Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google search return links are randomly redirecting to 3rd party sites


  • Please log in to reply
16 replies to this topic

#1 bitware

bitware

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 07 March 2013 - 01:04 AM

HP p612w desktop

windows 7 64-bit

Pentium E-5300 Dual-Core 2.60 GHz

6 gig ram

Radeon HD 5670 1gb graphics

 

google search return link redirection does not happen on every click... more like ever 3-6 clicks at random... and only happening on chrome browser... not doing it in internet explorer

 

thank you in advance for your assistance.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:12 PM

Posted 07 March 2013 - 01:05 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg
     
  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png
     
  • Click Start Scan and allow the scan process to run
     
  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg
     
  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------
 

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal



  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
 

  • TDSSKiller log
  • aswMBR log
  • ESET results


#3 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 07 March 2013 - 11:28 PM

aswMBR log
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-07 14:51:40
-----------------------------
14:51:40.321    OS Version: Windows x64 6.1.7601 Service Pack 1
14:51:40.321    Number of processors: 2 586 0x170A
14:51:40.321    ComputerName: OWNER-PC  UserName: owner
14:51:41.725    Initialize success
14:51:49.401    AVAST engine defs: 13030601
15:01:06.259    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:01:06.259    Disk 0 Vendor: ST350041 HP22 Size: 476940MB BusType: 8
15:01:06.275    Disk 0 MBR read successfully
15:01:06.275    Disk 0 MBR scan
15:01:06.275    Disk 0 Windows XP default MBR code
15:01:06.290    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
15:01:06.290    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       464717 MB offset 206848
15:01:06.322    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        12119 MB offset 951951360
15:01:06.384    Disk 0 scanning C:\Windows\system32\drivers
15:01:16.337    Service scanning
15:01:33.372    Modules scanning
15:01:33.372    Disk 0 trace - called modules:
15:01:33.388    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
15:01:33.388    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006d17060]
15:01:33.388    3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005c56050]
15:01:39.285    AVAST engine scan C:\Windows
15:01:42.685    AVAST engine scan C:\Windows\system32
15:03:57.813    AVAST engine scan C:\Windows\system32\drivers
15:04:10.418    AVAST engine scan C:\Users\owner
15:43:53.708    File: C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Adobe CS3  Production Premium KeYGeN.eXe  **INFECTED** Win32:Trojan-gen
15:43:54.519    File: C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Adobe Photoshop Elements v6.0 KeYGeN.eXe  **INFECTED** Win32:Trojan-gen
15:43:54.831    File: C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Adobe Premiere Pro CS3 KeYGeN.exe  **INFECTED** Win32:Trojan-gen
15:43:56.329    File: C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Soundbooth CS3 Keygen +Activation.exe  **INFECTED** Win32:Malware-gen
16:07:37.023    AVAST engine scan C:\ProgramData
16:31:35.439    Scan finished successfully
16:52:51.303    Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
16:52:51.303    The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"
 
 
ESET results
 
C:\Windows\SysWOW64\xhipnjihvirjpra.exe Win32/Adware.RON.FSV application 
C:\Program Files (x86)\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
C:\UBCD4Win\BartPE\PROGRAMS\sdfix\SDFix.exe Win32/PrcView application deleted - quarantined
C:\UBCD4Win\plugin\Cleanup Tools\SDFix\SDFix.exe Win32/PrcView application deleted - quarantined
C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Default\aagddcdhdcdedfdadcdbgggbdedgdfgg\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Default\aagddcdhdcdedfdadcdbgggbdedgdfgg\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Microsoft\Windows Live Mail\Comcast (fl 237\Deleted Items\3D4A36AB-0000181D.eml HTML/Pharmacy.A trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\41a57c9d-2d0c811d multiple threats deleted - quarantined
C:\Users\owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\7ba676e2-6d5b1de9 Java/Exploit.CVE-2012-1723.R trojan deleted - quarantined
C:\Users\owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\3959b78-57ccdc5d multiple threats deleted - quarantined
C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\hock7bim.default\extensions\haryewufzi@haryewufzi.org.xpi JS/Redirector.NBX trojan deleted - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Adobe Design Premium CS3 Keygen .exe a variant of Win32/Keygen.AH application cleaned by deleting - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Adobe Photoshop Elements v6.0 KeYGeN.eXe a variant of Win32/Keygen.BR application deleted - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Adobe Premiere Pro CS3 KeYGeN.exe a variant of Win32/Keygen.AH application deleted - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Dreamweaver CS3 Keygen.exe a variant of Win32/Keygen.AH application cleaned by deleting - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Flash CS3 Keygen.exe a variant of Win32/Keygen.AH application cleaned by deleting - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\FrameMaker v8.0 Keygen.exe probably a variant of Win32/Agent.IVTUTBQ trojan cleaned by deleting - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\adobe keygens\_CS3_Wh_5teR_\~CS3 Wh!5teR~\Adobe CS3 KeYGeNz\Soundbooth CS3 Keygen +Activation.exe a variant of Win32/Keygen.AH application cleaned by deleting - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\halo\host tool\Host_Tool.zip a variant of Win32/GameHack.EW application deleted - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\halo\host tool\HTHostToolv2.exe a variant of Win32/GameHack.EW application cleaned by deleting - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\php guard dog 4.0\PHP.Guard.Dog.v4.0.rar PHP/Obfuscated.F application deleted - quarantined
C:\Users\owner\Desktop\Software\backups\DESKTOP\php guard dog 4.0\PHP.Guard.Dog.v4.0\sm-check_ORIGINAL_.php PHP/Obfuscated.F application cleaned by deleting - quarantined
C:\Users\owner\Desktop\Software\SUPER\SUPERsetup.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\owner\Desktop\tpc z\tcpz_20090409.7z a variant of Win32/TCPZ.F application deleted - quarantined
C:\Users\owner\Desktop\tpc z\tcpz_20090409\tcpz.exe a variant of Win32/TCPZ.F application cleaned by deleting - quarantined
C:\Windows\System32\xhipnjihvirjpra.exe Win32/Adware.RON.FSV application cleaned by deleting - quarantined
 
 
it's not letting me post the tdskiller log - i think it may be to large

Edited by bitware, 07 March 2013 - 11:43 PM.


#4 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 07 March 2013 - 11:56 PM

tdskiller log - part 1

 

 

23:33:39.0340 3732  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:33:39.0715 3732  ============================================================
23:33:39.0715 3732  Current date / time: 2013/03/07 23:33:39.0715
23:33:39.0715 3732  SystemInfo:
23:33:39.0715 3732  
23:33:39.0715 3732  OS Version: 6.1.7601 ServicePack: 1.0
23:33:39.0715 3732  Product type: Workstation
23:33:39.0715 3732  ComputerName: OWNER-PC
23:33:39.0715 3732  UserName: owner
23:33:39.0715 3732  Windows directory: C:\Windows
23:33:39.0715 3732  System windows directory: C:\Windows
23:33:39.0715 3732  Running under WOW64
23:33:39.0715 3732  Processor architecture: Intel x64
23:33:39.0715 3732  Number of processors: 2
23:33:39.0715 3732  Page size: 0x1000
23:33:39.0715 3732  Boot type: Normal boot
23:33:39.0715 3732  ============================================================
23:34:07.0013 3732  BG loaded
23:34:07.0886 3732  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:34:07.0980 3732  ============================================================
23:34:07.0980 3732  \Device\Harddisk0\DR0:
23:34:07.0980 3732  MBR partitions:
23:34:07.0980 3732  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:34:07.0980 3732  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38BA6978
23:34:07.0980 3732  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38BDA000, BlocksNum 0x17AB800
23:34:07.0980 3732  ============================================================
23:34:08.0027 3732  C: <-> \Device\Harddisk0\DR0\Partition2
23:34:09.0291 3732  D: <-> \Device\Harddisk0\DR0\Partition3
23:34:09.0415 3732  L: <-> \Device\Harddisk0\DR0\Partition1
23:34:09.0415 3732  ============================================================
23:34:09.0415 3732  Initialize success
23:34:09.0415 3732  ============================================================
23:34:46.0178 4256  ============================================================
23:34:46.0178 4256  Scan started
23:34:46.0178 4256  Mode: Manual; SigCheck; TDLFS; 
23:34:46.0178 4256  ============================================================
23:34:48.0160 4256  ================ Scan system memory ========================
23:34:48.0160 4256  System memory - ok
23:34:48.0160 4256  ================ Scan services =============================
23:34:48.0331 4256  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:34:48.0394 4256  1394ohci - ok
23:34:48.0440 4256  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:34:48.0456 4256  ACPI - ok
23:34:48.0487 4256  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:34:48.0518 4256  AcpiPmi - ok
23:34:48.0534 4256  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:34:48.0565 4256  adp94xx - ok
23:34:48.0643 4256  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:34:48.0659 4256  adpahci - ok
23:34:48.0690 4256  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:34:48.0706 4256  adpu320 - ok
23:34:48.0737 4256  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:34:48.0784 4256  AeLookupSvc - ok
23:34:48.0830 4256  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:34:48.0846 4256  AFD - ok
23:34:48.0877 4256  affhdd.sys - ok
23:34:48.0924 4256  [ 48008D4EA73C1058F36D323A644410D4 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
23:34:48.0940 4256  AgereModemAudio - ok
23:34:48.0971 4256  [ DDF52C4C92D831A4CDB7788B37585E36 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
23:34:49.0018 4256  AgereSoftModem - ok
23:34:49.0049 4256  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:34:49.0064 4256  agp440 - ok
23:34:49.0096 4256  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:34:49.0111 4256  ALG - ok
23:34:49.0142 4256  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:34:49.0142 4256  aliide - ok
23:34:49.0205 4256  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:34:49.0236 4256  AMD External Events Utility - ok
23:34:49.0252 4256  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:34:49.0267 4256  amdide - ok
23:34:49.0298 4256  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:34:49.0330 4256  AmdK8 - ok
23:34:49.0829 4256  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:34:49.0969 4256  amdkmdag - ok
23:34:50.0016 4256  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:34:50.0047 4256  amdkmdap - ok
23:34:50.0063 4256  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:34:50.0078 4256  AmdPPM - ok
23:34:50.0110 4256  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:34:50.0125 4256  amdsata - ok
23:34:50.0156 4256  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:34:50.0172 4256  amdsbs - ok
23:34:50.0188 4256  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:34:50.0188 4256  amdxata - ok
23:34:50.0219 4256  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:34:50.0266 4256  AppID - ok
23:34:50.0297 4256  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:34:50.0344 4256  AppIDSvc - ok
23:34:50.0375 4256  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:34:50.0406 4256  Appinfo - ok
23:34:50.0437 4256  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:34:50.0453 4256  arc - ok
23:34:50.0468 4256  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:34:50.0484 4256  arcsas - ok
23:34:50.0578 4256  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:34:50.0609 4256  aspnet_state - ok
23:34:50.0640 4256  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:34:50.0687 4256  AsyncMac - ok
23:34:50.0718 4256  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:34:50.0734 4256  atapi - ok
23:34:50.0765 4256  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:34:50.0796 4256  AtiHDAudioService - ok
23:34:50.0827 4256  [ 64F07381335E37C142F6D176705FFCA6 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
23:34:50.0843 4256  atksgt - ok
23:34:50.0890 4256  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:34:50.0936 4256  AudioEndpointBuilder - ok
23:34:50.0952 4256  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:34:50.0983 4256  AudioSrv - ok
23:34:51.0046 4256  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:34:51.0061 4256  AxInstSV - ok
23:34:51.0108 4256  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:34:51.0139 4256  b06bdrv - ok
23:34:51.0155 4256  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:34:51.0186 4256  b57nd60a - ok
23:34:51.0217 4256  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:34:51.0233 4256  BDESVC - ok
23:34:51.0248 4256  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:34:51.0295 4256  Beep - ok
23:34:51.0342 4256  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:34:51.0389 4256  BFE - ok
23:34:51.0420 4256  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
23:34:51.0467 4256  BITS - ok
23:34:51.0514 4256  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:34:51.0545 4256  blbdrive - ok
23:34:51.0560 4256  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:34:51.0576 4256  bowser - ok
23:34:51.0607 4256  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:34:51.0623 4256  BrFiltLo - ok
23:34:51.0638 4256  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:34:51.0654 4256  BrFiltUp - ok
23:34:51.0685 4256  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:34:51.0716 4256  BridgeMP - ok
23:34:51.0763 4256  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
23:34:51.0841 4256  Browser - ok
23:34:51.0919 4256  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:34:51.0966 4256  Brserid - ok
23:34:51.0966 4256  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:34:51.0997 4256  BrSerWdm - ok
23:34:52.0028 4256  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:34:52.0044 4256  BrUsbMdm - ok
23:34:52.0060 4256  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:34:52.0091 4256  BrUsbSer - ok
23:34:52.0106 4256  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:34:52.0138 4256  BTHMODEM - ok
23:34:52.0153 4256  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:34:52.0184 4256  bthserv - ok
23:34:52.0231 4256  catchme - ok
23:34:52.0247 4256  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:34:52.0294 4256  cdfs - ok
23:34:52.0356 4256  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:34:52.0387 4256  cdrom - ok
23:34:52.0403 4256  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:34:52.0450 4256  CertPropSvc - ok
23:34:52.0465 4256  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:34:52.0496 4256  circlass - ok
23:34:52.0528 4256  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:34:52.0543 4256  CLFS - ok
23:34:52.0621 4256  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:34:52.0621 4256  clr_optimization_v2.0.50727_32 - ok
23:34:52.0699 4256  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:34:52.0715 4256  clr_optimization_v2.0.50727_64 - ok
23:34:52.0777 4256  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:34:52.0840 4256  clr_optimization_v4.0.30319_32 - ok
23:34:52.0855 4256  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:34:52.0918 4256  clr_optimization_v4.0.30319_64 - ok
23:34:52.0949 4256  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:34:52.0964 4256  CmBatt - ok
23:34:52.0980 4256  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:34:52.0996 4256  cmdide - ok
23:34:53.0027 4256  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
23:34:53.0042 4256  CNG - ok
23:34:53.0089 4256  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:34:53.0105 4256  Compbatt - ok
23:34:53.0136 4256  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:34:53.0152 4256  CompositeBus - ok
23:34:53.0167 4256  COMSysApp - ok
23:34:53.0183 4256  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:34:53.0183 4256  crcdisk - ok
23:34:53.0230 4256  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:34:53.0276 4256  CryptSvc - ok
23:34:53.0354 4256  [ 5228B7A738DC90A06AE4F4A7412CB1E9 ] CrystalSysInfo  C:\Program Files\MediaCoder\SysInfoX64.sys
23:34:53.0354 4256  CrystalSysInfo - ok
23:34:53.0401 4256  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:34:53.0448 4256  DcomLaunch - ok
23:34:53.0495 4256  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:34:53.0542 4256  defragsvc - ok
23:34:53.0604 4256  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:34:53.0651 4256  DfsC - ok
23:34:53.0682 4256  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:34:53.0713 4256  Dhcp - ok
23:34:53.0822 4256  [ 4F26BB00747D41E7C0FE8EBB2900F862 ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
23:34:53.0838 4256  DirMngr ( UnsignedFile.Multi.Generic ) - warning
23:34:53.0838 4256  DirMngr - detected UnsignedFile.Multi.Generic (1)
23:34:53.0854 4256  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:34:53.0900 4256  discache - ok
23:34:53.0978 4256  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:34:53.0978 4256  Disk - ok
23:34:54.0025 4256  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:34:54.0056 4256  Dnscache - ok
23:34:54.0088 4256  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:34:54.0119 4256  dot3svc - ok
23:34:54.0181 4256  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
23:34:54.0212 4256  Dot4 - ok
23:34:54.0244 4256  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
23:34:54.0259 4256  Dot4Print - ok
23:34:54.0259 4256  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
23:34:54.0275 4256  dot4usb - ok
23:34:54.0337 4256  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:34:54.0384 4256  DPS - ok
23:34:54.0431 4256  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:34:54.0478 4256  drmkaud - ok
23:34:54.0524 4256  [ 6B87F9BEA8EAEFF842328BB03FEA0B15 ] dvdfabio        C:\Windows\system32\drivers\dvdfabio.sys
23:34:54.0524 4256  dvdfabio - ok
23:34:54.0618 4256  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:34:54.0634 4256  DXGKrnl - ok
23:34:54.0680 4256  EagleX64 - ok
23:34:54.0727 4256  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:34:54.0774 4256  EapHost - ok
23:34:55.0070 4256  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:34:55.0180 4256  ebdrv - ok
23:34:55.0211 4256  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:34:55.0226 4256  EFS - ok
23:34:55.0273 4256  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:34:55.0304 4256  ehRecvr - ok
23:34:55.0336 4256  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:34:55.0351 4256  ehSched - ok
23:34:55.0382 4256  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:34:55.0398 4256  elxstor - ok
23:34:55.0445 4256  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:34:55.0445 4256  ErrDev - ok
23:34:55.0507 4256  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:34:55.0554 4256  EventSystem - ok
23:34:55.0585 4256  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:34:55.0648 4256  exfat - ok
23:34:55.0741 4256  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:34:55.0772 4256  fastfat - ok
23:34:55.0850 4256  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:34:55.0866 4256  Fax - ok
23:34:55.0897 4256  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:34:55.0913 4256  fdc - ok
23:34:55.0944 4256  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:34:55.0975 4256  fdPHost - ok
23:34:55.0991 4256  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:34:56.0038 4256  FDResPub - ok
23:34:56.0069 4256  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:34:56.0084 4256  FileInfo - ok
23:34:56.0100 4256  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:34:56.0131 4256  Filetrace - ok
23:34:56.0194 4256  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:34:56.0209 4256  flpydisk - ok
23:34:56.0256 4256  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:34:56.0272 4256  FltMgr - ok
23:34:56.0318 4256  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
23:34:56.0350 4256  FontCache - ok
23:34:56.0396 4256  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:34:56.0412 4256  FontCache3.0.0.0 - ok
23:34:56.0428 4256  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:34:56.0443 4256  FsDepends - ok
23:34:56.0537 4256  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
23:34:56.0552 4256  fssfltr - ok
23:34:56.0771 4256  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:34:56.0911 4256  fsssvc - ok
23:34:56.0942 4256  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:34:56.0958 4256  Fs_Rec - ok
23:34:57.0239 4256  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:34:57.0254 4256  fvevol - ok
23:34:57.0301 4256  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:34:57.0317 4256  gagp30kx - ok
23:34:57.0379 4256  [ AE51A9FFB3EA47ED570B672172AE0AB4 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
23:34:57.0395 4256  GameConsoleService - ok
23:34:57.0426 4256  gklyuogr - ok
23:34:57.0488 4256  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:34:57.0520 4256  gpsvc - ok
23:34:57.0598 4256  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:34:57.0613 4256  gupdate - ok
23:34:57.0644 4256  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:34:57.0660 4256  gupdatem - ok
23:34:57.0722 4256  [ BA207B48AA3D9D73FD4856400F852458 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
23:34:57.0738 4256  hcmon - ok
23:34:57.0785 4256  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:34:57.0832 4256  hcw85cir - ok
23:34:57.0941 4256  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:34:57.0988 4256  HdAudAddService - ok
23:34:58.0050 4256  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:34:58.0081 4256  HDAudBus - ok
23:34:58.0112 4256  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:34:58.0144 4256  HidBatt - ok
23:34:58.0159 4256  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:34:58.0206 4256  HidBth - ok
23:34:58.0222 4256  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:34:58.0253 4256  HidIr - ok
23:34:58.0284 4256  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
23:34:58.0346 4256  hidserv - ok
23:34:58.0378 4256  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:34:58.0393 4256  HidUsb - ok
23:34:58.0424 4256  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:34:58.0471 4256  hkmsvc - ok
23:34:58.0565 4256  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:34:58.0580 4256  HomeGroupListener - ok
23:34:58.0627 4256  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:34:58.0658 4256  HomeGroupProvider - ok
23:34:58.0783 4256  [ 58C91CCA61A948DC6E789C93C05A1D6F ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
23:34:58.0799 4256  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
23:34:58.0799 4256  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
23:34:58.0892 4256  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:34:58.0924 4256  hpqwmiex - ok
23:34:58.0955 4256  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:34:58.0970 4256  HpSAMD - ok
23:34:59.0002 4256  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:34:59.0064 4256  HTTP - ok
23:34:59.0080 4256  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:34:59.0095 4256  hwpolicy - ok
23:34:59.0142 4256  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:34:59.0158 4256  i8042prt - ok
23:34:59.0204 4256  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:34:59.0220 4256  iaStor - ok
23:34:59.0314 4256  [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
23:34:59.0314 4256  IAStorDataMgrSvc - ok
23:34:59.0376 4256  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:34:59.0407 4256  iaStorV - ok
23:34:59.0532 4256  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:34:59.0579 4256  idsvc - ok
23:35:00.0016 4256  [ 89B99E3E988DFA20ABB58FF1930ADD21 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:35:00.0187 4256  igfx - ok
23:35:00.0218 4256  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:35:00.0234 4256  iirsp - ok
23:35:00.0281 4256  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:35:00.0343 4256  IKEEXT - ok
23:35:00.0452 4256  [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:35:00.0484 4256  IntcAzAudAddService - ok
23:35:00.0515 4256  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:35:00.0515 4256  intelide - ok
23:35:00.0562 4256  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:35:00.0593 4256  intelppm - ok
23:35:00.0640 4256  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:35:00.0702 4256  IPBusEnum - ok
23:35:00.0780 4256  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:35:00.0827 4256  IpFilterDriver - ok
23:35:01.0061 4256  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:35:01.0123 4256  iphlpsvc - ok
23:35:01.0154 4256  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:35:01.0170 4256  IPMIDRV - ok
23:35:01.0279 4256  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:35:01.0357 4256  IPNAT - ok
23:35:01.0435 4256  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:35:01.0466 4256  IRENUM - ok
23:35:01.0544 4256  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:35:01.0560 4256  isapnp - ok
23:35:01.0622 4256  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:35:01.0638 4256  iScsiPrt - ok
23:35:01.0685 4256  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
23:35:01.0700 4256  kbdclass - ok
23:35:01.0825 4256  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
23:35:01.0841 4256  kbdhid - ok
23:35:01.0872 4256  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:35:01.0872 4256  KeyIso - ok
23:35:01.0934 4256  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:35:01.0934 4256  KSecDD - ok
23:35:01.0966 4256  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:35:01.0981 4256  KSecPkg - ok
23:35:02.0028 4256  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:35:02.0059 4256  ksthunk - ok
23:35:02.0106 4256  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:35:02.0153 4256  KtmRm - ok
23:35:02.0200 4256  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:35:02.0231 4256  LanmanServer - ok
23:35:02.0262 4256  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:35:02.0293 4256  LanmanWorkstation - ok
23:35:02.0340 4256  [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:35:02.0356 4256  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:35:02.0356 4256  LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:35:02.0402 4256  [ 83BA097ACAAD0B00505634A62D90F93A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
23:35:02.0402 4256  lirsgt - ok
23:35:02.0434 4256  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:35:02.0480 4256  lltdio - ok
23:35:02.0496 4256  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:35:02.0543 4256  lltdsvc - ok
23:35:02.0574 4256  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:35:02.0605 4256  lmhosts - ok
23:35:02.0652 4256  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:35:02.0668 4256  LSI_FC - ok
23:35:02.0714 4256  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:35:02.0730 4256  LSI_SAS - ok
23:35:02.0746 4256  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:35:02.0746 4256  LSI_SAS2 - ok
23:35:02.0761 4256  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:35:02.0777 4256  LSI_SCSI - ok
23:35:02.0792 4256  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:35:02.0839 4256  luafv - ok
23:35:02.0902 4256  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:35:02.0933 4256  Mcx2Svc - ok
23:35:02.0948 4256  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:35:02.0964 4256  megasas - ok
23:35:03.0011 4256  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:35:03.0026 4256  MegaSR - ok
23:35:03.0073 4256  [ 4A1C21576FB7F96F4DBDEA627FFDA775 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
23:35:03.0073 4256  mfeavfk - ok
23:35:03.0104 4256  [ 9E0AC52B3232FF8DC65FEE1A9C2FE8D1 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
23:35:03.0120 4256  mfehidk - ok
23:35:03.0151 4256  [ 624D717B11E5004F68442B5740F17F21 ] mferkdk         C:\Windows\system32\drivers\mferkdk.sys
23:35:03.0167 4256  mferkdk - ok
23:35:03.0182 4256  [ 0CD9DE7B96735F33F078C4EA044E8B34 ] mfesmfk         C:\Windows\system32\drivers\mfesmfk.sys
23:35:03.0198 4256  mfesmfk - ok
23:35:03.0229 4256  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:35:03.0276 4256  MMCSS - ok
23:35:03.0323 4256  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:35:03.0370 4256  Modem - ok
23:35:03.0401 4256  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:35:03.0432 4256  monitor - ok
23:35:03.0432 4256  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:35:03.0448 4256  mouclass - ok
23:35:03.0463 4256  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:35:03.0479 4256  mouhid - ok
23:35:03.0526 4256  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:35:03.0526 4256  mountmgr - ok
23:35:03.0588 4256  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:35:03.0604 4256  MpFilter - ok
23:35:03.0650 4256  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:35:03.0666 4256  mpio - ok
23:35:03.0713 4256  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:35:03.0744 4256  mpsdrv - ok
23:35:03.0822 4256  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:35:03.0869 4256  MpsSvc - ok
23:35:03.0916 4256  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:35:03.0947 4256  MRxDAV - ok
23:35:03.0994 4256  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:35:04.0009 4256  mrxsmb - ok
23:35:04.0056 4256  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:35:04.0072 4256  mrxsmb10 - ok
23:35:04.0103 4256  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:35:04.0118 4256  mrxsmb20 - ok
23:35:04.0181 4256  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:35:04.0196 4256  msahci - ok
23:35:04.0228 4256  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:35:04.0243 4256  msdsm - ok
23:35:04.0259 4256  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:35:04.0290 4256  MSDTC - ok
23:35:04.0321 4256  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:35:04.0352 4256  Msfs - ok
23:35:04.0384 4256  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:35:04.0430 4256  mshidkmdf - ok
23:35:04.0477 4256  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:35:04.0493 4256  msisadrv - ok
23:35:04.0602 4256  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:35:04.0649 4256  MSiSCSI - ok
23:35:04.0664 4256  msiserver - ok
23:35:04.0711 4256  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:35:04.0774 4256  MSKSSRV - ok
23:35:04.0961 4256  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:35:04.0976 4256  MsMpSvc - ok
23:35:05.0008 4256  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:35:05.0054 4256  MSPCLOCK - ok
23:35:05.0086 4256  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:35:05.0132 4256  MSPQM - ok
23:35:05.0195 4256  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:35:05.0210 4256  MsRPC - ok
23:35:05.0242 4256  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:35:05.0257 4256  mssmbios - ok
23:35:05.0288 4256  MSSQL$SQLEXPRESS - ok
23:35:05.0288 4256  MSSQLServerADHelper100 - ok
23:35:05.0320 4256  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:35:05.0351 4256  MSTEE - ok
23:35:05.0429 4256  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:35:05.0444 4256  MTConfig - ok
23:35:05.0476 4256  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:35:05.0491 4256  Mup - ok
23:35:05.0538 4256  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:35:05.0585 4256  napagent - ok
23:35:05.0616 4256  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:35:05.0632 4256  NativeWifiP - ok
23:35:05.0710 4256  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:35:05.0741 4256  NDIS - ok
23:35:05.0772 4256  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:35:05.0819 4256  NdisCap - ok
23:35:05.0834 4256  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:35:05.0866 4256  NdisTapi - ok
23:35:05.0897 4256  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:35:05.0928 4256  Ndisuio - ok
23:35:05.0975 4256  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:35:06.0006 4256  NdisWan - ok
23:35:06.0037 4256  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:35:06.0068 4256  NDProxy - ok
23:35:06.0131 4256  [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:35:06.0146 4256  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:35:06.0146 4256  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:35:06.0162 4256  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:35:06.0209 4256  NetBIOS - ok
23:35:06.0256 4256  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:35:06.0287 4256  NetBT - ok
23:35:06.0287 4256  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:35:06.0302 4256  Netlogon - ok
23:35:06.0380 4256  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:35:06.0427 4256  Netman - ok
23:35:06.0474 4256  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:35:06.0505 4256  NetMsmqActivator - ok
23:35:06.0505 4256  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:35:06.0521 4256  NetPipeActivator - ok
23:35:06.0536 4256  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:35:06.0583 4256  netprofm - ok
23:35:06.0599 4256  nettalkdMP - ok
23:35:06.0614 4256  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:35:06.0614 4256  NetTcpActivator - ok
23:35:06.0630 4256  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:35:06.0646 4256  NetTcpPortSharing - ok
23:35:06.0661 4256  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:35:06.0677 4256  nfrd960 - ok
23:35:06.0724 4256  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:35:06.0724 4256  NisDrv - ok
23:35:06.0770 4256  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
23:35:06.0802 4256  NisSrv - ok
23:35:06.0848 4256  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:35:06.0895 4256  NlaSvc - ok
23:35:06.0926 4256  NLNdisMP - ok
23:35:06.0958 4256  NLNdisPT - ok
23:35:06.0989 4256  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:35:07.0020 4256  Npfs - ok
23:35:07.0067 4256  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:35:07.0098 4256  nsi - ok
23:35:07.0114 4256  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:35:07.0160 4256  nsiproxy - ok
23:35:07.0223 4256  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:35:07.0270 4256  Ntfs - ok
23:35:07.0285 4256  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:35:07.0332 4256  Null - ok
23:35:07.0332 4256  NVHDA - ok
23:35:07.0379 4256  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:35:07.0394 4256  nvraid - ok
23:35:07.0426 4256  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:35:07.0426 4256  nvstor - ok
23:35:07.0457 4256  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:35:07.0472 4256  nv_agp - ok
23:35:07.0488 4256  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:35:07.0504 4256  ohci1394 - ok
23:35:07.0550 4256  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:35:07.0566 4256  ose - ok
23:35:07.0597 4256  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:35:07.0628 4256  p2pimsvc - ok
23:35:07.0644 4256  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:35:07.0660 4256  p2psvc - ok
23:35:07.0675 4256  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:35:07.0691 4256  Parport - ok
23:35:07.0706 4256  Partizan - ok
23:35:07.0738 4256  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:35:07.0738 4256  partmgr - ok
23:35:07.0769 4256  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:35:07.0784 4256  PcaSvc - ok
23:35:07.0816 4256  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:35:07.0831 4256  pci - ok
23:35:07.0831 4256  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:35:07.0847 4256  pciide - ok
23:35:07.0878 4256  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:35:07.0894 4256  pcmcia - ok
23:35:07.0925 4256  [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
23:35:07.0940 4256  pcouffin - ok
23:35:07.0956 4256  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:35:07.0972 4256  pcw - ok
23:35:07.0987 4256  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:35:08.0050 4256  PEAUTH - ok
23:35:08.0112 4256  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:35:08.0128 4256  PerfHost - ok
23:35:08.0190 4256  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:35:08.0252 4256  pla - ok
23:35:08.0299 4256  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:35:08.0315 4256  PlugPlay - ok
23:35:08.0362 4256  [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:35:08.0377 4256  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:35:08.0377 4256  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:35:08.0393 4256  PnkBstrA - ok
23:35:08.0424 4256  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:35:08.0440 4256  PNRPAutoReg - ok
23:35:08.0486 4256  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:35:08.0486 4256  PNRPsvc - ok
23:35:08.0533 4256  [ 34A8FAE065249F85A67A3215FF5ECB34 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
23:35:08.0533 4256  Point64 - ok
23:35:08.0564 4256  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:35:08.0596 4256  PolicyAgent - ok
23:35:08.0627 4256  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:35:08.0658 4256  Power - ok
23:35:08.0689 4256  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:35:08.0736 4256  PptpMiniport - ok
23:35:08.0767 4256  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:35:08.0783 4256  Processor - ok
23:35:08.0814 4256  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:35:08.0830 4256  ProfSvc - ok
23:35:08.0845 4256  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:35:08.0845 4256  ProtectedStorage - ok
23:35:08.0892 4256  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:35:08.0923 4256  Psched - ok
23:35:08.0970 4256  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:35:09.0017 4256  ql2300 - ok
23:35:09.0032 4256  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:35:09.0048 4256  ql40xx - ok
23:35:09.0079 4256  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:35:09.0095 4256  QWAVE - ok
23:35:09.0110 4256  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:35:09.0126 4256  QWAVEdrv - ok
23:35:09.0142 4256  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:35:09.0173 4256  RasAcd - ok
23:35:09.0204 4256  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:35:09.0251 4256  RasAgileVpn - ok
23:35:09.0266 4256  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:35:09.0298 4256  RasAuto - ok
23:35:09.0329 4256  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:35:09.0360 4256  Rasl2tp - ok
23:35:09.0407 4256  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:35:09.0438 4256  RasMan - ok
23:35:09.0469 4256  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:35:09.0500 4256  RasPppoe - ok


tdskiller log part 2

 

 

23:35:09.0500 4256  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:35:09.0532 4256  RasSstp - ok
23:35:09.0578 4256  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:35:09.0610 4256  rdbss - ok
23:35:09.0625 4256  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:35:09.0641 4256  rdpbus - ok
23:35:09.0656 4256  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:35:09.0688 4256  RDPCDD - ok
23:35:09.0719 4256  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:35:09.0750 4256  RDPENCDD - ok
23:35:09.0766 4256  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:35:09.0797 4256  RDPREFMP - ok
23:35:09.0906 4256  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:35:09.0937 4256  RdpVideoMiniport - ok
23:35:10.0000 4256  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:35:10.0015 4256  RDPWD - ok
23:35:10.0062 4256  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:35:10.0078 4256  rdyboost - ok
23:35:10.0234 4256  [ D5B22AF032300F15D6D99403E017B76F ] ReflectService  C:\Program Files\Macrium\Reflect\ReflectService.exe
23:35:10.0249 4256  ReflectService - ok
23:35:10.0265 4256  RegGuard - ok
23:35:10.0327 4256  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:35:10.0390 4256  RemoteAccess - ok
23:35:10.0468 4256  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:35:10.0546 4256  RemoteRegistry - ok
23:35:10.0670 4256  [ 0B169FE016039571ECC6DB70073F8979 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
23:35:10.0670 4256  RichVideo64 - ok
23:35:10.0717 4256  rpcapd - ok
23:35:10.0764 4256  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:35:10.0811 4256  RpcEptMapper - ok
23:35:10.0842 4256  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:35:10.0858 4256  RpcLocator - ok
23:35:10.0936 4256  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:35:10.0967 4256  RpcSs - ok
23:35:11.0045 4256  [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
23:35:11.0107 4256  RsFx0103 - ok
23:35:11.0185 4256  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:35:11.0216 4256  rspndr - ok
23:35:11.0419 4256  [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:35:11.0419 4256  RTL8167 - ok
23:35:11.0450 4256  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:35:11.0450 4256  SamSs - ok
23:35:11.0497 4256  SANDRA - ok
23:35:11.0591 4256  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:35:11.0606 4256  sbp2port - ok
23:35:11.0669 4256  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:35:11.0700 4256  SCardSvr - ok
23:35:11.0794 4256  [ 07237C66E05DA6778E9F3CB67FA00736 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
23:35:11.0794 4256  SCDEmu - ok
23:35:11.0840 4256  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:35:11.0918 4256  scfilter - ok
23:35:12.0028 4256  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:35:12.0074 4256  Schedule - ok
23:35:12.0106 4256  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:35:12.0137 4256  SCPolicySvc - ok
23:35:12.0246 4256  [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
23:35:12.0246 4256  ScreamBAudioSvc - ok
23:35:12.0418 4256  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:35:12.0464 4256  SDRSVC - ok
23:35:12.0605 4256  [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23:35:12.0620 4256  SeaPort - ok
23:35:12.0652 4256  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:35:12.0730 4256  secdrv - ok
23:35:12.0776 4256  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:35:12.0839 4256  seclogon - ok
23:35:12.0886 4256  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
23:35:12.0948 4256  SENS - ok
23:35:12.0964 4256  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:35:12.0979 4256  SensrSvc - ok
23:35:13.0057 4256  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:35:13.0104 4256  Serenum - ok
23:35:13.0166 4256  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:35:13.0182 4256  Serial - ok
23:35:13.0229 4256  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:35:13.0291 4256  sermouse - ok
23:35:13.0338 4256  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:35:13.0416 4256  SessionEnv - ok
23:35:13.0463 4256  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:35:13.0478 4256  sffdisk - ok
23:35:13.0525 4256  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:35:13.0588 4256  sffp_mmc - ok
23:35:13.0634 4256  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:35:13.0681 4256  sffp_sd - ok
23:35:13.0744 4256  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:35:13.0790 4256  sfloppy - ok
23:35:13.0884 4256  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:35:13.0931 4256  SharedAccess - ok
23:35:13.0962 4256  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:35:14.0009 4256  ShellHWDetection - ok
23:35:14.0040 4256  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:35:14.0056 4256  SiSRaid2 - ok
23:35:14.0087 4256  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:35:14.0102 4256  SiSRaid4 - ok
23:35:14.0274 4256  SlimFTPd - ok
23:35:14.0399 4256  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:35:14.0430 4256  Smb - ok
23:35:14.0508 4256  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:35:14.0524 4256  SNMPTRAP - ok
23:35:14.0648 4256  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
23:35:14.0664 4256  speedfan - ok
23:35:14.0680 4256  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:35:14.0695 4256  spldr - ok
23:35:14.0742 4256  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
23:35:14.0789 4256  Spooler - ok
23:35:15.0038 4256  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:35:15.0116 4256  sppsvc - ok
23:35:15.0132 4256  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:35:15.0179 4256  sppuinotify - ok
23:35:15.0194 4256  SQLAgent$SQLEXPRESS - ok
23:35:15.0257 4256  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:35:15.0288 4256  srv - ok
23:35:15.0319 4256  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:35:15.0350 4256  srv2 - ok
23:35:15.0366 4256  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:35:15.0382 4256  srvnet - ok
23:35:15.0397 4256  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:35:15.0460 4256  SSDPSRV - ok
23:35:15.0475 4256  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:35:15.0506 4256  SstpSvc - ok
23:35:15.0553 4256  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:35:15.0553 4256  stexstor - ok
23:35:15.0694 4256  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:35:15.0740 4256  stisvc - ok
23:35:15.0772 4256  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:35:15.0787 4256  swenum - ok
23:35:15.0834 4256  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:35:15.0896 4256  swprv - ok
23:35:16.0021 4256  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:35:16.0084 4256  SysMain - ok
23:35:16.0115 4256  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:35:16.0162 4256  TabletInputService - ok
23:35:16.0193 4256  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:35:16.0240 4256  TapiSrv - ok
23:35:16.0271 4256  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:35:16.0318 4256  TBS - ok
23:35:16.0489 4256  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:35:16.0552 4256  Tcpip - ok
23:35:16.0708 4256  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:35:16.0739 4256  TCPIP6 - ok
23:35:16.0770 4256  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:35:16.0801 4256  tcpipreg - ok
23:35:16.0848 4256  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:35:16.0864 4256  TDPIPE - ok
23:35:16.0895 4256  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:35:16.0910 4256  TDTCP - ok
23:35:16.0942 4256  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:35:16.0973 4256  tdx - ok
23:35:17.0004 4256  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:35:17.0020 4256  TermDD - ok
23:35:17.0066 4256  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:35:17.0113 4256  TermService - ok
23:35:17.0207 4256  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:35:17.0238 4256  Themes - ok
23:35:17.0254 4256  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:35:17.0300 4256  THREADORDER - ok
23:35:17.0300 4256  tlwabjcb - ok
23:35:17.0347 4256  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:35:17.0378 4256  TrkWks - ok
23:35:17.0519 4256  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:35:17.0597 4256  TrustedInstaller - ok
23:35:17.0628 4256  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:35:17.0675 4256  tssecsrv - ok
23:35:17.0706 4256  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:35:17.0722 4256  TsUsbFlt - ok
23:35:17.0753 4256  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:35:17.0800 4256  tunnel - ok
23:35:17.0862 4256  [ D6820BDCB8F1E39F355386D0CB52B096 ] tvnserver       C:\Program Files\TightVNC\tvnserver.exe
23:35:17.0893 4256  tvnserver - ok
23:35:17.0940 4256  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:35:17.0956 4256  uagp35 - ok
23:35:17.0987 4256  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:35:18.0034 4256  udfs - ok
23:35:18.0190 4256  [ 215462AE7E6A897D675E84DD1E3B3B56 ] ufad-ws60       C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe
23:35:18.0205 4256  ufad-ws60 - ok
23:35:18.0252 4256  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:35:18.0268 4256  UI0Detect - ok
23:35:18.0299 4256  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:35:18.0314 4256  uliagpkx - ok
23:35:18.0330 4256  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
23:35:18.0361 4256  umbus - ok
23:35:18.0377 4256  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:35:18.0408 4256  UmPass - ok
23:35:18.0424 4256  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:35:18.0455 4256  upnphost - ok
23:35:18.0502 4256  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:35:18.0517 4256  usbccgp - ok
23:35:18.0564 4256  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:35:18.0595 4256  usbcir - ok
23:35:18.0611 4256  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:35:18.0673 4256  usbehci - ok
23:35:18.0689 4256  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:35:18.0736 4256  usbhub - ok
23:35:18.0751 4256  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:35:18.0767 4256  usbohci - ok
23:35:18.0798 4256  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:35:18.0829 4256  usbprint - ok
23:35:18.0907 4256  [ 54EAFFD31C377C8C1055D33E6B6B4B27 ] usbrndis6       C:\Windows\system32\DRIVERS\usb80236.sys
23:35:18.0938 4256  usbrndis6 - ok
23:35:18.0970 4256  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
23:35:19.0001 4256  usbser - ok
23:35:19.0032 4256  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:35:19.0048 4256  USBSTOR - ok
23:35:19.0110 4256  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:35:19.0141 4256  usbuhci - ok
23:35:19.0188 4256  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:35:19.0219 4256  usbvideo - ok
23:35:19.0282 4256  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:35:19.0328 4256  UxSms - ok
23:35:19.0360 4256  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:35:19.0375 4256  VaultSvc - ok
23:35:19.0406 4256  [ 0F1F83DBCA1BB590D585128C9E6E4A78 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
23:35:19.0422 4256  VBoxNetAdp - ok
23:35:19.0438 4256  VBoxNetFlt - ok
23:35:19.0484 4256  [ 2E8F9BF69DBCA5396CB8C386EE6373B4 ] vdrive          C:\Windows\system32\DRIVERS\vdrive.sys
23:35:19.0484 4256  vdrive - ok
23:35:19.0531 4256  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:35:19.0531 4256  vdrvroot - ok
23:35:19.0594 4256  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:35:19.0640 4256  vds - ok
23:35:19.0672 4256  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:35:19.0703 4256  vga - ok
23:35:19.0734 4256  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:35:19.0781 4256  VgaSave - ok
23:35:19.0796 4256  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:35:19.0812 4256  vhdmp - ok
23:35:19.0843 4256  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:35:19.0859 4256  viaide - ok
23:35:19.0890 4256  [ 42F0ECAF36636841A4A006850695507F ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
23:35:19.0906 4256  VMAuthdService - ok
23:35:19.0937 4256  [ 3D810A11C3E7FD4682A8824F54C1A04F ] vmci            C:\Windows\system32\drivers\vmci.sys
23:35:19.0952 4256  vmci - ok
23:35:19.0999 4256  [ 1AF6462718E5AB0ED55014A6EF3790EF ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
23:35:19.0999 4256  vmkbd - ok
23:35:20.0030 4256  [ 9D54F1339E78C95BF3D9939EBCB66378 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
23:35:20.0046 4256  VMnetAdapter - ok
23:35:20.0062 4256  [ FB54EF3AA613D2832FD3812E7CB2FC75 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
23:35:20.0077 4256  VMnetBridge - ok
23:35:20.0077 4256  VMnetDHCP - ok
23:35:20.0108 4256  [ DAF5E04EB56CD0ED945FB2FDD94812DB ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
23:35:20.0124 4256  VMnetuserif - ok
23:35:20.0171 4256  [ F22098DBDD13C1221C274496B3E18DA7 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
23:35:20.0186 4256  VMUSBArbService - ok
23:35:20.0202 4256  VMware NAT Service - ok
23:35:20.0233 4256  [ AE7F667DB83E108E83C86A56B821E9A6 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
23:35:20.0233 4256  vmx86 - ok
23:35:20.0296 4256  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:35:20.0311 4256  volmgr - ok
23:35:20.0374 4256  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:35:20.0405 4256  volmgrx - ok
23:35:20.0420 4256  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:35:20.0436 4256  volsnap - ok
23:35:20.0530 4256  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:35:20.0561 4256  vsmraid - ok
23:35:20.0608 4256  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:35:20.0686 4256  VSS - ok
23:35:20.0732 4256  [ E61C910E2DDF4797C1B1F9239636E894 ] vstor2-ws60     C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys
23:35:20.0748 4256  vstor2-ws60 - ok
23:35:20.0779 4256  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:35:20.0795 4256  vwifibus - ok
23:35:20.0826 4256  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:35:20.0873 4256  W32Time - ok
23:35:20.0904 4256  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:35:20.0920 4256  WacomPen - ok
23:35:20.0966 4256  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:35:20.0998 4256  WANARP - ok
23:35:21.0029 4256  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:35:21.0060 4256  Wanarpv6 - ok
23:35:21.0138 4256  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:35:21.0185 4256  WatAdminSvc - ok
23:35:21.0232 4256  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:35:21.0278 4256  wbengine - ok
23:35:21.0356 4256  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:35:21.0372 4256  WbioSrvc - ok
23:35:21.0403 4256  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:35:21.0450 4256  wcncsvc - ok
23:35:21.0481 4256  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:35:21.0497 4256  WcsPlugInService - ok
23:35:21.0544 4256  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:35:21.0559 4256  Wd - ok
23:35:21.0622 4256  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:35:21.0684 4256  Wdf01000 - ok
23:35:21.0731 4256  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:35:21.0762 4256  WdiServiceHost - ok
23:35:21.0778 4256  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:35:21.0793 4256  WdiSystemHost - ok
23:35:21.0824 4256  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:35:21.0856 4256  WebClient - ok
23:35:21.0887 4256  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:35:21.0934 4256  Wecsvc - ok
23:35:21.0965 4256  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:35:22.0043 4256  wercplsupport - ok
23:35:22.0090 4256  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:35:22.0121 4256  WerSvc - ok
23:35:22.0214 4256  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:35:22.0261 4256  WfpLwf - ok
23:35:22.0292 4256  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:35:22.0308 4256  WIMMount - ok
23:35:22.0370 4256  WinDefend - ok
23:35:22.0370 4256  WinHttpAutoProxySvc - ok
23:35:22.0433 4256  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:35:22.0511 4256  Winmgmt - ok
23:35:22.0714 4256  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:35:22.0823 4256  WinRM - ok
23:35:22.0885 4256  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:35:22.0901 4256  WinUsb - ok
23:35:22.0963 4256  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:35:22.0994 4256  Wlansvc - ok
23:35:23.0135 4256  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:35:23.0182 4256  wlidsvc - ok
23:35:23.0197 4256  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:35:23.0228 4256  WmiAcpi - ok
23:35:23.0275 4256  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:35:23.0291 4256  wmiApSrv - ok
23:35:23.0338 4256  WMPNetworkSvc - ok
23:35:23.0369 4256  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:35:23.0384 4256  WPCSvc - ok
23:35:23.0400 4256  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:35:23.0416 4256  WPDBusEnum - ok
23:35:23.0431 4256  WPRO_40_1340 - ok
23:35:23.0494 4256  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:35:23.0540 4256  ws2ifsl - ok
23:35:23.0587 4256  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
23:35:23.0650 4256  wscsvc - ok
23:35:23.0650 4256  WSearch - ok
23:35:23.0759 4256  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:35:23.0821 4256  wuauserv - ok
23:35:23.0852 4256  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:35:23.0930 4256  WudfPf - ok
23:35:23.0962 4256  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:35:24.0008 4256  WUDFRd - ok
23:35:24.0040 4256  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:35:24.0102 4256  wudfsvc - ok
23:35:24.0164 4256  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:35:24.0196 4256  WwanSvc - ok
23:35:24.0242 4256  ================ Scan global ===============================
23:35:24.0289 4256  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:35:24.0336 4256  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:35:24.0336 4256  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:35:24.0383 4256  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:35:24.0414 4256  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:35:24.0414 4256  [Global] - ok
23:35:24.0430 4256  ================ Scan MBR ==================================
23:35:24.0430 4256  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:35:25.0007 4256  \Device\Harddisk0\DR0 - ok
23:35:25.0007 4256  ================ Scan VBR ==================================
23:35:25.0100 4256  [ 3C7D995567C6930647913F0310AA90FD ] \Device\Harddisk0\DR0\Partition1
23:35:25.0100 4256  \Device\Harddisk0\DR0\Partition1 - ok
23:35:25.0132 4256  [ 2BF9F2CB018AA0B51F97D4998FC88FBF ] \Device\Harddisk0\DR0\Partition2
23:35:25.0132 4256  \Device\Harddisk0\DR0\Partition2 - ok
23:35:25.0178 4256  [ 4E6FE8EFF37D1A065847898ED201A48F ] \Device\Harddisk0\DR0\Partition3
23:35:25.0178 4256  \Device\Harddisk0\DR0\Partition3 - ok
23:35:25.0178 4256  ================ Scan active images ========================
23:35:25.0178 4256  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
23:35:25.0178 4256  C:\Windows\System32\drivers\crashdmp.sys - ok
23:35:25.0178 4256  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
23:35:25.0178 4256  C:\Windows\System32\drivers\dumpfve.sys - ok
23:35:25.0194 4256  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] C:\Windows\System32\drivers\iaStor.sys
23:35:25.0194 4256  C:\Windows\System32\drivers\iaStor.sys - ok
23:35:25.0194 4256  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
23:35:25.0194 4256  C:\Windows\System32\drivers\beep.sys - ok
23:35:25.0210 4256  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
23:35:25.0210 4256  C:\Windows\System32\drivers\cdrom.sys - ok
23:35:25.0210 4256  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
23:35:25.0210 4256  C:\Windows\System32\drivers\null.sys - ok
23:35:25.0210 4256  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
23:35:25.0210 4256  C:\Windows\System32\drivers\msfs.sys - ok
23:35:25.0225 4256  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
23:35:25.0225 4256  C:\Windows\System32\drivers\npfs.sys - ok
23:35:25.0225 4256  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
23:35:25.0225 4256  C:\Windows\System32\drivers\RDPCDD.sys - ok
23:35:25.0241 4256  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
23:35:25.0241 4256  C:\Windows\System32\drivers\RDPENCDD.sys - ok
23:35:25.0241 4256  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
23:35:25.0241 4256  C:\Windows\System32\drivers\RDPREFMP.sys - ok
23:35:25.0256 4256  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
23:35:25.0256 4256  C:\Windows\System32\drivers\vga.sys - ok
23:35:25.0256 4256  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
23:35:25.0256 4256  C:\Windows\System32\drivers\videoprt.sys - ok
23:35:25.0256 4256  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
23:35:25.0256 4256  C:\Windows\System32\drivers\watchdog.sys - ok
23:35:25.0272 4256  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
23:35:25.0272 4256  C:\Windows\System32\drivers\netbt.sys - ok
23:35:25.0272 4256  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
23:35:25.0272 4256  C:\Windows\System32\drivers\tdi.sys - ok
23:35:25.0288 4256  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
23:35:25.0288 4256  C:\Windows\System32\drivers\tdx.sys - ok
23:35:25.0288 4256  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
23:35:25.0288 4256  C:\Windows\System32\drivers\afd.sys - ok
23:35:25.0303 4256  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
23:35:25.0303 4256  C:\Windows\System32\drivers\netbios.sys - ok
23:35:25.0303 4256  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
23:35:25.0303 4256  C:\Windows\System32\drivers\pacer.sys - ok
23:35:25.0319 4256  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
23:35:25.0319 4256  C:\Windows\System32\drivers\wanarp.sys - ok
23:35:25.0319 4256  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
23:35:25.0319 4256  C:\Windows\System32\drivers\wfplwf.sys - ok
23:35:25.0319 4256  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
23:35:25.0319 4256  C:\Windows\System32\drivers\ws2ifsl.sys - ok
23:35:25.0334 4256  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
23:35:25.0334 4256  C:\Windows\System32\drivers\mssmbios.sys - ok
23:35:25.0334 4256  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
23:35:25.0334 4256  C:\Windows\System32\drivers\nsiproxy.sys - ok
23:35:25.0350 4256  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
23:35:25.0350 4256  C:\Windows\System32\drivers\rdbss.sys - ok
23:35:25.0350 4256  [ 07237C66E05DA6778E9F3CB67FA00736 ] C:\Windows\System32\drivers\scdemu.sys
23:35:25.0350 4256  C:\Windows\System32\drivers\scdemu.sys - ok
23:35:25.0350 4256  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
23:35:25.0350 4256  C:\Windows\System32\drivers\termdd.sys - ok
23:35:25.0366 4256  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
23:35:25.0366 4256  C:\Windows\System32\drivers\blbdrive.sys - ok
23:35:25.0366 4256  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
23:35:25.0366 4256  C:\Windows\System32\drivers\dfsc.sys - ok
23:35:25.0381 4256  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
23:35:25.0381 4256  C:\Windows\System32\drivers\discache.sys - ok
23:35:25.0381 4256  [ 6B87F9BEA8EAEFF842328BB03FEA0B15 ] C:\Windows\System32\drivers\dvdfabio.sys
23:35:25.0381 4256  C:\Windows\System32\drivers\dvdfabio.sys - ok
23:35:25.0397 4256  [ 9E0AC52B3232FF8DC65FEE1A9C2FE8D1 ] C:\Windows\System32\drivers\mfehidk.sys
23:35:25.0397 4256  C:\Windows\System32\drivers\mfehidk.sys - ok
23:35:25.0397 4256  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
23:35:25.0397 4256  C:\Windows\System32\drivers\intelppm.sys - ok
23:35:25.0397 4256  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
23:35:25.0397 4256  C:\Windows\System32\drivers\tunnel.sys - ok
23:35:25.0412 4256  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
23:35:25.0412 4256  C:\Windows\System32\ntdll.dll - ok
23:35:25.0412 4256  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
23:35:25.0412 4256  C:\Windows\System32\smss.exe - ok
23:35:25.0428 4256  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
23:35:25.0428 4256  C:\Windows\System32\autochk.exe - ok
23:35:25.0428 4256  [ EE22D3ED6D55A855E709F811CCCA97ED ] C:\Windows\System32\drivers\atikmpag.sys
23:35:25.0428 4256  C:\Windows\System32\drivers\atikmpag.sys - ok
23:35:25.0444 4256  [ 22A14DF59FB8D0BE918C597988AF4296 ] C:\Windows\System32\drivers\atikmdag.sys
23:35:25.0444 4256  C:\Windows\System32\drivers\atikmdag.sys - ok
23:35:25.0444 4256  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
23:35:25.0444 4256  C:\Windows\System32\drivers\dxgkrnl.sys - ok
23:35:25.0459 4256  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
23:35:25.0459 4256  C:\Windows\System32\drivers\dxgmms1.sys - ok
23:35:25.0459 4256  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
23:35:25.0459 4256  C:\Windows\System32\drivers\hdaudbus.sys - ok
23:35:25.0459 4256  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
23:35:25.0459 4256  C:\Windows\System32\drivers\usbport.sys - ok
23:35:25.0475 4256  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
23:35:25.0475 4256  C:\Windows\System32\drivers\usbuhci.sys - ok
23:35:25.0475 4256  [ DDF52C4C92D831A4CDB7788B37585E36 ] C:\Windows\System32\drivers\agrsm64.sys
23:35:25.0475 4256  C:\Windows\System32\drivers\agrsm64.sys - ok
23:35:25.0490 4256  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
23:35:25.0490 4256  C:\Windows\System32\drivers\usbd.sys - ok
23:35:25.0490 4256  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
23:35:25.0490 4256  C:\Windows\System32\drivers\usbehci.sys - ok
23:35:25.0506 4256  [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
23:35:25.0506 4256  C:\Windows\System32\drivers\modem.sys - ok
23:35:25.0506 4256  [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] C:\Windows\System32\drivers\Rt64win7.sys
23:35:25.0506 4256  C:\Windows\System32\drivers\Rt64win7.sys - ok
23:35:25.0522 4256  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
23:35:25.0522 4256  C:\Windows\System32\drivers\1394ohci.sys - ok
23:35:25.0522 4256  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
23:35:25.0522 4256  C:\Windows\System32\drivers\i8042prt.sys - ok
23:35:25.0522 4256  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
23:35:25.0522 4256  C:\Windows\System32\drivers\kbdclass.sys - ok
23:35:25.0537 4256  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
23:35:25.0537 4256  C:\Windows\System32\drivers\CompositeBus.sys - ok
23:35:25.0537 4256  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
23:35:25.0537 4256  C:\Windows\System32\drivers\drmk.sys - ok
23:35:25.0553 4256  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
23:35:25.0553 4256  C:\Windows\System32\drivers\ks.sys - ok
23:35:25.0553 4256  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
23:35:25.0553 4256  C:\Windows\System32\drivers\portcls.sys - ok
23:35:25.0553 4256  [ 1AF6462718E5AB0ED55014A6EF3790EF ] C:\Windows\System32\drivers\VMkbd.sys
23:35:25.0553 4256  C:\Windows\System32\drivers\VMkbd.sys - ok
23:35:25.0568 4256  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
23:35:25.0568 4256  C:\Windows\System32\drivers\agilevpn.sys - ok
23:35:25.0568 4256  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
23:35:25.0568 4256  C:\Windows\System32\drivers\ksthunk.sys - ok
23:35:25.0584 4256  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
23:35:25.0584 4256  C:\Windows\System32\drivers\ndistapi.sys - ok
23:35:25.0584 4256  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
23:35:25.0584 4256  C:\Windows\System32\drivers\ndiswan.sys - ok
23:35:25.0584 4256  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
23:35:25.0584 4256  C:\Windows\System32\drivers\rasl2tp.sys - ok
23:35:25.0600 4256  [ 490B0B68BB938D5C628EC4A67277BE75 ] C:\Windows\System32\drivers\ScreamingBAudio64.sys
23:35:25.0600 4256  C:\Windows\System32\drivers\ScreamingBAudio64.sys - ok
23:35:25.0600 4256  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
23:35:25.0600 4256  C:\Windows\System32\drivers\mouclass.sys - ok
23:35:25.0615 4256  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
23:35:25.0615 4256  C:\Windows\System32\drivers\raspppoe.sys - ok
23:35:25.0615 4256  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
23:35:25.0615 4256  C:\Windows\System32\drivers\raspptp.sys - ok
23:35:25.0631 4256  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
23:35:25.0631 4256  C:\Windows\System32\drivers\rassstp.sys - ok
23:35:25.0631 4256  [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
23:35:25.0631 4256  C:\Windows\System32\drivers\scsiport.sys - ok
23:35:25.0646 4256  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
23:35:25.0646 4256  C:\Windows\System32\drivers\swenum.sys - ok
23:35:25.0646 4256  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
23:35:25.0646 4256  C:\Windows\System32\drivers\umbus.sys - ok
23:35:25.0662 4256  [ 2E8F9BF69DBCA5396CB8C386EE6373B4 ] C:\Windows\System32\drivers\vdrive.sys
23:35:25.0662 4256  C:\Windows\System32\drivers\vdrive.sys - ok
23:35:25.0662 4256  [ 8AB4374464C6548FA30E498811D2B324 ] C:\Windows\System32\drivers\vmnet.sys
23:35:25.0662 4256  C:\Windows\System32\drivers\vmnet.sys - ok
23:35:25.0678 4256  [ 9D54F1339E78C95BF3D9939EBCB66378 ] C:\Windows\System32\drivers\vmnetadapter.sys
23:35:25.0678 4256  C:\Windows\System32\drivers\vmnetadapter.sys - ok
23:35:25.0678 4256  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
23:35:25.0678 4256  C:\Windows\System32\drivers\usbhub.sys - ok
23:35:25.0693 4256  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
23:35:25.0693 4256  C:\Windows\System32\shell32.dll - ok
23:35:25.0693 4256  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
23:35:25.0693 4256  C:\Windows\System32\msvcrt.dll - ok
23:35:25.0693 4256  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
23:35:25.0693 4256  C:\Windows\System32\gdi32.dll - ok
23:35:25.0709 4256  [ E8FD953D416772794408A68CC20B247D ] C:\Windows\System32\urlmon.dll
23:35:25.0709 4256  C:\Windows\System32\urlmon.dll - ok
23:35:25.0709 4256  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
23:35:25.0709 4256  C:\Windows\System32\psapi.dll - ok
23:35:25.0724 4256  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
23:35:25.0724 4256  C:\Windows\System32\sechost.dll - ok
23:35:25.0724 4256  [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
23:35:25.0724 4256  C:\Windows\System32\kernel32.dll - ok
23:35:25.0740 4256  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
23:35:25.0740 4256  C:\Windows\System32\ole32.dll - ok
23:35:25.0740 4256  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
23:35:25.0740 4256  C:\Windows\System32\drivers\ndproxy.sys - ok
23:35:25.0756 4256  [ 437F55435623D4D54D36197F5AD8B435 ] C:\Windows\System32\drivers\AtihdW76.sys
23:35:25.0756 4256  C:\Windows\System32\drivers\AtihdW76.sys - ok
23:35:25.0756 4256  [ BFBABCB231628A4551DBB10D0EA25D62 ] C:\Windows\System32\drivers\RTKVHD64.sys
23:35:25.0756 4256  C:\Windows\System32\drivers\RTKVHD64.sys - ok
23:35:25.0771 4256  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
23:35:25.0771 4256  C:\Windows\System32\ws2_32.dll - ok
23:35:25.0771 4256  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
23:35:25.0771 4256  C:\Windows\System32\usp10.dll - ok
23:35:25.0787 4256  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
23:35:25.0787 4256  C:\Windows\System32\clbcatq.dll - ok
23:35:25.0787 4256  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
23:35:25.0787 4256  C:\Windows\System32\rpcrt4.dll - ok
23:35:25.0802 4256  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
23:35:25.0802 4256  C:\Windows\System32\advapi32.dll - ok
23:35:25.0802 4256  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
23:35:25.0802 4256  C:\Windows\System32\lpk.dll - ok
23:35:25.0818 4256  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
23:35:25.0818 4256  C:\Windows\System32\setupapi.dll - ok
23:35:25.0818 4256  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
23:35:25.0818 4256  C:\Windows\System32\Wldap32.dll - ok
23:35:25.0834 4256  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
23:35:25.0834 4256  C:\Windows\System32\shlwapi.dll - ok
23:35:25.0834 4256  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
23:35:25.0834 4256  C:\Windows\System32\imm32.dll - ok
23:35:25.0849 4256  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
23:35:25.0849 4256  C:\Windows\System32\nsi.dll - ok
23:35:25.0849 4256  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
23:35:25.0849 4256  C:\Windows\System32\oleaut32.dll - ok
23:35:25.0865 4256  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
23:35:25.0865 4256  C:\Windows\System32\comdlg32.dll - ok
23:35:25.0865 4256  [ 78CA24E3B51C624007C1B8A7B8D6C9AF ] C:\Windows\System32\iertutil.dll
23:35:25.0865 4256  C:\Windows\System32\iertutil.dll - ok
23:35:25.0865 4256  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
23:35:25.0865 4256  C:\Windows\System32\difxapi.dll - ok
23:35:25.0880 4256  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
23:35:25.0880 4256  C:\Windows\System32\imagehlp.dll - ok
23:35:25.0880 4256  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
23:35:25.0880 4256  C:\Windows\System32\user32.dll - ok
23:35:25.0896 4256  [ 5A45FA344F4AD99D903F4B20E43B89EC ] C:\Windows\System32\wininet.dll
23:35:25.0896 4256  C:\Windows\System32\wininet.dll - ok
23:35:25.0896 4256  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
23:35:25.0896 4256  C:\Windows\System32\drivers\hidclass.sys - ok
23:35:25.0912 4256  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
23:35:25.0912 4256  C:\Windows\System32\drivers\hidparse.sys - ok
23:35:25.0912 4256  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
23:35:25.0912 4256  C:\Windows\System32\drivers\hidusb.sys - ok
23:35:25.0927 4256  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
23:35:25.0927 4256  C:\Windows\System32\drivers\mouhid.sys - ok
23:35:25.0927 4256  [ 34A8FAE065249F85A67A3215FF5ECB34 ] C:\Windows\System32\drivers\point64.sys
23:35:25.0927 4256  C:\Windows\System32\drivers\point64.sys - ok
23:35:25.0927 4256  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
23:35:25.0927 4256  C:\Windows\System32\drivers\USBSTOR.SYS - ok
23:35:25.0943 4256  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
23:35:25.0943 4256  C:\Windows\System32\msctf.dll - ok
23:35:25.0943 4256  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
23:35:25.0943 4256  C:\Windows\System32\normaliz.dll - ok
23:35:25.0958 4256  [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
23:35:25.0958 4256  C:\Windows\System32\crypt32.dll - ok
23:35:25.0958 4256  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
23:35:25.0958 4256  C:\Windows\System32\cfgmgr32.dll - ok
23:35:25.0958 4256  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
23:35:25.0958 4256  C:\Windows\System32\devobj.dll - ok
23:35:25.0974 4256  [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
23:35:25.0974 4256  C:\Windows\System32\KernelBase.dll - ok
23:35:25.0974 4256  [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
23:35:25.0974 4256  C:\Windows\System32\wintrust.dll - ok
23:35:25.0990 4256  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
23:35:25.0990 4256  C:\Windows\System32\comctl32.dll - ok
23:35:25.0990 4256  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
23:35:25.0990 4256  C:\Windows\System32\msasn1.dll - ok
23:35:26.0005 4256  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
23:35:26.0005 4256  C:\Windows\SysWOW64\normaliz.dll - ok
23:35:26.0005 4256  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
23:35:26.0005 4256  C:\Windows\System32\drivers\dxapi.sys - ok
23:35:26.0005 4256  [ 511166D3F5D7EBA36DE48C4F5E195886 ] C:\Windows\System32\win32k.sys
23:35:26.0005 4256  C:\Windows\System32\win32k.sys - ok
23:35:26.0021 4256  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
23:35:26.0021 4256  C:\Windows\System32\csrsrv.dll - ok
23:35:26.0021 4256  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
23:35:26.0021 4256  C:\Windows\System32\csrss.exe - ok
23:35:26.0036 4256  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
23:35:26.0036 4256  C:\Windows\System32\basesrv.dll - ok
23:35:26.0036 4256  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
23:35:26.0036 4256  C:\Windows\System32\winsrv.dll - ok
23:35:26.0052 4256  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
23:35:26.0052 4256  C:\Windows\System32\drivers\monitor.sys - ok
23:35:26.0052 4256  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
23:35:26.0052 4256  C:\Windows\System32\sxssrv.dll - ok
23:35:26.0052 4256  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
23:35:26.0052 4256  C:\Windows\System32\tsddd.dll - ok
23:35:26.0068 4256  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
23:35:26.0068 4256  C:\Windows\System32\wininit.exe - ok
23:35:26.0068 4256  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
23:35:26.0068 4256  C:\Windows\System32\profapi.dll - ok
23:35:26.0083 4256  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
23:35:26.0083 4256  C:\Windows\System32\KBDUS.DLL - ok
23:35:26.0083 4256  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
23:35:26.0083 4256  C:\Windows\System32\RpcRtRemote.dll - ok
23:35:26.0083 4256  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
23:35:26.0083 4256  C:\Windows\System32\cdd.dll - ok
23:35:26.0099 4256  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
23:35:26.0099 4256  C:\Windows\System32\sxs.dll - ok
23:35:26.0099 4256  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
23:35:26.0099 4256  C:\Windows\System32\WlS0WndH.dll - ok
23:35:26.0114 4256  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
23:35:26.0114 4256  C:\Windows\System32\cryptbase.dll - ok
23:35:26.0114 4256  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
23:35:26.0114 4256  C:\Windows\System32\apphelp.dll - ok
23:35:26.0130 4256  [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
23:35:26.0130 4256  C:\Windows\System32\lsasrv.dll - ok
23:35:26.0130 4256  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
23:35:26.0130 4256  C:\Windows\System32\lsass.exe - ok
23:35:26.0130 4256  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
23:35:26.0130 4256  C:\Windows\System32\lsm.exe - ok
23:35:26.0146 4256  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
23:35:26.0146 4256  C:\Windows\System32\services.exe - ok
23:35:26.0146 4256  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
23:35:26.0146 4256  C:\Windows\System32\sspisrv.dll - ok
23:35:26.0161 4256  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
23:35:26.0161 4256  C:\Windows\System32\sspicli.dll - ok
23:35:26.0161 4256  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
23:35:26.0161 4256  C:\Windows\System32\sysntfy.dll - ok
23:35:26.0161 4256  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
23:35:26.0177 4256  C:\Windows\System32\wmsgapi.dll - ok
23:35:26.0177 4256  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
23:35:26.0177 4256  C:\Windows\System32\scesrv.dll - ok
23:35:26.0177 4256  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
23:35:26.0177 4256  C:\Windows\System32\scext.dll - ok
23:35:26.0192 4256  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
23:35:26.0192 4256  C:\Windows\System32\secur32.dll - ok
23:35:26.0192 4256  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
23:35:26.0192 4256  C:\Windows\System32\samsrv.dll - ok
23:35:26.0208 4256  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
23:35:26.0208 4256  C:\Windows\System32\srvcli.dll - ok
23:35:26.0208 4256  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
23:35:26.0208 4256  C:\Windows\System32\cryptdll.dll - ok
23:35:26.0224 4256  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
23:35:26.0224 4256  C:\Windows\System32\wevtapi.dll - ok
23:35:26.0224 4256  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
23:35:26.0224 4256  C:\Windows\System32\authz.dll - ok
23:35:26.0224 4256  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
23:35:26.0224 4256  C:\Windows\System32\cngaudit.dll - ok
23:35:26.0239 4256  [ 9B3718651DDE8A75FC4E8D6542A250D8 ] C:\Windows\System32\ncrypt.dll
23:35:26.0239 4256  C:\Windows\System32\ncrypt.dll - ok
23:35:26.0239 4256  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
23:35:26.0239 4256  C:\Windows\System32\bcrypt.dll - ok
23:35:26.0255 4256  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
23:35:26.0255 4256  C:\Windows\System32\msprivs.dll - ok
23:35:26.0255 4256  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
23:35:26.0255 4256  C:\Windows\System32\negoexts.dll - ok
23:35:26.0255 4256  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
23:35:26.0255 4256  C:\Windows\System32\netjoin.dll - ok
23:35:26.0270 4256  [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
23:35:26.0270 4256  C:\Windows\System32\kerberos.dll - ok
23:35:26.0270 4256  [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll
23:35:26.0270 4256  C:\Windows\System32\atmfd.dll - ok
23:35:26.0286 4256  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
23:35:26.0286 4256  C:\Windows\System32\cryptsp.dll - ok
23:35:26.0286 4256  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
23:35:26.0286 4256  C:\Windows\System32\mswsock.dll - ok
23:35:26.0302 4256  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
23:35:26.0302 4256  C:\Windows\System32\version.dll - ok
23:35:26.0302 4256  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
23:35:26.0302 4256  C:\Windows\System32\wship6.dll - ok
23:35:26.0302 4256  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
23:35:26.0302 4256  C:\Windows\System32\msv1_0.dll - ok
23:35:26.0317 4256  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
23:35:26.0317 4256  C:\Windows\System32\netlogon.dll - ok
23:35:26.0317 4256  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
23:35:26.0317 4256  C:\Windows\System32\dnsapi.dll - ok
23:35:26.0333 4256  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
23:35:26.0333 4256  C:\Windows\System32\logoncli.dll - ok
23:35:26.0333 4256  [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
23:35:26.0333 4256  C:\Windows\System32\schannel.dll - ok
23:35:26.0348 4256  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
23:35:26.0348 4256  C:\Windows\System32\wdigest.dll - ok
23:35:26.0348 4256  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
23:35:26.0348 4256  C:\Windows\System32\pku2u.dll - ok
23:35:26.0364 4256  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
23:35:26.0364 4256  C:\Windows\System32\rsaenh.dll - ok
23:35:26.0364 4256  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
23:35:26.0364 4256  C:\Windows\System32\TSpkg.dll - ok
23:35:26.0380 4256  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
23:35:26.0380 4256  C:\Windows\System32\bcryptprimitives.dll - ok
23:35:26.0380 4256  [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
23:35:26.0380 4256  C:\Windows\System32\LIVESSP.DLL - ok
23:35:26.0380 4256  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
23:35:26.0380 4256  C:\Windows\System32\credssp.dll - ok
23:35:26.0395 4256  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
23:35:26.0395 4256  C:\Windows\System32\efslsaext.dll - ok
23:35:26.0395 4256  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
23:35:26.0395 4256  C:\Windows\System32\scecli.dll - ok
23:35:26.0411 4256  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
23:35:26.0411 4256  C:\Windows\System32\ubpm.dll - ok
23:35:26.0411 4256  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
23:35:26.0411 4256  C:\Windows\System32\winsta.dll - ok
23:35:26.0411 4256  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
23:35:26.0411 4256  C:\Windows\System32\svchost.exe - ok
23:35:26.0426 4256  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
23:35:26.0426 4256  C:\Windows\System32\umpnpmgr.dll - ok
23:35:26.0426 4256  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
23:35:26.0426 4256  C:\Windows\System32\devrtl.dll - ok
23:35:26.0442 4256  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
23:35:26.0442 4256  C:\Windows\System32\SPInf.dll - ok
23:35:26.0442 4256  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
23:35:26.0442 4256  C:\Windows\System32\gpapi.dll - ok
23:35:26.0458 4256  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
23:35:26.0458 4256  C:\Windows\System32\userenv.dll - ok
23:35:26.0458 4256  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
23:35:26.0458 4256  C:\Windows\System32\umpo.dll - ok
23:35:26.0458 4256  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
23:35:26.0458 4256  C:\Windows\System32\pcwum.dll - ok


#5 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 08 March 2013 - 12:00 AM

tdskiller log - part 3

 

 

23:35:26.0473 4256  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
23:35:26.0473 4256  C:\Windows\System32\powrprof.dll - ok
23:35:26.0473 4256  [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
23:35:26.0473 4256  C:\Windows\System32\drivers\WUDFPf.sys - ok
23:35:26.0489 4256  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
23:35:26.0489 4256  C:\Windows\System32\rpcss.dll - ok
23:35:26.0489 4256  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
23:35:26.0489 4256  C:\Windows\System32\RpcEpMap.dll - ok
23:35:26.0489 4256  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
23:35:26.0489 4256  C:\Windows\System32\WSHTCPIP.DLL - ok
23:35:26.0504 4256  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
23:35:26.0504 4256  C:\Windows\System32\wshqos.dll - ok
23:35:26.0504 4256  [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
23:35:26.0504 4256  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
23:35:26.0520 4256  [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
23:35:26.0520 4256  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
23:35:26.0520 4256  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
23:35:26.0520 4256  C:\Windows\System32\FirewallAPI.dll - ok
23:35:26.0536 4256  [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
23:35:26.0536 4256  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
23:35:26.0536 4256  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
23:35:26.0536 4256  C:\Windows\System32\wtsapi32.dll - ok
23:35:26.0536 4256  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
23:35:26.0536 4256  C:\Windows\System32\ntmarta.dll - ok
23:35:26.0551 4256  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
23:35:26.0551 4256  C:\Windows\System32\winlogon.exe - ok
23:35:26.0551 4256  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
23:35:26.0551 4256  C:\Windows\System32\authui.dll - ok
23:35:26.0567 4256  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
23:35:26.0567 4256  C:\Windows\System32\LogonUI.exe - ok
23:35:26.0567 4256  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
23:35:26.0567 4256  C:\Windows\System32\cryptui.dll - ok
23:35:26.0567 4256  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
23:35:26.0567 4256  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
23:35:26.0582 4256  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
23:35:26.0582 4256  C:\Windows\System32\samlib.dll - ok
23:35:26.0582 4256  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
23:35:26.0582 4256  C:\Windows\System32\shacct.dll - ok
23:35:26.0598 4256  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
23:35:26.0598 4256  C:\Windows\System32\propsys.dll - ok
23:35:26.0598 4256  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
23:35:26.0598 4256  C:\Windows\System32\uxtheme.dll - ok
23:35:26.0614 4256  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
23:35:26.0614 4256  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
23:35:26.0614 4256  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
23:35:26.0614 4256  C:\Windows\System32\dui70.dll - ok
23:35:26.0629 4256  [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
23:35:26.0629 4256  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
23:35:26.0629 4256  [ 4EAAAAB8759644D572522FBCDD196A13 ] C:\Windows\System32\atiesrxx.exe
23:35:26.0629 4256  C:\Windows\System32\atiesrxx.exe - ok
23:35:26.0629 4256  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
23:35:26.0629 4256  C:\Windows\System32\duser.dll - ok
23:35:26.0645 4256  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
23:35:26.0645 4256  C:\Windows\System32\SndVolSSO.dll - ok
23:35:26.0645 4256  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
23:35:26.0645 4256  C:\Windows\System32\dwmapi.dll - ok
23:35:26.0660 4256  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
23:35:26.0660 4256  C:\Windows\System32\hid.dll - ok
23:35:26.0660 4256  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
23:35:26.0660 4256  C:\Windows\System32\MMDevAPI.dll - ok
23:35:26.0676 4256  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
23:35:26.0676 4256  C:\Windows\System32\xmllite.dll - ok
23:35:26.0676 4256  [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
23:35:26.0676 4256  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
23:35:26.0676 4256  [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
23:35:26.0676 4256  C:\Windows\System32\fltLib.dll - ok
23:35:26.0692 4256  [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
23:35:26.0692 4256  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
23:35:26.0692 4256  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\Windows\System32\drivers\MpFilter.sys
23:35:26.0692 4256  C:\Windows\System32\drivers\MpFilter.sys - ok
23:35:26.0707 4256  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
23:35:26.0707 4256  C:\Windows\System32\wevtsvc.dll - ok
23:35:26.0707 4256  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
23:35:26.0707 4256  C:\Windows\System32\WindowsCodecs.dll - ok
23:35:26.0723 4256  [ 76A11F575782DBAE74F05B8796EF7F9D ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpengine.dll
23:35:26.0723 4256  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpengine.dll - ok
23:35:26.0723 4256  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
23:35:26.0723 4256  C:\Windows\System32\audiosrv.dll - ok
23:35:26.0723 4256  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
23:35:26.0723 4256  C:\Windows\System32\netprofm.dll - ok
23:35:26.0738 4256  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
23:35:26.0738 4256  C:\Windows\System32\FntCache.dll - ok
23:35:26.0738 4256  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
23:35:26.0738 4256  C:\Windows\System32\avrt.dll - ok
23:35:26.0754 4256  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
23:35:26.0754 4256  C:\Windows\System32\mmcss.dll - ok
23:35:26.0754 4256  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
23:35:26.0754 4256  C:\Windows\System32\VaultCredProvider.dll - ok
23:35:26.0754 4256  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
23:35:26.0754 4256  C:\Windows\System32\winbrand.dll - ok
23:35:26.0754 4256  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
23:35:26.0754 4256  C:\Windows\System32\adtschema.dll - ok
23:35:26.0770 4256  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
23:35:26.0770 4256  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
23:35:26.0770 4256  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
23:35:26.0770 4256  C:\Windows\System32\BioCredProv.dll - ok
23:35:26.0785 4256  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
23:35:26.0785 4256  C:\Windows\System32\MPSSVC.dll - ok
23:35:26.0785 4256  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
23:35:26.0785 4256  C:\Windows\System32\credui.dll - ok
23:35:26.0801 4256  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
23:35:26.0801 4256  C:\Windows\System32\winbio.dll - ok
23:35:26.0801 4256  [ 764908FE1FA96F93C95B1B67A0FCED29 ] C:\Windows\System32\netapi32.dll
23:35:26.0801 4256  C:\Windows\System32\netapi32.dll - ok
23:35:26.0816 4256  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
23:35:26.0816 4256  C:\Windows\System32\netutils.dll - ok
23:35:26.0816 4256  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
23:35:26.0816 4256  C:\Windows\System32\vaultcli.dll - ok
23:35:26.0832 4256  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
23:35:26.0832 4256  C:\Windows\System32\wkscli.dll - ok
23:35:26.0832 4256  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
23:35:26.0832 4256  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
23:35:26.0848 4256  [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
23:35:26.0848 4256  C:\Windows\System32\WUDFPlatform.dll - ok
23:35:26.0848 4256  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
23:35:26.0848 4256  C:\Windows\System32\samcli.dll - ok
23:35:26.0848 4256  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
23:35:26.0848 4256  C:\Windows\System32\profsvc.dll - ok
23:35:26.0863 4256  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
23:35:26.0863 4256  C:\Windows\System32\certCredProvider.dll - ok
23:35:26.0863 4256  [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
23:35:26.0863 4256  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
23:35:26.0863 4256  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
23:35:26.0863 4256  C:\Windows\System32\drivers\fltMgr.sys - ok
23:35:26.0879 4256  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
23:35:26.0879 4256  C:\Windows\System32\rasplap.dll - ok
23:35:26.0879 4256  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
23:35:26.0879 4256  C:\Windows\System32\audiodg.exe - ok
23:35:26.0879 4256  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
23:35:26.0879 4256  C:\Windows\System32\PSHED.DLL - ok
23:35:26.0894 4256  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
23:35:26.0894 4256  C:\Windows\System32\rasapi32.dll - ok
23:35:26.0894 4256  [ 11338E0557B07BC32CDB980B6EDB35AA ] C:\Windows\System32\ci.dll
23:35:26.0894 4256  C:\Windows\System32\ci.dll - ok
23:35:26.0910 4256  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
23:35:26.0910 4256  C:\Windows\System32\rasman.dll - ok
23:35:26.0910 4256  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
23:35:26.0910 4256  C:\Windows\System32\rtutils.dll - ok
23:35:26.0910 4256  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
23:35:26.0910 4256  C:\Windows\System32\winmm.dll - ok
23:35:26.0926 4256  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
23:35:26.0926 4256  C:\Windows\System32\atl.dll - ok
23:35:26.0926 4256  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
23:35:26.0926 4256  C:\Windows\System32\gpsvc.dll - ok
23:35:26.0941 4256  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
23:35:26.0941 4256  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
23:35:26.0941 4256  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
23:35:26.0941 4256  C:\Windows\System32\es.dll - ok
23:35:26.0957 4256  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
23:35:26.0957 4256  C:\Windows\System32\themeservice.dll - ok
23:35:26.0957 4256  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
23:35:26.0957 4256  C:\Windows\System32\wdmaud.drv - ok
23:35:26.0957 4256  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
23:35:26.0957 4256  C:\Windows\System32\ksuser.dll - ok
23:35:26.0972 4256  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
23:35:26.0972 4256  C:\Windows\System32\comres.dll - ok
23:35:26.0972 4256  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
23:35:26.0972 4256  C:\Windows\System32\Sens.dll - ok
23:35:26.0988 4256  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
23:35:26.0988 4256  C:\Windows\System32\dsrole.dll - ok
23:35:27.0004 4256  [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
23:35:27.0004 4256  C:\Windows\System32\nlaapi.dll - ok
23:35:27.0004 4256  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
23:35:27.0004 4256  C:\Windows\System32\slc.dll - ok
23:35:27.0004 4256  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
23:35:27.0004 4256  C:\Windows\System32\uxsms.dll - ok
23:35:27.0019 4256  [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
23:35:27.0019 4256  C:\Windows\System32\WUDFSvc.dll - ok
23:35:27.0019 4256  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
23:35:27.0019 4256  C:\Windows\System32\drivers\lltdio.sys - ok
23:35:27.0019 4256  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
23:35:27.0019 4256  C:\Windows\System32\drivers\rspndr.sys - ok
23:35:27.0035 4256  [ FB54EF3AA613D2832FD3812E7CB2FC75 ] C:\Windows\System32\drivers\vmnetbridge.sys
23:35:27.0035 4256  C:\Windows\System32\drivers\vmnetbridge.sys - ok
23:35:27.0035 4256  [ 0620FE89F70FC0895DC312EEBAA62B06 ] C:\Windows\System32\atieclxx.exe
23:35:27.0035 4256  C:\Windows\System32\atieclxx.exe - ok
23:35:27.0050 4256  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
23:35:27.0050 4256  C:\Windows\System32\UXInit.dll - ok
23:35:27.0050 4256  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
23:35:27.0050 4256  C:\Windows\System32\IPHLPAPI.DLL - ok
23:35:27.0066 4256  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
23:35:27.0066 4256  C:\Windows\System32\lmhsvc.dll - ok
23:35:27.0066 4256  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
23:35:27.0066 4256  C:\Windows\System32\nsisvc.dll - ok
23:35:27.0066 4256  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
23:35:27.0066 4256  C:\Windows\System32\dhcpcore.dll - ok
23:35:27.0082 4256  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
23:35:27.0082 4256  C:\Windows\System32\nrpsrv.dll - ok
23:35:27.0082 4256  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
23:35:27.0082 4256  C:\Windows\System32\winnsi.dll - ok
23:35:27.0097 4256  [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
23:35:27.0097 4256  C:\Windows\System32\dhcpcore6.dll - ok
23:35:27.0113 4256  [ 500CE062629FB734989AEEC2A23A6CD8 ] C:\Windows\System32\atiadlxx.dll
23:35:27.0113 4256  C:\Windows\System32\atiadlxx.dll - ok
23:35:27.0113 4256  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
23:35:27.0113 4256  C:\Windows\System32\dnsrslvr.dll - ok
23:35:27.0128 4256  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
23:35:27.0128 4256  C:\Windows\System32\FWPUCLNT.DLL - ok
23:35:27.0128 4256  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
23:35:27.0128 4256  C:\Windows\System32\dnsext.dll - ok
23:35:27.0144 4256  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
23:35:27.0144 4256  C:\Windows\System32\dhcpcsvc.dll - ok
23:35:27.0144 4256  [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
23:35:27.0144 4256  C:\Windows\System32\dhcpcsvc6.dll - ok
23:35:27.0160 4256  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
23:35:27.0160 4256  C:\Windows\System32\shsvcs.dll - ok
23:35:27.0160 4256  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
23:35:27.0160 4256  C:\Windows\System32\AudioSes.dll - ok
23:35:27.0175 4256  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
23:35:27.0175 4256  C:\Windows\System32\msacm32.dll - ok
23:35:27.0175 4256  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
23:35:27.0175 4256  C:\Windows\System32\msacm32.drv - ok
23:35:27.0191 4256  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
23:35:27.0191 4256  C:\Windows\System32\schedsvc.dll - ok
23:35:27.0191 4256  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
23:35:27.0191 4256  C:\Windows\System32\midimap.dll - ok
23:35:27.0191 4256  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
23:35:27.0191 4256  C:\Windows\System32\AudioEng.dll - ok
23:35:27.0206 4256  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
23:35:27.0206 4256  C:\Windows\System32\imageres.dll - ok
23:35:27.0222 4256  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
23:35:27.0222 4256  C:\Windows\System32\ktmw32.dll - ok
23:35:27.0222 4256  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
23:35:27.0222 4256  C:\Windows\System32\AUDIOKSE.dll - ok
23:35:27.0238 4256  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
23:35:27.0238 4256  C:\Windows\System32\fveapi.dll - ok
23:35:27.0238 4256  [ 06D9A26EE31A1BDBCAFC4C26C1AB03A8 ] C:\Windows\System32\RtkAPO64.dll
23:35:27.0238 4256  C:\Windows\System32\RtkAPO64.dll - ok
23:35:27.0253 4256  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
23:35:27.0253 4256  C:\Windows\System32\fvecerts.dll - ok
23:35:27.0253 4256  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
23:35:27.0253 4256  C:\Windows\System32\taskcomp.dll - ok
23:35:27.0269 4256  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
23:35:27.0269 4256  C:\Windows\System32\tbs.dll - ok
23:35:27.0269 4256  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
23:35:27.0269 4256  C:\Windows\System32\drivers\http.sys - ok
23:35:27.0284 4256  [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe
23:35:27.0284 4256  C:\Windows\System32\spoolsv.exe - ok
23:35:27.0284 4256  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
23:35:27.0284 4256  C:\Windows\System32\WMALFXGFXDSP.dll - ok
23:35:27.0284 4256  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
23:35:27.0284 4256  C:\Windows\System32\BFE.DLL - ok
23:35:27.0300 4256  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
23:35:27.0300 4256  C:\Windows\System32\drivers\srvnet.sys - ok
23:35:27.0300 4256  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
23:35:27.0300 4256  C:\Windows\System32\mfplat.dll - ok
23:35:27.0300 4256  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
23:35:27.0300 4256  C:\Windows\System32\drivers\bowser.sys - ok
23:35:27.0316 4256  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
23:35:27.0316 4256  C:\Windows\System32\drivers\mpsdrv.sys - ok
23:35:27.0316 4256  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
23:35:27.0316 4256  C:\Windows\System32\drivers\mrxsmb.sys - ok
23:35:27.0331 4256  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
23:35:27.0331 4256  C:\Windows\System32\drivers\mrxsmb10.sys - ok
23:35:27.0331 4256  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
23:35:27.0331 4256  C:\Windows\System32\drivers\mrxsmb20.sys - ok
23:35:27.0347 4256  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
23:35:27.0347 4256  C:\Windows\System32\drivers\srv2.sys - ok
23:35:27.0347 4256  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
23:35:27.0347 4256  C:\Windows\System32\drivers\srv.sys - ok
23:35:27.0347 4256  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
23:35:27.0347 4256  C:\Windows\System32\wkssvc.dll - ok
23:35:27.0362 4256  [ 8EF0D5C41EC907751B8429162B1239ED ] C:\Windows\System32\browser.dll
23:35:27.0362 4256  C:\Windows\System32\browser.dll - ok
23:35:27.0362 4256  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
23:35:27.0362 4256  C:\Windows\System32\netmsg.dll - ok
23:35:27.0378 4256  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
23:35:27.0378 4256  C:\Windows\System32\srvsvc.dll - ok
23:35:27.0378 4256  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
23:35:27.0378 4256  C:\Windows\System32\sscore.dll - ok
23:35:27.0378 4256  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
23:35:27.0378 4256  C:\Windows\System32\clusapi.dll - ok
23:35:27.0394 4256  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
23:35:27.0394 4256  C:\Windows\System32\wfapigp.dll - ok
23:35:27.0394 4256  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
23:35:27.0394 4256  C:\Windows\System32\resutils.dll - ok
23:35:27.0409 4256  [ 436EB2742ED35C1ED9DDCB83C9BCF68A ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpasbase.vdm
23:35:27.0409 4256  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpasbase.vdm - ok
23:35:27.0409 4256  [ 6E3E6D900E2340548AE480B226E869FD ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpasdlta.vdm
23:35:27.0409 4256  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpasdlta.vdm - ok
23:35:27.0409 4256  [ 425800DD197C336EF1D6A3AC6428DEB3 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpavbase.vdm
23:35:27.0409 4256  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpavbase.vdm - ok
23:35:27.0425 4256  [ 30D966044FC73AFC7AA164A6A1659C0E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpavdlta.vdm
23:35:27.0425 4256  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\mpavdlta.vdm - ok
23:35:27.0425 4256  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
23:35:27.0425 4256  C:\Windows\System32\winspool.drv - ok
23:35:27.0440 4256  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
23:35:27.0440 4256  C:\Windows\System32\wiarpc.dll - ok
23:35:27.0440 4256  [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
23:35:27.0440 4256  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
23:35:27.0456 4256  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
23:35:27.0456 4256  C:\Windows\System32\rasadhlp.dll - ok
23:35:27.0456 4256  [ 89B89AE23491F5D4E338499A3D568269 ] C:\Windows\System32\localspl.dll
23:35:27.0456 4256  C:\Windows\System32\localspl.dll - ok
23:35:27.0472 4256  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
23:35:27.0472 4256  C:\Windows\System32\umb.dll - ok
23:35:27.0472 4256  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
23:35:27.0472 4256  C:\Windows\System32\mscms.dll - ok
23:35:27.0472 4256  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
23:35:27.0472 4256  C:\Windows\System32\pcasvc.dll - ok
23:35:27.0487 4256  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
23:35:27.0487 4256  C:\Windows\System32\snmptrap.exe - ok
23:35:27.0487 4256  [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
23:35:27.0487 4256  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
23:35:27.0503 4256  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
23:35:27.0503 4256  C:\Windows\System32\provsvc.dll - ok
23:35:27.0503 4256  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
23:35:27.0503 4256  C:\Windows\System32\sstpsvc.dll - ok
23:35:27.0518 4256  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
23:35:27.0518 4256  C:\Windows\System32\PrintIsolationProxy.dll - ok
23:35:27.0518 4256  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
23:35:27.0518 4256  C:\Windows\System32\spoolss.dll - ok
23:35:27.0518 4256  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
23:35:27.0518 4256  C:\Windows\System32\FXSMON.dll - ok
23:35:27.0534 4256  [ 45D22F0B253D67C54B0F9DCFB3F811C9 ] C:\Windows\System32\hpfll70v.dll
23:35:27.0534 4256  C:\Windows\System32\hpfll70v.dll - ok
23:35:27.0534 4256  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
23:35:27.0534 4256  C:\Windows\System32\tcpmon.dll - ok
23:35:27.0550 4256  [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
23:35:27.0550 4256  C:\Windows\System32\msxml6.dll - ok
23:35:27.0550 4256  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
23:35:27.0550 4256  C:\Windows\System32\snmpapi.dll - ok
23:35:27.0550 4256  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
23:35:27.0550 4256  C:\Windows\System32\wsnmp32.dll - ok
23:35:27.0565 4256  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
23:35:27.0565 4256  C:\Windows\System32\usbmon.dll - ok
23:35:27.0565 4256  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
23:35:27.0565 4256  C:\Windows\System32\WSDMon.dll - ok
23:35:27.0581 4256  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
23:35:27.0581 4256  C:\Windows\System32\WSDApi.dll - ok
23:35:27.0581 4256  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
23:35:27.0581 4256  C:\Windows\System32\webservices.dll - ok
23:35:27.0596 4256  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
23:35:27.0596 4256  C:\Windows\System32\fundisc.dll - ok
23:35:27.0596 4256  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
23:35:27.0596 4256  C:\Windows\System32\fdPnp.dll - ok
23:35:27.0596 4256  [ 86265C4E264E0FFB05BCF7B69C0D2004 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll
23:35:27.0596 4256  C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll - ok
23:35:27.0612 4256  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
23:35:27.0612 4256  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
23:35:27.0612 4256  [ 2AC11BE0F5D9A01433732AAB8BA21774 ] C:\Windows\System32\win32spl.dll
23:35:27.0612 4256  C:\Windows\System32\win32spl.dll - ok
23:35:27.0628 4256  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
23:35:27.0628 4256  C:\Windows\System32\inetpp.dll - ok
23:35:27.0628 4256  [ BA207B48AA3D9D73FD4856400F852458 ] C:\Windows\System32\drivers\hcmon.sys
23:35:27.0628 4256  C:\Windows\System32\drivers\hcmon.sys - ok
23:35:27.0628 4256  [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
23:35:27.0628 4256  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
23:35:27.0643 4256  [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
23:35:27.0643 4256  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
23:35:27.0643 4256  [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
23:35:27.0643 4256  C:\Windows\System32\conhost.exe - ok
23:35:27.0659 4256  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
23:35:27.0659 4256  C:\Windows\System32\cabinet.dll - ok
23:35:27.0659 4256  [ 3D810A11C3E7FD4682A8824F54C1A04F ] C:\Windows\System32\drivers\vmci.sys
23:35:27.0659 4256  C:\Windows\System32\drivers\vmci.sys - ok
23:35:27.0674 4256  [ AE7F667DB83E108E83C86A56B821E9A6 ] C:\Windows\System32\drivers\vmx86.sys
23:35:27.0674 4256  C:\Windows\System32\drivers\vmx86.sys - ok
23:35:27.0674 4256  [ 48008D4EA73C1058F36D323A644410D4 ] C:\Program Files\LSI SoftModem\agr64svc.exe
23:35:27.0674 4256  C:\Program Files\LSI SoftModem\agr64svc.exe - ok
23:35:27.0674 4256  [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
23:35:27.0674 4256  C:\Windows\System32\cryptsvc.dll - ok
23:35:27.0690 4256  [ 64F07381335E37C142F6D176705FFCA6 ] C:\Windows\System32\drivers\atksgt.sys
23:35:27.0690 4256  C:\Windows\System32\drivers\atksgt.sys - ok
23:35:27.0690 4256  [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
23:35:27.0690 4256  C:\Windows\System32\cryptnet.dll - ok
23:35:27.0706 4256  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
23:35:27.0706 4256  C:\Windows\System32\vssapi.dll - ok
23:35:27.0706 4256  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
23:35:27.0706 4256  C:\Windows\System32\vsstrace.dll - ok
23:35:27.0721 4256  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
23:35:27.0721 4256  C:\Windows\System32\wscapi.dll - ok
23:35:27.0721 4256  [ 4F26BB00747D41E7C0FE8EBB2900F862 ] C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
23:35:27.0721 4256  C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe - ok
23:35:27.0721 4256  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
23:35:27.0721 4256  C:\Windows\SysWOW64\ntdll.dll - ok
23:35:27.0737 4256  [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
23:35:27.0737 4256  C:\Windows\System32\wow64.dll - ok
23:35:27.0737 4256  [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
23:35:27.0737 4256  C:\Windows\System32\wow64win.dll - ok
23:35:27.0737 4256  [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
23:35:27.0737 4256  C:\Windows\System32\wow64cpu.dll - ok
23:35:27.0752 4256  [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
23:35:27.0752 4256  C:\Windows\SysWOW64\kernel32.dll - ok
23:35:27.0752 4256  [ 1A91A2598F068384ED0CEEF2E967534E ] C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
23:35:27.0752 4256  C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll - ok
23:35:27.0768 4256  [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
23:35:27.0768 4256  C:\Windows\SysWOW64\KernelBase.dll - ok
23:35:27.0768 4256  [ C339BEE0305EFB934359A90036BD6222 ] C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
23:35:27.0768 4256  C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll - ok
23:35:27.0784 4256  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
23:35:27.0784 4256  C:\Windows\SysWOW64\msvcrt.dll - ok
23:35:27.0784 4256  [ FD4D1CC49EEF4880731499C6B9015BC0 ] C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
23:35:27.0784 4256  C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll - ok
23:35:27.0799 4256  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
23:35:27.0799 4256  C:\Windows\SysWOW64\ws2_32.dll - ok
23:35:27.0799 4256  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
23:35:27.0799 4256  C:\Windows\SysWOW64\rpcrt4.dll - ok
23:35:27.0815 4256  [ A9C47AFBFFAE3DC984EB4121D1A9DCAE ] C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
23:35:27.0815 4256  C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll - ok
23:35:27.0830 4256  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
23:35:27.0830 4256  C:\Windows\SysWOW64\advapi32.dll - ok
23:35:27.0830 4256  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
23:35:27.0830 4256  C:\Windows\SysWOW64\cryptbase.dll - ok
23:35:27.0846 4256  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
23:35:27.0846 4256  C:\Windows\SysWOW64\nsi.dll - ok
23:35:27.0846 4256  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
23:35:27.0846 4256  C:\Windows\SysWOW64\sechost.dll - ok
23:35:27.0862 4256  [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
23:35:27.0862 4256  C:\Windows\SysWOW64\sspicli.dll - ok
23:35:27.0862 4256  [ C5287910F6BD3DC8D0C3E0A7FDFC6E30 ] C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
23:35:27.0862 4256  C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll - ok
23:35:27.0877 4256  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
23:35:27.0877 4256  C:\Windows\SysWOW64\user32.dll - ok
23:35:27.0877 4256  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
23:35:27.0877 4256  C:\Windows\SysWOW64\gdi32.dll - ok
23:35:27.0877 4256  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
23:35:27.0877 4256  C:\Windows\SysWOW64\lpk.dll - ok
23:35:27.0893 4256  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
23:35:27.0893 4256  C:\Windows\SysWOW64\usp10.dll - ok
23:35:27.0908 4256  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
23:35:27.0908 4256  C:\Windows\SysWOW64\imm32.dll - ok
23:35:27.0908 4256  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
23:35:27.0908 4256  C:\Windows\SysWOW64\msctf.dll - ok
23:35:27.0924 4256  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
23:35:27.0924 4256  C:\Windows\System32\dps.dll - ok
23:35:27.0924 4256  [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
23:35:27.0924 4256  C:\Windows\System32\efscore.dll - ok
23:35:27.0940 4256  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
23:35:27.0940 4256  C:\Windows\System32\efssvc.dll - ok
23:35:27.0940 4256  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
23:35:27.0940 4256  C:\Windows\System32\IKEEXT.DLL - ok
23:35:27.0955 4256  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
23:35:27.0955 4256  C:\Windows\SysWOW64\shell32.dll - ok
23:35:27.0955 4256  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
23:35:27.0955 4256  C:\Windows\SysWOW64\version.dll - ok
23:35:27.0971 4256  [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
23:35:27.0971 4256  C:\Windows\System32\efsutil.dll - ok
23:35:27.0971 4256  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
23:35:27.0971 4256  C:\Windows\System32\vpnikeapi.dll - ok
23:35:27.0986 4256  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
23:35:27.0986 4256  C:\Windows\System32\p2pcollab.dll - ok
23:35:27.0986 4256  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
23:35:27.0986 4256  C:\Windows\System32\QAGENTRT.DLL - ok
23:35:27.0986 4256  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
23:35:27.0986 4256  C:\Windows\System32\fveui.dll - ok
23:35:28.0002 4256  [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
23:35:28.0002 4256  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
23:35:28.0002 4256  [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
23:35:28.0002 4256  C:\Windows\System32\slwga.dll - ok
23:35:28.0018 4256  [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
23:35:28.0018 4256  C:\Windows\System32\sppc.dll - ok
23:35:28.0018 4256  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
23:35:28.0018 4256  C:\Windows\System32\taskschd.dll - ok
23:35:28.0018 4256  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
23:35:28.0018 4256  C:\Windows\SysWOW64\shlwapi.dll - ok
23:35:28.0033 4256  [ D73B5BEFC8BB6E877A7E6437E2613FFA ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
23:35:28.0033 4256  C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
23:35:28.0033 4256  [ 108333981C841EB0FF198AA5DFCF3D3B ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:35:28.0033 4256  C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
23:35:28.0049 4256  [ 61DACB0FBB1F7237FFEF769C23C903AF ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
23:35:28.0049 4256  C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
23:35:28.0049 4256  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
23:35:28.0049 4256  C:\Windows\SysWOW64\psapi.dll - ok
23:35:28.0064 4256  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
23:35:28.0064 4256  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
23:35:28.0064 4256  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
23:35:28.0064 4256  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
23:35:28.0080 4256  [ 83BA097ACAAD0B00505634A62D90F93A ] C:\Windows\System32\drivers\lirsgt.sys
23:35:28.0080 4256  C:\Windows\System32\drivers\lirsgt.sys - ok
23:35:28.0080 4256  [ DC6530A291D4BDF6DF399F1F128E7F8F ] C:\Windows\System32\HPZinw12.dll
23:35:28.0080 4256  C:\Windows\System32\HPZinw12.dll - ok
23:35:28.0080 4256  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
23:35:28.0080 4256  C:\Windows\System32\netman.dll - ok
23:35:28.0080 4256  [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
23:35:28.0080 4256  C:\Windows\System32\nlasvc.dll - ok
23:35:28.0096 4256  [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
23:35:28.0096 4256  C:\Windows\System32\ncsi.dll - ok
23:35:28.0096 4256  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
23:35:28.0096 4256  C:\Windows\System32\winhttp.dll - ok
23:35:28.0111 4256  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
23:35:28.0111 4256  C:\Windows\System32\wsock32.dll - ok
23:35:28.0111 4256  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
23:35:28.0111 4256  C:\Windows\System32\aepic.dll - ok
23:35:28.0111 4256  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
23:35:28.0111 4256  C:\Windows\System32\sfc.dll - ok
23:35:28.0127 4256  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
23:35:28.0127 4256  C:\Windows\System32\sfc_os.dll - ok
23:35:28.0127 4256  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
23:35:28.0127 4256  C:\Windows\System32\webio.dll - ok
23:35:28.0142 4256  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
23:35:28.0142 4256  C:\Windows\System32\ssdpapi.dll - ok
23:35:28.0142 4256  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
23:35:28.0142 4256  C:\Windows\SysWOW64\ole32.dll - ok
23:35:28.0142 4256  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
23:35:28.0142 4256  C:\Windows\SysWOW64\mswsock.dll - ok
23:35:28.0158 4256  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
23:35:28.0158 4256  C:\Windows\SysWOW64\profapi.dll - ok
23:35:28.0158 4256  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
23:35:28.0158 4256  C:\Windows\SysWOW64\cryptsp.dll - ok
23:35:28.0158 4256  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
23:35:28.0158 4256  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
23:35:28.0174 4256  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
23:35:28.0174 4256  C:\Windows\SysWOW64\rsaenh.dll - ok
23:35:28.0174 4256  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
23:35:28.0174 4256  C:\Windows\System32\drivers\PEAuth.sys - ok
23:35:28.0189 4256  [ 71F62C51DFDFBC04C83C5C64B2B8058E ] C:\Windows\System32\HPZipm12.dll
23:35:28.0189 4256  C:\Windows\System32\HPZipm12.dll - ok
23:35:28.0189 4256  [ 1713D9DE407313138118D501B0E3C05B ] C:\Windows\SysWOW64\PnkBstrA.exe
23:35:28.0189 4256  C:\Windows\SysWOW64\PnkBstrA.exe - ok
23:35:28.0205 4256  [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
23:35:28.0205 4256  C:\Windows\SysWOW64\crypt32.dll - ok
23:35:28.0205 4256  [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
23:35:28.0205 4256  C:\Windows\SysWOW64\wintrust.dll - ok
23:35:28.0205 4256  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
23:35:28.0205 4256  C:\Windows\SysWOW64\wsock32.dll - ok
23:35:28.0220 4256  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
23:35:28.0220 4256  C:\Windows\SysWOW64\msasn1.dll - ok
23:35:28.0220 4256  [ D5B22AF032300F15D6D99403E017B76F ] C:\Program Files\Macrium\Reflect\ReflectService.exe
23:35:28.0220 4256  C:\Program Files\Macrium\Reflect\ReflectService.exe - ok
23:35:28.0220 4256  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
23:35:28.0220 4256  C:\Windows\System32\IPSECSVC.DLL - ok
23:35:28.0236 4256  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
23:35:28.0236 4256  C:\Windows\System32\FwRemoteSvr.dll - ok
23:35:28.0236 4256  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
23:35:28.0236 4256  C:\Windows\System32\oleacc.dll - ok
23:35:28.0252 4256  [ 0B169FE016039571ECC6DB70073F8979 ] C:\Program Files\CyberLink\Shared files\RichVideo64.exe
23:35:28.0252 4256  C:\Program Files\CyberLink\Shared files\RichVideo64.exe - ok
23:35:28.0252 4256  [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
23:35:28.0252 4256  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
23:35:28.0267 4256  [ 4A5809A1D796E2675AC0332BF7B0CB11 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23:35:28.0267 4256  C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - ok
23:35:28.0267 4256  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
23:35:28.0267 4256  C:\Windows\SysWOW64\oleaut32.dll - ok
23:35:28.0267 4256  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
23:35:28.0267 4256  C:\Windows\SysWOW64\winhttp.dll - ok
23:35:28.0283 4256  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
23:35:28.0283 4256  C:\Windows\SysWOW64\webio.dll - ok
23:35:28.0283 4256  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
23:35:28.0283 4256  C:\Windows\SysWOW64\clbcatq.dll - ok
23:35:28.0298 4256  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
23:35:28.0298 4256  C:\Windows\SysWOW64\SensApi.dll - ok
23:35:28.0298 4256  [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
23:35:28.0298 4256  C:\Windows\SysWOW64\msxml6.dll - ok
23:35:28.0314 4256  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
23:35:28.0314 4256  C:\Windows\System32\cscapi.dll - ok
23:35:28.0314 4256  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
23:35:28.0314 4256  C:\Windows\System32\drivers\secdrv.sys - ok
23:35:28.0314 4256  [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
23:35:28.0314 4256  C:\Windows\System32\drivers\tcpipreg.sys - ok
23:35:28.0330 4256  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
23:35:28.0330 4256  C:\Windows\System32\httpapi.dll - ok
23:35:28.0330 4256  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
23:35:28.0330 4256  C:\Windows\System32\seclogon.dll - ok
23:35:28.0345 4256  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
23:35:28.0345 4256  C:\Windows\System32\sysmain.dll - ok
23:35:28.0345 4256  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
23:35:28.0345 4256  C:\Windows\System32\tapisrv.dll - ok
23:35:28.0345 4256  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
23:35:28.0345 4256  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
23:35:28.0361 4256  [ D6820BDCB8F1E39F355386D0CB52B096 ] C:\Program Files\TightVNC\tvnserver.exe
23:35:28.0361 4256  C:\Program Files\TightVNC\tvnserver.exe - ok
23:35:28.0361 4256  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
23:35:28.0361 4256  C:\Windows\System32\trkwks.dll - ok
23:35:28.0376 4256  [ F22098DBDD13C1221C274496B3E18DA7 ] C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
23:35:28.0376 4256  C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe - ok
23:35:28.0376 4256  [ DAF5E04EB56CD0ED945FB2FDD94812DB ] C:\Windows\System32\drivers\vmnetuserif.sys
23:35:28.0376 4256  C:\Windows\System32\drivers\vmnetuserif.sys - ok
23:35:28.0392 4256  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
23:35:28.0392 4256  C:\Windows\System32\NapiNSP.dll - ok
23:35:28.0392 4256  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
23:35:28.0392 4256  C:\Windows\System32\pnrpnsp.dll - ok
23:35:28.0392 4256  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
23:35:28.0392 4256  C:\Windows\System32\winrnr.dll - ok
23:35:28.0408 4256  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
23:35:28.0408 4256  C:\Windows\SysWOW64\setupapi.dll - ok
23:35:28.0408 4256  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
23:35:28.0408 4256  C:\Windows\SysWOW64\cfgmgr32.dll - ok
23:35:28.0423 4256  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
23:35:28.0423 4256  C:\Windows\SysWOW64\devobj.dll - ok
23:35:28.0423 4256  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
23:35:28.0423 4256  C:\Windows\SysWOW64\shfolder.dll - ok
23:35:28.0423 4256  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
23:35:28.0423 4256  C:\Windows\SysWOW64\ntmarta.dll - ok
23:35:28.0439 4256  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
23:35:28.0439 4256  C:\Windows\SysWOW64\Wldap32.dll - ok
23:35:28.0439 4256  [ 61DA8934252B140C4B568813F543D0D2 ] C:\Windows\SysWOW64\vmnat.exe
23:35:28.0439 4256  C:\Windows\SysWOW64\vmnat.exe - ok
23:35:28.0454 4256  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
23:35:28.0454 4256  C:\Windows\SysWOW64\dnsapi.dll - ok
23:35:28.0454 4256  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
23:35:28.0454 4256  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
23:35:28.0454 4256  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
23:35:28.0454 4256  C:\Windows\SysWOW64\winnsi.dll - ok
23:35:28.0470 4256  [ E61C910E2DDF4797C1B1F9239636E894 ] C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys
23:35:28.0470 4256  C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys - ok
23:35:28.0470 4256  [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:35:28.0470 4256  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
23:35:28.0486 4256  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
23:35:28.0486 4256  C:\Windows\System32\wbem\WMIsvc.dll - ok
23:35:28.0486 4256  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
23:35:28.0486 4256  C:\Windows\System32\wbemcomn.dll - ok
23:35:28.0501 4256  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
23:35:28.0501 4256  C:\Windows\System32\wbem\WinMgmtR.dll - ok
23:35:28.0501 4256  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
23:35:28.0501 4256  C:\Windows\System32\aeevts.dll - ok
23:35:28.0501 4256  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
23:35:28.0501 4256  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
23:35:28.0517 4256  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
23:35:28.0517 4256  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
23:35:28.0517 4256  [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
23:35:28.0517 4256  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
23:35:28.0532 4256  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
23:35:28.0532 4256  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
23:35:28.0532 4256  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
23:35:28.0532 4256  C:\Windows\System32\SensApi.dll - ok
23:35:28.0548 4256  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
23:35:28.0548 4256  C:\Windows\System32\wer.dll - ok
23:35:28.0548 4256  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
23:35:28.0548 4256  C:\Windows\System32\WinSCard.dll - ok
23:35:28.0564 4256  [ 42F0ECAF36636841A4A006850695507F ] C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
23:35:28.0564 4256  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe - ok
23:35:28.0564 4256  [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
23:35:28.0564 4256  C:\Windows\System32\iphlpsvc.dll - ok
23:35:28.0579 4256  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
23:35:28.0579 4256  C:\Windows\System32\sqmapi.dll - ok
23:35:28.0579 4256  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
23:35:28.0579 4256  C:\Windows\System32\wdscore.dll - ok
23:35:28.0595 4256  [ 8CE1A6D16B9077E91E192499EB611C5F ] C:\Windows\SysWOW64\netapi32.dll
23:35:28.0595 4256  C:\Windows\SysWOW64\netapi32.dll - ok
23:35:28.0595 4256  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
23:35:28.0595 4256  C:\Windows\SysWOW64\netutils.dll - ok
23:35:28.0610 4256  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
23:35:28.0610 4256  C:\Windows\SysWOW64\srvcli.dll - ok
23:35:28.0626 4256  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
23:35:28.0626 4256  C:\Windows\SysWOW64\wkscli.dll - ok
23:35:28.0626 4256  [ 937F5798F0B94B3217E27E881203D7E8 ] C:\Program Files (x86)\VMware\VMware Player\vmwarebase.dll
23:35:28.0626 4256  C:\Program Files (x86)\VMware\VMware Player\vmwarebase.dll - ok
23:35:28.0642 4256  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
23:35:28.0642 4256  C:\Windows\System32\eappprxy.dll - ok
23:35:28.0642 4256  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
23:35:28.0642 4256  C:\Windows\System32\rasmans.dll - ok
23:35:28.0642 4256  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
23:35:28.0642 4256  C:\Windows\SysWOW64\samcli.dll - ok
23:35:28.0657 4256  [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
23:35:28.0657 4256  C:\Windows\System32\rastapi.dll - ok
23:35:28.0657 4256  [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
23:35:28.0657 4256  C:\Windows\System32\tapi32.dll - ok
23:35:28.0673 4256  [ 85C3AB8341F13E94B16FE9A69582A42F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
23:35:28.0673 4256  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
23:35:28.0673 4256  [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
23:35:28.0673 4256  C:\Windows\System32\msxml3.dll - ok
23:35:28.0673 4256  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
23:35:28.0673 4256  C:\Windows\System32\netcfgx.dll - ok
23:35:28.0688 4256  [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
23:35:28.0688 4256  C:\Windows\System32\unimdm.tsp - ok
23:35:28.0688 4256  [ 2472BDF30C62F3E81AE27A968C25608C ] C:\Windows\System32\unimdmat.dll
23:35:28.0688 4256  C:\Windows\System32\unimdmat.dll - ok
23:35:28.0704 4256  [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
23:35:28.0704 4256  C:\Windows\System32\uniplat.dll - ok
23:35:28.0704 4256  [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
23:35:28.0704 4256  C:\Windows\System32\kmddsp.tsp - ok
23:35:28.0720 4256  [ C1446A66BB89FC3AA2485C67562247DA ] C:\Windows\System32\modemui.dll
23:35:28.0720 4256  C:\Windows\System32\modemui.dll - ok
23:35:28.0720 4256  [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
23:35:28.0720 4256  C:\Windows\System32\ndptsp.tsp - ok
23:35:28.0720 4256  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
23:35:28.0720 4256  C:\Windows\System32\hnetcfg.dll - ok
23:35:28.0735 4256  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
23:35:28.0735 4256  C:\Windows\System32\nci.dll - ok
23:35:28.0735 4256  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
23:35:28.0735 4256  C:\Windows\System32\wbem\wbemprox.dll - ok
23:35:28.0751 4256  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
23:35:28.0751 4256  C:\Windows\System32\wbem\fastprox.dll - ok
23:35:28.0751 4256  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
23:35:28.0751 4256  C:\Windows\System32\dllhost.exe - ok
23:35:28.0766 4256  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
23:35:28.0766 4256  C:\Windows\System32\ntdsapi.dll - ok
23:35:28.0766 4256  [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
23:35:28.0766 4256  C:\Windows\System32\hidphone.tsp - ok
23:35:28.0766 4256  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
23:35:28.0766 4256  C:\Windows\System32\wbem\wbemcore.dll - ok
23:35:28.0782 4256  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
23:35:28.0782 4256  C:\Windows\System32\wbem\esscli.dll - ok
23:35:28.0782 4256  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
23:35:28.0782 4256  C:\Windows\System32\wbem\wbemsvc.dll - ok
23:35:28.0798 4256  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
23:35:28.0798 4256  C:\Windows\System32\wbem\wmiutils.dll - ok
23:35:28.0798 4256  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
23:35:28.0798 4256  C:\Windows\System32\eappcfg.dll - ok
23:35:28.0813 4256  [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
23:35:28.0813 4256  C:\Windows\System32\rasppp.dll - ok
23:35:28.0813 4256  [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
23:35:28.0813 4256  C:\Windows\System32\vpnike.dll - ok
23:35:28.0813 4256  [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
23:35:28.0813 4256  C:\Windows\System32\raschap.dll - ok
23:35:28.0829 4256  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
23:35:28.0829 4256  C:\Windows\System32\wbem\repdrvfs.dll - ok
23:35:28.0829 4256  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
23:35:28.0829 4256  C:\Windows\System32\ncobjapi.dll - ok
23:35:28.0844 4256  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
23:35:28.0844 4256  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
23:35:28.0844 4256  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
23:35:28.0844 4256  C:\Windows\System32\wbem\wbemess.dll - ok
23:35:28.0844 4256  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
23:35:28.0844 4256  C:\Windows\SysWOW64\winmm.dll - ok
23:35:28.0860 4256  [ 8E87270C4704CF2951E1E7820D6C8A2B ] C:\Windows\SysWOW64\wininet.dll
23:35:28.0860 4256  C:\Windows\SysWOW64\wininet.dll - ok
23:35:28.0860 4256  [ C516284DE6DB833E77CC0E5217CDC6AA ] C:\Windows\SysWOW64\iertutil.dll
23:35:28.0860 4256  C:\Windows\SysWOW64\iertutil.dll - ok
23:35:28.0876 4256  [ 1408CF9B0DD2AAA80D8E7087C8A2E3BC ] C:\Windows\SysWOW64\urlmon.dll
23:35:28.0876 4256  C:\Windows\SysWOW64\urlmon.dll - ok
23:35:28.0876 4256  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
23:35:28.0876 4256  C:\Windows\SysWOW64\mpr.dll - ok
23:35:28.0876 4256  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
23:35:28.0876 4256  C:\Windows\SysWOW64\cryptui.dll - ok
23:35:28.0891 4256  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
23:35:28.0891 4256  C:\Windows\SysWOW64\userenv.dll - ok
23:35:28.0891 4256  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
23:35:28.0891 4256  C:\Windows\SysWOW64\winspool.drv - ok
23:35:28.0907 4256  [ BB8525932CB18373E41DBD17F18EB252 ] C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
23:35:28.0907 4256  C:\Program Files (x86)\VMware\VMware Player\libxml2.dll - ok
23:35:28.0907 4256  [ 62BD35D531FC7CD81EC1F44949DE589A ] C:\Program Files (x86)\VMware\VMware Player\iconv.dll
23:35:28.0907 4256  C:\Program Files (x86)\VMware\VMware Player\iconv.dll - ok
23:35:28.0922 4256  [ 32FE7B487CE42342311491BD9EA80439 ] C:\Program Files (x86)\VMware\VMware Player\zlib1.dll
23:35:28.0922 4256  C:\Program Files (x86)\VMware\VMware Player\zlib1.dll - ok
23:35:28.0922 4256  [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
23:35:28.0922 4256  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
23:35:28.0938 4256  [ CEE260867EF4D729F9CE164FE51D3B51 ] C:\Program Files (x86)\VMware\VMware Player\libeay32.dll
23:35:28.0938 4256  C:\Program Files (x86)\VMware\VMware Player\libeay32.dll - ok
23:35:28.0938 4256  [ 675AAFE80FDCB8723CF1B49F03BCCD0F ] C:\Program Files (x86)\VMware\VMware Player\ssleay32.dll
23:35:28.0938 4256  C:\Program Files (x86)\VMware\VMware Player\ssleay32.dll - ok
23:35:28.0954 4256  [ 4C8927595E18017F9C1716370F572B7D ] C:\Windows\SysWOW64\vmnetdhcp.exe
23:35:28.0954 4256  C:\Windows\SysWOW64\vmnetdhcp.exe - ok
23:35:28.0954 4256  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
23:35:28.0954 4256  C:\Windows\System32\ipnathlp.dll - ok
23:35:28.0954 4256  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
23:35:28.0954 4256  C:\Windows\System32\mprapi.dll - ok


#6 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 08 March 2013 - 12:01 AM

tdskiller log - part 4

 

 

23:35:28.0969 4256  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
23:35:28.0969 4256  C:\Windows\System32\netshell.dll - ok
23:35:28.0969 4256  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
23:35:28.0969 4256  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
23:35:28.0985 4256  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
23:35:28.0985 4256  C:\Windows\System32\IDStore.dll - ok
23:35:28.0985 4256  [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
23:35:28.0985 4256  C:\Windows\System32\taskhost.exe - ok
23:35:28.0985 4256  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
23:35:28.0985 4256  C:\Windows\System32\AtBroker.exe - ok
23:35:29.0000 4256  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
23:35:29.0000 4256  C:\Windows\System32\mpr.dll - ok
23:35:29.0000 4256  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
23:35:29.0000 4256  C:\Windows\System32\PlaySndSrv.dll - ok
23:35:29.0016 4256  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
23:35:29.0016 4256  C:\Windows\System32\taskeng.exe - ok
23:35:29.0016 4256  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
23:35:29.0016 4256  C:\Windows\System32\userinit.exe - ok
23:35:29.0032 4256  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
23:35:29.0032 4256  C:\Windows\System32\dwm.exe - ok
23:35:29.0032 4256  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
23:35:29.0032 4256  C:\Windows\System32\dwmredir.dll - ok
23:35:29.0047 4256  [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\offreg.dll
23:35:29.0047 4256  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DDB551-8CD9-4CC3-AA85-1944164A595F}\offreg.dll - ok
23:35:29.0047 4256  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
23:35:29.0047 4256  C:\Windows\explorer.exe - ok
23:35:29.0047 4256  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
23:35:29.0047 4256  C:\Windows\System32\dwmcore.dll - ok
23:35:29.0063 4256  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
23:35:29.0063 4256  C:\Windows\System32\d3d10_1.dll - ok
23:35:29.0063 4256  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
23:35:29.0063 4256  C:\Windows\System32\TSChannel.dll - ok
23:35:29.0078 4256  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
23:35:29.0078 4256  C:\Windows\System32\d3d10_1core.dll - ok
23:35:29.0078 4256  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
23:35:29.0078 4256  C:\Windows\System32\dxgi.dll - ok
23:35:29.0094 4256  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
23:35:29.0094 4256  C:\Windows\System32\d3d11.dll - ok
23:35:29.0094 4256  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:35:29.0094 4256  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
23:35:29.0094 4256  [ 4FF9D0D5FEC26D9F2312A8C15CA59C8F ] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
23:35:29.0094 4256  C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe - ok
23:35:29.0110 4256  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
23:35:29.0110 4256  C:\Windows\System32\ExplorerFrame.dll - ok
23:35:29.0110 4256  [ D1F1D20DADF0C6882306126026E54EE2 ] C:\Windows\System32\aticfx64.dll
23:35:29.0110 4256  C:\Windows\System32\aticfx64.dll - ok
23:35:29.0125 4256  [ 1C045AA40FC86CAF02D64B6218DC1DD6 ] C:\Windows\System32\atiuxp64.dll
23:35:29.0125 4256  C:\Windows\System32\atiuxp64.dll - ok
23:35:29.0125 4256  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
23:35:29.0125 4256  C:\Windows\System32\wpdbusenum.dll - ok
23:35:29.0141 4256  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
23:35:29.0141 4256  C:\Windows\System32\wdi.dll - ok
23:35:29.0141 4256  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
23:35:29.0141 4256  C:\Windows\System32\npmproxy.dll - ok
23:35:29.0141 4256  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
23:35:29.0141 4256  C:\Windows\System32\diagperf.dll - ok
23:35:29.0156 4256  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
23:35:29.0156 4256  C:\Windows\System32\perftrack.dll - ok
23:35:29.0156 4256  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
23:35:29.0156 4256  C:\Windows\System32\PortableDeviceApi.dll - ok
23:35:29.0156 4256  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
23:35:29.0156 4256  C:\Windows\System32\Apphlpdm.dll - ok
23:35:29.0172 4256  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
23:35:29.0172 4256  C:\Windows\System32\pnpts.dll - ok
23:35:29.0172 4256  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
23:35:29.0172 4256  C:\Windows\System32\wdiasqmmodule.dll - ok
23:35:29.0188 4256  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
23:35:29.0188 4256  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
23:35:29.0188 4256  [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
23:35:29.0188 4256  C:\Windows\System32\dxva2.dll - ok
23:35:29.0203 4256  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
23:35:29.0203 4256  C:\Windows\System32\MsCtfMonitor.dll - ok
23:35:29.0203 4256  [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
23:35:29.0203 4256  C:\Windows\System32\drivers\WUDFRd.sys - ok
23:35:29.0203 4256  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
23:35:29.0203 4256  C:\Windows\System32\EhStorShell.dll - ok
23:35:29.0219 4256  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
23:35:29.0219 4256  C:\Windows\System32\IconCodecService.dll - ok
23:35:29.0219 4256  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
23:35:29.0219 4256  C:\Windows\System32\msutb.dll - ok
23:35:29.0234 4256  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
23:35:29.0234 4256  C:\Windows\System32\ntshrui.dll - ok
23:35:29.0234 4256  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
23:35:29.0234 4256  C:\Windows\SysWOW64\uxtheme.dll - ok
23:35:29.0250 4256  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
23:35:29.0250 4256  C:\Windows\System32\HotStartUserAgent.dll - ok
23:35:29.0250 4256  [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
23:35:29.0250 4256  C:\Windows\System32\icm32.dll - ok
23:35:29.0266 4256  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
23:35:29.0266 4256  C:\Windows\System32\runonce.exe - ok
23:35:29.0266 4256  [ 6935BD1DD8CD2149DAC2C395F33EFF08 ] C:\Windows\System32\atidxx64.dll
23:35:29.0266 4256  C:\Windows\System32\atidxx64.dll - ok
23:35:29.0266 4256  [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
23:35:29.0266 4256  C:\Windows\System32\WUDFHost.exe - ok
23:35:29.0281 4256  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
23:35:29.0281 4256  C:\Windows\SysWOW64\dwmapi.dll - ok
23:35:29.0281 4256  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
23:35:29.0281 4256  C:\Windows\SysWOW64\runonce.exe - ok
23:35:29.0297 4256  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
23:35:29.0297 4256  C:\Windows\System32\radardt.dll - ok
23:35:29.0297 4256  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
23:35:29.0297 4256  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
23:35:29.0312 4256  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
23:35:29.0312 4256  C:\Windows\System32\dimsjob.dll - ok
23:35:29.0312 4256  [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
23:35:29.0312 4256  C:\Windows\System32\WUDFx.dll - ok
23:35:29.0312 4256  [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
23:35:29.0312 4256  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
23:35:29.0328 4256  [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
23:35:29.0328 4256  C:\Windows\System32\WMVCORE.DLL - ok
23:35:29.0328 4256  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
23:35:29.0328 4256  C:\Windows\SysWOW64\propsys.dll - ok
23:35:29.0344 4256  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
23:35:29.0344 4256  C:\Windows\System32\pautoenr.dll - ok
23:35:29.0344 4256  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
23:35:29.0344 4256  C:\Windows\System32\certcli.dll - ok
23:35:29.0359 4256  [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
23:35:29.0359 4256  C:\Windows\System32\tdh.dll - ok
23:35:29.0359 4256  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
23:35:29.0359 4256  C:\Windows\System32\CertEnroll.dll - ok
23:35:29.0359 4256  [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
23:35:29.0359 4256  C:\Windows\SysWOW64\secur32.dll - ok
23:35:29.0375 4256  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
23:35:29.0375 4256  C:\Windows\System32\pnidui.dll - ok
23:35:29.0375 4256  [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
23:35:29.0375 4256  C:\Windows\System32\WMASF.DLL - ok
23:35:29.0390 4256  [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
23:35:29.0390 4256  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
23:35:29.0390 4256  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
23:35:29.0390 4256  C:\Windows\System32\wmp.dll - ok
23:35:29.0390 4256  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
23:35:29.0390 4256  C:\Windows\System32\PortableDeviceTypes.dll - ok
23:35:29.0406 4256  [ 4783BC9E09B35489A5384AC5DB074418 ] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
23:35:29.0406 4256  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe - ok
23:35:29.0406 4256  [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Windows\System32\msvcp110.dll
23:35:29.0406 4256  C:\Windows\System32\msvcp110.dll - ok
23:35:29.0422 4256  [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Windows\System32\msvcr110.dll
23:35:29.0422 4256  C:\Windows\System32\msvcr110.dll - ok
23:35:29.0422 4256  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll
23:35:29.0422 4256  C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll - ok
23:35:29.0437 4256  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
23:35:29.0437 4256  C:\Windows\System32\msimg32.dll - ok
23:35:29.0437 4256  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
23:35:29.0437 4256  C:\Windows\System32\dbghelp.dll - ok
23:35:29.0437 4256  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
23:35:29.0437 4256  C:\Windows\SysWOW64\apphelp.dll - ok
23:35:29.0453 4256  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
23:35:29.0453 4256  C:\Windows\System32\uDWM.dll - ok
23:35:29.0453 4256  [ 6C8EB0C50C276FE26DB2058A836D0280 ] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
23:35:29.0453 4256  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe - ok
23:35:29.0468 4256  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
23:35:29.0468 4256  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
23:35:29.0468 4256  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
23:35:29.0468 4256  C:\Windows\SysWOW64\imagehlp.dll - ok
23:35:29.0484 4256  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
23:35:29.0484 4256  C:\Windows\SysWOW64\msi.dll - ok
23:35:29.0484 4256  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
23:35:29.0484 4256  C:\Windows\SysWOW64\perfos.dll - ok
23:35:29.0484 4256  [ 752F8E96BAB993517838315508FB82CB ] C:\Windows\SysWOW64\perfproc.dll
23:35:29.0484 4256  C:\Windows\SysWOW64\perfproc.dll - ok
23:35:29.0500 4256  [ A9E7EA6AFC08C0EE00B4E71A7704C646 ] C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll
23:35:29.0500 4256  C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll - ok
23:35:29.0500 4256  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
23:35:29.0500 4256  C:\Windows\System32\dssenh.dll - ok
23:35:29.0515 4256  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
23:35:29.0515 4256  C:\Windows\SysWOW64\cmd.exe - ok
23:35:29.0515 4256  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
23:35:29.0515 4256  C:\Windows\SysWOW64\winbrand.dll - ok
23:35:29.0531 4256  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
23:35:29.0531 4256  C:\Windows\System32\aelupsvc.dll - ok
23:35:29.0531 4256  [ 8DCDD0B5939043A1EC98C6F168A56B16 ] C:\Windows\SysWOW64\ieframe.dll
23:35:29.0531 4256  C:\Windows\SysWOW64\ieframe.dll - ok
23:35:29.0531 4256  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
23:35:29.0531 4256  C:\Windows\SysWOW64\oleacc.dll - ok
23:35:29.0546 4256  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
23:35:29.0546 4256  C:\Windows\SysWOW64\shdocvw.dll - ok
23:35:29.0546 4256  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
23:35:29.0546 4256  C:\Windows\SysWOW64\cscapi.dll - ok
23:35:29.0562 4256  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
23:35:29.0562 4256  C:\Windows\SysWOW64\dbghelp.dll - ok
23:35:29.0562 4256  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\owner\AppData\Local\Temp\0AF0DC9A-9ED4-4AF9-8EF9-8BA195C6E203.exe
23:35:29.0562 4256  C:\Users\owner\AppData\Local\Temp\0AF0DC9A-9ED4-4AF9-8EF9-8BA195C6E203.exe - ok
23:35:29.0562 4256  [ 859CFCE4A0F72916911BD9F6C6E84581 ] C:\Windows\SysWOW64\ncrypt.dll
23:35:29.0562 4256  C:\Windows\SysWOW64\ncrypt.dll - ok
23:35:29.0578 4256  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
23:35:29.0578 4256  C:\Windows\SysWOW64\bcrypt.dll - ok
23:35:29.0578 4256  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
23:35:29.0578 4256  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
23:35:29.0578 4256  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
23:35:29.0578 4256  C:\Windows\SysWOW64\gpapi.dll - ok
23:35:29.0593 4256  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
23:35:29.0593 4256  C:\Windows\System32\drivers\nwifi.sys - ok
23:35:29.0593 4256  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
23:35:29.0593 4256  C:\Windows\System32\msi.dll - ok
23:35:29.0609 4256  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
23:35:29.0609 4256  C:\Windows\System32\wlansvc.dll - ok
23:35:29.0609 4256  [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
23:35:29.0609 4256  C:\Windows\SysWOW64\cryptnet.dll - ok
23:35:29.0609 4256  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
23:35:29.0609 4256  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
23:35:29.0624 4256  [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
23:35:29.0624 4256  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
23:35:29.0624 4256  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
23:35:29.0624 4256  C:\Windows\SysWOW64\mstask.dll - ok
23:35:29.0640 4256  [ 6A83403CDE15B2C7AA7DDB5138E31091 ] C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll
23:35:29.0640 4256  C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll - ok
23:35:29.0640 4256  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
23:35:29.0640 4256  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
23:35:29.0656 4256  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
23:35:29.0656 4256  C:\Windows\SysWOW64\EhStorShell.dll - ok
23:35:29.0656 4256  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
23:35:29.0656 4256  C:\Windows\SysWOW64\ntshrui.dll - ok
23:35:29.0656 4256  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
23:35:29.0656 4256  C:\Windows\SysWOW64\slc.dll - ok
23:35:29.0671 4256  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
23:35:29.0671 4256  C:\Windows\SysWOW64\imageres.dll - ok
23:35:29.0671 4256  [ 536EFCE2544EBFD209EDED39CAA3901A ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
23:35:29.0671 4256  C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe - ok
23:35:29.0687 4256  [ 30426544CDDC55B8B71DEB556722ECE3 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
23:35:29.0687 4256  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok
23:35:29.0687 4256  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
23:35:29.0687 4256  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
23:35:29.0702 4256  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
23:35:29.0702 4256  C:\Windows\SysWOW64\msvcp71.dll - ok
23:35:29.0702 4256  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
23:35:29.0702 4256  C:\Windows\SysWOW64\msvcr71.dll - ok
23:35:29.0702 4256  [ 45C62DA229562EEC381F45ECE16A3DF5 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
23:35:29.0702 4256  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok
23:35:29.0718 4256  [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\Windows\SysWOW64\MFC71u.dll
23:35:29.0718 4256  C:\Windows\SysWOW64\MFC71u.dll - ok
23:35:29.0718 4256  [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
23:35:29.0718 4256  C:\Windows\SysWOW64\msxml3.dll - ok
23:35:29.0734 4256  [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
23:35:29.0734 4256  C:\Windows\SysWOW64\drprov.dll - ok
23:35:29.0734 4256  [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
23:35:29.0734 4256  C:\Windows\SysWOW64\ntlanman.dll - ok
23:35:29.0749 4256  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
23:35:29.0749 4256  C:\Windows\SysWOW64\winsta.dll - ok
23:35:29.0749 4256  [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
23:35:29.0749 4256  C:\Windows\SysWOW64\davclnt.dll - ok
23:35:29.0749 4256  [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
23:35:29.0749 4256  C:\Windows\SysWOW64\davhlpr.dll - ok
23:35:29.0765 4256  [ A5AE43814CA4082A57ACFAB74AC81DF7 ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll
23:35:29.0765 4256  C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll - ok
23:35:29.0765 4256  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
23:35:29.0765 4256  C:\Windows\SysWOW64\linkinfo.dll - ok
23:35:29.0780 4256  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
23:35:29.0780 4256  C:\Windows\SysWOW64\xmllite.dll - ok
23:35:29.0780 4256  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
23:35:29.0780 4256  C:\Windows\SysWOW64\sfc.dll - ok
23:35:29.0796 4256  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
23:35:29.0796 4256  C:\Windows\SysWOW64\sfc_os.dll - ok
23:35:29.0796 4256  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
23:35:29.0796 4256  C:\Windows\SysWOW64\devrtl.dll - ok
23:35:29.0812 4256  [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
23:35:29.0812 4256  C:\Windows\System32\ie4uinit.exe - ok
23:35:29.0812 4256  [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
23:35:29.0812 4256  C:\Windows\System32\iedkcs32.dll - ok
23:35:29.0827 4256  [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
23:35:29.0827 4256  C:\Windows\System32\themeui.dll - ok
23:35:29.0827 4256  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
23:35:29.0827 4256  C:\Windows\System32\timedate.cpl - ok
23:35:29.0843 4256  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
23:35:29.0843 4256  C:\Windows\System32\actxprxy.dll - ok
23:35:29.0843 4256  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
23:35:29.0843 4256  C:\Windows\SysWOW64\credssp.dll - ok
23:35:29.0858 4256  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
23:35:29.0858 4256  C:\Windows\SysWOW64\wship6.dll - ok
23:35:29.0858 4256  [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
23:35:29.0858 4256  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
23:35:29.0874 4256  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
23:35:29.0874 4256  C:\Windows\SysWOW64\rasadhlp.dll - ok
23:35:29.0874 4256  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
23:35:29.0874 4256  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
23:35:29.0890 4256  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
23:35:29.0890 4256  C:\Windows\System32\shdocvw.dll - ok
23:35:29.0890 4256  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
23:35:29.0890 4256  C:\Windows\System32\linkinfo.dll - ok
23:35:29.0905 4256  [ FC3A5E13D26C131E6BB39094D9ACD1F6 ] C:\Windows\System32\ieframe.dll
23:35:29.0905 4256  C:\Windows\System32\ieframe.dll - ok
23:35:29.0905 4256  [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
23:35:29.0905 4256  C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
23:35:29.0905 4256  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
23:35:29.0905 4256  C:\Windows\System32\msftedit.dll - ok
23:35:29.0921 4256  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
23:35:29.0921 4256  C:\Windows\System32\msls31.dll - ok
23:35:29.0921 4256  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
23:35:29.0921 4256  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
23:35:29.0936 4256  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
23:35:29.0936 4256  C:\Windows\System32\gameux.dll - ok
23:35:29.0936 4256  [ 23EAF538A16D9AD86AF4F7DAB97B2255 ] C:\Windows\System32\igfxtray.exe
23:35:29.0936 4256  C:\Windows\System32\igfxtray.exe - ok
23:35:29.0936 4256  [ 5A38C3824D092F7BDA3FB7F1D77F1632 ] C:\Windows\System32\hccutils.dll
23:35:29.0936 4256  C:\Windows\System32\hccutils.dll - ok
23:35:29.0952 4256  [ 4755E801D3DD4BCF349C5A45131CD836 ] C:\Windows\System32\hkcmd.exe
23:35:29.0952 4256  C:\Windows\System32\hkcmd.exe - ok
23:35:29.0952 4256  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
23:35:29.0952 4256  C:\Windows\System32\thumbcache.dll - ok
23:35:29.0952 4256  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
23:35:29.0952 4256  C:\Windows\System32\networkexplorer.dll - ok
23:35:29.0968 4256  [ 2E9F559A8F646CFAD697C5EF3EFE78C1 ] C:\Windows\System32\igfxsrvc.exe
23:35:29.0968 4256  C:\Windows\System32\igfxsrvc.exe - ok
23:35:29.0968 4256  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
23:35:29.0968 4256  C:\Windows\System32\msiltcfg.dll - ok
23:35:29.0983 4256  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
23:35:29.0983 4256  C:\Windows\System32\DeviceCenter.dll - ok
23:35:29.0983 4256  [ DF7AAE45A118B23D83AD3030F68B9C0D ] C:\Windows\System32\igfxpers.exe
23:35:29.0983 4256  C:\Windows\System32\igfxpers.exe - ok
23:35:29.0999 4256  [ 3911917B93DD9023DAA8258147AA7BCF ] C:\Program Files\Microsoft Security Client\msseces.exe
23:35:29.0999 4256  C:\Program Files\Microsoft Security Client\msseces.exe - ok
23:35:29.0999 4256  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
23:35:29.0999 4256  C:\Windows\System32\mlang.dll - ok
23:35:29.0999 4256  [ 0AB663D0AD686CC6FD5EB02665C81A30 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
23:35:29.0999 4256  C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe - ok
23:35:30.0014 4256  [ 2E01A1ECC04615F4F7C5F7AE16A1B18D ] C:\Users\owner\Desktop\bitcoin\bitcoin-0.8.0-win32\bitcoin-qt.exe
23:35:30.0014 4256  C:\Users\owner\Desktop\bitcoin\bitcoin-0.8.0-win32\bitcoin-qt.exe - ok
23:35:30.0014 4256  [ DE2BD8CD77E3055ADF306A6F1EFDCA3E ] C:\Program Files (x86)\ATI Technologies\HydraVision\hydraenu.dll
23:35:30.0014 4256  C:\Program Files (x86)\ATI Technologies\HydraVision\hydraenu.dll - ok
23:35:30.0030 4256  [ 25107F58D1B8F60D67D1EE95798C0DE8 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
23:35:30.0030 4256  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
23:35:30.0030 4256  [ 8608FB2C0383CDECD405E2611F04ED68 ] C:\Windows\SysWOW64\atiadlxy.dll
23:35:30.0030 4256  C:\Windows\SysWOW64\atiadlxy.dll - ok
23:35:30.0046 4256  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
23:35:30.0046 4256  C:\Windows\SysWOW64\mscoree.dll - ok
23:35:30.0046 4256  [ 4C06A4210D028192A88F41013A72163B ] C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
23:35:30.0046 4256  C:\Program Files (x86)\VMware\VMware Player\hqtray.exe - ok
23:35:30.0061 4256  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
23:35:30.0061 4256  C:\Windows\SysWOW64\wtsapi32.dll - ok
23:35:30.0061 4256  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
23:35:30.0061 4256  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
23:35:30.0061 4256  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
23:35:30.0061 4256  C:\Windows\System32\drprov.dll - ok
23:35:30.0077 4256  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
23:35:30.0077 4256  C:\Windows\System32\ntlanman.dll - ok
23:35:30.0077 4256  [ 7C3218CE118044136BF3FFD00755A70C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
23:35:30.0077 4256  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
23:35:30.0092 4256  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
23:35:30.0092 4256  C:\Windows\System32\davclnt.dll - ok
23:35:30.0092 4256  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
23:35:30.0092 4256  C:\Windows\System32\davhlpr.dll - ok
23:35:30.0108 4256  [ A905E156A7D52B55892C3255670FE97B ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
23:35:30.0108 4256  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
23:35:30.0108 4256  [ 013F05784A4BD193C9CD1817ACC31B6B ] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
23:35:30.0108 4256  C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe - ok
23:35:30.0108 4256  [ 4552F8F61A7975C2359D19673483604D ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
23:35:30.0108 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
23:35:30.0124 4256  [ 397FB0827E0D132A9232272F54D4468B ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
23:35:30.0124 4256  C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll - ok
23:35:30.0124 4256  [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
23:35:30.0124 4256  C:\Windows\SysWOW64\hid.dll - ok
23:35:30.0139 4256  [ D709E430A8806C40BBCCC69E88049D0B ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
23:35:30.0139 4256  C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe - ok
23:35:30.0139 4256  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
23:35:30.0139 4256  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
23:35:30.0155 4256  [ 0C8BA5AA4B278297F2344EFBE1098863 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll
23:35:30.0155 4256  C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll - ok
23:35:30.0155 4256  [ C861851A0BBD9903E324487011AA3705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
23:35:30.0155 4256  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
23:35:30.0170 4256  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
23:35:30.0170 4256  C:\Windows\System32\mscoree.dll - ok
23:35:30.0170 4256  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
23:35:30.0170 4256  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
23:35:30.0170 4256  [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
23:35:30.0170 4256  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
23:35:30.0186 4256  [ C2335D714EFAFFFB4C7A3C164F2024B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
23:35:30.0186 4256  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok
23:35:30.0186 4256  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
23:35:30.0186 4256  C:\Windows\System32\stobject.dll - ok
23:35:30.0202 4256  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
23:35:30.0202 4256  C:\Windows\System32\batmeter.dll - ok
23:35:30.0202 4256  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
23:35:30.0202 4256  C:\Windows\System32\fdProxy.dll - ok
23:35:30.0217 4256  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
23:35:30.0217 4256  C:\Windows\System32\prnfldr.dll - ok
23:35:30.0217 4256  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
23:35:30.0217 4256  C:\Windows\SysWOW64\comdlg32.dll - ok
23:35:30.0217 4256  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
23:35:30.0217 4256  C:\Windows\System32\DXP.dll - ok
23:35:30.0233 4256  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
23:35:30.0233 4256  C:\Windows\System32\Syncreg.dll - ok
23:35:30.0248 4256  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
23:35:30.0248 4256  C:\Windows\ehome\ehSSO.dll - ok
23:35:30.0248 4256  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
23:35:30.0248 4256  C:\Windows\System32\AltTab.dll - ok
23:35:30.0248 4256  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
23:35:30.0248 4256  C:\Windows\System32\WPDShServiceObj.dll - ok
23:35:30.0264 4256  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
23:35:30.0264 4256  C:\Windows\System32\msvcr100_clr0400.dll - ok
23:35:30.0264 4256  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
23:35:30.0264 4256  C:\Windows\System32\QUTIL.DLL - ok
23:35:30.0280 4256  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
23:35:30.0280 4256  C:\Windows\System32\bthprops.cpl - ok
23:35:30.0280 4256  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
23:35:30.0280 4256  C:\Windows\System32\srchadmin.dll - ok
23:35:30.0295 4256  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
23:35:30.0295 4256  C:\Windows\System32\SearchIndexer.exe - ok
23:35:30.0311 4256  [ C61D476C867D215FB9CE136CE6BF0C14 ] C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
23:35:30.0311 4256  C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll - ok
23:35:30.0311 4256  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
23:35:30.0311 4256  C:\Windows\System32\tquery.dll - ok
23:35:30.0326 4256  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
23:35:30.0326 4256  C:\Windows\System32\rasdlg.dll - ok
23:35:30.0326 4256  [ 9EBE611C09A86FB289AF8BC1B2A92683 ] C:\Windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
23:35:30.0326 4256  C:\Windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll - ok
23:35:30.0342 4256  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
23:35:30.0342 4256  C:\Windows\System32\dot3api.dll - ok
23:35:30.0342 4256  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
23:35:30.0342 4256  C:\Windows\System32\wlanhlp.dll - ok
23:35:30.0342 4256  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
23:35:30.0342 4256  C:\Windows\System32\wlanapi.dll - ok
23:35:30.0358 4256  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
23:35:30.0358 4256  C:\Windows\System32\mssrch.dll - ok
23:35:30.0358 4256  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
23:35:30.0358 4256  C:\Windows\System32\wlanutil.dll - ok
23:35:30.0373 4256  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
23:35:30.0373 4256  C:\Windows\System32\onex.dll - ok
23:35:30.0373 4256  [ 111B5122774B2F1F5ADA919188F5378A ] C:\Windows\System32\igfxsrvc.dll
23:35:30.0373 4256  C:\Windows\System32\igfxsrvc.dll - ok
23:35:30.0389 4256  [ ED672763D10E7FEF4837B26C32B51696 ] C:\Windows\System32\igfxdev.dll
23:35:30.0389 4256  C:\Windows\System32\igfxdev.dll - ok
23:35:30.0389 4256  [ 635958B47D579344DC023AE324E05B43 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\5eeca24ada8f0fed132d1450c01f880a\mscorlib.ni.dll
23:35:30.0389 4256  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\5eeca24ada8f0fed132d1450c01f880a\mscorlib.ni.dll - ok
23:35:30.0389 4256  [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
23:35:30.0389 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
23:35:30.0404 4256  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
23:35:30.0404 4256  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
23:35:30.0404 4256  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
23:35:30.0404 4256  C:\Windows\System32\esent.dll - ok
23:35:30.0420 4256  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
23:35:30.0420 4256  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
23:35:30.0420 4256  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
23:35:30.0420 4256  C:\Windows\System32\WWanAPI.dll - ok
23:35:30.0436 4256  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
23:35:30.0436 4256  C:\Windows\System32\wwapi.dll - ok
23:35:30.0436 4256  [ 885A88C268C23618AFB937F1ECE56A20 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
23:35:30.0436 4256  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
23:35:30.0436 4256  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
23:35:30.0436 4256  C:\Windows\System32\QAGENT.DLL - ok
23:35:30.0451 4256  [ 26A68554F95A344B62E5771AF598E0E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
23:35:30.0451 4256  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok
23:35:30.0451 4256  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
23:35:30.0451 4256  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
23:35:30.0467 4256  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
23:35:30.0467 4256  C:\Windows\System32\msidle.dll - ok
23:35:30.0467 4256  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
23:35:30.0467 4256  C:\Windows\System32\mssprxy.dll - ok
23:35:30.0482 4256  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
23:35:30.0482 4256  C:\Windows\System32\wmdrmdev.dll - ok
23:35:30.0482 4256  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
23:35:30.0482 4256  C:\Windows\System32\wmploc.DLL - ok
23:35:30.0482 4256  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
23:35:30.0482 4256  C:\Windows\System32\drmv2clt.dll - ok
23:35:30.0498 4256  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
23:35:30.0498 4256  C:\Windows\System32\mstask.dll - ok
23:35:30.0498 4256  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
23:35:30.0498 4256  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
23:35:30.0514 4256  [ 938CD05B2D13810505D42E587A313C8E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f8b2a1f4d134b1bbb0f78daa5d3ef532\IAStorUtil.ni.dll
23:35:30.0514 4256  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f8b2a1f4d134b1bbb0f78daa5d3ef532\IAStorUtil.ni.dll - ok
23:35:30.0514 4256  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
23:35:30.0514 4256  C:\Windows\System32\en-US\tquery.dll.mui - ok
23:35:30.0514 4256  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
23:35:30.0514 4256  C:\Windows\System32\FXSST.dll - ok
23:35:30.0529 4256  [ 3B919CBDDE7AE3376ED296839846C3DD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
23:35:30.0529 4256  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll - ok
23:35:30.0529 4256  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
23:35:30.0529 4256  C:\Windows\System32\FXSAPI.dll - ok
23:35:30.0545 4256  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
23:35:30.0545 4256  C:\Windows\System32\FXSRESM.dll - ok
23:35:30.0545 4256  [ BD23077CBAD092A5EA5F77ED874F32A2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
23:35:30.0545 4256  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll - ok
23:35:30.0545 4256  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
23:35:30.0545 4256  C:\Windows\System32\FXSSVC.exe - ok
23:35:30.0560 4256  [ 4374B2528BCBB8F95FB12CC6C8FF0773 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
23:35:30.0560 4256  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
23:35:30.0560 4256  [ 836B8F87DC42AD95D4FE95BD1E374DF2 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
23:35:30.0560 4256  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
23:35:30.0576 4256  [ 1416C4E2EF61E70F4A0BDA14708B188F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\6e3ec94d3a2f035ade14602aef4c89dc\System.ni.dll
23:35:30.0576 4256  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\6e3ec94d3a2f035ade14602aef4c89dc\System.ni.dll - ok
23:35:30.0576 4256  [ 10307046E19C8EC964C792A798B32BB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
23:35:30.0576 4256  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll - ok
23:35:30.0592 4256  [ 2291D1FABC087E43D4122CACE1CA30F9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
23:35:30.0592 4256  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll - ok
23:35:30.0592 4256  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
23:35:30.0592 4256  C:\Windows\SysWOW64\samlib.dll - ok
23:35:30.0592 4256  [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
23:35:30.0592 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
23:35:30.0607 4256  [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
23:35:30.0607 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
23:35:30.0607 4256  [ AEBDA4441208BBCB922E7F875AC979D5 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
23:35:30.0607 4256  C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
23:35:30.0623 4256  [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
23:35:30.0623 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
23:35:30.0623 4256  [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
23:35:30.0623 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
23:35:30.0623 4256  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
23:35:30.0623 4256  C:\Windows\System32\upnp.dll - ok
23:35:30.0638 4256  [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
23:35:30.0638 4256  C:\Windows\System32\shfolder.dll - ok
23:35:30.0638 4256  [ D28C5A1411BB0B47E05E0D6AAF896690 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
23:35:30.0638 4256  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
23:35:30.0654 4256  [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
23:35:30.0654 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
23:35:30.0654 4256  [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
23:35:30.0654 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
23:35:30.0654 4256  [ 97A8968A66F15FD3B2F09C6F56B2170D ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
23:35:30.0670 4256  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
23:35:30.0670 4256  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
23:35:30.0670 4256  C:\Windows\System32\ssdpsrv.dll - ok
23:35:30.0670 4256  [ A490B22BD077D42E385581047801B6B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
23:35:30.0670 4256  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll - ok
23:35:30.0685 4256  [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
23:35:30.0685 4256  C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
23:35:30.0685 4256  [ EE77A034F10D1E62E12768861711DA41 ] C:\Program Files\Internet Explorer\ieproxy.dll
23:35:30.0685 4256  C:\Program Files\Internet Explorer\ieproxy.dll - ok
23:35:30.0701 4256  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
23:35:30.0701 4256  C:\Windows\System32\wmpps.dll - ok
23:35:30.0701 4256  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
23:35:30.0701 4256  C:\Windows\System32\wmpmde.dll - ok
23:35:30.0716 4256  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
23:35:30.0716 4256  C:\Windows\System32\WinSATAPI.dll - ok
23:35:30.0716 4256  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
23:35:30.0716 4256  C:\Windows\System32\MSMPEG2ENC.DLL - ok
23:35:30.0716 4256  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
23:35:30.0716 4256  C:\Windows\System32\devenum.dll - ok
23:35:30.0732 4256  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
23:35:30.0732 4256  C:\Windows\System32\msdmo.dll - ok
23:35:30.0732 4256  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
23:35:30.0732 4256  C:\Windows\System32\upnphost.dll - ok
23:35:30.0748 4256  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
23:35:30.0748 4256  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
23:35:30.0748 4256  [ 257D6322588F523D69C345F435D43918 ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
23:35:30.0748 4256  C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll - ok
23:35:30.0748 4256  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
23:35:30.0748 4256  C:\Windows\System32\wbem\wmiprov.dll - ok
23:35:30.0763 4256  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\05458889.sys
23:35:30.0763 4256  C:\Windows\System32\drivers\05458889.sys - ok
23:35:30.0763 4256  [ 5AAA847845A6B3A547177325F4E1CCAA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
23:35:30.0763 4256  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
23:35:30.0779 4256  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
23:35:30.0779 4256  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
23:35:30.0779 4256  [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
23:35:30.0779 4256  C:\Windows\SysWOW64\quartz.dll - ok
23:35:30.0779 4256  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
23:35:30.0779 4256  C:\Windows\SysWOW64\d3d9.dll - ok
23:35:30.0779 4256  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
23:35:30.0779 4256  C:\Windows\SysWOW64\riched20.dll - ok
23:35:30.0794 4256  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
23:35:30.0794 4256  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
23:35:30.0794 4256  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
23:35:30.0794 4256  C:\Windows\SysWOW64\d3d8thk.dll - ok
23:35:30.0810 4256  [ AA0AC5B8C45AF41D1215B156272FC869 ] C:\Windows\SysWOW64\aticfx32.dll
23:35:30.0810 4256  C:\Windows\SysWOW64\aticfx32.dll - ok
23:35:30.0810 4256  [ 5D09A0DCE86829EB91A82EA13691CAC6 ] C:\Windows\SysWOW64\atiu9pag.dll
23:35:30.0810 4256  C:\Windows\SysWOW64\atiu9pag.dll - ok
23:35:30.0826 4256  [ EB9F220E8DC22310B199AE6A49B7E168 ] C:\Windows\SysWOW64\atiumdag.dll
23:35:30.0826 4256  C:\Windows\SysWOW64\atiumdag.dll - ok
23:35:30.0826 4256  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
23:35:30.0826 4256  C:\Windows\SysWOW64\duser.dll - ok
23:35:30.0826 4256  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
23:35:30.0826 4256  C:\Windows\SysWOW64\dui70.dll - ok
23:35:30.0841 4256  [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\SysWOW64\vdmdbg.dll
23:35:30.0841 4256  C:\Windows\SysWOW64\vdmdbg.dll - ok
23:35:30.0841 4256  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
23:35:30.0841 4256  C:\Windows\System32\UIAnimation.dll - ok
23:35:30.0857 4256  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
23:35:30.0857 4256  C:\Windows\System32\udhisapi.dll - ok
23:35:30.0857 4256  [ 2402608897A8BCBAC7469A7DB1C874DA ] C:\Windows\SysWOW64\atiumdva.dll
23:35:30.0857 4256  C:\Windows\SysWOW64\atiumdva.dll - ok
23:35:30.0872 4256  [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
23:35:30.0872 4256  C:\Windows\SysWOW64\dxva2.dll - ok
23:35:30.0872 4256  [ 0BF4362E18DFC52382F418278DCC52C4 ] C:\Windows\System32\rdpdd.dll
23:35:30.0872 4256  C:\Windows\System32\rdpdd.dll - ok
23:35:30.0872 4256  [ FF6148B1C150DA05D35C68D143AD6DEA ] C:\Windows\System32\RDPENCDD.dll
23:35:30.0872 4256  C:\Windows\System32\RDPENCDD.dll - ok
23:35:30.0888 4256  [ A23A9301EE7152FB6776052E52BDE9D9 ] C:\Windows\System32\RDPREFDD.dll
23:35:30.0888 4256  C:\Windows\System32\RDPREFDD.dll - ok
23:35:30.0888 4256  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
23:35:30.0888 4256  C:\Windows\System32\wbem\NCProv.dll - ok
23:35:30.0904 4256  [ E32E5A6E0E96F67486E58ACCCFD77E0F ] C:\Windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
23:35:30.0904 4256  C:\Windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
23:35:30.0904 4256  [ 63BB89DED1E9104E68D33E54DE4D340D ] C:\Windows\System32\DWrite.dll
23:35:30.0904 4256  C:\Windows\System32\DWrite.dll - ok
23:35:30.0904 4256  [ BDC206224E13CFD897FD7C7D31F90BB4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
23:35:30.0904 4256  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
23:35:30.0919 4256  [ BF83B1B5DAD46A4A88A0CEDF36176F0E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
23:35:30.0919 4256  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
23:35:30.0919 4256  [ 3BA5C2468A09647EFADEB78F39A40301 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll
23:35:30.0919 4256  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll - ok
23:35:30.0935 4256  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
23:35:30.0935 4256  C:\Windows\SysWOW64\MMDevAPI.dll - ok
23:35:30.0935 4256  [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
23:35:30.0935 4256  C:\Windows\SysWOW64\wdmaud.drv - ok
23:35:30.0950 4256  [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
23:35:30.0950 4256  C:\Windows\SysWOW64\ksuser.dll - ok
23:35:30.0950 4256  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
23:35:30.0950 4256  C:\Windows\SysWOW64\avrt.dll - ok
23:35:30.0966 4256  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
23:35:30.0966 4256  C:\Windows\SysWOW64\AudioSes.dll - ok
23:35:30.0966 4256  [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
23:35:30.0966 4256  C:\Windows\SysWOW64\msacm32.drv - ok
23:35:30.0966 4256  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
23:35:30.0966 4256  C:\Windows\SysWOW64\msacm32.dll - ok
23:35:30.0982 4256  [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
23:35:30.0982 4256  C:\Windows\SysWOW64\midimap.dll - ok
23:35:30.0982 4256  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
23:35:30.0982 4256  C:\Windows\System32\webcheck.dll - ok
23:35:30.0997 4256  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
23:35:30.0997 4256  C:\Windows\System32\SyncCenter.dll - ok
23:35:30.0997 4256  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
23:35:30.0997 4256  C:\Windows\System32\SearchProtocolHost.exe - ok
23:35:31.0013 4256  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
23:35:31.0013 4256  C:\Windows\System32\msshooks.dll - ok
23:35:31.0013 4256  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
23:35:31.0013 4256  C:\Windows\System32\SearchFilterHost.exe - ok
23:35:31.0013 4256  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
23:35:31.0013 4256  C:\Windows\System32\imapi2.dll - ok
23:35:31.0013 4256  [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
23:35:31.0013 4256  C:\Windows\System32\mssph.dll - ok
23:35:31.0028 4256  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
23:35:31.0028 4256  C:\Windows\System32\hgcpl.dll - ok
23:35:31.0028 4256  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
23:35:31.0028 4256  C:\Windows\System32\mapi32.dll - ok
23:35:31.0028 4256  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
23:35:31.0028 4256  C:\Windows\System32\fdPHost.dll - ok
23:35:31.0044 4256  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
23:35:31.0044 4256  C:\Windows\System32\FDResPub.dll - ok
23:35:31.0044 4256  [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
23:35:31.0044 4256  C:\Windows\System32\fdSSDP.dll - ok
23:35:31.0044 4256  [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
23:35:31.0044 4256  C:\Windows\System32\fdWSD.dll - ok
23:35:31.0060 4256  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
23:35:31.0060 4256  C:\Windows\System32\NaturalLanguage6.dll - ok
23:35:31.0060 4256  [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
23:35:31.0060 4256  C:\Windows\System32\NlsData0009.dll - ok
23:35:31.0075 4256  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
23:35:31.0075 4256  C:\Windows\System32\ListSvc.dll - ok
23:35:31.0075 4256  [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
23:35:31.0075 4256  C:\Windows\System32\P2P.dll - ok
23:35:31.0075 4256  [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
23:35:31.0075 4256  C:\Windows\System32\NlsLexicons0009.dll - ok
23:35:31.0075 4256  [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
23:35:31.0075 4256  C:\Windows\System32\IdListen.dll - ok
23:35:31.0091 4256  [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
23:35:31.0091 4256  C:\Windows\System32\hgprint.dll - ok
23:35:31.0091 4256  [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
23:35:31.0091 4256  C:\Windows\System32\SearchFolder.dll - ok
23:35:31.0106 4256  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
23:35:31.0106 4256  C:\Windows\System32\pnrpsvc.dll - ok
23:35:31.0106 4256  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
23:35:31.0106 4256  C:\Windows\System32\p2psvc.dll - ok
23:35:31.0106 4256  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
23:35:31.0106 4256  C:\Windows\System32\P2PGraph.dll - ok
23:35:31.0122 4256  ============================================================
23:35:31.0122 4256  Scan finished
23:35:31.0122 4256  ============================================================
23:35:31.0138 4248  Detected object count: 5
23:35:31.0138 4248  Actual detected object count: 5
23:35:47.0533 4248  DirMngr ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:47.0533 4248  DirMngr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:35:47.0533 4248  HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:47.0533 4248  HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:35:47.0549 4248  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:47.0549 4248  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:35:47.0549 4248  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:47.0549 4248  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:35:47.0549 4248  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:47.0549 4248  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
 
thank you very much


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:12 PM

Posted 08 March 2013 - 06:36 AM

Malwarebytes

--------------------

Please download and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this .
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download [url="http://download.sysinternals.com/files/Autoruns.zip"%5D%5Bb%5D%5Bcolor="#0000FF"]AutoRuns[/color][/b][/url] and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


 



#8 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 08 March 2013 - 05:49 PM

malwarebytes_log_mbam-log-2013-03-08 (15-49-46).txt

 

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.08.15
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
owner :: OWNER-PC [administrator]
 
3/8/2013 3:49:46 PM
mbam-log-2013-03-08 (15-49-46).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 266193
Time elapsed: 3 minute(s), 53 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 2
HKCR\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\18RH6WMFH2 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
 
MiniToolBox by Farbar  Version:05-03-2013
Ran by owner (administrator) on 08-03-2013 at 15:58:39
Running from "C:\Users\owner\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
#       ::1             localhost
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = Local Area Connection 4 (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : owner-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-26-18-B3-E2-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d1c:7b50:b297:f73f%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, March 08, 2013 3:02:47 PM
   Lease Expires . . . . . . . . . . : Saturday, March 09, 2013 3:02:46 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 167781912
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-3C-B5-EA-00-26-18-B3-E2-F9
   DNS Servers . . . . . . . . . . . : 75.75.76.76
                                       75.75.75.75
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter VMware Network Adapter VMnet1:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
   Physical Address. . . . . . . . . : 00-50-56-C0-00-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c78:fa5d:549:93b3%14(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.147.179(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 268456022
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-3C-B5-EA-00-26-18-B3-E2-F9
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection 4:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
   Physical Address. . . . . . . . . : 00-50-56-C0-00-08
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::2435:f894:d7f6:6a2f%15(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.106.47(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 285233238
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-3C-B5-EA-00-26-18-B3-E2-F9
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hsd1.pa.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{9E7D2B63-634E-43C2-B43E-5E5026795CD0}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{77754B18-154C-4C05-9D08-E060F038B071}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns02.comcast.net
Address:  75.75.76.76
 
Name:    google.com
Addresses:  2607:f8b0:4006:803::1007
 173.194.43.39
 173.194.43.34
 173.194.43.46
 173.194.43.35
 173.194.43.33
 173.194.43.36
 173.194.43.40
 173.194.43.38
 173.194.43.32
 173.194.43.41
 173.194.43.37
 
 
Pinging google.com [74.125.226.226] with 32 bytes of data:
Reply from 74.125.226.226: bytes=32 time=27ms TTL=54
Reply from 74.125.226.226: bytes=32 time=27ms TTL=54
 
Ping statistics for 74.125.226.226:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 27ms, Average = 27ms
Server:  cdns02.comcast.net
Address:  75.75.76.76
 
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=119ms TTL=48
Reply from 206.190.36.45: bytes=32 time=256ms TTL=48
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 119ms, Maximum = 256ms, Average = 187ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 26 18 b3 e2 f9 ......Realtek PCIe GBE Family Controller
 14...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
 15...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link    169.254.106.47    276
      169.254.0.0      255.255.0.0         On-link   169.254.147.179    276
   169.254.106.47  255.255.255.255         On-link    169.254.106.47    276
  169.254.147.179  255.255.255.255         On-link   169.254.147.179    276
  169.254.255.255  255.255.255.255         On-link    169.254.106.47    276
  169.254.255.255  255.255.255.255         On-link   169.254.147.179    276
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    276
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    276
        224.0.0.0        240.0.0.0         On-link   169.254.147.179    276
        224.0.0.0        240.0.0.0         On-link    169.254.106.47    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    276
  255.255.255.255  255.255.255.255         On-link   169.254.147.179    276
  255.255.255.255  255.255.255.255         On-link    169.254.106.47    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    276 fe80::/64                On-link
 14    276 fe80::/64                On-link
 15    276 fe80::/64                On-link
 14    276 fe80::c78:fa5d:549:93b3/128
                                    On-link
 10    276 fe80::d1c:7b50:b297:f73f/128
                                    On-link
 15    276 fe80::2435:f894:d7f6:6a2f/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
 14    276 ff00::/8                 On-link
 15    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/08/2013 03:49:22 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (03/08/2013 03:03:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/08/2013 04:49:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/08/2013 04:40:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/08/2013 02:05:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/08/2013 01:46:54 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/08/2013 01:44:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/07/2013 05:58:04 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (03/07/2013 04:55:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/07/2013 04:55:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (03/08/2013 03:08:23 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
Error: (03/08/2013 03:02:53 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Partizan
 
Error: (03/08/2013 03:02:47 PM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error: 
%%2
 
Error: (03/08/2013 03:02:43 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:54:18 AM on ?3/?8/?2013 was unexpected.
 
Error: (03/08/2013 04:49:27 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Partizan
 
Error: (03/08/2013 04:49:19 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error: 
%%2
 
Error: (03/08/2013 04:49:15 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:47:50 AM on ?3/?8/?2013 was unexpected.
 
Error: (03/08/2013 04:00:04 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Partizan
 
Error: (03/08/2013 03:59:55 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error: 
%%2
 
Error: (03/08/2013 03:59:49 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:57:34 AM on ?3/?8/?2013 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (03/08/2013 03:49:22 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (03/08/2013 03:03:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/08/2013 04:49:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/08/2013 04:40:10 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/08/2013 02:05:30 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (03/08/2013 01:46:54 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/08/2013 01:44:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/07/2013 05:58:04 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (03/07/2013 04:55:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/07/2013 04:55:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\Desktop\esetsmartinstaller_enu.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-03-06 21:01:37.222
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-06 21:01:37.191
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-06 21:01:37.160
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-06 21:01:37.128
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-06 19:24:53.721
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-06 19:24:53.706
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-06 19:24:53.674
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-06 19:24:53.659
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-21 18:40:14.655
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-21 18:40:14.639
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 2.2.1)
123 Bulk Email Direct Sender
4Easysoft Free FLV Converter
64 Bit HP CIO Components Installer (Version: 6.2.2)
7-Zip 9.10 (x64 edition) (Version: 9.10.00.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader 9.5.1 (Version: 9.5.1)
Adobe Shockwave Player 11.6 (Version: 11.6.0.626)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD AVIVO64 Codecs (Version: 12.4.100.20508)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
Art Effects for PDR10 (Version: 2.0)
Aspell English Dictionary-0.50-2
Audacity 1.3.12 (Unicode)
Avidemux 2.5 (Version: 2.5.4.6714)
AviSynth 2.5
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0524.2352.41027)
Catalyst Control Center (Version: 2012.1219.1521.27485)
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485)
CCC Help Czech (Version: 2012.1219.1520.27485)
CCC Help Danish (Version: 2012.1219.1520.27485)
CCC Help Dutch (Version: 2012.1219.1520.27485)
CCC Help English (Version: 2012.1219.1520.27485)
CCC Help Finnish (Version: 2012.1219.1520.27485)
CCC Help French (Version: 2012.1219.1520.27485)
CCC Help German (Version: 2012.1219.1520.27485)
CCC Help Greek (Version: 2012.1219.1520.27485)
CCC Help Hungarian (Version: 2012.1219.1520.27485)
CCC Help Italian (Version: 2012.1219.1520.27485)
CCC Help Japanese (Version: 2012.1219.1520.27485)
CCC Help Korean (Version: 2012.1219.1520.27485)
CCC Help Norwegian (Version: 2012.1219.1520.27485)
CCC Help Polish (Version: 2012.1219.1520.27485)
CCC Help Portuguese (Version: 2012.1219.1520.27485)
CCC Help Russian (Version: 2012.1219.1520.27485)
CCC Help Spanish (Version: 2012.1219.1520.27485)
CCC Help Swedish (Version: 2012.1219.1520.27485)
CCC Help Thai (Version: 2012.1219.1520.27485)
CCC Help Turkish (Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2011.0524.2352.41027)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 3.16)
CDex - Open Source Digital Audio CD Extractor (Version: 1.70.4.2009)
ColorPic (Version: 4.1)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite Deluxe (Version: 6.0.3101)
CyberLink PowerDirector 10 (Version: 10.0.0.1012)
CyberLink WaveEditor (Version: 1.0.1.3320)
Cygnus Hex Editor 2.50 (Version: 2.50)
D3DX10 (Version: 15.4.2368.0902)
Diablo III (Version: 1.0.7.14633)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
DJ_SF_06_D1600_SW_Min (Version: 140.0.690.000)
DVD Identifier (Version: 5.2.0)
DVD Shrink 3.2
DVDFab 8.1.9.8 (27/07/2012) Qt
DVDFab Virtual Drive version 1.3.4.0 (Version: 1.3.4.0)
EasyBCD 1.7.2 (Version: 1.7.2)
Eraser 6.0.8.2273 (Version: 6.0.2273)
ESET Online Scanner v3
Excite Chat
FileZilla Client 3.5.3 (Version: 3.5.3)
Flash Memory Toolkit 1.20
Fraps (remove only)
Free Video Cutter 1.1
Free Video Joiner 1.1
Freecorder 4.0 Application (Version: 4.0)
Freecorder 5 (Version: 5.04)
Genius v3.2.2 (Version: 3.2.2)
GIMP 2.6.11 (Version: 2.6.11)
GNU Aspell 0.50-3
GoldWave v5.55
Google Chrome (Version: 25.0.1364.152)
Google Update Helper (Version: 1.3.21.135)
Gpg4win (2.1.0) (Version: 2.1.0)
GTK+ Runtime 2.12.8 rev a (remove only)
HamsterFreeVideoConverter
Hardware Diagnostic Tools (Version: 6.0.5434.08)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HotkeyNet 2 (Version: 0.2.1.66)
HP Advisor (Version: 3.3.12286.3436)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Deskjet D1600 Printer Driver 14.0 Rel. 6 (Version: 14.0)
HP Games (Version: 1.0.0.71)
HP MAINSTREAM KEYBOARD (Version: 1.4.3.0)
HP MediaSmart DVD (Version: 3.0.3420)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.1.3601)
HP MediaSmart SmartMenu (Version: 3.0.28.2)
HP Odometer (Version: 2.10.0000)
HP Product Detection (Version: 11.14.0001)
HP Remote Solution (Version: 1.1.9.0)
HP Setup (Version: 1.2.3220.3079)
HP Support Assistant (Version: 4.4.6.3)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.001.000.014)
HP USB Disk Storage Format Tool
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HTTP Interceptor 1.4M (Version: 1.4M)
Hulu Desktop (Version: 0.9.14)
HydraVision (Version: 4.2.236.0)
ImgBurn (Version: 2.5.7.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1912)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Jasc Additional Picture Frames Installer
Jasc Additional Preset Shapes Installer
Jasc Additional Sample Animations Installer
Jasc Additional Sample Images Installer
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 15.4.3502.0922)
Juno Internet (Version: 8.7.8.0)
LabelPrint (Version: 2.5.1901)
LightScribe System Software (Version: 1.18.5.1)
LSI PCI-SV92EX Soft Modem (Version: 2.2.100)
Macrium Reflect - Free Edition (Version: 4.2.3638)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MediaCoder x64 2011 (Version: 2011)
MediaJoin
MediaJoin (Version: 2.0)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
MorphVOX Junior (Version: 2.7.5)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
Mp3tag v2.46a (Version: v2.46a)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetZero Internet (Version: NetZero QuickStart)
nLite 1.4.9.1 (Version: 1.4.9.1)
NTFS Undelete v0.94 (Version: 0.94)
NVIDIA PhysX (Version: 9.09.1112)
Octoshape add-in for Adobe Flash Player
OpenAL
Paint Shop Pro 7 ESD (Version: 7.0.0.0000)
PowerDirector (Version: 10.00.0000)
PowerISO (Version: 4.6)
PowerRecover (Version: 5.5.1923)
PunkBuster Services (Version: 0.990)
Quake Live Internet Explorer Plugin (Version: 1.0.491)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.5910)
Remove (Delete, Strip) Metadata In Multiple Files Software
SD Formatter (Version: 2.9.5)
SDP Downloader (Version: 2.3.0)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0)
Shareaza 2.5.3.0 (Version: 2.5.3.0)
SHOUTcast DSP Plug-in v2
SmartSound Quicktracks 5 (Version: 5.1.8)
Sothink SWF Decompiler (Version: 5.5)
SpeedFan (remove only)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Starcraft
StarCraft II (Version: 1.4.4.22418)
StationRipper 2.98.2 (Version: 2.98.2)
Streamripper (Remove only)
System Requirements Lab (Version: 4.1.14.0)
TightVNC (Version: 2.6.4.0)
Toolbox (Version: 140.0.428.000)
tools-linux (Version: 8.4.5.14951)
tools-windows (Version: 8.4.5.14951)
Tribler (Version: 5.9.15)
UBCD4Win 3.60
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
v2011.build.47 (Version: v2011.build.47)
VDownloader 3.8.985
VLC media player 2.0.1 (Version: 2.0.1)
VMware Player (Version: 3.1.3.14951)
VOB2MPG v3 (Version: 3.0.0520)
Voodoo Chat Client
Vuze (Version: 4.5)
WebM Media Foundation Components (Version: 1.0.0.0)
Winamp (Version: 5.601 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Winamp Toolbar
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
WinHTTrack Website Copier 3.44-1 (x64) (Version: 3.44.1)
WinPcap 4.1.1 (Version: 4.1.0.1753)
WinRAR archiver
Wireshark 1.4.2 (Version: 1.4.2)
World of Tanks v.0.7.1.1
Zwei-Stein Video Compositor 3.01 (Beta 2).
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 31%
Total physical RAM: 6143.23 MB
Available physical RAM: 4194.11 MB
Total Pagefile: 12284.64 MB
Available Pagefile: 10133.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3950.47 MB
 
========================= Partitions: =====================================
 
1 Drive c: (HP) (Fixed) (Total:453.83 GB) (Free:92.6 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.83 GB) (Free:2.15 GB) NTFS
9 Drive l: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\OWNER-PC
 
__vmware_user__          Administrator            ASPNET                   
Guest                    Mari                     owner                    
UpdatusUser              
 
 
**** End of log ****
 


#9 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 08 March 2013 - 05:51 PM

Farbar Service Scanner Version: 03-03-2013
Ran by owner (administrator) on 08-03-2013 at 16:00:11
Running from "C:\Users\owner\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Google.com is offline
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 
 
# AdwCleaner v2.114 - Logfile created 03/08/2013 at 16:01:22
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : owner - OWNER-PC
# Boot Mode : Normal
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Winamp Toolbar
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Mari\AppData\Local\Conduit
Folder Deleted : C:\Users\Mari\AppData\Local\Winamp Toolbar
Folder Deleted : C:\Users\Mari\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mari\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Mari\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\owner\AppData\Local\Conduit
Folder Deleted : C:\Users\owner\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\hock7bim.default\ConduitCommon
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\hock7bim.default\CT2504091
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\hock7bim.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\hock7bim.default\WinampToolbarData
Folder Deleted : C:\Users\owner\Desktop\Software
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\AutocompleteProBHO
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\VDownloader\OpenCandy
Key Deleted : HKLM\Software\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16447
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v9.0.1 (en-US)
 
File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\hock7bim.default\prefs.js
 
C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\hock7bim.default\user.js ... Deleted !
 
Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2504091.CTID", "CT2504091");
Deleted : user_pref("CT2504091.CurrentServerDate", "8-9-2010");
Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2504091.DownloadReferralCookieData", "");
Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Wed Sep 08 2010 04:21:12 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 10);
Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Wed Sep 08 2010 04:21:13 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Wed Sep 08 2010 04:21:13 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Deleted : user_pref("CT2504091.FirstServerDate", "8-9-2010");
Deleted : user_pref("CT2504091.FirstTime", true);
Deleted : user_pref("CT2504091.FirstTimeFF3", true);
Deleted : user_pref("CT2504091.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2504091.Initialize", true);
Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2504091.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2504091.InstalledDate", "Wed Sep 08 2010 04:21:12 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2504091.IsGrouping", false);
Deleted : user_pref("CT2504091.IsMulticommunity", false);
Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Wed Sep 08 2010 04:21:13 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2504091.LastLogin_2.7.2.0", "Wed Sep 08 2010 04:21:12 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2504091.LatestVersion", "2.7.2.0");
Deleted : user_pref("CT2504091.Locale", "en-us");
Deleted : user_pref("CT2504091.LoginCache", 4);
Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Wed Sep 08 2010 04:21:13 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Wed Sep 08 2010 04:21:12 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2504091.SettingsLastUpdate", "1281645367");
Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Wed Sep 08 2010 04:21:12 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2504091.UserID", "UN87687229342558383");
Deleted : user_pref("CT2504091.alertChannelId", "897164");
Deleted : user_pref("CT2504091.clientLogIsEnabled", false);
Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2504091.myStuffEnabled", true);
Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2776682..clientLogIsEnabled", true);
Deleted : user_pref("CT2776682..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2776682..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2776682.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2776682.AppTrackingLastCheckTime", "Sun Dec 25 2011 04:07:48 GMT-0500 (Eastern Standard[...]
Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129664534406620501", true);
Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129678129407612905", true);
Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129681725882385585", true);
Deleted : user_pref("CT2776682.CTID", "CT2776682");
Deleted : user_pref("CT2776682.CurrentServerDate", "25-12-2011");
Deleted : user_pref("CT2776682.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2776682.DialogsGetterLastCheckTime", "Sun Dec 25 2011 04:07:36 GMT-0500 (Eastern Standa[...]
Deleted : user_pref("CT2776682.DownloadReferralCookieData", "");
Deleted : user_pref("CT2776682.EnableClickToSearchBox", false);
Deleted : user_pref("CT2776682.EnableSearchHistory", false);
Deleted : user_pref("CT2776682.EnableSearchSuggest", false);
Deleted : user_pref("CT2776682.FirstServerDate", "25-12-2011");
Deleted : user_pref("CT2776682.FirstTime", true);
Deleted : user_pref("CT2776682.FirstTimeFF3", true);
Deleted : user_pref("CT2776682.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2776682.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2776682.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2776682.HasUserGlobalKeys", true);
Deleted : user_pref("CT2776682.Initialize", true);
Deleted : user_pref("CT2776682.InitializeCommonPrefs", true);
Deleted : user_pref("CT2776682.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2776682.InstallationId", "CT2776682_BrotherSoft_Extreme.exe");
Deleted : user_pref("CT2776682.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2776682.InstalledDate", "Sun Dec 25 2011 04:07:38 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2776682.InvalidateCache", false);
Deleted : user_pref("CT2776682.IsGrouping", false);
Deleted : user_pref("CT2776682.IsInitSetupIni", true);
Deleted : user_pref("CT2776682.IsMulticommunity", false);
Deleted : user_pref("CT2776682.IsOpenThankYouPage", false);
Deleted : user_pref("CT2776682.IsOpenUninstallPage", true);
Deleted : user_pref("CT2776682.LanguagePackLastCheckTime", "Sun Dec 25 2011 04:07:39 GMT-0500 (Eastern Standar[...]
Deleted : user_pref("CT2776682.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2776682.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2776682.LastLogin_3.5.1.1", "Sun Dec 25 2011 04:07:36 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2776682.LatestVersion", "3.8.1.0");
Deleted : user_pref("CT2776682.Locale", "en");
Deleted : user_pref("CT2776682.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2776682.MCDetectTooltipShow", false);
Deleted : user_pref("CT2776682.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2776682.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2776682.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2776682.OriginalFirstVersion", "3.5.1.1");
Deleted : user_pref("CT2776682.RadioLastCheckTime", "Sun Dec 25 2011 04:07:39 GMT-0500 (Eastern Standard Time)[...]
Deleted : user_pref("CT2776682.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2776682.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2776682.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2776682.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2776682.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT2776682.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2776682.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT277[...]
Deleted : user_pref("CT2776682.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2776682.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2776682.SearchInNewTabLastCheckTime", "Sun Dec 25 2011 04:07:37 GMT-0500 (Eastern Stand[...]
Deleted : user_pref("CT2776682.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2776682.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2776682.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2776682.SearchProtectorToolbarDisabled", true);
Deleted : user_pref("CT2776682.ServiceMapLastCheckTime", "Sun Dec 25 2011 04:07:32 GMT-0500 (Eastern Standard [...]
Deleted : user_pref("CT2776682.SettingsLastCheckTime", "Sun Dec 25 2011 04:07:34 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2776682.SettingsLastUpdate", "1324278703");
Deleted : user_pref("CT2776682.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2776682.ThirdPartyComponentsLastCheck", "Sun Dec 25 2011 04:07:32 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT2776682.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2776682.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2776682.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2776682");
Deleted : user_pref("CT2776682.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2776682.Uninstall", true);
Deleted : user_pref("CT2776682.UserID", "UN32351803533393130");
Deleted : user_pref("CT2776682.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2776682.alertChannelId", "1168776");
Deleted : user_pref("CT2776682.approveUntrustedApps", true);
Deleted : user_pref("CT2776682.backendstorage.autocompletepro_enable", "31");
Deleted : user_pref("CT2776682.backendstorage.autocompletepro_enable_auto", "31");
Deleted : user_pref("CT2776682.backendstorage.c2p_iframe_md5", "3364373237396435626563366462363537313864333535[...]
Deleted : user_pref("CT2776682.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT2776682.backendstorage.cbfirsttime", "53756E2044656320323520323031312030343A30373A34312[...]
Deleted : user_pref("CT2776682.backendstorage.installationdatefcd0b5ea-2655-4a3f-8a7f-5fbabeb287ff", "31333234[...]
Deleted : user_pref("CT2776682.backendstorage.shoppingapp.gk.exipres", "4672692044656320333020323031312030343A[...]
Deleted : user_pref("CT2776682.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Deleted : user_pref("CT2776682.backendstorage.toolbarappheartbeat", "7B2266636430623565612D323635352D346133662[...]
Deleted : user_pref("CT2776682.backendstorage.toolbarnotificationheartbeat", "7B2274797065223A2268656172746265[...]
Deleted : user_pref("CT2776682.backendstorage.toolbarnotificationqueue", "5B5D");
Deleted : user_pref("CT2776682.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696[...]
Deleted : user_pref("CT2776682.backendstorage.toolbarnotificationuserid", "3835383031303034363931");
Deleted : user_pref("CT2776682.backendstorage.url_history", "687474703A2F2F7777772E616D65726963616E64656365707[...]
Deleted : user_pref("CT2776682.backendstorage.url_history_time", "31333234383130303931313537");
Deleted : user_pref("CT2776682.componentAlertEnabled", false);
Deleted : user_pref("CT2776682.components.1000082", false);
Deleted : user_pref("CT2776682.components.129288498426163451", false);
Deleted : user_pref("CT2776682.components.129317966246600942", false);
Deleted : user_pref("CT2776682.components.129348059348463281", false);
Deleted : user_pref("CT2776682.components.129378290255256948", false);
Deleted : user_pref("CT2776682.components.129453492690444609", false);
Deleted : user_pref("CT2776682.components.129472433557631732", false);
Deleted : user_pref("CT2776682.components.129625171796543175", false);
Deleted : user_pref("CT2776682.components.129664534406620501", false);
Deleted : user_pref("CT2776682.components.129677160489547152", false);
Deleted : user_pref("CT2776682.components.129678129407612905", false);
Deleted : user_pref("CT2776682.components.129681725882385585", false);
Deleted : user_pref("CT2776682.components.129682996261682072", false);
Deleted : user_pref("CT2776682.components.129687522643660664", false);
Deleted : user_pref("CT2776682.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2776682.globalFirstTimeInfoLastCheckTime", "Sun Dec 25 2011 04:07:36 GMT-0500 (Eastern [...]
Deleted : user_pref("CT2776682.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2776682.initDone", true);
Deleted : user_pref("CT2776682.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2776682.isFirstRadioInstallation", false);
Deleted : user_pref("CT2776682.myStuffEnabled", true);
Deleted : user_pref("CT2776682.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2776682.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2776682.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2776682.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2776682.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2776682.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2776682.testingCtid", "");
Deleted : user_pref("CT2776682.toolbarAppMetaDataLastCheckTime", "Sun Dec 25 2011 04:07:36 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2776682.toolbarContextMenuLastCheckTime", "Sun Dec 25 2011 04:07:39 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2776682.usageEnabled", false);
Deleted : user_pref("CT2776682.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2776682/CT2776682[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/equalizer_dea[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/minimize.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/play.gif", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/stop.gif", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/vol.gif", "\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d8[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\owner\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.1.1");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2504091,CT2776682");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,CT2776682");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2776682");
Deleted : user_pref("CommunityToolbar.globalUserId", "de931971-c1a6-4379-8c75-a61d7108f00e");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Dec 25 2011 04:07:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Dec 25 2011 05:07:44 GMT-050[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Dec 25 2011 04:07:33 GMT-0500 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "2aaff0b0-b1fb-42f2-9069-3decb3597b30");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Deleted : user_pref("winamp_toolbar.firsttime.showwindow", false);
Deleted : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.12.1");
Deleted : user_pref("winamp_toolbar.metrics.activestampdate", "25");
Deleted : user_pref("winamp_toolbar.metrics.activestampmonth", "11");
Deleted : user_pref("winamp_toolbar.metrics.activestampyear", "2011");
Deleted : user_pref("winamp_toolbar.metrics.originalDate", "26");
Deleted : user_pref("winamp_toolbar.metrics.originalHours", "26");
Deleted : user_pref("winamp_toolbar.metrics.originalMinutes", "21");
Deleted : user_pref("winamp_toolbar.metrics.originalMonth", "2");
Deleted : user_pref("winamp_toolbar.metrics.originalSeconds", "31");
Deleted : user_pref("winamp_toolbar.metrics.originalYear", "2011");
Deleted : user_pref("winamp_toolbar.search.populateoncomplete", false);
Deleted : user_pref("winamp_toolbar.search.searchtype", "web");
Deleted : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Deleted : user_pref("winamp_toolbar.upgrade.showwindow", false);
Deleted : user_pref("winamp_toolbar.winamp.appversion", "1");
Deleted : user_pref("winamp_toolbar.winamp.artist", "");
Deleted : user_pref("winamp_toolbar.winamp.title", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.volume", "135");
 
-\\ Google Chrome v25.0.1364.152
 
File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
-\\ Opera v [Unable to get version]
 
File : C:\Users\owner\AppData\Roaming\Opera\Opera\operaprefs.ini
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [28264 octets] - [08/03/2013 16:01:22]
 
########## EOF - C:\AdwCleaner[S1].txt - [28325 octets] ##########
 


#10 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 08 March 2013 - 05:53 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by owner on Fri 03/08/2013 at 17:35:01.44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\owner\appdata\local\{B9086C2E-9D6A-11E1-826F-B8AC6F996F26}\chrome\content\browser.xul [Trojan:JS/Medfos.A]
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\freecorder"
Successfully deleted: [Folder] C:\Users\owner\appdata\local\{B9086C2E-9D6A-11E1-826F-B8AC6F996F26} [Trojan:JS/Medfos.A]
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\hock7bim.default\prefs.js
 
user_pref("extensions.searchtoolbar@zugo.com.install-event-fired", true);
 
 
 
~~~ Chrome
 
Dumping contents of C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aagddcdhdcdedfdadcdbgggbdedgdfgg
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aagddcdhdcdedfdadcdbgggbdedgdfgg\manifest.json
 
Successfully deleted: [Folder] C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/08/2013 at 17:41:56.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
 
Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/08/2013 05:45:17 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 03/08/2013 05:45:22 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
 
 
 
 
 
 


#11 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 08 March 2013 - 05:55 PM

the autoruns.txt file is 3.31 megabytes in size ... how do you want to handle it ?



#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:12 PM

Posted 08 March 2013 - 06:21 PM

Did you save it as text file?

 

Double click on the text file and paste the contents here

 

Run malwarebytes again and post the log



#13 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 08 March 2013 - 10:16 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.09.04
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
owner :: OWNER-PC [administrator]
 
3/8/2013 10:02:20 PM
mbam-log-2013-03-08 (22-02-20).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 265777
Time elapsed: 4 minute(s), 33 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
 



#14 bitware

bitware
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:12 PM

Posted 08 March 2013 - 10:24 PM

ok figured it out ... here it is autoruns.txt
 
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "tvncontrol" "TightVNC Server" "GlavSoft LLC." "c:\program files\tightvnc\tvnserver.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HP Remote Solution" "HP Remote Solution" "" "c:\program files (x86)\hewlett-packard\hp remote solution\hp_remote_solution.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "VMware hqtray" "VMware Host Network Access Status Tray Application" "VMware, Inc." "c:\program files (x86)\vmware\vmware player\hqtray.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
"C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bitcoin.lnk" "" "" "c:\users\owner\desktop\bitcoin\bitcoin-0.8.0-win32\bitcoin-qt.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HydraVisionDesktopManager" "HydraDM" "AMD" "c:\program files (x86)\ati technologies\hydravision\hydradm.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "DVDFAB64" "DVDFab Shell Extension - x64" "Fengtao Software Inc." "c:\program files (x86)\dvdfab 8 qt\dvdfabshellex.dll"
+ "DVDFABVirtualDrive" "DVDFab Virtual Drive Shell Extension - x64" "Fengtao Software Inc." "c:\program files\dvdfab virtual drive\vdrive.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "Mp3tagShell" "Shell Extension Mp3tag - the universal Tag editor" "Florian Heidenreich" "c:\program files (x86)\mp3tag\mp3tagshell64.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DVDFAB32" "DVDFab Shell Extension - x86" "Fengtao Software Inc." "c:\program files (x86)\dvdfab 8 qt\dvdfabshellex32.dll"
+ "DVDFABVirtualDrive32" "DVDFab Virtual Drive Shell Extension - x86" "Fengtao Software Inc." "c:\program files\dvdfab virtual drive\vdrive32.dll"
+ "GpgEX" "" "" "c:\program files (x86)\gnu\gnupg\gpgex.dll"
+ "Mp3tagShell" "Shell Extension Mp3tag - the universal Tag editor" "Florian Heidenreich" "c:\program files (x86)\mp3tag\mp3tagshell32.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "Mp3tagShell" "Shell Extension Mp3tag - the universal Tag editor" "Florian Heidenreich" "c:\program files (x86)\mp3tag\mp3tagshell64.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "GpgEX" "" "" "c:\program files (x86)\gnu\gnupg\gpgex.dll"
+ "Mp3tagShell" "Shell Extension Mp3tag - the universal Tag editor" "Florian Heidenreich" "c:\program files (x86)\mp3tag\mp3tagshell32.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Shareaza Web Download Hook" "Shareaza Web Download Hook" "Shareaza Development Team" "c:\program files (x86)\shareaza\razawebhook64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Microsoft Live Search Toolbar Helper" "MSN® Shell Extender" "Microsoft Corp." "c:\program files (x86)\msn\toolbar\3.0.0560.0\msneshellx.dll"
+ "Pop-up Blocker" "Juno Turbo" "Juno, Inc." "c:\program files (x86)\juno\qsacc\x1iebho.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "JunoBar" "Juno Toolbar" "Juno, Inc." "c:\program files (x86)\juno\toolbar.dll"
+ "Microsoft Live Search Toolbar" "MSN® Shell Extender" "Microsoft Corp." "c:\program files (x86)\msn\toolbar\3.0.0560.0\msneshellx.dll"
+ "ZeroBar" "NetZero Toolbar" "NetZero, Inc." "c:\program files (x86)\netzero\toolbar.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Launch WinHTTrack" "WinHTTrackIEBar Module" "" "c:\program files\winhttrack\winhttrackiebar.dll"
+ "Sothink SWF Catcher" "" "" "c:\program files (x86)\common files\sourcetec\swf catcher\internetexplorer.htm"
"Task Scheduler" "" "" ""
+ "\0" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe"
+ "\4736" "" "" "File not found: C:\Users\owner\AppData\Local\Temp\launchie.vbs"
+ "\CLMLSvc" "CyberLink MediaLibray Service" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe"
+ "\DVDAgent" "HP DVDSmart Resident Program" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\dvdagent.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3057625876-1352549930-1983699985-1000Core" "Google Installer" "Google Inc." "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3057625876-1352549930-1983699985-1000UA" "Google Installer" "Google Inc." "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\HPOSIAPP64" "Monitor LED Key" "" "c:\program files (x86)\hewlett-packard\hp mainstream keyboard\modledkey.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_MKC_Logon_Task_ipoint.exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft mouse and keyboard center\ipoint.exe"
+ "\Microsoft_MKC_Logon_Task_itype.exe" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft mouse and keyboard center\itype.exe"
+ "\PCDRScheduledMaintenance" "Hardware Diagnostic Tools" "PC-Doctor, Inc." "c:\program files\pc-doctor for windows\pcdr5cuiw32.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{E7982A27-FC5C-4783-B2E7-0C3F1B866C44}" "" "" "File not found: C:\Program Files (x86)\Electronic Arts\Dark Age of Camelot\camelot.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AgereModemAudio" "LSI Soft Modem Call Progress Service" "LSI Corporation" "c:\program files\lsi softmodem\agr64svc.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "DirMngr" "" "" "c:\program files (x86)\gnu\gnupg\dirmngr.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HP Health Check Service" "HP Health Check Service" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp health check\hphc_service.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MSSQL$SQLEXPRESS" "Provides storage, processing and controlled access of data, and rapid transaction processing." "" "File not found: c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "PnkBstrA" "PunkBuster Service Component [v1033] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "ReflectService" "Macrium Reflect Image Mounting Service" "" "c:\program files\macrium\reflect\reflectservice.exe"
+ "RichVideo64" "RichVideo Module" "" "c:\program files\cyberlink\shared files\richvideo64.exe"
+ "rpcapd" "Allows to capture traffic on this machine from a remote machine." "" "File not found: C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f C:\Program Files (x86)\WinPcap\rpcapd.ini"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "tvnserver" "TightVNC Server" "GlavSoft LLC." "c:\program files\tightvnc\tvnserver.exe"
+ "ufad-ws60" "VMware Agent Service" "VMware, Inc." "c:\program files (x86)\vmware\vmware player\vmware-ufad.exe"
+ "VMAuthdService" "Authorization and authentication service for starting and accessing virtual machines" "VMware, Inc." "c:\program files (x86)\vmware\vmware player\vmware-authd.exe"
+ "VMnetDHCP" "DHCP service for virtual networks." "VMware, Inc." "c:\windows\syswow64\vmnetdhcp.exe"
+ "VMUSBArbService" "VMware USB Arbitration Service" "VMware, Inc." "c:\program files (x86)\common files\vmware\usb\vmware-usbarbitrator.exe"
+ "VMware NAT Service" "Network address translation for virtual networks." "VMware, Inc." "c:\windows\syswow64\vmnat.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "affhdd.sys" "" "" "File not found: C:\Windows\system32\affhdd.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corporation" "c:\windows\system32\drivers\agrsm64.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw76.sys"
+ "atksgt" "" "" "c:\windows\system32\drivers\atksgt.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CrystalSysInfo" "" "" "c:\program files\mediacoder\sysinfox64.sys"
+ "dvdfabio" "DVDFabIO Device Driver - x64" "Fengtao Software Inc." "c:\windows\system32\drivers\dvdfabio.sys"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "gklyuogr" "" "" "File not found: C:\Windows\system32\drivers\gklyuogr.sys"
+ "hcmon" "VMware USB Driver." "VMware, Inc." "c:\windows\system32\drivers\hcmon.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "lirsgt" "" "" "c:\windows\system32\drivers\lirsgt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfehidk" "Host Intrusion Detection Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdk" "VSCore Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdk.sys"
+ "mfesmfk" "System Monitor Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfesmfk.sys"
+ "nettalkdMP" "" "" "File not found: system32\DRIVERS\nettalkd.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NLNdisMP" "" "" "File not found: system32\DRIVERS\nlndis.sys"
+ "NLNdisPT" "" "" "File not found: system32\DRIVERS\nlndis.sys"
+ "NVHDA" "" "" "File not found: system32\drivers\nvhda64v.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "Partizan" "" "" "File not found: system32\drivers\Partizan.sys"
+ "pcouffin" "low level access layer for CD/DVD/BD devices" "VSO Software" "c:\windows\system32\drivers\pcouffin.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RegGuard" "" "" "File not found: C:\Windows\system32\Drivers\regguard.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys"
+ "SANDRA" "" "" "File not found: C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2010.SP2\WNt500x64\Sandra.sys"
+ "SCDEmu" "PowerISO Virtual Drive" "PowerISO Computing, Inc." "c:\windows\system32\drivers\scdemu.sys"
+ "ScreamBAudioSvc" "Screaming Bee Audio Driver" "Screaming Bee LLC" "c:\windows\system32\drivers\screamingbaudio64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "speedfan" "SpeedFan x64 Driver" "Almico Software" "c:\windows\syswow64\speedfan.sys"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "tlwabjcb" "" "" "File not found: C:\Windows\system32\drivers\tlwabjcb.sys"
+ "VBoxNetAdp" "VirtualBox Host-Only Network Adapter Driver" "Sun Microsystems, Inc." "c:\windows\system32\drivers\vboxnetadp.sys"
+ "VBoxNetFlt" "" "" "File not found: system32\DRIVERS\VBoxNetFlt.sys"
+ "vdrive" "DVDFab Virtual Drive Device Driver - x64" "Fengtao Software Inc." "c:\windows\system32\drivers\vdrive.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vmci" "VMware vmci Driver." "VMware, Inc." "c:\windows\system32\drivers\vmci.sys"
+ "vmkbd" "VMware Keyboard Driver." "VMware, Inc." "c:\windows\system32\drivers\vmkbd.sys"
+ "VMnetAdapter" "Driver for VMware's Virtual Ethernet Adapters Ver. 2" "VMware, Inc." "c:\windows\system32\drivers\vmnetadapter.sys"
+ "VMnetBridge" "VMware Bridge Protocol" "VMware, Inc." "c:\windows\system32\drivers\vmnetbridge.sys"
+ "VMnetuserif" "Allows VMware applications to use virtual networks." "VMware, Inc." "c:\windows\system32\drivers\vmnetuserif.sys"
+ "vmx86" "VMware Virtualization Driver." "VMware, Inc." "c:\windows\system32\drivers\vmx86.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "vstor2-ws60" "VMware Virtual Storage Volume Driver" "VMware, Inc." "c:\program files (x86)\vmware\vmware player\vstor2-ws60.sys"
+ "WPRO_40_1340" "" "" "File not found: system32\drivers\WPRO_40_1340.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsv64.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid64.dll"
+ "VIDC.XFR1" "Xfire Video Codec" "" "c:\windows\system32\xfcodec64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\syswow64\frapsvid.dll"
+ "vidc.i420" "Helix I420 YUV Codec" "www.helixcommunity.org" "c:\windows\syswow64\i420vfw.dll"
+ "vidc.MP42" "" "" "File not found: MPG4C32.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll"
+ "VIDC.VMnc" "VMware Movie decoder" "VMware, Inc." "c:\windows\syswow64\vmnc.dll"
+ "vidc.XVID" "" "" "File not found: xvidvfw.dll"
+ "vidc.yv12" "Helix YV12 YUV Codec" "www.helixcommunity.org" "c:\windows\syswow64\yv12vfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "DivX Decoder Filter" "" "" "File not found: C:\Program Files\DivX\DivX Codec\DivXDec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "A/V Dummy Filter" "" "" "c:\program files (x86)\erightsoft\super\spk\smabt.spk"
+ "aac_parser" "Direct show parser filter for ADTS" "" "c:\windows\syswow64\aac_parser.ax"
+ "AC3Filter" "ac3filter" "" "c:\windows\syswow64\ac3dx.ax"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "APE DirectShow Filter" "" "" "c:\windows\syswow64\rlapedec.ax"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CL Dvb Subtitle Decoder" "CLDvbSub" "CyberLink_DE" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdvbsub.ax"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrevr.dll"
+ "CoreAAC Audio Decoder" "CoreAAC" "" "c:\windows\syswow64\coreaac.ax"
+ "CoreAVC Video Decoder" "CoreAVC DirectShow Video Decoder" "CoreCodec" "c:\windows\syswow64\avcdx.ax"
+ "CoreFLAC Audio Decoder" "" "" "c:\windows\syswow64\flacdx.ax"
+ "CoreFLAC Audio Source" "" "" "c:\windows\syswow64\flacdx.ax"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claud.ax"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraudfx.ax"
+ "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraunrwrapper.ax"
+ "CyberLink Audio Spectrum Analyzer (HP)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claudspa.ax"
+ "CyberLink AudioCD Filter (HP)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdemuxer.ax"
+ "CyberLink Demultiplexer (HP)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\cldemuxer.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clnavx.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clnavx.ax"
+ "CyberLink EPG Decoder" "EPGDec" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrepgdec.ax"
+ "CyberLink File Map Sink" "CyberLink File Map Sink" "Cyberlink Corporation." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsnk.ax"
+ "CyberLink File Map Source" "CyberLink File Map Source" "CyberLink File Map Source" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsrc.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clline21.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clline21.ax"
+ "CyberLink MP3 Wrapper-PCM" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmp3wrap.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder                               " "CyberLink Corp.                                            " "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpegvanalyzer.ax"
+ "CyberLink Pipe Switch" "CyberLink Pipe Switch" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrpipswch.ax"
+ "CyberLink PTS Regulator" "CyberLink PTS Regulator " "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmptsreg.ax"
+ "CyberLink SBE Filter" "CLSBE" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbe.ax"
+ "CyberLink SBE Source Filter" "CLSBESrc" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbesrc.ax"
+ "Cyberlink SubTitle Importor (HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clsubtitle.ax"
+ "Cyberlink SubTitle(HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax"
+ "CyberLink Teletext Decoder Filter" "Teletext Renderer Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrttxdec.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clauts.ax"
+ "Cyberlink TS Filter Filter" "TSFF" "Cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsff.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsinfo.ax"
+ "CyberLink Tzan Filter (HP)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect (HP)" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clvidfx.ax"
+ "CyberLink Video Effect (HP)" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clvsd.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvsd.ax"
+ "CyberLink Volume Meter" "CLVolumeMeter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\hpvolumemeter.ax"
+ "CyberLink WMV Dumper(HP)" "CLWMVDum Dynamic Link Library" "" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmwmvdump.ax"
+ "Dirac Source" "Dirac Splitter" "Gabest" "c:\windows\syswow64\diracsplitter.ax"
+ "Dirac Splitter" "Dirac Splitter" "Gabest" "c:\windows\syswow64\diracsplitter.ax"
+ "Dirac Video Decoder" "Dirac Splitter" "Gabest" "c:\windows\syswow64\diracsplitter.ax"
+ "DirectVobSub" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "DirectVobSub (auto-loading version)" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "FLV Source" "FLV Splitter" "Gabest" "c:\windows\syswow64\flvdx.dll"
+ "FLV Splitter" "FLV Splitter" "Gabest" "c:\windows\syswow64\flvdx.dll"
+ "FLV Video Decoder" "FLV Splitter" "Gabest" "c:\windows\syswow64\flvdx.dll"
+ "Matroska Source" "Matroska Splitter" "Gabest" "c:\windows\syswow64\matroskadx.ax"
+ "Matroska Splitter" "Matroska Splitter" "Gabest" "c:\windows\syswow64\matroskadx.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\windows\syswow64\nbdx.dll"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\windows\syswow64\nbdx.dll"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\windows\syswow64\nbdx.dll"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\windows\syswow64\nbdx.dll"
+ "MONOGRAM Musepack Decoder" "" "" "c:\windows\syswow64\rlmpcdec.ax"
+ "MONOGRAM Musepack Splitter" "" "" "c:\windows\syswow64\mpcdx.ax"
+ "MSDVD Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax"
+ "PCM Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraud.ax"
+ "PCM Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraudenc.ax"
+ "PCM Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraursmpl.ax"
+ "PCM Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdump.ax"
+ "PCM MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgmux.ax"
+ "PCM MPEG Splitter" "PCM MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrm2splter.ax"
+ "PCM MPEG Video Encoder" "CyberLink MPEG Video Encoder                               " "CyberLink Corp.                                            " "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc2.ax"
+ "PCM RTP Source Filter" "RTP Source Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrrtpsrc.ax"
+ "PCM SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsshot.ax"
+ "PCM Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrvidfx.ax"
+ "PCM Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrresample.ax"
+ "PCM Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrvsd.ax"
+ "QTSrc" "msfDX.dll" "Hans Mayerl" "c:\windows\syswow64\msfdx.dll"
+ "RadLight Ogg Splitter" "RLOgg" "RadLight" "c:\windows\syswow64\rlogg.ax"
+ "RadLight Speex Decoder" "RadLight Speex Decoder" "" "c:\windows\syswow64\rlspeexdec.ax"
+ "RadLight Theora Decoder" "RadLight Theora Decoder" "RadLight, LLC" "c:\windows\syswow64\rltheoradec.ax"
+ "RadLight Vorbis Decoder" "RLVorbisDec.ax" "RadLight" "c:\windows\syswow64\rlvorbisdec.ax"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\windows\syswow64\realmediadx.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\windows\syswow64\realmediadx.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\windows\syswow64\realmediadx.ax"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\windows\syswow64\realmediadx.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Subtitle Source" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmravi_audtr.ax"
+ "True Audio Decoder" "True Audio DirectShow Decoder" "-" "c:\windows\syswow64\ttadsdecoder.ax"
+ "True Audio Splitter" "True Audio DirectShow Splitter" "-" "c:\windows\syswow64\ttadssplitter.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpfll70v.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpfll70v.dll"
 
thank you very much

Edited by bitware, 08 March 2013 - 10:28 PM.


#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:12 PM

Posted 08 March 2013 - 10:27 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users