Program Files (x86)\DivX\DivX Media Server\mc_net_tools.dll
23:01:52.0658 2644  C:\Program Files (x86)\DivX\DivX Media Server\mc_net_tools.dll - ok
23:01:52.0674 2644  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
23:01:52.0674 2644  C:\Windows\System32\ActionCenter.dll - ok
23:01:52.0674 2644  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
23:01:52.0674 2644  C:\Windows\System32\WPDShServiceObj.dll - ok
23:01:52.0690 2644  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
23:01:52.0690 2644  C:\Windows\System32\PortableDeviceTypes.dll - ok
23:01:52.0690 2644  [ 02822A800B7DCA94FD93E7830AB17C1F ] C:\Program Files (x86)\DivX\DivX Media Server\mc_upnp_dlna_stack.dll
23:01:52.0690 2644  C:\Program Files (x86)\DivX\DivX Media Server\mc_upnp_dlna_stack.dll - ok
23:01:52.0705 2644  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
23:01:52.0705 2644  C:\Windows\System32\FXSST.dll - ok
23:01:52.0705 2644  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
23:01:52.0705 2644  C:\Windows\System32\FXSAPI.dll - ok
23:01:52.0721 2644  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
23:01:52.0721 2644  C:\Windows\System32\FXSRESM.dll - ok
23:01:52.0721 2644  [ CBF6635C8B571CCFEDB587A6AA54B1FD ] C:\Program Files (x86)\DivX\DivX Media Server\mc_demux_mp4.dll
23:01:52.0721 2644  C:\Program Files (x86)\DivX\DivX Media Server\mc_demux_mp4.dll - ok
23:01:52.0736 2644  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
23:01:52.0736 2644  C:\Windows\System32\AltTab.dll - ok
23:01:52.0736 2644  [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
23:01:52.0736 2644  C:\Windows\System32\cscobj.dll - ok
23:01:52.0752 2644  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
23:01:52.0752 2644  C:\Windows\System32\pnidui.dll - ok
23:01:52.0768 2644  [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
23:01:52.0768 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
23:01:52.0768 2644  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
23:01:52.0768 2644  C:\Windows\System32\QUTIL.DLL - ok
23:01:52.0783 2644  [ 05226CE1D6D86E5D5D184F01F70A1904 ] C:\Program Files (x86)\DivX\DivX Media Server\mc_dec_avc.dll
23:01:52.0783 2644  C:\Program Files (x86)\DivX\DivX Media Server\mc_dec_avc.dll - ok
23:01:52.0783 2644  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
23:01:52.0783 2644  C:\Windows\System32\msacm32.drv - ok
23:01:52.0799 2644  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
23:01:52.0799 2644  C:\Windows\System32\FXSSVC.exe - ok
23:01:52.0799 2644  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
23:01:52.0799 2644  C:\Windows\System32\msacm32.dll - ok
23:01:52.0814 2644  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
23:01:52.0814 2644  C:\Windows\System32\srchadmin.dll - ok
23:01:52.0814 2644  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
23:01:52.0814 2644  C:\Windows\System32\midimap.dll - ok
23:01:52.0830 2644  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
23:01:52.0830 2644  C:\Windows\System32\bthprops.cpl - ok
23:01:52.0830 2644  [ F35A2836A9983FEDA37E0C762747D51E ] C:\Program Files (x86)\DivX\DivX Media Server\mc_dec_aac.dll
23:01:52.0830 2644  C:\Program Files (x86)\DivX\DivX Media Server\mc_dec_aac.dll - ok
23:01:52.0846 2644  [ 73C1D54F4683C75B98EDB25B03016089 ] C:\Windows\System32\stapo64.dll
23:01:52.0846 2644  C:\Windows\System32\stapo64.dll - ok
23:01:52.0846 2644  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
23:01:52.0846 2644  C:\Windows\System32\rasdlg.dll - ok
23:01:52.0861 2644  [ B302DB9A2DA1EC355246CC3A15E27F2F ] C:\Program Files (x86)\DivX\DivX Media Server\mc_mux_mp2.dll
23:01:52.0861 2644  C:\Program Files (x86)\DivX\DivX Media Server\mc_mux_mp2.dll - ok
23:01:52.0861 2644  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\83719263.sys
23:01:52.0861 2644  C:\Windows\System32\drivers\83719263.sys - ok
23:01:52.0877 2644  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
23:01:52.0877 2644  C:\Windows\System32\dot3api.dll - ok
23:01:52.0892 2644  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
23:01:52.0892 2644  C:\Windows\System32\wlanhlp.dll - ok
23:01:52.0892 2644  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
23:01:52.0892 2644  C:\Windows\System32\AudioEng.dll - ok
23:01:52.0908 2644  [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
23:01:52.0908 2644  C:\Windows\System32\l3codeca.acm - ok
23:01:52.0908 2644  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
23:01:52.0908 2644  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
23:01:52.0924 2644  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
23:01:52.0924 2644  C:\Windows\System32\AUDIOKSE.dll - ok
23:01:52.0924 2644  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
23:01:52.0924 2644  C:\Windows\System32\WWanAPI.dll - ok
23:01:52.0939 2644  [ E17B989C1FDB9BD2AE51A7DEEE048B2D ] C:\Program Files (x86)\DivX\DivX Media Server\mc_enc_mp2v.dll
23:01:52.0939 2644  C:\Program Files (x86)\DivX\DivX Media Server\mc_enc_mp2v.dll - ok
23:01:52.0939 2644  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
23:01:52.0939 2644  C:\Windows\System32\wwapi.dll - ok
23:01:52.0955 2644  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
23:01:52.0955 2644  C:\Windows\System32\QAGENT.DLL - ok
23:01:52.0955 2644  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
23:01:52.0955 2644  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
23:01:52.0970 2644  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
23:01:52.0970 2644  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
23:01:52.0970 2644  [ 89344657836F91640F3DDB235D0E7F73 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll
23:01:52.0970 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll - ok
23:01:52.0986 2644  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
23:01:52.0986 2644  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
23:01:52.0986 2644  [ E809484D8E8D63AAD1AACD3BF9D3DE72 ] C:\Program Files (x86)\DivX\DivX Media Server\mc_enc_mpa.dll
23:01:52.0986 2644  C:\Program Files (x86)\DivX\DivX Media Server\mc_enc_mpa.dll - ok
23:01:53.0002 2644  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
23:01:53.0002 2644  C:\Windows\System32\wmdrmdev.dll - ok
23:01:53.0017 2644  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
23:01:53.0017 2644  C:\Windows\SysWOW64\duser.dll - ok
23:01:53.0017 2644  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
23:01:53.0017 2644  C:\Windows\SysWOW64\dui70.dll - ok
23:01:53.0033 2644  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
23:01:53.0033 2644  C:\Windows\System32\drmv2clt.dll - ok
23:01:53.0033 2644  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
23:01:53.0033 2644  C:\Windows\System32\mfplat.dll - ok
23:01:53.0048 2644  [ 7BB710183AAD6C420A8FAF7C4ABC6384 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll
23:01:53.0048 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll - ok
23:01:53.0048 2644  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
23:01:53.0048 2644  C:\Windows\System32\blackbox.dll - ok
23:01:53.0064 2644  [ B4837176B2DBBC8E3D6F31D4853EEAEB ] C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
23:01:53.0064 2644  C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe - ok
23:01:53.0064 2644  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
23:01:53.0064 2644  C:\Windows\System32\wmp.dll - ok
23:01:53.0080 2644  [ FC6C0E71122593E76B9D7D2ED4D685CF ] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
23:01:53.0080 2644  C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll - ok
23:01:53.0080 2644  [ B9D49E4288F56C053B4C12D2F9042948 ] C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
23:01:53.0080 2644  C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe - ok
23:01:53.0095 2644  [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
23:01:53.0095 2644  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
23:01:53.0111 2644  [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
23:01:53.0111 2644  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
23:01:53.0111 2644  [ 2F17E79782EFC7C2BB5F405F84F4D3D5 ] C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\BTSupplicantPlugin.dll
23:01:53.0111 2644  C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\BTSupplicantPlugin.dll - ok
23:01:53.0126 2644  [ AEBEC321942FE73D032200BB5B767142 ] C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\PanAuthenticator.dll
23:01:53.0126 2644  C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\PanAuthenticator.dll - ok
23:01:53.0142 2644  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
23:01:53.0142 2644  C:\Windows\System32\browcli.dll - ok
23:01:53.0142 2644  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:01:53.0142 2644  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
23:01:53.0158 2644  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
23:01:53.0158 2644  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
23:01:53.0158 2644  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
23:01:53.0158 2644  C:\Windows\System32\wmploc.DLL - ok
23:01:53.0158 2644  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
23:01:53.0158 2644  C:\Windows\SysWOW64\mscoree.dll - ok
23:01:53.0173 2644  [ 1D5A06280E3E6C07950FAAA4D153269B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f30de4ac82d4a89c959a7f525ba05aed\PresentationFramework.ni.dll
23:01:53.0173 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f30de4ac82d4a89c959a7f525ba05aed\PresentationFramework.ni.dll - ok
23:01:53.0189 2644  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:01:53.0189 2644  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
23:01:53.0189 2644  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
23:01:53.0189 2644  C:\Windows\System32\msvcr100_clr0400.dll - ok
23:01:53.0204 2644  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:01:53.0204 2644  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
23:01:53.0204 2644  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
23:01:53.0204 2644  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
23:01:53.0220 2644  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
23:01:53.0220 2644  C:\Windows\SysWOW64\netapi32.dll - ok
23:01:53.0220 2644  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
23:01:53.0220 2644  C:\Windows\SysWOW64\wkscli.dll - ok
23:01:53.0236 2644  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
23:01:53.0236 2644  C:\Windows\SysWOW64\dbghelp.dll - ok
23:01:53.0236 2644  [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
23:01:53.0236 2644  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
23:01:53.0251 2644  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
23:01:53.0251 2644  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
23:01:53.0267 2644  [ 1A263BD87C082FA7AB38093014C8FC79 ] C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
23:01:53.0267 2644  C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe - ok
23:01:53.0267 2644  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
23:01:53.0267 2644  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
23:01:53.0282 2644  [ 66E4246FEF8C364611F9782AA0809F42 ] C:\Program Files\Internet Explorer\ieproxy.dll
23:01:53.0282 2644  C:\Program Files\Internet Explorer\ieproxy.dll - ok
23:01:53.0282 2644  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
23:01:53.0282 2644  C:\Windows\System32\wmpps.dll - ok
23:01:53.0298 2644  [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
23:01:53.0298 2644  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
23:01:53.0298 2644  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
23:01:53.0298 2644  C:\Windows\System32\wmpmde.dll - ok
23:01:53.0314 2644  [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
23:01:53.0314 2644  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
23:01:53.0314 2644  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
23:01:53.0314 2644  C:\Windows\SysWOW64\mstask.dll - ok
23:01:53.0329 2644  [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
23:01:53.0329 2644  C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
23:01:53.0329 2644  [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
23:01:53.0329 2644  C:\Windows\System32\CertPolEng.dll - ok
23:01:53.0345 2644  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
23:01:53.0345 2644  C:\Windows\System32\WinSATAPI.dll - ok
23:01:53.0345 2644  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
23:01:53.0345 2644  C:\Windows\System32\MSMPEG2ENC.DLL - ok
23:01:53.0360 2644  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
23:01:53.0360 2644  C:\Windows\System32\devenum.dll - ok
23:01:53.0376 2644  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
23:01:53.0376 2644  C:\Windows\System32\msdmo.dll - ok
23:01:53.0376 2644  [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
23:01:53.0376 2644  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
23:01:53.0392 2644  [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
23:01:53.0392 2644  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
23:01:53.0407 2644  [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
23:01:53.0407 2644  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
23:01:53.0407 2644  [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
23:01:53.0407 2644  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
23:01:53.0423 2644  [ 2410905B04FBDC450E15C7ABD34C567D ] C:\Windows\System32\gfxSrvc.dll
23:01:53.0423 2644  C:\Windows\System32\gfxSrvc.dll - ok
23:01:53.0423 2644  [ 3F57403B74E5A6C7B5A527F21CE97F10 ] C:\Windows\System32\IGFXDEVLib.dll
23:01:53.0423 2644  C:\Windows\System32\IGFXDEVLib.dll - ok
23:01:53.0423 2644  [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
23:01:53.0423 2644  C:\Windows\System32\d3d9.dll - ok
23:01:53.0438 2644  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
23:01:53.0438 2644  C:\Windows\System32\d3d8thk.dll - ok
23:01:53.0438 2644  [ E8E14873F4FE2AA36F9E1BEDB88C0158 ] C:\Windows\System32\igdumd64.dll
23:01:53.0438 2644  C:\Windows\System32\igdumd64.dll - ok
23:01:53.0454 2644  [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
23:01:53.0454 2644  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
23:01:53.0470 2644  [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
23:01:53.0470 2644  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
23:01:53.0470 2644  [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll
23:01:53.0470 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok
23:01:53.0485 2644  [ 7765680E25E329708CB034B180CF9FCD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
23:01:53.0485 2644  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
23:01:53.0485 2644  [ B6717998521608D6FBB47DF831317D13 ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
23:01:53.0485 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll - ok
23:01:53.0501 2644  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
23:01:53.0501 2644  C:\Windows\System32\upnphost.dll - ok
23:01:53.0516 2644  [ 1662F856443DD09A68D99F5F713C0A52 ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
23:01:53.0516 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll - ok
23:01:53.0516 2644  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
23:01:53.0516 2644  C:\Windows\SysWOW64\shfolder.dll - ok
23:01:53.0532 2644  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
23:01:53.0532 2644  C:\Windows\System32\udhisapi.dll - ok
23:01:53.0532 2644  [ 55C9B75102B54FA486A0BC5462E95FE4 ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
23:01:53.0532 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
23:01:53.0548 2644  [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll
23:01:53.0548 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok
23:01:53.0548 2644  [ 375FD11C25F5E43E0D1620FD6114BABA ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
23:01:53.0548 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll - ok
23:01:53.0563 2644  [ 7EDF1A41E9C31DCE28BD71D6142534CC ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
23:01:53.0563 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll - ok
23:01:53.0563 2644  [ F1C19F0AA151B90A7416FA1D50DDB582 ] C:\Windows\System32\WindowsCodecsExt.dll
23:01:53.0563 2644  C:\Windows\System32\WindowsCodecsExt.dll - ok
23:01:53.0579 2644  [ E247301B09B5CFFA332A00F1B7BB55F7 ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
23:01:53.0579 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
23:01:53.0579 2644  [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
23:01:53.0579 2644  C:\Windows\System32\icm32.dll - ok
23:01:53.0594 2644  [ 5AC46A3A31BC58E512C4CAFD87327922 ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
23:01:53.0594 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll - ok
23:01:53.0594 2644  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
23:01:53.0594 2644  C:\Windows\System32\webcheck.dll - ok
23:01:53.0610 2644  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
23:01:53.0610 2644  C:\Windows\System32\SearchProtocolHost.exe - ok
23:01:53.0626 2644  [ 34DCF0E4754F8FA599E33AA444742481 ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
23:01:53.0626 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll - ok
23:01:53.0626 2644  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
23:01:53.0626 2644  C:\Windows\System32\mlang.dll - ok
23:01:53.0641 2644  [ 68E1D09FC5F2214F712FBB0340998A34 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\d965d516c924bc92b801f2b316444ffd\WindowsFormsIntegration.ni.dll
23:01:53.0641 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\d965d516c924bc92b801f2b316444ffd\WindowsFormsIntegration.ni.dll - ok
23:01:53.0641 2644  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
23:01:53.0641 2644  C:\Windows\System32\msshooks.dll - ok
23:01:53.0657 2644  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
23:01:53.0657 2644  C:\Windows\System32\SyncCenter.dll - ok
23:01:53.0657 2644  [ 8DA93D9A662E4BA18802BC6C2CCACD66 ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
23:01:53.0657 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll - ok
23:01:53.0672 2644  [ E5840A20CAB43276A2F58CA6F541D5DF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a50f3d1b7985318568ecec58ba24e409\PresentationFramework.Aero.ni.dll
23:01:53.0672 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a50f3d1b7985318568ecec58ba24e409\PresentationFramework.Aero.ni.dll - ok
23:01:53.0672 2644  [ 58ED45BFB06EC7C6B7D151B77247E4B3 ] C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
23:01:53.0672 2644  C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll - ok
23:01:53.0688 2644  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
23:01:53.0688 2644  C:\Windows\System32\drprov.dll - ok
23:01:53.0688 2644  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
23:01:53.0688 2644  C:\Windows\System32\SearchFilterHost.exe - ok
23:01:53.0704 2644  [ 20F53F9DA0336C73616D124E48CC3387 ] C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
23:01:53.0704 2644  C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - ok
23:01:53.0704 2644  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
23:01:53.0704 2644  C:\Windows\System32\ntlanman.dll - ok
23:01:53.0719 2644  [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
23:01:53.0719 2644  C:\Windows\System32\mssph.dll - ok
23:01:53.0719 2644  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
23:01:53.0719 2644  C:\Windows\System32\davclnt.dll - ok
23:01:53.0735 2644  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
23:01:53.0735 2644  C:\Windows\System32\davhlpr.dll - ok
23:01:53.0735 2644  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
23:01:53.0735 2644  C:\Windows\System32\mapi32.dll - ok
23:01:53.0750 2644  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
23:01:53.0750 2644  C:\Windows\System32\imapi2.dll - ok
23:01:53.0766 2644  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
23:01:53.0766 2644  C:\Windows\System32\hgcpl.dll - ok
23:01:53.0766 2644  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
23:01:53.0766 2644  C:\Windows\System32\fdPHost.dll - ok
23:01:53.0782 2644  [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
23:01:53.0782 2644  C:\Windows\System32\fdWSD.dll - ok
23:01:53.0782 2644  [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
23:01:53.0782 2644  C:\Windows\System32\fdSSDP.dll - ok
23:01:53.0797 2644  [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
23:01:53.0797 2644  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
23:01:53.0797 2644  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
23:01:53.0797 2644  C:\Windows\System32\fdProxy.dll - ok
23:01:53.0813 2644  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
23:01:53.0813 2644  C:\Windows\System32\ListSvc.dll - ok
23:01:53.0813 2644  [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
23:01:53.0813 2644  C:\Windows\System32\P2P.dll - ok
23:01:53.0828 2644  [ 5A7A33F7F9DFC0C0A8B8E000F4D9D898 ] C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
23:01:53.0828 2644  C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
23:01:53.0828 2644  [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
23:01:53.0828 2644  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
23:01:53.0844 2644  [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
23:01:53.0844 2644  C:\Windows\System32\IdListen.dll - ok
23:01:53.0844 2644  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
23:01:53.0844 2644  C:\Windows\System32\p2pcollab.dll - ok
23:01:53.0860 2644  [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
23:01:53.0860 2644  C:\Windows\System32\hgprint.dll - ok
23:01:53.0860 2644  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
23:01:53.0860 2644  C:\Windows\System32\pnrpsvc.dll - ok
23:01:53.0875 2644  ============================================================
23:01:53.0875 2644  Scan finished
23:01:53.0875 2644  ============================================================
23:01:53.0891 2896  Detected object count: 0
23:01:53.0891 2896  Actual detected object count: 0


#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,960 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:57 AM

Posted 12 March 2013 - 04:17 PM

Thanks for all of your hard work.  Well it seems we need some more information. Those reports didn't help us much.

Please do this for me.

===================================================

OTL

--------------------

  • Please download OTL and save it to your desktop
  • Double click on the otlicon.png icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the runscan.png button.
  • Copy and paste the two reports in your next reply.

OTL.txt <-- Will be opened
Extra.txt <-- Will be minimized

 

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • OTL log
  • Extra log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users