Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost.exe trojan win7 64bit


  • Please log in to reply
14 replies to this topic

#1 milehieagle

milehieagle

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:39 PM

Posted 10 March 2013 - 12:53 AM

Hello,

 

First, this is a freinds computer I am trying to fix. I have never met a virus or malware I could not track down and kill until now. I have been trying to kill this one for an entire day and it's bigger than my skills. Computer is a dell. It started rebooting for no reason randomly about the middle of last November. Found several errors in event viewer -

 

Critical - System has rebooted without cleanly shutting down -many, many times.

 

Errors - Mcaffe stopped due to following error 0xc0000188

 Print spool failed to regenerate printer driver information

 

and some other errors as well. This has Mcafee running with the latest definitions. A scan was done a few different times. It found the trojan and claimed to fix it first try. But no. Not to long after that, system rebooted for no reason. Ran Malwarebytes and it found it while Mcafee could not. I have run MB 4 times with no luck. I started this process with checking all the drivers for the hardware and made sure they are up to date.

 

Need help. Have DDS.txt, attach.txt and MB files. What do I need to do next?



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 PM

Posted 10 March 2013 - 12:55 AM

Do not run any other tools when you are being assisted.

 

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 milehieagle

milehieagle
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:39 PM

Posted 10 March 2013 - 03:12 AM

Part 1

 

Here are the logs -


TDSSKiller txt file #1

23:04:14.0260 8764  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:04:16.0273 8764  ============================================================
23:04:16.0273 8764  Current date / time: 2013/03/09 23:04:16.0273
23:04:16.0273 8764  SystemInfo:
23:04:16.0273 8764
23:04:16.0273 8764  OS Version: 6.1.7601 ServicePack: 1.0
23:04:16.0273 8764  Product type: Workstation
23:04:16.0273 8764  ComputerName: WADDILL-DELL
23:04:16.0273 8764  UserName: Bernie
23:04:16.0273 8764  Windows directory: C:\Windows
23:04:16.0273 8764  System windows directory: C:\Windows
23:04:16.0273 8764  Running under WOW64
23:04:16.0273 8764  Processor architecture: Intel x64
23:04:16.0273 8764  Number of processors: 4
23:04:16.0273 8764  Page size: 0x1000
23:04:16.0273 8764  Boot type: Normal boot
23:04:16.0273 8764  ============================================================
23:04:17.0146 8764  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:04:17.0178 8764  ============================================================
23:04:17.0178 8764  \Device\Harddisk0\DR0:
23:04:17.0240 8764  MBR partitions:
23:04:17.0240 8764  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x219F000
23:04:17.0240 8764  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x21B3000, BlocksNum 0x72553000
23:04:17.0240 8764  ============================================================
23:04:17.0302 8764  C: <-> \Device\Harddisk0\DR0\Partition2
23:04:17.0302 8764  ============================================================
23:04:17.0302 8764  Initialize success
23:04:17.0302 8764  ============================================================
23:04:28.0801 8828  Deinitialize success


TDSSKiller txt file #2

23:06:16.0982 3180  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:06:18.0136 3180  ============================================================
23:06:18.0136 3180  Current date / time: 2013/03/09 23:06:18.0136
23:06:18.0136 3180  SystemInfo:
23:06:18.0136 3180
23:06:18.0136 3180  OS Version: 6.1.7601 ServicePack: 1.0
23:06:18.0136 3180  Product type: Workstation
23:06:18.0136 3180  ComputerName: WADDILL-DELL
23:06:18.0136 3180  UserName: Bernie
23:06:18.0136 3180  Windows directory: C:\Windows
23:06:18.0136 3180  System windows directory: C:\Windows
23:06:18.0136 3180  Running under WOW64
23:06:18.0136 3180  Processor architecture: Intel x64
23:06:18.0136 3180  Number of processors: 4
23:06:18.0136 3180  Page size: 0x1000
23:06:18.0136 3180  Boot type: Normal boot
23:06:18.0136 3180  ============================================================
23:06:19.0914 3180  BG loaded
23:06:22.0769 3180  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:06:22.0785 3180  ============================================================
23:06:22.0785 3180  \Device\Harddisk0\DR0:
23:06:22.0800 3180  MBR partitions:
23:06:22.0800 3180  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x219F000
23:06:22.0800 3180  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x21B3000, BlocksNum 0x72553000
23:06:22.0800 3180  ============================================================
23:06:22.0863 3180  C: <-> \Device\Harddisk0\DR0\Partition2
23:06:22.0863 3180  ============================================================
23:06:22.0863 3180  Initialize success
23:06:22.0863 3180  ============================================================
23:06:31.0864 3920  ============================================================
23:06:31.0864 3920  Scan started
23:06:31.0864 3920  Mode: Manual;
23:06:31.0864 3920  ============================================================
23:07:05.0601 3920  ================ Scan system memory ========================
23:07:05.0601 3920  System memory - ok
23:07:05.0601 3920  ================ Scan services =============================
23:07:06.0474 3920  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:07:06.0615 3920  1394ohci - ok
23:07:06.0739 3920  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:07:06.0802 3920  ACPI - ok
23:07:06.0849 3920  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:07:06.0864 3920  AcpiPmi - ok
23:07:07.0114 3920  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:07:07.0114 3920  AdobeARMservice - ok
23:07:08.0377 3920  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:07:08.0377 3920  AdobeFlashPlayerUpdateSvc - ok
23:07:09.0813 3920  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:07:09.0828 3920  adp94xx - ok
23:07:09.0906 3920  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:07:09.0953 3920  adpahci - ok
23:07:10.0000 3920  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:07:10.0015 3920  adpu320 - ok
23:07:10.0109 3920  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:07:10.0109 3920  AeLookupSvc - ok
23:07:10.0140 3920  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:07:10.0140 3920  AFD - ok
23:07:10.0171 3920  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:07:10.0203 3920  agp440 - ok
23:07:10.0234 3920  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:07:10.0234 3920  ALG - ok
23:07:10.0281 3920  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:07:10.0327 3920  aliide - ok
23:07:10.0359 3920  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:07:10.0390 3920  amdide - ok
23:07:10.0421 3920  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:07:10.0421 3920  AmdK8 - ok
23:07:10.0452 3920  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:07:10.0452 3920  AmdPPM - ok
23:07:10.0499 3920  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:07:10.0546 3920  amdsata - ok
23:07:10.0561 3920  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:07:10.0561 3920  amdsbs - ok
23:07:10.0577 3920  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:07:10.0577 3920  amdxata - ok
23:07:10.0593 3920  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:07:10.0624 3920  AppID - ok
23:07:10.0655 3920  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:07:10.0655 3920  AppIDSvc - ok
23:07:10.0671 3920  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:07:10.0671 3920  Appinfo - ok
23:07:10.0780 3920  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:07:10.0780 3920  Apple Mobile Device - ok
23:07:10.0811 3920  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:07:10.0811 3920  AppMgmt - ok
23:07:10.0858 3920  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
23:07:10.0873 3920  arc - ok
23:07:10.0889 3920  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:07:10.0889 3920  arcsas - ok
23:07:10.0998 3920  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:07:11.0170 3920  aspnet_state - ok
23:07:11.0185 3920  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:07:11.0201 3920  AsyncMac - ok
23:07:11.0217 3920  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:07:11.0217 3920  atapi - ok
23:07:11.0347 3920  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:07:11.0354 3920  AudioEndpointBuilder - ok
23:07:11.0367 3920  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:07:11.0372 3920  AudioSrv - ok
23:07:11.0404 3920  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:07:11.0404 3920  AxInstSV - ok
23:07:11.0437 3920  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:07:11.0442 3920  b06bdrv - ok
23:07:11.0459 3920  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:07:11.0464 3920  b57nd60a - ok
23:07:11.0507 3920  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:07:11.0507 3920  BDESVC - ok
23:07:11.0567 3920  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:07:11.0567 3920  Beep - ok
23:07:11.0657 3920  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:07:11.0664 3920  BFE - ok
23:07:11.0754 3920  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
23:07:11.0764 3920  BITS - ok
23:07:11.0789 3920  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:07:11.0792 3920  blbdrive - ok
23:07:11.0859 3920  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:07:11.0864 3920  Bonjour Service - ok
23:07:11.0882 3920  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:07:11.0882 3920  bowser - ok
23:07:11.0889 3920  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:07:11.0892 3920  BrFiltLo - ok
23:07:11.0902 3920  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:07:11.0904 3920  BrFiltUp - ok
23:07:11.0929 3920  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:07:11.0932 3920  Browser - ok
23:07:11.0974 3920  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:07:11.0992 3920  Brserid - ok
23:07:12.0009 3920  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:07:12.0017 3920  BrSerWdm - ok
23:07:12.0029 3920  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:07:12.0029 3920  BrUsbMdm - ok
23:07:12.0034 3920  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:07:12.0037 3920  BrUsbSer - ok
23:07:12.0054 3920  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:07:12.0054 3920  BTHMODEM - ok
23:07:12.0089 3920  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:07:12.0089 3920  bthserv - ok
23:07:12.0169 3920  [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64     C:\Windows\system32\drivers\BVRPMPR5a64.SYS
23:07:12.0179 3920  BVRPMPR5a64 - ok
23:07:12.0199 3920  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:07:12.0202 3920  cdfs - ok
23:07:12.0244 3920  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:07:12.0244 3920  cdrom - ok
23:07:12.0282 3920  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:07:12.0282 3920  CertPropSvc - ok
23:07:12.0324 3920  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\Windows\system32\drivers\cfwids.sys
23:07:12.0324 3920  cfwids - ok
23:07:12.0374 3920  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
23:07:12.0377 3920  circlass - ok
23:07:12.0427 3920  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:07:12.0429 3920  CLFS - ok
23:07:12.0652 3920  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:07:12.0862 3920  clr_optimization_v2.0.50727_32 - ok
23:07:12.0949 3920  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:07:12.0992 3920  clr_optimization_v2.0.50727_64 - ok
23:07:13.0157 3920  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:07:13.0262 3920  clr_optimization_v4.0.30319_32 - ok
23:07:13.0352 3920  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:07:13.0419 3920  clr_optimization_v4.0.30319_64 - ok
23:07:13.0492 3920  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:07:13.0502 3920  CmBatt - ok
23:07:13.0539 3920  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:07:13.0557 3920  cmdide - ok
23:07:13.0687 3920  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
23:07:13.0717 3920  CNG - ok
23:07:13.0766 3920  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:07:13.0781 3920  Compbatt - ok
23:07:13.0813 3920  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:07:13.0813 3920  CompositeBus - ok
23:07:13.0828 3920  COMSysApp - ok
23:07:13.0891 3920  cpudrv64 - ok
23:07:13.0906 3920  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:07:13.0906 3920  crcdisk - ok
23:07:13.0953 3920  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:07:13.0969 3920  CryptSvc - ok
23:07:13.0984 3920  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
23:07:13.0984 3920  CSC - ok
23:07:14.0047 3920  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
23:07:14.0062 3920  CscService - ok
23:07:14.0078 3920  [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
23:07:14.0078 3920  ctxusbm - ok
23:07:14.0109 3920  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:07:14.0125 3920  DcomLaunch - ok
23:07:14.0171 3920  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:07:14.0171 3920  defragsvc - ok
23:07:14.0203 3920  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:07:14.0203 3920  DfsC - ok
23:07:14.0249 3920  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:07:14.0249 3920  Dhcp - ok
23:07:14.0296 3920  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:07:14.0296 3920  discache - ok
23:07:14.0312 3920  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
23:07:14.0312 3920  Disk - ok
23:07:14.0343 3920  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
23:07:14.0359 3920  dmvsc - ok
23:07:14.0390 3920  [ D0BD250D538EB004CFF77660CEA81B7F ] DNE             C:\Windows\system32\DRIVERS\dnelwf64.sys
23:07:14.0390 3920  DNE - ok
23:07:14.0421 3920  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:07:14.0437 3920  Dnscache - ok
23:07:14.0468 3920  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:07:14.0468 3920  dot3svc - ok
23:07:14.0515 3920  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:07:14.0515 3920  DPS - ok
23:07:14.0546 3920  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:07:14.0546 3920  drmkaud - ok
23:07:14.0577 3920  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:07:14.0593 3920  DXGKrnl - ok
23:07:14.0655 3920  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:07:14.0671 3920  EapHost - ok
23:07:14.0920 3920  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:07:14.0983 3920  ebdrv - ok
23:07:15.0014 3920  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:07:15.0014 3920  EFS - ok
23:07:15.0092 3920  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:07:15.0107 3920  ehRecvr - ok
23:07:15.0139 3920  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:07:15.0139 3920  ehSched - ok
23:07:15.0201 3920  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:07:15.0217 3920  elxstor - ok
23:07:15.0248 3920  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:07:15.0248 3920  ErrDev - ok
23:07:15.0310 3920  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:07:15.0326 3920  EventSystem - ok
23:07:15.0341 3920  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:07:15.0341 3920  exfat - ok
23:07:15.0357 3920  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:07:15.0357 3920  fastfat - ok
23:07:15.0404 3920  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:07:15.0419 3920  Fax - ok
23:07:15.0435 3920  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
23:07:15.0435 3920  fdc - ok
23:07:15.0466 3920  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:07:15.0466 3920  fdPHost - ok
23:07:15.0482 3920  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:07:15.0482 3920  FDResPub - ok
23:07:15.0482 3920  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:07:15.0482 3920  FileInfo - ok
23:07:15.0497 3920  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:07:15.0497 3920  Filetrace - ok
23:07:15.0591 3920  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:07:15.0591 3920  FLEXnet Licensing Service - ok
23:07:15.0607 3920  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:07:15.0607 3920  flpydisk - ok
23:07:15.0622 3920  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:07:15.0638 3920  FltMgr - ok
23:07:15.0685 3920  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
23:07:15.0700 3920  FontCache - ok
23:07:15.0747 3920  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:07:15.0778 3920  FontCache3.0.0.0 - ok
23:07:15.0794 3920  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:07:15.0794 3920  FsDepends - ok
23:07:15.0809 3920  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:07:15.0809 3920  Fs_Rec - ok
23:07:15.0841 3920  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:07:15.0841 3920  fvevol - ok
23:07:15.0856 3920  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:07:15.0856 3920  gagp30kx - ok
23:07:15.0903 3920  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:07:15.0903 3920  GEARAspiWDM - ok
23:07:15.0934 3920  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:07:15.0950 3920  gpsvc - ok
23:07:15.0981 3920  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:07:15.0981 3920  hcw85cir - ok
23:07:16.0028 3920  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:07:16.0028 3920  HDAudBus - ok
23:07:16.0028 3920  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
23:07:16.0043 3920  HECIx64 - ok
23:07:16.0059 3920  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:07:16.0059 3920  HidBatt - ok
23:07:16.0075 3920  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:07:16.0075 3920  HidBth - ok
23:07:16.0090 3920  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:07:16.0090 3920  HidIr - ok
23:07:16.0106 3920  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
23:07:16.0106 3920  hidserv - ok
23:07:16.0137 3920  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:07:16.0137 3920  HidUsb - ok
23:07:16.0168 3920  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
23:07:16.0168 3920  HipShieldK - ok
23:07:16.0199 3920  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:07:16.0215 3920  hkmsvc - ok
23:07:16.0262 3920  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:07:16.0262 3920  HomeGroupListener - ok
23:07:16.0309 3920  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:07:16.0309 3920  HomeGroupProvider - ok
23:07:16.0324 3920  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:07:16.0324 3920  HpSAMD - ok
23:07:16.0355 3920  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:07:16.0355 3920  HTTP - ok
23:07:16.0371 3920  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:07:16.0371 3920  hwpolicy - ok
23:07:16.0402 3920  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:07:16.0449 3920  i8042prt - ok
23:07:16.0496 3920  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:07:16.0511 3920  iaStorV - ok
23:07:16.0683 3920  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:07:16.0699 3920  idsvc - ok
23:07:17.0447 3920  [ 4128D51B770BB68FE44EAF3AD1DBAB25 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:07:17.0494 3920  igfx - ok
23:07:17.0541 3920  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:07:17.0572 3920  iirsp - ok
23:07:17.0619 3920  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:07:17.0619 3920  IKEEXT - ok
23:07:17.0666 3920  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
23:07:17.0681 3920  Impcd - ok
23:07:17.0744 3920  [ E9BEFD8C6A1DB3B544B61647DDA35F62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:07:17.0837 3920  IntcAzAudAddService - ok
23:07:17.0900 3920  [ AE594CC17C33AC146739494615E14851 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:07:17.0900 3920  IntcDAud - ok
23:07:17.0931 3920  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:07:17.0931 3920  intelide - ok
23:07:17.0962 3920  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:07:17.0978 3920  intelppm - ok
23:07:17.0993 3920  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:07:18.0009 3920  IPBusEnum - ok
23:07:18.0025 3920  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:07:18.0025 3920  IpFilterDriver - ok
23:07:18.0056 3920  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:07:18.0056 3920  iphlpsvc - ok
23:07:18.0087 3920  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:07:18.0087 3920  IPMIDRV - ok
23:07:18.0118 3920  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:07:18.0134 3920  IPNAT - ok
23:07:18.0196 3920  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:07:18.0196 3920  iPod Service - ok
23:07:18.0227 3920  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:07:18.0227 3920  IRENUM - ok
23:07:18.0243 3920  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:07:18.0243 3920  isapnp - ok
23:07:18.0290 3920  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:07:18.0305 3920  iScsiPrt - ok
23:07:18.0337 3920  [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
23:07:18.0337 3920  k57nd60a - ok
23:07:18.0352 3920  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:07:18.0352 3920  kbdclass - ok
23:07:18.0352 3920  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:07:18.0352 3920  kbdhid - ok
23:07:18.0368 3920  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:07:18.0368 3920  KeyIso - ok
23:07:18.0399 3920  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:07:18.0399 3920  KSecDD - ok
23:07:18.0430 3920  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:07:18.0446 3920  KSecPkg - ok
23:07:18.0461 3920  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:07:18.0461 3920  ksthunk - ok
23:07:18.0508 3920  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:07:18.0524 3920  KtmRm - ok
23:07:18.0571 3920  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:07:18.0586 3920  LanmanServer - ok
23:07:18.0617 3920  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:07:18.0617 3920  LanmanWorkstation - ok
23:07:18.0649 3920  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:07:18.0649 3920  lltdio - ok
23:07:18.0680 3920  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:07:18.0695 3920  lltdsvc - ok
23:07:18.0695 3920  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:07:18.0695 3920  lmhosts - ok
23:07:18.0742 3920  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:07:18.0742 3920  LSI_FC - ok
23:07:18.0758 3920  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:07:18.0773 3920  LSI_SAS - ok
23:07:18.0789 3920  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:07:18.0789 3920  LSI_SAS2 - ok
23:07:18.0805 3920  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:07:18.0805 3920  LSI_SCSI - ok
23:07:18.0820 3920  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:07:18.0820 3920  luafv - ok
23:07:18.0929 3920  [ B6BD99C3E23507A732C474CAA620C0D7 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
23:07:18.0945 3920  McAWFwk - ok
23:07:18.0992 3920  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:07:18.0992 3920  McMPFSvc - ok
23:07:19.0007 3920  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
23:07:19.0007 3920  mcmscsvc - ok
23:07:19.0007 3920  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
23:07:19.0007 3920  McNaiAnn - ok
23:07:19.0007 3920  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
23:07:19.0007 3920  McNASvc - ok
23:07:19.0054 3920  [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
23:07:19.0070 3920  McODS - ok
23:07:19.0085 3920  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
23:07:19.0085 3920  McOobeSv - ok
23:07:19.0101 3920  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
23:07:19.0101 3920  McProxy - ok
23:07:19.0132 3920  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
23:07:19.0132 3920  McShield - ok
23:07:19.0179 3920  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:07:19.0179 3920  Mcx2Svc - ok
23:07:19.0210 3920  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:07:19.0226 3920  megasas - ok
23:07:19.0241 3920  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:07:19.0241 3920  MegaSR - ok
23:07:19.0257 3920  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
23:07:19.0273 3920  mfeapfk - ok
23:07:19.0304 3920  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
23:07:19.0304 3920  mfeavfk - ok
23:07:19.0351 3920  mfeavfk01 - ok
23:07:19.0382 3920  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:07:19.0382 3920  mfefire - ok
23:07:19.0444 3920  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
23:07:19.0460 3920  mfefirek - ok
23:07:19.0507 3920  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
23:07:19.0507 3920  mfehidk - ok
23:07:19.0538 3920  mfehidk01 - ok
23:07:19.0553 3920  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
23:07:19.0553 3920  mferkdet - ok
23:07:19.0569 3920  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\Windows\system32\mfevtps.exe
23:07:19.0569 3920  mfevtp - ok
23:07:19.0600 3920  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
23:07:19.0616 3920  mfewfpk - ok
23:07:19.0647 3920  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:07:19.0647 3920  MMCSS - ok
23:07:19.0694 3920  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:07:19.0709 3920  Modem - ok
23:07:19.0741 3920  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:07:19.0741 3920  monitor - ok
23:07:19.0787 3920  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:07:19.0787 3920  mouclass - ok
23:07:19.0819 3920  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:07:19.0819 3920  mouhid - ok
23:07:19.0819 3920  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:07:19.0834 3920  mountmgr - ok
23:07:19.0834 3920  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:07:19.0834 3920  mpio - ok
23:07:19.0865 3920  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:07:19.0865 3920  mpsdrv - ok
23:07:19.0928 3920  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:07:19.0943 3920  MpsSvc - ok
23:07:19.0959 3920  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:07:19.0959 3920  MRxDAV - ok
23:07:19.0975 3920  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:07:19.0990 3920  mrxsmb - ok
23:07:20.0006 3920  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:07:20.0006 3920  mrxsmb10 - ok
23:07:20.0037 3920  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:07:20.0037 3920  mrxsmb20 - ok
23:07:20.0037 3920  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:07:20.0037 3920  msahci - ok
23:07:20.0068 3920  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:07:20.0068 3920  msdsm - ok
23:07:20.0084 3920  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:07:20.0084 3920  MSDTC - ok
23:07:20.0099 3920  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:07:20.0099 3920  Msfs - ok
23:07:20.0131 3920  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:07:20.0131 3920  mshidkmdf - ok
23:07:20.0162 3920  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:07:20.0193 3920  msisadrv - ok
23:07:20.0287 3920  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:07:20.0287 3920  MSiSCSI - ok
23:07:20.0302 3920  msiserver - ok
23:07:20.0333 3920  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:07:20.0333 3920  MSK80Service - ok
23:07:20.0349 3920  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:07:20.0349 3920  MSKSSRV - ok
23:07:20.0365 3920  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:07:20.0365 3920  MSPCLOCK - ok
23:07:20.0380 3920  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:07:20.0380 3920  MSPQM - ok
23:07:20.0427 3920  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:07:20.0427 3920  MsRPC - ok
23:07:20.0443 3920  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:07:20.0443 3920  mssmbios - ok
23:07:20.0458 3920  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:07:20.0458 3920  MSTEE - ok
23:07:20.0474 3920  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:07:20.0474 3920  MTConfig - ok
23:07:20.0489 3920  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:07:20.0489 3920  Mup - ok
23:07:20.0536 3920  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:07:20.0552 3920  napagent - ok
23:07:20.0583 3920  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:07:20.0583 3920  NativeWifiP - ok
23:07:20.0677 3920  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:07:20.0677 3920  NDIS - ok
23:07:20.0708 3920  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:07:20.0723 3920  NdisCap - ok
23:07:20.0786 3920  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:07:20.0786 3920  NdisTapi - ok
23:07:20.0817 3920  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:07:20.0817 3920  Ndisuio - ok
23:07:20.0817 3920  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:07:20.0817 3920  NdisWan - ok
23:07:20.0833 3920  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:07:20.0833 3920  NDProxy - ok
23:07:20.0848 3920  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:07:20.0848 3920  NetBIOS - ok
23:07:20.0911 3920  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:07:20.0911 3920  NetBT - ok
23:07:20.0926 3920  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:07:20.0926 3920  Netlogon - ok
23:07:20.0989 3920  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:07:20.0989 3920  Netman - ok
23:07:21.0082 3920  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:07:21.0129 3920  NetMsmqActivator - ok
23:07:21.0129 3920  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:07:21.0129 3920  NetPipeActivator - ok
23:07:21.0191 3920  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:07:21.0191 3920  netprofm - ok
23:07:21.0191 3920  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:07:21.0191 3920  NetTcpActivator - ok
23:07:21.0191 3920  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:07:21.0191 3920  NetTcpPortSharing - ok
23:07:21.0285 3920  [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
23:07:21.0301 3920  netvsc - ok
23:07:21.0347 3920  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:07:21.0379 3920  nfrd960 - ok
23:07:21.0410 3920  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:07:21.0410 3920  NlaSvc - ok
23:07:21.0441 3920  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:07:21.0441 3920  Npfs - ok
23:07:21.0488 3920  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:07:21.0488 3920  nsi - ok
23:07:21.0503 3920  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:07:21.0503 3920  nsiproxy - ok
23:07:21.0550 3920  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:07:21.0581 3920  Ntfs - ok
23:07:21.0613 3920  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:07:21.0613 3920  Null - ok
23:07:21.0644 3920  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:07:21.0644 3920  nvraid - ok
23:07:21.0691 3920  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:07:21.0691 3920  nvstor - ok
23:07:21.0722 3920  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:07:21.0737 3920  nv_agp - ok
23:07:21.0769 3920  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:07:21.0784 3920  ohci1394 - ok
23:07:21.0987 3920  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:07:22.0018 3920  ose - ok
23:07:22.0658 3920  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:07:22.0783 3920  osppsvc - ok
23:07:22.0829 3920  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:07:22.0845 3920  p2pimsvc - ok
23:07:22.0876 3920  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:07:22.0876 3920  p2psvc - ok
23:07:22.0907 3920  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
23:07:22.0907 3920  Parport - ok
23:07:22.0923 3920  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:07:22.0923 3920  partmgr - ok
23:07:22.0939 3920  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:07:22.0939 3920  PcaSvc - ok
23:07:22.0970 3920  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:07:22.0985 3920  pci - ok
23:07:23.0001 3920  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:07:23.0001 3920  pciide - ok
23:07:23.0032 3920  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:07:23.0032 3920  pcmcia - ok
23:07:23.0048 3920  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:07:23.0048 3920  pcw - ok
23:07:23.0079 3920  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:07:23.0079 3920  PEAUTH - ok
23:07:23.0157 3920  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:07:23.0173 3920  PeerDistSvc - ok
23:07:23.0329 3920  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:07:23.0329 3920  PerfHost - ok
23:07:23.0625 3920  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:07:23.0641 3920  pla - ok
23:07:23.0812 3920  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:07:23.0812 3920  PlugPlay - ok
23:07:23.0875 3920  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:07:23.0875 3920  PNRPAutoReg - ok
23:07:23.0984 3920  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:07:23.0984 3920  PNRPsvc - ok
23:07:24.0171 3920  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:07:24.0171 3920  PolicyAgent - ok
23:07:24.0343 3920  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:07:24.0358 3920  Power - ok
23:07:25.0388 3920  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:07:25.0388 3920  PptpMiniport - ok
23:07:25.0497 3920  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
23:07:25.0513 3920  Processor - ok
23:07:25.0591 3920  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:07:25.0591 3920  ProfSvc - ok
23:07:25.0637 3920  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:07:25.0637 3920  ProtectedStorage - ok
23:07:25.0731 3920  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:07:25.0731 3920  Psched - ok
23:07:25.0762 3920  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
23:07:25.0809 3920  PxHlpa64 - ok
23:07:25.0887 3920  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:07:25.0903 3920  ql2300 - ok
23:07:25.0934 3920  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:07:25.0934 3920  ql40xx - ok
23:07:26.0012 3920  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:07:26.0012 3920  QWAVE - ok
23:07:26.0043 3920  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:07:26.0043 3920  QWAVEdrv - ok
23:07:26.0074 3920  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:07:26.0090 3920  RasAcd - ok
23:07:26.0137 3920  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:07:26.0137 3920  RasAgileVpn - ok
23:07:26.0199 3920  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:07:26.0199 3920  RasAuto - ok
23:07:26.0230 3920  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:07:26.0230 3920  Rasl2tp - ok
23:07:26.0246 3920  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:07:26.0246 3920  RasMan - ok
23:07:26.0261 3920  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:07:26.0261 3920  RasPppoe - ok
23:07:26.0308 3920  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:07:26.0308 3920  RasSstp - ok
23:07:26.0324 3920  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:07:26.0324 3920  rdbss - ok
23:07:26.0355 3920  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:07:26.0355 3920  rdpbus - ok
23:07:26.0386 3920  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:07:26.0386 3920  RDPCDD - ok
23:07:26.0402 3920  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:07:26.0402 3920  RDPDR - ok
23:07:26.0417 3920  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:07:26.0417 3920  RDPENCDD - ok
23:07:26.0433 3920  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:07:26.0433 3920  RDPREFMP - ok
23:07:26.0480 3920  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:07:26.0480 3920  RdpVideoMiniport - ok
23:07:26.0511 3920  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:07:26.0527 3920  RDPWD - ok
23:07:26.0542 3920  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:07:26.0558 3920  rdyboost - ok
23:07:26.0573 3920  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:07:26.0589 3920  RemoteAccess - ok
23:07:26.0651 3920  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:07:26.0651 3920  RemoteRegistry - ok
23:07:27.0681 3920  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
23:07:27.0712 3920  RoxMediaDB12OEM - ok
23:07:27.0759 3920  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
23:07:27.0775 3920  RoxWatch12 - ok
23:07:27.0790 3920  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:07:27.0790 3920  RpcEptMapper - ok
23:07:27.0853 3920  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:07:27.0853 3920  RpcLocator - ok
23:07:27.0868 3920  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:07:27.0884 3920  RpcSs - ok
23:07:27.0931 3920  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:07:27.0931 3920  rspndr - ok
23:07:27.0977 3920  [ 665BA29357882A8C5980B15B3A0123A4 ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
23:07:27.0993 3920  RTL8192cu - ok
23:07:28.0024 3920  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:07:28.0024 3920  s3cap - ok
23:07:28.0040 3920  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:07:28.0040 3920  SamSs - ok
23:07:28.0055 3920  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:07:28.0055 3920  sbp2port - ok
23:07:28.0118 3920  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:07:28.0133 3920  SCardSvr - ok
23:07:28.0149 3920  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:07:28.0149 3920  scfilter - ok
23:07:28.0211 3920  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:07:28.0211 3920  Schedule - ok
23:07:28.0243 3920  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:07:28.0258 3920  SCPolicySvc - ok
23:07:28.0274 3920  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:07:28.0274 3920  SDRSVC - ok
23:07:28.0289 3920  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:07:28.0289 3920  secdrv - ok
23:07:28.0305 3920  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:07:28.0305 3920  seclogon - ok
23:07:28.0321 3920  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:07:28.0321 3920  SENS - ok
23:07:28.0336 3920  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:07:28.0336 3920  SensrSvc - ok
23:07:28.0352 3920  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
23:07:28.0352 3920  Serenum - ok
23:07:28.0367 3920  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
23:07:28.0399 3920  Serial - ok
23:07:28.0445 3920  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:07:28.0445 3920  sermouse - ok
23:07:28.0477 3920  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:07:28.0477 3920  SessionEnv - ok
23:07:28.0492 3920  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:07:28.0492 3920  sffdisk - ok
23:07:28.0508 3920  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:07:28.0508 3920  sffp_mmc - ok
23:07:28.0508 3920  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:07:28.0523 3920  sffp_sd - ok
23:07:28.0539 3920  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:07:28.0539 3920  sfloppy - ok
23:07:28.0664 3920  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:07:28.0664 3920  SharedAccess - ok
23:07:28.0773 3920  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:07:28.0773 3920  ShellHWDetection - ok
23:07:28.0804 3920  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:07:28.0804 3920  SiSRaid2 - ok
23:07:28.0820 3920  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:07:28.0835 3920  SiSRaid4 - ok
23:07:28.0945 3920  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:07:28.0945 3920  SkypeUpdate - ok
23:07:28.0976 3920  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:07:28.0976 3920  Smb - ok
23:07:29.0007 3920  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:07:29.0007 3920  SNMPTRAP - ok
23:07:29.0023 3920  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:07:29.0023 3920  spldr - ok
23:07:29.0085 3920  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:07:29.0101 3920  Spooler - ok
23:07:29.0194 3920  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:07:29.0210 3920  sppsvc - ok
23:07:29.0225 3920  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:07:29.0225 3920  sppuinotify - ok
23:07:29.0288 3920  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:07:29.0303 3920  srv - ok
23:07:29.0319 3920  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:07:29.0319 3920  srv2 - ok
23:07:29.0335 3920  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:07:29.0335 3920  srvnet - ok
23:07:29.0397 3920  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:07:29.0397 3920  SSDPSRV - ok
23:07:29.0413 3920  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:07:29.0413 3920  SstpSvc - ok
23:07:29.0428 3920  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:07:29.0428 3920  stexstor - ok
23:07:29.0475 3920  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:07:29.0475 3920  stisvc - ok
23:07:29.0537 3920  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
23:07:29.0553 3920  stllssvr - ok
23:07:29.0600 3920  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
23:07:29.0600 3920  StorSvc - ok
23:07:29.0631 3920  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:07:29.0678 3920  storvsc - ok
23:07:29.0725 3920  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:07:29.0725 3920  swenum - ok
23:07:29.0787 3920  [ 059CD93B2E0E9F48FF68CB591932320D ] SWGVCSvc        C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
23:07:29.0787 3920  SWGVCSvc - ok
23:07:29.0818 3920  [ 25776666158CB1D3E959635DF2B69787 ] SWIPsec         C:\Windows\system32\Drivers\SWIPsec.sys
23:07:29.0834 3920  SWIPsec - ok
23:07:29.0865 3920  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:07:29.0865 3920  swprv - ok
23:07:29.0881 3920  [ DCF11E08A8524B19EC47515C22BE492E ] SWVNIC          C:\Windows\system32\DRIVERS\swvnic.sys
23:07:29.0881 3920  SWVNIC - ok
23:07:29.0912 3920  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
23:07:29.0912 3920  SynthVid - ok
23:07:29.0974 3920  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:07:29.0974 3920  SysMain - ok
23:07:30.0005 3920  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:07:30.0005 3920  TabletInputService - ok
23:07:30.0021 3920  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:07:30.0021 3920  TapiSrv - ok
23:07:30.0037 3920  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:07:30.0037 3920  TBS - ok
23:07:30.0068 3920  [ 37FC5DEAED21A8B7B7D377504CCA445D ] TCMSv2 Synchronise Service C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\SyncService.exe
23:07:30.0068 3920  TCMSv2 Synchronise Service - ok
23:07:30.0146 3920  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:07:30.0161 3920  Tcpip - ok
23:07:30.0193 3920  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:07:30.0208 3920  TCPIP6 - ok
23:07:30.0239 3920  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:07:30.0239 3920  tcpipreg - ok
23:07:30.0286 3920  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:07:30.0317 3920  TDPIPE - ok
23:07:30.0317 3920  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:07:30.0333 3920  TDTCP - ok
23:07:30.0349 3920  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:07:30.0349 3920  tdx - ok
23:07:30.0364 3920  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:07:30.0364 3920  TermDD - ok
23:07:30.0411 3920  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:07:30.0411 3920  TermService - ok
23:07:30.0427 3920  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:07:30.0427 3920  Themes - ok
23:07:30.0442 3920  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:07:30.0442 3920  THREADORDER - ok
23:07:30.0473 3920  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:07:30.0473 3920  TrkWks - ok
23:07:30.0536 3920  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:07:30.0536 3920  TrustedInstaller - ok
23:07:30.0551 3920  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:07:30.0551 3920  tssecsrv - ok
23:07:30.0583 3920  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:07:30.0645 3920  TsUsbFlt - ok
23:07:30.0723 3920  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:07:30.0723 3920  TsUsbGD - ok
23:07:30.0801 3920  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:07:30.0801 3920  tunnel - ok
23:07:30.0832 3920  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:07:30.0832 3920  uagp35 - ok
23:07:30.0879 3920  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:07:30.0879 3920  udfs - ok
23:07:30.0910 3920  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:07:30.0926 3920  UI0Detect - ok
23:07:30.0941 3920  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:07:30.0941 3920  uliagpkx - ok
23:07:31.0004 3920  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:07:31.0004 3920  umbus - ok
23:07:31.0035 3920  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:07:31.0066 3920  UmPass - ok
23:07:31.0066 3920  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
23:07:31.0082 3920  UmRdpService - ok
23:07:31.0144 3920  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:07:31.0160 3920  upnphost - ok
23:07:31.0253 3920  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:07:31.0269 3920  USBAAPL64 - ok
23:07:31.0316 3920  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:07:31.0316 3920  usbaudio - ok
23:07:31.0331 3920  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:07:31.0331 3920  usbccgp - ok
23:07:31.0363 3920  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:07:31.0363 3920  usbcir - ok
23:07:31.0378 3920  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:07:31.0378 3920  usbehci - ok
23:07:31.0394 3920  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:07:31.0409 3920  usbhub - ok
23:07:31.0409 3920  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:07:31.0409 3920  usbohci - ok
23:07:31.0425 3920  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:07:31.0425 3920  usbprint - ok
23:07:31.0456 3920  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:07:31.0456 3920  usbscan - ok
23:07:31.0456 3920  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:07:31.0472 3920  USBSTOR - ok
23:07:31.0472 3920  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:07:31.0487 3920  usbuhci - ok
23:07:31.0519 3920  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:07:31.0534 3920  UxSms - ok
23:07:31.0550 3920  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:07:31.0550 3920  VaultSvc - ok
23:07:31.0581 3920  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:07:31.0581 3920  vdrvroot - ok
23:07:31.0628 3920  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:07:31.0628 3920  vds - ok
23:07:31.0643 3920  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:07:31.0643 3920  vga - ok
23:07:31.0659 3920  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:07:31.0659 3920  VgaSave - ok
23:07:31.0675 3920  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:07:31.0690 3920  vhdmp - ok
23:07:31.0690 3920  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:07:31.0706 3920  viaide - ok
23:07:31.0706 3920  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:07:31.0706 3920  VMBusHID - ok
23:07:31.0737 3920  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:07:31.0737 3920  volmgr - ok
23:07:31.0753 3920  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:07:31.0768 3920  volmgrx - ok
23:07:31.0784 3920  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:07:31.0784 3920  volsnap - ok
23:07:31.0831 3920  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
23:07:31.0831 3920  vpcbus - ok
23:07:31.0846 3920  [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
23:07:31.0846 3920  vpcnfltr - ok
23:07:31.0877 3920  [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
23:07:31.0877 3920  vpcusb - ok
23:07:31.0924 3920  [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
23:07:31.0924 3920  vpcvmm - ok
23:07:31.0940 3920  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:07:31.0940 3920  vsmraid - ok
23:07:32.0158 3920  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:07:32.0174 3920  VSS - ok
23:07:32.0205 3920  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:07:32.0221 3920  vwifibus - ok
23:07:32.0252 3920  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:07:32.0252 3920  vwififlt - ok
23:07:32.0267 3920  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:07:32.0267 3920  vwifimp - ok
23:07:32.0283 3920  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:07:32.0283 3920  W32Time - ok
23:07:32.0314 3920  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:07:32.0314 3920  WacomPen - ok
23:07:32.0345 3920  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:07:32.0345 3920  WANARP - ok
23:07:32.0361 3920  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:07:32.0361 3920  Wanarpv6 - ok
23:07:32.0423 3920  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:07:32.0455 3920  WatAdminSvc - ok
23:07:32.0673 3920  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:07:32.0673 3920  wbengine - ok
23:07:32.0735 3920  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:07:32.0735 3920  WbioSrvc - ok
23:07:32.0813 3920  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:07:32.0813 3920  wcncsvc - ok
23:07:32.0829 3920  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:07:32.0829 3920  WcsPlugInService - ok
23:07:32.0891 3920  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
23:07:32.0907 3920  Wd - ok
23:07:32.0954 3920  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:07:32.0969 3920  Wdf01000 - ok
23:07:33.0001 3920  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:07:33.0001 3920  WdiServiceHost - ok
23:07:33.0001 3920  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:07:33.0001 3920  WdiSystemHost - ok
23:07:33.0063 3920  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:07:33.0063 3920  WebClient - ok
23:07:33.0125 3920  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:07:33.0125 3920  Wecsvc - ok
23:07:33.0157 3920  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:07:33.0157 3920  wercplsupport - ok
23:07:33.0188 3920  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:07:33.0188 3920  WerSvc - ok
23:07:33.0250 3920  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:07:33.0250 3920  WfpLwf - ok
23:07:33.0281 3920  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
23:07:33.0297 3920  WimFltr - ok
23:07:33.0313 3920  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:07:33.0313 3920  WIMMount - ok
23:07:33.0344 3920  WinDefend - ok
23:07:33.0344 3920  WinHttpAutoProxySvc - ok
23:07:33.0484 3920  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:07:33.0484 3920  Winmgmt - ok
23:07:33.0640 3920  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:07:33.0640 3920  WinRM - ok
23:07:33.0703 3920  [ FE88B288356E7B47B74B13372ADD906D ] winusb          C:\Windows\system32\DRIVERS\WinUSB.SYS
23:07:33.0718 3920  winusb - ok
23:07:33.0749 3920  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:07:33.0765 3920  Wlansvc - ok
23:07:33.0843 3920  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:07:33.0874 3920  wlcrasvc - ok
23:07:33.0999 3920  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:07:33.0999 3920  wlidsvc - ok
23:07:34.0030 3920  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:07:34.0030 3920  WmiAcpi - ok
23:07:34.0061 3920  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:07:34.0061 3920  wmiApSrv - ok
23:07:34.0108 3920  WMPNetworkSvc - ok
23:07:34.0139 3920  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:07:34.0139 3920  WPCSvc - ok
23:07:34.0155 3920  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:07:34.0202 3920  WPDBusEnum - ok
23:07:34.0264 3920  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:07:34.0264 3920  ws2ifsl - ok
23:07:34.0311 3920  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:07:34.0327 3920  wscsvc - ok
23:07:34.0327 3920  WSearch - ok
23:07:34.0483 3920  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:07:34.0826 3920  wuauserv - ok
23:07:34.0888 3920  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:07:34.0888 3920  WudfPf - ok
23:07:34.0966 3920  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:07:34.0966 3920  WUDFRd - ok
23:07:35.0029 3920  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:07:35.0029 3920  wudfsvc - ok
23:07:35.0107 3920  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:07:35.0122 3920  WwanSvc - ok
23:07:35.0263 3920  ================ Scan global ===============================
23:07:35.0356 3920  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:07:35.0419 3920  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:07:35.0434 3920  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:07:35.0481 3920  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:07:35.0699 3920  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:07:35.0699 3920  [Global] - ok
23:07:35.0699 3920  ================ Scan MBR ==================================
23:07:35.0715 3920  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:07:35.0715 3920  Suspicious mbr (Forged): \Device\Harddisk0\DR0
23:07:35.0777 3920  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
23:07:35.0777 3920  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
23:07:35.0777 3920  ================ Scan VBR ==================================
23:07:35.0777 3920  [ 382E8B3248DDA28688C66616E74D5CE6 ] \Device\Harddisk0\DR0\Partition1
23:07:35.0793 3920  \Device\Harddisk0\DR0\Partition1 - ok
23:07:35.0793 3920  [ 17535D772A96825E5887EFE3BFF9E006 ] \Device\Harddisk0\DR0\Partition2
23:07:35.0793 3920  \Device\Harddisk0\DR0\Partition2 - ok
23:07:35.0793 3920  ================ Scan active images ========================
23:07:35.0809 3920  [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
23:07:35.0809 3920  C:\Windows\System32\drivers\atapi.sys - ok
23:07:35.0809 3920  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
23:07:35.0809 3920  C:\Windows\System32\drivers\crashdmp.sys - ok
23:07:35.0809 3920  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
23:07:35.0809 3920  C:\Windows\System32\drivers\Dumpata.sys - ok
23:07:35.0809 3920  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
23:07:35.0809 3920  C:\Windows\System32\drivers\dumpfve.sys - ok
23:07:35.0809 3920  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
23:07:35.0809 3920  C:\Windows\System32\drivers\beep.sys - ok
23:07:35.0824 3920  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
23:07:35.0824 3920  C:\Windows\System32\drivers\cdrom.sys - ok
23:07:35.0824 3920  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
23:07:35.0824 3920  C:\Windows\System32\drivers\null.sys - ok
23:07:35.0824 3920  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
23:07:35.0824 3920  C:\Windows\System32\drivers\msfs.sys - ok
23:07:35.0824 3920  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
23:07:35.0824 3920  C:\Windows\System32\drivers\RDPCDD.sys - ok
23:07:35.0824 3920  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
23:07:35.0824 3920  C:\Windows\System32\drivers\RDPENCDD.sys - ok
23:07:35.0840 3920  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
23:07:35.0840 3920  C:\Windows\System32\drivers\RDPREFMP.sys - ok
23:07:35.0840 3920  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
23:07:35.0840 3920  C:\Windows\System32\drivers\vga.sys - ok
23:07:35.0840 3920  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
23:07:35.0840 3920  C:\Windows\System32\drivers\videoprt.sys - ok
23:07:35.0840 3920  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
23:07:35.0840 3920  C:\Windows\System32\drivers\watchdog.sys - ok
23:07:35.0855 3920  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
23:07:35.0855 3920  C:\Windows\System32\drivers\npfs.sys - ok
23:07:35.0855 3920  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
23:07:35.0855 3920  C:\Windows\System32\drivers\tdi.sys - ok
23:07:35.0855 3920  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
23:07:35.0855 3920  C:\Windows\System32\drivers\tdx.sys - ok
23:07:35.0855 3920  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
23:07:35.0855 3920  C:\Windows\System32\drivers\afd.sys - ok
23:07:35.0855 3920  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
23:07:35.0855 3920  C:\Windows\System32\drivers\netbt.sys - ok
23:07:35.0855 3920  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
23:07:35.0855 3920  C:\Windows\System32\drivers\pacer.sys - ok
23:07:35.0871 3920  [ E675FB2B48C54F09895482E2253B289C ] C:\Windows\System32\drivers\vpcnfltr.sys
23:07:35.0871 3920  C:\Windows\System32\drivers\vpcnfltr.sys - ok
23:07:35.0871 3920  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
23:07:35.0871 3920  C:\Windows\System32\drivers\wfplwf.sys - ok
23:07:35.0871 3920  [ D0BD250D538EB004CFF77660CEA81B7F ] C:\Windows\System32\drivers\dnelwf64.sys
23:07:35.0871 3920  C:\Windows\System32\drivers\dnelwf64.sys - ok
23:07:35.0871 3920  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
23:07:35.0871 3920  C:\Windows\System32\drivers\netbios.sys - ok
23:07:35.0871 3920  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
23:07:35.0871 3920  C:\Windows\System32\drivers\vwififlt.sys - ok
23:07:35.0871 3920  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
23:07:35.0871 3920  C:\Windows\System32\drivers\wanarp.sys - ok
23:07:35.0887 3920  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
23:07:35.0887 3920  C:\Windows\System32\drivers\termdd.sys - ok
23:07:35.0887 3920  [ 207B6539799CC1C112661A9B620DD233 ] C:\Windows\System32\drivers\vpcvmm.sys
23:07:35.0887 3920  C:\Windows\System32\drivers\vpcvmm.sys - ok
23:07:35.0887 3920  [ BA8E5B2291C01EF71CA80E25F0C79D55 ] C:\Windows\System32\drivers\ctxusbm.sys
23:07:35.0887 3920  C:\Windows\System32\drivers\ctxusbm.sys - ok
23:07:35.0887 3920  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
23:07:35.0887 3920  C:\Windows\System32\drivers\dfsc.sys - ok
23:07:35.0887 3920  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
23:07:35.0887 3920  C:\Windows\System32\drivers\discache.sys - ok
23:07:35.0887 3920  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
23:07:35.0887 3920  C:\Windows\System32\drivers\mssmbios.sys - ok
23:07:35.0902 3920  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
23:07:35.0902 3920  C:\Windows\System32\drivers\nsiproxy.sys - ok
23:07:35.0902 3920  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
23:07:35.0902 3920  C:\Windows\System32\drivers\rdbss.sys - ok
23:07:35.0902 3920  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
23:07:35.0902 3920  C:\Windows\System32\drivers\csc.sys - ok
23:07:35.0902 3920  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
23:07:35.0902 3920  C:\Windows\System32\drivers\blbdrive.sys - ok
23:07:35.0918 3920  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
23:07:35.0918 3920  C:\Windows\System32\drivers\tunnel.sys - ok
23:07:35.0918 3920  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
23:07:35.0918 3920  C:\Windows\System32\drivers\intelppm.sys - ok
23:07:35.0918 3920  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
23:07:35.0918 3920  C:\Windows\System32\ntdll.dll - ok
23:07:35.0918 3920  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
23:07:35.0918 3920  C:\Windows\System32\smss.exe - ok
23:07:35.0918 3920  [ 4128D51B770BB68FE44EAF3AD1DBAB25 ] C:\Windows\System32\drivers\igdkmd64.sys
23:07:35.0918 3920  C:\Windows\System32\drivers\igdkmd64.sys - ok
23:07:35.0918 3920  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
23:07:35.0918 3920  C:\Windows\System32\autochk.exe - ok
23:07:35.0933 3920  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
23:07:35.0933 3920  C:\Windows\System32\drivers\dxgkrnl.sys - ok
23:07:35.0933 3920  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
23:07:35.0933 3920  C:\Windows\System32\drivers\dxgmms1.sys - ok
23:07:35.0933 3920  [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
23:07:35.0933 3920  C:\Windows\System32\drivers\HECIx64.sys - ok
23:07:35.0933 3920  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
23:07:35.0933 3920  C:\Windows\System32\drivers\usbport.sys - ok
23:07:35.0933 3920  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
23:07:35.0933 3920  C:\Windows\System32\drivers\usbehci.sys - ok
23:07:35.0933 3920  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
23:07:35.0933 3920  C:\Windows\System32\drivers\hdaudbus.sys - ok
23:07:35.0949 3920  [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] C:\Windows\System32\drivers\k57nd60a.sys
23:07:35.0949 3920  C:\Windows\System32\drivers\k57nd60a.sys - ok
23:07:35.0949 3920  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
23:07:35.0949 3920  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
23:07:35.0949 3920  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
23:07:35.0949 3920  C:\Windows\System32\drivers\CompositeBus.sys - ok
23:07:35.0949 3920  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
23:07:35.0949 3920  C:\Windows\System32\drivers\agilevpn.sys - ok
23:07:35.0949 3920  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
23:07:35.0949 3920  C:\Windows\System32\drivers\rasl2tp.sys - ok
23:07:35.0965 3920  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
23:07:35.0965 3920  C:\Windows\System32\drivers\ndistapi.sys - ok
23:07:35.0965 3920  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
23:07:35.0965 3920  C:\Windows\System32\drivers\ndiswan.sys - ok
23:07:35.0965 3920  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
23:07:35.0965 3920  C:\Windows\System32\drivers\raspppoe.sys - ok
23:07:35.0965 3920  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
23:07:35.0965 3920  C:\Windows\System32\drivers\raspptp.sys - ok
23:07:35.0965 3920  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
23:07:35.0965 3920  C:\Windows\System32\drivers\rassstp.sys - ok
23:07:35.0965 3920  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
23:07:35.0980 3920  C:\Windows\System32\drivers\rdpbus.sys - ok
23:07:35.0980 3920  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
23:07:35.0980 3920  C:\Windows\System32\drivers\kbdclass.sys - ok
23:07:35.0980 3920  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
23:07:35.0980 3920  C:\Windows\System32\drivers\mouclass.sys - ok
23:07:35.0980 3920  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
23:07:35.0980 3920  C:\Windows\System32\drivers\ks.sys - ok
23:07:35.0980 3920  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
23:07:35.0980 3920  C:\Windows\System32\drivers\swenum.sys - ok
23:07:35.0980 3920  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
23:07:35.0980 3920  C:\Windows\System32\drivers\umbus.sys - ok
23:07:35.0996 3920  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
23:07:35.0996 3920  C:\Windows\System32\drivers\usbd.sys - ok
23:07:35.0996 3920  [ C3EC945DEC43C00E2AD4C98DDDD064C7 ] C:\Windows\System32\drivers\usbrpm.sys
23:07:35.0996 3920  C:\Windows\System32\drivers\usbrpm.sys - ok
23:07:35.0996 3920  [ 5FB42082B0D19A0268705F1DD343DF20 ] C:\Windows\System32\drivers\vpcusb.sys
23:07:35.0996 3920  C:\Windows\System32\drivers\vpcusb.sys - ok
23:07:35.0996 3920  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] C:\Windows\System32\drivers\vpchbus.sys
23:07:35.0996 3920  C:\Windows\System32\drivers\vpchbus.sys - ok
23:07:35.0996 3920  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
23:07:35.0996 3920  C:\Windows\System32\lpk.dll - ok
23:07:36.0011 3920  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
23:07:36.0011 3920  C:\Windows\System32\shell32.dll - ok
23:07:36.0011 3920  [ 8B892002D7B79312821169A14317AB86 ] C:\Windows\System32\drivers\usbhub.sys
23:07:36.0011 3920  C:\Windows\System32\drivers\usbhub.sys - ok
23:07:36.0011 3920  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
23:07:36.0011 3920  C:\Windows\System32\drivers\ndproxy.sys - ok
23:07:36.0011 3920  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
23:07:36.0011 3920  C:\Windows\System32\drivers\drmk.sys - ok
23:07:36.0011 3920  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
23:07:36.0011 3920  C:\Windows\System32\drivers\portcls.sys - ok
23:07:36.0011 3920  [ E9BEFD8C6A1DB3B544B61647DDA35F62 ] C:\Windows\System32\drivers\RTKVHD64.sys
23:07:36.0011 3920  C:\Windows\System32\drivers\RTKVHD64.sys - ok
23:07:36.0027 3920  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
23:07:36.0027 3920  C:\Windows\System32\drivers\ksthunk.sys - ok
23:07:36.0027 3920  [ 87BEA2616EFDEC6A1CB3BFCFB09D816A ] C:\Windows\System32\urlmon.dll
23:07:36.0027 3920  C:\Windows\System32\urlmon.dll - ok
23:07:36.0027 3920  [ AE594CC17C33AC146739494615E14851 ] C:\Windows\System32\drivers\IntcDAud.sys
23:07:36.0027 3920  C:\Windows\System32\drivers\IntcDAud.sys - ok
23:07:36.0027 3920  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
23:07:36.0027 3920  C:\Windows\System32\oleaut32.dll - ok
23:07:36.0027 3920  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
23:07:36.0027 3920  C:\Windows\System32\setupapi.dll - ok
23:07:36.0027 3920  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
23:07:36.0027 3920  C:\Windows\System32\rpcrt4.dll - ok
23:07:36.0043 3920  [ F431C3C86FCCC1C53814F043A6CAD825 ] C:\Windows\System32\iertutil.dll
23:07:36.0043 3920  C:\Windows\System32\iertutil.dll - ok
23:07:36.0043 3920  [ 113F1534B80D65DFDCA660F19967A3B7 ] C:\Windows\System32\drivers\mfeavfk.sys
23:07:36.0043 3920  C:\Windows\System32\drivers\mfeavfk.sys - ok
23:07:36.0043 3920  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
23:07:36.0043 3920  C:\Windows\System32\ws2_32.dll - ok
23:07:36.0043 3920  [ CECC9841D036EE008091825272D91331 ] C:\Windows\System32\drivers\mfefirek.sys
23:07:36.0043 3920  C:\Windows\System32\drivers\mfefirek.sys - ok
23:07:36.0043 3920  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
23:07:36.0043 3920  C:\Windows\System32\shlwapi.dll - ok
23:07:36.0043 3920  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
23:07:36.0043 3920  C:\Windows\System32\gdi32.dll - ok
23:07:36.0058 3920  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
23:07:36.0058 3920  C:\Windows\System32\difxapi.dll - ok
23:07:36.0058 3920  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
23:07:36.0058 3920  C:\Windows\System32\advapi32.dll - ok
23:07:36.0058 3920  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
23:07:36.0058 3920  C:\Windows\System32\nsi.dll - ok
23:07:36.0058 3920  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
23:07:36.0058 3920  C:\Windows\System32\imm32.dll - ok
23:07:36.0058 3920  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
23:07:36.0058 3920  C:\Windows\System32\psapi.dll - ok
23:07:36.0058 3920  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
23:07:36.0058 3920  C:\Windows\System32\ole32.dll - ok
23:07:36.0074 3920  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
23:07:36.0074 3920  C:\Windows\System32\usp10.dll - ok
23:07:36.0074 3920  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
23:07:36.0074 3920  C:\Windows\System32\user32.dll - ok
23:07:36.0074 3920  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
23:07:36.0074 3920  C:\Windows\System32\comdlg32.dll - ok
23:07:36.0074 3920  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
23:07:36.0074 3920  C:\Windows\System32\kernel32.dll - ok
23:07:36.0074 3920  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
23:07:36.0074 3920  C:\Windows\System32\sechost.dll - ok
23:07:36.0074 3920  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
23:07:36.0074 3920  C:\Windows\System32\imagehlp.dll - ok
23:07:36.0089 3920  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
23:07:36.0089 3920  C:\Windows\System32\msctf.dll - ok
23:07:36.0089 3920  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
23:07:36.0089 3920  C:\Windows\System32\msvcrt.dll - ok
23:07:36.0089 3920  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
23:07:36.0089 3920  C:\Windows\System32\clbcatq.dll - ok
23:07:36.0089 3920  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
23:07:36.0089 3920  C:\Windows\System32\Wldap32.dll - ok
23:07:36.0089 3920  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
23:07:36.0089 3920  C:\Windows\System32\normaliz.dll - ok
23:07:36.0089 3920  [ 435E9C764E1EF70058580996452BE6A2 ] C:\Windows\System32\wininet.dll
23:07:36.0089 3920  C:\Windows\System32\wininet.dll - ok
23:07:36.0089 3920  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
23:07:36.0089 3920  C:\Windows\System32\comctl32.dll - ok
23:07:36.0105 3920  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
23:07:36.0105 3920  C:\Windows\System32\wintrust.dll - ok
23:07:36.0105 3920  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
23:07:36.0105 3920  C:\Windows\System32\devobj.dll - ok
23:07:36.0105 3920  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
23:07:36.0105 3920  C:\Windows\System32\KernelBase.dll - ok
23:07:36.0105 3920  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
23:07:36.0105 3920  C:\Windows\System32\cfgmgr32.dll - ok
23:07:36.0105 3920  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
23:07:36.0105 3920  C:\Windows\System32\crypt32.dll - ok
23:07:36.0121 3920  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
23:07:36.0121 3920  C:\Windows\System32\msasn1.dll - ok
23:07:36.0121 3920  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
23:07:36.0121 3920  C:\Windows\System32\drivers\hidclass.sys - ok
23:07:36.0121 3920  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
23:07:36.0121 3920  C:\Windows\System32\drivers\hidparse.sys - ok
23:07:36.0121 3920  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
23:07:36.0121 3920  C:\Windows\System32\drivers\hidusb.sys - ok
23:07:36.0121 3920  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
23:07:36.0121 3920  C:\Windows\System32\drivers\kbdhid.sys - ok
23:07:36.0136 3920  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
23:07:36.0136 3920  C:\Windows\System32\drivers\USBSTOR.SYS - ok
23:07:36.0136 3920  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
23:07:36.0136 3920  C:\Windows\SysWOW64\normaliz.dll - ok
23:07:36.0136 3920  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
23:07:36.0136 3920  C:\Windows\System32\drivers\mouhid.sys - ok
23:07:36.0136 3920  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
23:07:36.0136 3920  C:\Windows\System32\drivers\dxapi.sys - ok
23:07:36.0136 3920  [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
23:07:36.0136 3920  C:\Windows\System32\win32k.sys - ok
23:07:36.0152 3920  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
23:07:36.0152 3920  C:\Windows\System32\csrss.exe - ok
23:07:36.0152 3920  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
23:07:36.0152 3920  C:\Windows\System32\csrsrv.dll - ok
23:07:36.0152 3920  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
23:07:36.0152 3920  C:\Windows\System32\basesrv.dll - ok
23:07:36.0152 3920  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
23:07:36.0152 3920  C:\Windows\System32\winsrv.dll - ok
23:07:36.0152 3920  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
23:07:36.0152 3920  C:\Windows\System32\drivers\monitor.sys - ok
23:07:36.0167 3920  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
23:07:36.0167 3920  C:\Windows\System32\tsddd.dll - ok
23:07:36.0167 3920  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
23:07:36.0167 3920  C:\Windows\System32\sxssrv.dll - ok
23:07:36.0167 3920  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
23:07:36.0167 3920  C:\Windows\System32\wininit.exe - ok
23:07:36.0167 3920  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
23:07:36.0167 3920  C:\Windows\System32\cdd.dll - ok
23:07:36.0167 3920  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
23:07:36.0167 3920  C:\Windows\System32\profapi.dll - ok
23:07:36.0167 3920  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
23:07:36.0167 3920  C:\Windows\System32\RpcRtRemote.dll - ok
23:07:36.0167 3920  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
23:07:36.0183 3920  C:\Windows\System32\KBDUS.DLL - ok
23:07:36.0183 3920  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
23:07:36.0183 3920  C:\Windows\System32\winlogon.exe - ok
23:07:36.0183 3920  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
23:07:36.0183 3920  C:\Windows\System32\winsta.dll - ok
23:07:36.0183 3920  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
23:07:36.0183 3920  C:\Windows\System32\WlS0WndH.dll - ok
23:07:36.0183 3920  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
23:07:36.0183 3920  C:\Windows\System32\sxs.dll - ok
23:07:36.0183 3920  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
23:07:36.0183 3920  C:\Windows\System32\cryptbase.dll - ok
23:07:36.0183 3920  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
23:07:36.0183 3920  C:\Windows\System32\apphelp.dll - ok
23:07:36.0199 3920  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
23:07:36.0199 3920  C:\Windows\System32\services.exe - ok
23:07:36.0199 3920  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
23:07:36.0199 3920  C:\Windows\System32\lsass.exe - ok
23:07:36.0199 3920  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
23:07:36.0199 3920  C:\Windows\System32\lsm.exe - ok
23:07:36.0199 3920  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
23:07:36.0199 3920  C:\Windows\System32\sspisrv.dll - ok
23:07:36.0199 3920  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
23:07:36.0199 3920  C:\Windows\System32\sspicli.dll - ok
23:07:36.0199 3920  [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
23:07:36.0199 3920  C:\Windows\System32\lsasrv.dll - ok
23:07:36.0214 3920  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
23:07:36.0214 3920  C:\Windows\System32\sysntfy.dll - ok
23:07:36.0214 3920  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
23:07:36.0214 3920  C:\Windows\System32\wmsgapi.dll - ok
23:07:36.0214 3920  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
23:07:36.0214 3920  C:\Windows\System32\scext.dll - ok
23:07:36.0214 3920  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
23:07:36.0214 3920  C:\Windows\System32\secur32.dll - ok
23:07:36.0214 3920  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
23:07:36.0214 3920  C:\Windows\System32\samsrv.dll - ok
23:07:36.0230 3920  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
23:07:36.0230 3920  C:\Windows\System32\scesrv.dll - ok
23:07:36.0230 3920  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
23:07:36.0230 3920  C:\Windows\System32\cryptdll.dll - ok
23:07:36.0230 3920  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
23:07:36.0230 3920  C:\Windows\System32\srvcli.dll - ok
23:07:36.0230 3920  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
23:07:36.0230 3920  C:\Windows\System32\aelupsvc.dll - ok
23:07:36.0230 3920  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
23:07:36.0230 3920  C:\Windows\System32\wevtapi.dll - ok
23:07:36.0230 3920  [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
23:07:36.0230 3920  C:\Windows\System32\alg.exe - ok
23:07:36.0245 3920  [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
23:07:36.0245 3920  C:\Windows\System32\appidsvc.dll - ok
23:07:36.0245 3920  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
23:07:36.0245 3920  C:\Windows\System32\cngaudit.dll - ok
23:07:36.0245 3920  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
23:07:36.0245 3920  C:\Windows\System32\appinfo.dll - ok
23:07:36.0245 3920  [ 4ABA3E75A76195A3E38ED2766C962899 ] C:\Windows\System32\appmgmts.dll
23:07:36.0245 3920  C:\Windows\System32\appmgmts.dll - ok
23:07:36.0245 3920  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
23:07:36.0245 3920  C:\Windows\System32\authz.dll - ok
23:07:36.0261 3920  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
23:07:36.0261 3920  C:\Windows\System32\ncrypt.dll - ok
23:07:36.0261 3920  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
23:07:36.0261 3920  C:\Windows\System32\rascfg.dll - ok
23:07:36.0261 3920  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
23:07:36.0261 3920  C:\Windows\System32\bcrypt.dll - ok
23:07:36.0261 3920  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
23:07:36.0261 3920  C:\Windows\System32\audiosrv.dll - ok
23:07:36.0261 3920  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
23:07:36.0261 3920  C:\Windows\System32\msprivs.dll - ok
23:07:36.0261 3920  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
23:07:36.0261 3920  C:\Windows\System32\netjoin.dll - ok
23:07:36.0261 3920  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
23:07:36.0261 3920  C:\Windows\System32\AxInstSv.dll - ok
23:07:36.0277 3920  [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
23:07:36.0277 3920  C:\Windows\System32\bdesvc.dll - ok
23:07:36.0277 3920  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
23:07:36.0277 3920  C:\Windows\System32\negoexts.dll - ok
23:07:36.0277 3920  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
23:07:36.0277 3920  C:\Windows\System32\kerberos.dll - ok
23:07:36.0277 3920  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
23:07:36.0277 3920  C:\Windows\System32\BFE.DLL - ok
23:07:36.0277 3920  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
23:07:36.0277 3920  C:\Windows\System32\cryptsp.dll - ok
23:07:36.0277 3920  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
23:07:36.0277 3920  C:\Windows\System32\mswsock.dll - ok
23:07:36.0277 3920  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
23:07:36.0277 3920  C:\Windows\System32\qmgr.dll - ok
23:07:36.0292 3920  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
23:07:36.0292 3920  C:\Windows\System32\wship6.dll - ok
23:07:36.0292 3920  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
23:07:36.0292 3920  C:\Windows\System32\msv1_0.dll - ok
23:07:36.0292 3920  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
23:07:36.0292 3920  C:\Windows\System32\netlogon.dll - ok
23:07:36.0292 3920  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
23:07:36.0292 3920  C:\Windows\System32\browser.dll - ok
23:07:36.0292 3920  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
23:07:36.0292 3920  C:\Windows\System32\bthserv.dll - ok
23:07:36.0292 3920  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
23:07:36.0292 3920  C:\Windows\System32\certprop.dll - ok
23:07:36.0308 3920  [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
23:07:36.0308 3920  C:\Windows\System32\clfs.sys - ok
23:07:36.0308 3920  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
23:07:36.0308 3920  C:\Windows\System32\dnsapi.dll - ok
23:07:36.0308 3920  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
23:07:36.0308 3920  C:\Windows\System32\comres.dll - ok
23:07:36.0308 3920  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
23:07:36.0308 3920  C:\Windows\System32\logoncli.dll - ok
23:07:36.0308 3920  [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
23:07:36.0308 3920  C:\Windows\System32\schannel.dll - ok
23:07:36.0323 3920  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
23:07:36.0323 3920  C:\Windows\System32\atmfd.dll - ok
23:07:36.0323 3920  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
23:07:36.0323 3920  C:\Windows\System32\wdigest.dll - ok
23:07:36.0323 3920  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
23:07:36.0323 3920  C:\Windows\System32\cryptsvc.dll - ok
23:07:36.0323 3920  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
23:07:36.0323 3920  C:\Windows\System32\rsaenh.dll - ok
23:07:36.0323 3920  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
23:07:36.0323 3920  C:\Windows\System32\TSpkg.dll - ok
23:07:36.0323 3920  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
23:07:36.0323 3920  C:\Windows\System32\cscsvc.dll - ok
23:07:36.0339 3920  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
23:07:36.0339 3920  C:\Windows\System32\pku2u.dll - ok
23:07:36.0339 3920  [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
23:07:36.0339 3920  C:\Windows\System32\LIVESSP.DLL - ok
23:07:36.0339 3920  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
23:07:36.0339 3920  C:\Windows\System32\bcryptprimitives.dll - ok
23:07:36.0339 3920  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
23:07:36.0339 3920  C:\Windows\System32\oleres.dll - ok
23:07:36.0339 3920  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
23:07:36.0339 3920  C:\Windows\System32\defragsvc.dll - ok
23:07:36.0339 3920  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
23:07:36.0339 3920  C:\Windows\System32\efslsaext.dll - ok
23:07:36.0355 3920  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
23:07:36.0355 3920  C:\Windows\System32\credssp.dll - ok
23:07:36.0355 3920  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
23:07:36.0355 3920  C:\Windows\System32\dhcpcore.dll - ok
23:07:36.0355 3920  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
23:07:36.0355 3920  C:\Windows\System32\scecli.dll - ok
23:07:36.0355 3920  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
23:07:36.0355 3920  C:\Windows\System32\dot3svc.dll - ok
23:07:36.0355 3920  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
23:07:36.0355 3920  C:\Windows\System32\dps.dll - ok
23:07:36.0355 3920  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
23:07:36.0355 3920  C:\Windows\System32\eapsvc.dll - ok
23:07:36.0355 3920  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
23:07:36.0355 3920  C:\Windows\System32\efssvc.dll - ok
23:07:36.0370 3920  [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
23:07:36.0370 3920  C:\Windows\ehome\ehrecvr.exe - ok
23:07:36.0370 3920  [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
23:07:36.0370 3920  C:\Windows\ehome\ehsched.exe - ok
23:07:36.0370 3920  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
23:07:36.0370 3920  C:\Windows\System32\wevtsvc.dll - ok
23:07:36.0370 3920  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
23:07:36.0370 3920  C:\Windows\System32\FXSRESM.dll - ok
23:07:36.0370 3920  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
23:07:36.0370 3920  C:\Windows\System32\fdPHost.dll - ok
23:07:36.0370 3920  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
23:07:36.0370 3920  C:\Windows\System32\FDResPub.dll - ok
23:07:36.0370 3920  [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
23:07:36.0370 3920  C:\Windows\System32\drivers\fileinfo.sys - ok
23:07:36.0386 3920  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
23:07:36.0386 3920  C:\Windows\System32\drivers\filetrace.sys - ok
23:07:36.0386 3920  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
23:07:36.0386 3920  C:\Windows\System32\drivers\fltMgr.sys - ok
23:07:36.0386 3920  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
23:07:36.0386 3920  C:\Windows\System32\FntCache.dll - ok
23:07:36.0386 3920  [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
23:07:36.0386 3920  C:\Windows\System32\PresentationHost.exe - ok
23:07:36.0386 3920  [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
23:07:36.0386 3920  C:\Windows\System32\drivers\fsdepends.sys - ok
23:07:36.0386 3920  [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
23:07:36.0386 3920  C:\Windows\System32\drivers\fvevol.sys - ok
23:07:36.0401 3920  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
23:07:36.0401 3920  C:\Windows\System32\gpapi.dll - ok
23:07:36.0401 3920  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
23:07:36.0401 3920  C:\Windows\System32\hidserv.dll - ok
23:07:36.0401 3920  [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
23:07:36.0401 3920  C:\Windows\System32\KMSVC.DLL - ok
23:07:36.0401 3920  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
23:07:36.0401 3920  C:\Windows\System32\ListSvc.dll - ok
23:07:36.0401 3920  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
23:07:36.0401 3920  C:\Windows\System32\provsvc.dll - ok
23:07:36.0401 3920  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
23:07:36.0401 3920  C:\Windows\System32\drivers\http.sys - ok
23:07:36.0417 3920  [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
23:07:36.0417 3920  C:\Windows\System32\drivers\hwpolicy.sys - ok
23:07:36.0417 3920  [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
23:07:36.0417 3920  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
23:07:36.0417 3920  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
23:07:36.0417 3920  C:\Windows\System32\IKEEXT.DLL - ok
23:07:36.0417 3920  [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
23:07:36.0417 3920  C:\Windows\System32\IPBusEnum.dll - ok
23:07:36.0417 3920  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
23:07:36.0417 3920  C:\Windows\System32\iphlpsvc.dll - ok
23:07:36.0433 3920  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
23:07:36.0433 3920  C:\Windows\System32\drivers\irenum.sys - ok
23:07:36.0433 3920  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
23:07:36.0433 3920  C:\Windows\System32\keyiso.dll - ok
23:07:36.0433 3920  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
23:07:36.0433 3920  C:\Windows\System32\srvsvc.dll - ok
23:07:36.0433 3920  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
23:07:36.0433 3920  C:\Windows\System32\wkssvc.dll - ok
23:07:36.0433 3920  [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
23:07:36.0433 3920  C:\Windows\System32\lltdres.dll - ok
23:07:36.0448 3920  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
23:07:36.0448 3920  C:\Windows\System32\lmhsvc.dll - ok
23:07:36.0448 3920  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
23:07:36.0448 3920  C:\Windows\System32\drivers\luafv.sys - ok
23:07:36.0448 3920  [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
23:07:36.0448 3920  C:\Windows\ehome\ehres.dll - ok
23:07:36.0448 3920  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
23:07:36.0448 3920  C:\Windows\System32\mmcss.dll - ok
23:07:36.0448 3920  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
23:07:36.0448 3920  C:\Windows\System32\drivers\mountmgr.sys - ok
23:07:36.0448 3920  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
23:07:36.0448 3920  C:\Windows\System32\FirewallAPI.dll - ok
23:07:36.0464 3920  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
23:07:36.0464 3920  C:\Windows\System32\WebClnt.dll - ok
23:07:36.0464 3920  [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
23:07:36.0464 3920  C:\Windows\System32\drivers\mshidkmdf.sys - ok
23:07:36.0464 3920  [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
23:07:36.0464 3920  C:\Windows\System32\iscsidsc.dll - ok
23:07:36.0464 3920  [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
23:07:36.0464 3920  C:\Windows\System32\msimsg.dll - ok
23:07:36.0464 3920  [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
23:07:36.0464 3920  C:\Windows\System32\drivers\mup.sys - ok
23:07:36.0479 3920  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
23:07:36.0479 3920  C:\Windows\System32\QAGENTRT.DLL - ok
23:07:36.0479 3920  [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
23:07:36.0479 3920  C:\Windows\System32\drivers\ndis.sys - ok
23:07:36.0479 3920  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
23:07:36.0479 3920  C:\Windows\System32\netman.dll - ok
23:07:36.0479 3920  [ 5DE1EB779116F20869B732CEF1DC689A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll
23:07:36.0479 3920  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll - ok
23:07:36.0479 3920  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
23:07:36.0479 3920  C:\Windows\System32\netprofm.dll - ok
23:07:36.0479 3920  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
23:07:36.0479 3920  C:\Windows\System32\nlasvc.dll - ok
23:07:36.0479 3920  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
23:07:36.0479 3920  C:\Windows\System32\nsisvc.dll - ok
23:07:36.0495 3920  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
23:07:36.0495 3920  C:\Windows\System32\pnrpsvc.dll - ok
23:07:36.0495 3920  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
23:07:36.0495 3920  C:\Windows\System32\p2psvc.dll - ok
23:07:36.0495 3920  [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
23:07:36.0495 3920  C:\Windows\System32\drivers\partmgr.sys - ok
23:07:36.0495 3920  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
23:07:36.0495 3920  C:\Windows\System32\pcasvc.dll - ok
23:07:36.0495 3920  [ B9B0A4299DD2D76A4243F75FD54DC680 ] C:\Windows\System32\PeerDistSvc.dll
23:07:36.0495 3920  C:\Windows\System32\PeerDistSvc.dll - ok
23:07:36.0495 3920  [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
23:07:36.0495 3920  C:\Windows\System32\pla.dll - ok
23:07:36.0511 3920  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
23:07:36.0511 3920  C:\Windows\System32\umpnpmgr.dll - ok
23:07:36.0511 3920  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
23:07:36.0511 3920  C:\Windows\System32\pnrpauto.dll - ok
23:07:36.0511 3920  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
23:07:36.0511 3920  C:\Windows\System32\polstore.dll - ok
23:07:36.0511 3920  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
23:07:36.0511 3920  C:\Windows\System32\umpo.dll - ok
23:07:36.0511 3920  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
23:07:36.0511 3920  C:\Windows\System32\profsvc.dll - ok
23:07:36.0511 3920  [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
23:07:36.0511 3920  C:\Windows\System32\psbase.dll - ok
23:07:36.0526 3920  [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
23:07:36.0526 3920  C:\Windows\System32\qwave.dll - ok
23:07:36.0526 3920  [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
23:07:36.0526 3920  C:\Windows\System32\drivers\qwavedrv.sys - ok
23:07:36.0526 3920  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
23:07:36.0526 3920  C:\Windows\System32\rasauto.dll - ok
23:07:36.0526 3920  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
23:07:36.0526 3920  C:\Windows\System32\rasmans.dll - ok
23:07:36.0526 3920  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
23:07:36.0526 3920  C:\Windows\System32\sstpsvc.dll - ok
23:07:36.0542 3920  [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
23:07:36.0542 3920  C:\Windows\System32\mprdim.dll - ok
23:07:36.0542 3920  [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
23:07:36.0542 3920  C:\Windows\System32\regsvc.dll - ok
23:07:36.0542 3920  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
23:07:36.0542 3920  C:\Windows\System32\RpcEpMap.dll - ok
23:07:36.0542 3920  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
23:07:36.0542 3920  C:\Windows\System32\Locator.exe - ok
23:07:36.0542 3920  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll



#4 milehieagle

milehieagle
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:39 PM

Posted 10 March 2013 - 03:16 AM

And part 2 -

 

23:07:36.0542 3920 C:\Windows\System32\SCardSvr.dll - ok
23:07:36.0542 3920 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
23:07:36.0542 3920 C:\Windows\System32\drivers\scfilter.sys - ok
23:07:36.0557 3920 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
23:07:36.0557 3920 C:\Windows\System32\schedsvc.dll - ok
23:07:36.0557 3920 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
23:07:36.0557 3920 C:\Windows\System32\sdrsvc.dll - ok
23:07:36.0557 3920 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
23:07:36.0557 3920 C:\Windows\System32\seclogon.dll - ok
23:07:36.0557 3920 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
23:07:36.0557 3920 C:\Windows\System32\Sens.dll - ok
23:07:36.0557 3920 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
23:07:36.0557 3920 C:\Windows\System32\sensrsvc.dll - ok
23:07:36.0573 3920 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
23:07:36.0573 3920 C:\Windows\System32\SessEnv.dll - ok
23:07:36.0573 3920 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
23:07:36.0573 3920 C:\Windows\System32\ipnathlp.dll - ok
23:07:36.0573 3920 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
23:07:36.0573 3920 C:\Windows\System32\shsvcs.dll - ok
23:07:36.0573 3920 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
23:07:36.0573 3920 C:\Windows\System32\tcpipcfg.dll - ok
23:07:36.0573 3920 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
23:07:36.0573 3920 C:\Windows\System32\snmptrap.exe - ok
23:07:36.0573 3920 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
23:07:36.0573 3920 C:\Windows\System32\spoolsv.exe - ok
23:07:36.0589 3920 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
23:07:36.0589 3920 C:\Windows\System32\sppsvc.exe - ok
23:07:36.0589 3920 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
23:07:36.0589 3920 C:\Windows\System32\sppuinotify.dll - ok
23:07:36.0589 3920 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
23:07:36.0589 3920 C:\Windows\System32\ssdpsrv.dll - ok
23:07:36.0589 3920 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
23:07:36.0589 3920 C:\Windows\System32\wiaservc.dll - ok
23:07:36.0589 3920 [ C40841817EF57D491F22EB103DA587CC ] C:\Windows\System32\StorSvc.dll
23:07:36.0589 3920 C:\Windows\System32\StorSvc.dll - ok
23:07:36.0604 3920 [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
23:07:36.0604 3920 C:\Windows\System32\swprv.dll - ok
23:07:36.0604 3920 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
23:07:36.0604 3920 C:\Windows\System32\sysmain.dll - ok
23:07:36.0604 3920 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
23:07:36.0604 3920 C:\Windows\System32\TabSvc.dll - ok
23:07:36.0604 3920 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
23:07:36.0604 3920 C:\Windows\System32\tapisrv.dll - ok
23:07:36.0604 3920 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
23:07:36.0604 3920 C:\Windows\System32\tbssvc.dll - ok
23:07:36.0604 3920 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
23:07:36.0604 3920 C:\Windows\System32\termsrv.dll - ok
23:07:36.0620 3920 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
23:07:36.0620 3920 C:\Windows\System32\themeservice.dll - ok
23:07:36.0620 3920 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
23:07:36.0620 3920 C:\Windows\System32\trkwks.dll - ok
23:07:36.0620 3920 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
23:07:36.0620 3920 C:\Windows\servicing\TrustedInstaller.exe - ok
23:07:36.0620 3920 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
23:07:36.0620 3920 C:\Windows\System32\drivers\tssecsrv.sys - ok
23:07:36.0620 3920 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
23:07:36.0620 3920 C:\Windows\System32\UI0Detect.exe - ok
23:07:36.0620 3920 [ A293DCD756D04D8492A750D03B9A297C ] C:\Windows\System32\umrdp.dll
23:07:36.0620 3920 C:\Windows\System32\umrdp.dll - ok
23:07:36.0636 3920 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
23:07:36.0636 3920 C:\Windows\System32\upnphost.dll - ok
23:07:36.0636 3920 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
23:07:36.0636 3920 C:\Windows\System32\dwm.exe - ok
23:07:36.0636 3920 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
23:07:36.0636 3920 C:\Windows\System32\vaultsvc.dll - ok
23:07:36.0636 3920 [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
23:07:36.0636 3920 C:\Windows\System32\drivers\volmgrx.sys - ok
23:07:36.0636 3920 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
23:07:36.0636 3920 C:\Windows\System32\vds.exe - ok
23:07:36.0636 3920 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
23:07:36.0636 3920 C:\Windows\System32\VSSVC.exe - ok
23:07:36.0651 3920 [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
23:07:36.0651 3920 C:\Windows\System32\w32time.dll - ok
23:07:36.0651 3920 [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\Windows\System32\Wat\WatUX.exe
23:07:36.0651 3920 C:\Windows\System32\Wat\WatUX.exe - ok
23:07:36.0651 3920 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
23:07:36.0651 3920 C:\Windows\System32\wbengine.exe - ok
23:07:36.0651 3920 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
23:07:36.0651 3920 C:\Windows\System32\wbiosrvc.dll - ok
23:07:36.0651 3920 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
23:07:36.0651 3920 C:\Windows\System32\wcncsvc.dll - ok
23:07:36.0667 3920 [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
23:07:36.0667 3920 C:\Windows\System32\WcsPlugInService.dll - ok
23:07:36.0667 3920 [ 442783E2CB0DA19873B7A63833FF4CB4 ] C:\Windows\System32\drivers\Wdf01000.sys
23:07:36.0667 3920 C:\Windows\System32\drivers\Wdf01000.sys - ok
23:07:36.0667 3920 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
23:07:36.0667 3920 C:\Windows\System32\wdi.dll - ok
23:07:36.0667 3920 [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
23:07:36.0667 3920 C:\Windows\System32\wecsvc.dll - ok
23:07:36.0667 3920 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
23:07:36.0667 3920 C:\Windows\System32\wercplsupport.dll - ok
23:07:36.0667 3920 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
23:07:36.0667 3920 C:\Windows\System32\wersvc.dll - ok
23:07:36.0667 3920 [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
23:07:36.0667 3920 C:\Program Files\Windows Defender\MsMpRes.dll - ok
23:07:36.0682 3920 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
23:07:36.0682 3920 C:\Windows\System32\winhttp.dll - ok
23:07:36.0682 3920 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
23:07:36.0682 3920 C:\Windows\System32\wbem\WMIsvc.dll - ok
23:07:36.0682 3920 [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
23:07:36.0682 3920 C:\Windows\System32\WsmSvc.dll - ok
23:07:36.0682 3920 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
23:07:36.0682 3920 C:\Windows\System32\wlansvc.dll - ok
23:07:36.0682 3920 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
23:07:36.0682 3920 C:\Windows\System32\wbem\WmiApSrv.exe - ok
23:07:36.0698 3920 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
23:07:36.0698 3920 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
23:07:36.0698 3920 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
23:07:36.0698 3920 C:\Windows\System32\wpcsvc.dll - ok
23:07:36.0698 3920 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
23:07:36.0698 3920 C:\Windows\System32\drivers\ws2ifsl.sys - ok
23:07:36.0698 3920 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
23:07:36.0698 3920 C:\Windows\System32\wpdbusenum.dll - ok
23:07:36.0698 3920 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
23:07:36.0698 3920 C:\Windows\System32\wscsvc.dll - ok
23:07:36.0698 3920 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
23:07:36.0698 3920 C:\Windows\System32\SearchIndexer.exe - ok
23:07:36.0714 3920 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
23:07:36.0714 3920 C:\Windows\System32\drivers\WUDFPf.sys - ok
23:07:36.0714 3920 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
23:07:36.0714 3920 C:\Windows\System32\WUDFSvc.dll - ok
23:07:36.0714 3920 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
23:07:36.0714 3920 C:\Windows\System32\wwansvc.dll - ok
23:07:36.0714 3920 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
23:07:36.0714 3920 C:\Windows\System32\ubpm.dll - ok
23:07:36.0714 3920 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
23:07:36.0714 3920 C:\Windows\System32\svchost.exe - ok
23:07:36.0714 3920 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
23:07:36.0714 3920 C:\Windows\System32\devrtl.dll - ok
23:07:36.0729 3920 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
23:07:36.0729 3920 C:\Windows\System32\SPInf.dll - ok
23:07:36.0729 3920 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
23:07:36.0729 3920 C:\Windows\System32\userenv.dll - ok
23:07:36.0729 3920 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
23:07:36.0729 3920 C:\Windows\System32\pcwum.dll - ok
23:07:36.0729 3920 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
23:07:36.0729 3920 C:\Windows\System32\powrprof.dll - ok
23:07:36.0729 3920 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
23:07:36.0729 3920 C:\Windows\System32\rpcss.dll - ok
23:07:36.0729 3920 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
23:07:36.0729 3920 C:\Windows\System32\WSHTCPIP.DLL - ok
23:07:36.0729 3920 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
23:07:36.0729 3920 C:\Windows\System32\wshqos.dll - ok
23:07:36.0745 3920 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
23:07:36.0745 3920 C:\Windows\System32\version.dll - ok
23:07:36.0745 3920 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
23:07:36.0745 3920 C:\Windows\System32\LogonUI.exe - ok
23:07:36.0745 3920 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
23:07:36.0745 3920 C:\Windows\System32\authui.dll - ok
23:07:36.0745 3920 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
23:07:36.0745 3920 C:\Windows\System32\adtschema.dll - ok
23:07:36.0745 3920 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
23:07:36.0745 3920 C:\Windows\System32\MMDevAPI.dll - ok
23:07:36.0745 3920 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
23:07:36.0745 3920 C:\Windows\System32\MPSSVC.dll - ok
23:07:36.0760 3920 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
23:07:36.0760 3920 C:\Windows\System32\propsys.dll - ok
23:07:36.0760 3920 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
23:07:36.0760 3920 C:\Windows\System32\cryptui.dll - ok
23:07:36.0760 3920 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
23:07:36.0760 3920 C:\Windows\System32\avrt.dll - ok
23:07:36.0760 3920 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
23:07:36.0760 3920 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
23:07:36.0760 3920 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
23:07:36.0760 3920 C:\Windows\System32\WUDFPlatform.dll - ok
23:07:36.0760 3920 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
23:07:36.0760 3920 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
23:07:36.0776 3920 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
23:07:36.0776 3920 C:\Windows\System32\PeerDist.dll - ok
23:07:36.0776 3920 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
23:07:36.0776 3920 C:\Windows\System32\PSHED.DLL - ok
23:07:36.0776 3920 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
23:07:36.0776 3920 C:\Windows\System32\taskschd.dll - ok
23:07:36.0776 3920 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
23:07:36.0776 3920 C:\Windows\System32\gpsvc.dll - ok
23:07:36.0776 3920 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
23:07:36.0776 3920 C:\Windows\System32\atl.dll - ok
23:07:36.0776 3920 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
23:07:36.0776 3920 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
23:07:36.0792 3920 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
23:07:36.0792 3920 C:\Windows\System32\es.dll - ok
23:07:36.0792 3920 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
23:07:36.0792 3920 C:\Windows\System32\nlaapi.dll - ok
23:07:36.0792 3920 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
23:07:36.0792 3920 C:\Windows\System32\mstask.dll - ok
23:07:36.0792 3920 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
23:07:36.0792 3920 C:\Windows\System32\dsrole.dll - ok
23:07:36.0792 3920 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
23:07:36.0792 3920 C:\Windows\System32\shacct.dll - ok
23:07:36.0792 3920 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
23:07:36.0792 3920 C:\Windows\System32\slc.dll - ok
23:07:36.0792 3920 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
23:07:36.0807 3920 C:\Windows\System32\samlib.dll - ok
23:07:36.0807 3920 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
23:07:36.0807 3920 C:\Windows\System32\wtsapi32.dll - ok
23:07:36.0807 3920 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
23:07:36.0807 3920 C:\Windows\System32\uxsms.dll - ok
23:07:36.0807 3920 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
23:07:36.0807 3920 C:\Windows\System32\uxtheme.dll - ok
23:07:36.0807 3920 [ 25776666158CB1D3E959635DF2B69787 ] C:\Windows\System32\drivers\SWIPsec.sys
23:07:36.0807 3920 C:\Windows\System32\drivers\SWIPsec.sys - ok
23:07:36.0807 3920 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
23:07:36.0807 3920 C:\Windows\System32\drivers\lltdio.sys - ok
23:07:36.0823 3920 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
23:07:36.0823 3920 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
23:07:36.0823 3920 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
23:07:36.0823 3920 C:\Windows\System32\drivers\nwifi.sys - ok
23:07:36.0823 3920 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
23:07:36.0823 3920 C:\Windows\System32\drivers\ndisuio.sys - ok
23:07:36.0823 3920 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
23:07:36.0823 3920 C:\Windows\System32\drivers\rspndr.sys - ok
23:07:36.0823 3920 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
23:07:36.0823 3920 C:\Windows\System32\IPHLPAPI.DLL - ok
23:07:36.0838 3920 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
23:07:36.0838 3920 C:\Windows\System32\winnsi.dll - ok
23:07:36.0838 3920 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
23:07:36.0838 3920 C:\Windows\System32\nrpsrv.dll - ok
23:07:36.0838 3920 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
23:07:36.0838 3920 C:\Windows\System32\dhcpcore6.dll - ok
23:07:36.0838 3920 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
23:07:36.0838 3920 C:\Windows\System32\dnsrslvr.dll - ok
23:07:36.0838 3920 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
23:07:36.0838 3920 C:\Windows\System32\eapphost.dll - ok
23:07:36.0854 3920 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
23:07:36.0854 3920 C:\Windows\System32\dhcpcsvc6.dll - ok
23:07:36.0854 3920 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
23:07:36.0854 3920 C:\Windows\System32\FWPUCLNT.DLL - ok
23:07:36.0854 3920 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
23:07:36.0854 3920 C:\Windows\System32\dhcpcsvc.dll - ok
23:07:36.0854 3920 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
23:07:36.0854 3920 C:\Windows\System32\rastls.dll - ok
23:07:36.0854 3920 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
23:07:36.0854 3920 C:\Windows\System32\dui70.dll - ok
23:07:36.0854 3920 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
23:07:36.0854 3920 C:\Windows\System32\dnsext.dll - ok
23:07:36.0870 3920 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
23:07:36.0870 3920 C:\Windows\System32\raschap.dll - ok
23:07:36.0870 3920 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
23:07:36.0870 3920 C:\Windows\System32\duser.dll - ok
23:07:36.0870 3920 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
23:07:36.0870 3920 C:\Windows\System32\umb.dll - ok
23:07:36.0870 3920 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
23:07:36.0870 3920 C:\Windows\System32\wlanmsm.dll - ok
23:07:36.0870 3920 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
23:07:36.0870 3920 C:\Windows\System32\SndVolSSO.dll - ok
23:07:36.0870 3920 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
23:07:36.0870 3920 C:\Windows\System32\wlansec.dll - ok
23:07:36.0885 3920 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
23:07:36.0885 3920 C:\Windows\System32\hid.dll - ok
23:07:36.0885 3920 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
23:07:36.0885 3920 C:\Windows\System32\onex.dll - ok
23:07:36.0885 3920 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
23:07:36.0885 3920 C:\Windows\System32\dwmapi.dll - ok
23:07:36.0885 3920 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
23:07:36.0885 3920 C:\Windows\System32\eappprxy.dll - ok
23:07:36.0885 3920 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
23:07:36.0885 3920 C:\Windows\System32\xmllite.dll - ok
23:07:36.0901 3920 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
23:07:36.0901 3920 C:\Windows\System32\eappcfg.dll - ok
23:07:36.0901 3920 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
23:07:36.0901 3920 C:\Windows\System32\wlgpclnt.dll - ok
23:07:36.0901 3920 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
23:07:36.0901 3920 C:\Windows\System32\l2gpstore.dll - ok
23:07:36.0901 3920 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
23:07:36.0901 3920 C:\Windows\System32\WindowsCodecs.dll - ok
23:07:36.0901 3920 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
23:07:36.0901 3920 C:\Windows\System32\wlanutil.dll - ok
23:07:36.0916 3920 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
23:07:36.0916 3920 C:\Windows\System32\WinSCard.dll - ok
23:07:36.0916 3920 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
23:07:36.0916 3920 C:\Windows\System32\msxml6.dll - ok
23:07:36.0916 3920 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
23:07:36.0916 3920 C:\Windows\System32\winbrand.dll - ok
23:07:36.0916 3920 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
23:07:36.0916 3920 C:\Windows\System32\netapi32.dll - ok
23:07:36.0916 3920 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
23:07:36.0916 3920 C:\Windows\System32\netutils.dll - ok
23:07:36.0932 3920 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
23:07:36.0932 3920 C:\Windows\System32\VaultCredProvider.dll - ok
23:07:36.0932 3920 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
23:07:36.0932 3920 C:\Windows\System32\wkscli.dll - ok
23:07:36.0932 3920 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
23:07:36.0932 3920 C:\Windows\System32\ktmw32.dll - ok
23:07:36.0932 3920 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
23:07:36.0932 3920 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
23:07:36.0932 3920 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
23:07:36.0932 3920 C:\Windows\System32\BioCredProv.dll - ok
23:07:36.0932 3920 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
23:07:36.0932 3920 C:\Windows\System32\winbio.dll - ok
23:07:36.0948 3920 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
23:07:36.0948 3920 C:\Windows\System32\credui.dll - ok
23:07:36.0948 3920 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
23:07:36.0948 3920 C:\Windows\System32\fveapi.dll - ok
23:07:36.0948 3920 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
23:07:36.0948 3920 C:\Windows\System32\vaultcli.dll - ok
23:07:36.0948 3920 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
23:07:36.0948 3920 C:\Windows\System32\fvecerts.dll - ok
23:07:36.0948 3920 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
23:07:36.0948 3920 C:\Windows\System32\samcli.dll - ok
23:07:36.0948 3920 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
23:07:36.0948 3920 C:\Windows\System32\tbs.dll - ok
23:07:36.0963 3920 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
23:07:36.0963 3920 C:\Windows\System32\certCredProvider.dll - ok
23:07:36.0963 3920 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
23:07:36.0963 3920 C:\Windows\System32\taskcomp.dll - ok
23:07:36.0963 3920 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
23:07:36.0963 3920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
23:07:36.0963 3920 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
23:07:36.0963 3920 C:\Windows\System32\rasplap.dll - ok
23:07:36.0963 3920 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
23:07:36.0963 3920 C:\Windows\System32\wiarpc.dll - ok
23:07:36.0963 3920 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
23:07:36.0963 3920 C:\Windows\System32\ntmarta.dll - ok
23:07:36.0979 3920 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
23:07:36.0979 3920 C:\Windows\System32\rasapi32.dll - ok
23:07:36.0979 3920 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
23:07:36.0979 3920 C:\Windows\System32\rasman.dll - ok
23:07:36.0979 3920 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
23:07:36.0979 3920 C:\Windows\System32\rtutils.dll - ok
23:07:36.0979 3920 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
23:07:36.0979 3920 C:\Windows\System32\UXInit.dll - ok
23:07:36.0979 3920 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
23:07:36.0979 3920 C:\Windows\System32\oleacc.dll - ok
23:07:36.0979 3920 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
23:07:36.0979 3920 C:\Windows\System32\UIAutomationCore.dll - ok
23:07:36.0994 3920 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
23:07:36.0994 3920 C:\Windows\System32\drivers\bowser.sys - ok
23:07:36.0994 3920 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
23:07:36.0994 3920 C:\Windows\System32\drivers\mpsdrv.sys - ok
23:07:36.0994 3920 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
23:07:36.0994 3920 C:\Windows\System32\drivers\mrxsmb.sys - ok
23:07:36.0994 3920 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
23:07:36.0994 3920 C:\Windows\System32\drivers\mrxsmb10.sys - ok
23:07:36.0994 3920 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
23:07:36.0994 3920 C:\Windows\System32\imageres.dll - ok
23:07:36.0994 3920 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
23:07:36.0994 3920 C:\Windows\System32\wfapigp.dll - ok
23:07:37.0010 3920 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
23:07:37.0010 3920 C:\Windows\System32\drivers\mrxsmb20.sys - ok
23:07:37.0010 3920 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
23:07:37.0010 3920 C:\Windows\System32\mscms.dll - ok
23:07:37.0010 3920 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
23:07:37.0010 3920 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
23:07:37.0010 3920 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
23:07:37.0010 3920 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
23:07:37.0010 3920 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:07:37.0010 3920 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
23:07:37.0026 3920 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
23:07:37.0026 3920 C:\Windows\SysWOW64\ntdll.dll - ok
23:07:37.0026 3920 [ 0BA4D8CE0C214F7208E72B3B8F8B7895 ] C:\Windows\System32\vpc.exe
23:07:37.0026 3920 C:\Windows\System32\vpc.exe - ok
23:07:37.0026 3920 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
23:07:37.0026 3920 C:\Windows\System32\wow64.dll - ok
23:07:37.0026 3920 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
23:07:37.0026 3920 C:\Windows\System32\wow64win.dll - ok
23:07:37.0026 3920 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
23:07:37.0026 3920 C:\Windows\System32\wow64cpu.dll - ok
23:07:37.0026 3920 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
23:07:37.0041 3920 C:\Windows\SysWOW64\kernel32.dll - ok
23:07:37.0041 3920 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
23:07:37.0041 3920 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
23:07:37.0041 3920 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
23:07:37.0041 3920 C:\Windows\System32\PeerDistSh.dll - ok
23:07:37.0041 3920 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
23:07:37.0041 3920 C:\Windows\SysWOW64\KernelBase.dll - ok
23:07:37.0041 3920 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
23:07:37.0041 3920 C:\Windows\SysWOW64\user32.dll - ok
23:07:37.0041 3920 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
23:07:37.0041 3920 C:\Windows\SysWOW64\gdi32.dll - ok
23:07:37.0057 3920 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
23:07:37.0057 3920 C:\Windows\SysWOW64\lpk.dll - ok
23:07:37.0057 3920 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
23:07:37.0057 3920 C:\Windows\SysWOW64\usp10.dll - ok
23:07:37.0057 3920 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
23:07:37.0057 3920 C:\Windows\SysWOW64\msvcrt.dll - ok
23:07:37.0057 3920 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
23:07:37.0057 3920 C:\Windows\SysWOW64\advapi32.dll - ok
23:07:37.0057 3920 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
23:07:37.0057 3920 C:\Windows\SysWOW64\rpcrt4.dll - ok
23:07:37.0057 3920 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
23:07:37.0057 3920 C:\Windows\SysWOW64\sechost.dll - ok
23:07:37.0072 3920 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
23:07:37.0072 3920 C:\Windows\SysWOW64\cryptbase.dll - ok
23:07:37.0072 3920 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
23:07:37.0072 3920 C:\Windows\SysWOW64\sspicli.dll - ok
23:07:37.0072 3920 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
23:07:37.0072 3920 C:\Windows\SysWOW64\shell32.dll - ok
23:07:37.0072 3920 [ 893C44082C97F7AED3E7C180FA1F93D8 ] C:\Windows\System32\mpnotify.exe
23:07:37.0072 3920 C:\Windows\System32\mpnotify.exe - ok
23:07:37.0072 3920 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
23:07:37.0072 3920 C:\Windows\SysWOW64\ole32.dll - ok
23:07:37.0072 3920 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
23:07:37.0072 3920 C:\Windows\SysWOW64\shlwapi.dll - ok
23:07:37.0088 3920 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
23:07:37.0088 3920 C:\Windows\SysWOW64\oleaut32.dll - ok
23:07:37.0088 3920 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
23:07:37.0088 3920 C:\Windows\SysWOW64\crypt32.dll - ok
23:07:37.0088 3920 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
23:07:37.0088 3920 C:\Windows\SysWOW64\msasn1.dll - ok
23:07:37.0088 3920 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
23:07:37.0088 3920 C:\Windows\SysWOW64\wintrust.dll - ok
23:07:37.0088 3920 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
23:07:37.0088 3920 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
23:07:37.0104 3920 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
23:07:37.0104 3920 C:\Windows\SysWOW64\imm32.dll - ok
23:07:37.0104 3920 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
23:07:37.0104 3920 C:\Windows\SysWOW64\msctf.dll - ok
23:07:37.0104 3920 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
23:07:37.0104 3920 C:\Windows\SysWOW64\nsi.dll - ok
23:07:37.0104 3920 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
23:07:37.0104 3920 C:\Windows\SysWOW64\ws2_32.dll - ok
23:07:37.0104 3920 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
23:07:37.0104 3920 C:\Windows\SysWOW64\atl.dll - ok
23:07:37.0119 3920 [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\SysWOW64\wininet.dll
23:07:37.0119 3920 C:\Windows\SysWOW64\wininet.dll - ok
23:07:37.0119 3920 [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\SysWOW64\iertutil.dll
23:07:37.0119 3920 C:\Windows\SysWOW64\iertutil.dll - ok
23:07:37.0119 3920 [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\SysWOW64\urlmon.dll
23:07:37.0119 3920 C:\Windows\SysWOW64\urlmon.dll - ok
23:07:37.0119 3920 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
23:07:37.0119 3920 C:\Windows\SysWOW64\winmm.dll - ok
23:07:37.0119 3920 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
23:07:37.0119 3920 C:\Windows\System32\mpr.dll - ok
23:07:37.0135 3920 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:07:37.0135 3920 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
23:07:37.0135 3920 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
23:07:37.0135 3920 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
23:07:37.0135 3920 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
23:07:37.0135 3920 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
23:07:37.0135 3920 [ 5AC534AC42DAB97223FA6DF558DC743F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
23:07:37.0135 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
23:07:37.0135 3920 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
23:07:37.0135 3920 C:\Windows\SysWOW64\version.dll - ok
23:07:37.0150 3920 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
23:07:37.0150 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
23:07:37.0150 3920 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
23:07:37.0150 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
23:07:37.0150 3920 [ 54152706627F5F33952340D90ADA50EE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
23:07:37.0150 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
23:07:37.0150 3920 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
23:07:37.0150 3920 C:\Windows\SysWOW64\wsock32.dll - ok
23:07:37.0150 3920 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
23:07:37.0150 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
23:07:37.0166 3920 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
23:07:37.0166 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
23:07:37.0166 3920 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
23:07:37.0166 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
23:07:37.0166 3920 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
23:07:37.0166 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
23:07:37.0182 3920 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
23:07:37.0182 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
23:07:37.0182 3920 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
23:07:37.0182 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
23:07:37.0182 3920 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
23:07:37.0182 3920 C:\Windows\SysWOW64\profapi.dll - ok
23:07:37.0182 3920 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
23:07:37.0182 3920 C:\Windows\System32\dllhost.exe - ok
23:07:37.0182 3920 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
23:07:37.0182 3920 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
23:07:37.0182 3920 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
23:07:37.0182 3920 C:\Windows\System32\IDStore.dll - ok
23:07:37.0197 3920 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
23:07:37.0197 3920 C:\Windows\System32\taskhost.exe - ok
23:07:37.0197 3920 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
23:07:37.0197 3920 C:\Windows\System32\AtBroker.exe - ok
23:07:37.0197 3920 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
23:07:37.0197 3920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
23:07:37.0197 3920 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
23:07:37.0197 3920 C:\Windows\System32\PlaySndSrv.dll - ok
23:07:37.0197 3920 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
23:07:37.0197 3920 C:\Windows\System32\userinit.exe - ok
23:07:37.0197 3920 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
23:07:37.0197 3920 C:\Program Files\Bonjour\mdnsNSP.dll - ok
23:07:37.0213 3920 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
23:07:37.0213 3920 C:\Windows\System32\rasadhlp.dll - ok
23:07:37.0213 3920 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
23:07:37.0213 3920 C:\Windows\System32\winmm.dll - ok
23:07:37.0213 3920 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
23:07:37.0213 3920 C:\Windows\System32\HotStartUserAgent.dll - ok
23:07:37.0213 3920 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
23:07:37.0213 3920 C:\Windows\System32\MsCtfMonitor.dll - ok
23:07:37.0213 3920 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
23:07:37.0213 3920 C:\Windows\System32\localspl.dll - ok
23:07:37.0228 3920 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
23:07:37.0228 3920 C:\Windows\System32\msutb.dll - ok
23:07:37.0228 3920 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
23:07:37.0228 3920 C:\Windows\System32\dwmredir.dll - ok
23:07:37.0228 3920 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
23:07:37.0228 3920 C:\Windows\System32\dwmcore.dll - ok
23:07:37.0228 3920 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
23:07:37.0228 3920 C:\Windows\System32\spoolss.dll - ok
23:07:37.0228 3920 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
23:07:37.0228 3920 C:\Windows\System32\winspool.drv - ok
23:07:37.0228 3920 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
23:07:37.0228 3920 C:\Windows\System32\d3d10_1.dll - ok
23:07:37.0244 3920 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
23:07:37.0244 3920 C:\Windows\System32\d3d10_1core.dll - ok
23:07:37.0244 3920 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
23:07:37.0244 3920 C:\Windows\System32\dxgi.dll - ok
23:07:37.0244 3920 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
23:07:37.0244 3920 C:\Windows\System32\d3d11.dll - ok
23:07:37.0244 3920 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
23:07:37.0244 3920 C:\Windows\explorer.exe - ok
23:07:37.0244 3920 [ 0DBBA1B2241FA89C1E2B01DDD9566B38 ] C:\Windows\System32\igd10umd64.dll
23:07:37.0244 3920 C:\Windows\System32\igd10umd64.dll - ok
23:07:37.0260 3920 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
23:07:37.0260 3920 C:\Windows\System32\ExplorerFrame.dll - ok
23:07:37.0260 3920 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
23:07:37.0260 3920 C:\Windows\System32\EhStorShell.dll - ok
23:07:37.0260 3920 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
23:07:37.0260 3920 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
23:07:37.0260 3920 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
23:07:37.0260 3920 C:\Windows\System32\cscui.dll - ok
23:07:37.0260 3920 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
23:07:37.0260 3920 C:\Windows\SysWOW64\setupapi.dll - ok
23:07:37.0275 3920 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
23:07:37.0275 3920 C:\Windows\System32\cscapi.dll - ok
23:07:37.0275 3920 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
23:07:37.0275 3920 C:\Windows\System32\cscdll.dll - ok
23:07:37.0275 3920 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
23:07:37.0275 3920 C:\Windows\System32\ntshrui.dll - ok
23:07:37.0275 3920 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
23:07:37.0275 3920 C:\Windows\SysWOW64\cfgmgr32.dll - ok
23:07:37.0275 3920 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
23:07:37.0275 3920 C:\Windows\System32\IconCodecService.dll - ok
23:07:37.0275 3920 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
23:07:37.0275 3920 C:\Windows\SysWOW64\devobj.dll - ok
23:07:37.0291 3920 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
23:07:37.0291 3920 C:\Windows\System32\runonce.exe - ok
23:07:37.0291 3920 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
23:07:37.0291 3920 C:\Windows\SysWOW64\userenv.dll - ok
23:07:37.0291 3920 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
23:07:37.0291 3920 C:\Windows\SysWOW64\wtsapi32.dll - ok
23:07:37.0291 3920 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
23:07:37.0291 3920 C:\Windows\System32\uDWM.dll - ok
23:07:37.0291 3920 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
23:07:37.0291 3920 C:\Windows\SysWOW64\dnssd.dll - ok
23:07:37.0291 3920 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
23:07:37.0291 3920 C:\Windows\SysWOW64\ntmarta.dll - ok
23:07:37.0306 3920 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
23:07:37.0306 3920 C:\Windows\SysWOW64\Wldap32.dll - ok
23:07:37.0306 3920 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
23:07:37.0306 3920 C:\Program Files\Bonjour\mDNSResponder.exe - ok
23:07:37.0306 3920 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
23:07:37.0306 3920 C:\Windows\SysWOW64\mswsock.dll - ok
23:07:37.0306 3920 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
23:07:37.0306 3920 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
23:07:37.0306 3920 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
23:07:37.0306 3920 C:\Windows\System32\cryptnet.dll - ok
23:07:37.0306 3920 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
23:07:37.0306 3920 C:\Windows\System32\efscore.dll - ok
23:07:37.0322 3920 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
23:07:37.0322 3920 C:\Windows\SysWOW64\runonce.exe - ok
23:07:37.0322 3920 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
23:07:37.0322 3920 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
23:07:37.0322 3920 [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] C:\Windows\System32\mfevtps.exe
23:07:37.0322 3920 C:\Windows\System32\mfevtps.exe - ok
23:07:37.0322 3920 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
23:07:37.0322 3920 C:\Windows\System32\vssapi.dll - ok
23:07:37.0322 3920 [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
23:07:37.0322 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
23:07:37.0338 3920 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
23:07:37.0338 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
23:07:37.0338 3920 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
23:07:37.0338 3920 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
23:07:37.0338 3920 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
23:07:37.0338 3920 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
23:07:37.0338 3920 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
23:07:37.0338 3920 C:\Windows\SysWOW64\winnsi.dll - ok
23:07:37.0338 3920 [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
23:07:37.0338 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
23:07:37.0353 3920 [ 011285619951BC4C92FE322E08ABF050 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
23:07:37.0353 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
23:07:37.0353 3920 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
23:07:37.0353 3920 C:\Windows\SysWOW64\uxtheme.dll - ok
23:07:37.0353 3920 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
23:07:37.0353 3920 C:\Windows\SysWOW64\clbcatq.dll - ok
23:07:37.0353 3920 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
23:07:37.0353 3920 C:\Windows\SysWOW64\propsys.dll - ok
23:07:37.0353 3920 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
23:07:37.0353 3920 C:\Windows\SysWOW64\secur32.dll - ok
23:07:37.0369 3920 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
23:07:37.0369 3920 C:\Windows\SysWOW64\apphelp.dll - ok
23:07:37.0369 3920 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
23:07:37.0369 3920 C:\Windows\SysWOW64\cmd.exe - ok
23:07:37.0369 3920 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
23:07:37.0369 3920 C:\Windows\System32\efsutil.dll - ok
23:07:37.0369 3920 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
23:07:37.0369 3920 C:\Windows\System32\sfc.dll - ok
23:07:37.0369 3920 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
23:07:37.0369 3920 C:\Windows\System32\vpnikeapi.dll - ok
23:07:37.0369 3920 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
23:07:37.0369 3920 C:\Windows\System32\sfc_os.dll - ok
23:07:37.0384 3920 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
23:07:37.0384 3920 C:\Windows\System32\vsstrace.dll - ok
23:07:37.0384 3920 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
23:07:37.0384 3920 C:\Windows\System32\aepic.dll - ok
23:07:37.0384 3920 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
23:07:37.0384 3920 C:\Windows\System32\ncsi.dll - ok
23:07:37.0384 3920 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
23:07:37.0384 3920 C:\Windows\System32\drivers\PEAuth.sys - ok
23:07:37.0384 3920 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
23:07:37.0384 3920 C:\Windows\System32\webio.dll - ok
23:07:37.0400 3920 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
23:07:37.0400 3920 C:\Windows\System32\drivers\secdrv.sys - ok
23:07:37.0400 3920 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
23:07:37.0400 3920 C:\Windows\System32\PrintIsolationProxy.dll - ok
23:07:37.0400 3920 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
23:07:37.0400 3920 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
23:07:37.0400 3920 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
23:07:37.0400 3920 C:\Windows\System32\ssdpapi.dll - ok
23:07:37.0400 3920 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
23:07:37.0400 3920 C:\Windows\System32\aeevts.dll - ok
23:07:37.0400 3920 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
23:07:37.0400 3920 C:\Windows\System32\conhost.exe - ok
23:07:37.0416 3920 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
23:07:37.0416 3920 C:\Windows\SysWOW64\psapi.dll - ok
23:07:37.0416 3920 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
23:07:37.0416 3920 C:\Windows\System32\drivers\srvnet.sys - ok
23:07:37.0416 3920 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
23:07:37.0416 3920 C:\Windows\SysWOW64\cryptsp.dll - ok
23:07:37.0416 3920 [ 059CD93B2E0E9F48FF68CB591932320D ] C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
23:07:37.0416 3920 C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe - ok
23:07:37.0416 3920 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
23:07:37.0416 3920 C:\Windows\SysWOW64\winbrand.dll - ok
23:07:37.0416 3920 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
23:07:37.0416 3920 C:\Windows\SysWOW64\rsaenh.dll - ok
23:07:37.0431 3920 [ 2A038DAA427960BF4A5F911556CF0E7B ] C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWIPHlp.dll
23:07:37.0431 3920 C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWIPHlp.dll - ok
23:07:37.0431 3920 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
23:07:37.0431 3920 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
23:07:37.0431 3920 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
23:07:37.0431 3920 C:\Windows\System32\snmpapi.dll - ok
23:07:37.0431 3920 [ 1E8EA2BF51B6EC739C17FA6CA78B8686 ] C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWCommon.dll
23:07:37.0431 3920 C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWCommon.dll - ok
23:07:37.0431 3920 [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\SysWOW64\ieframe.dll
23:07:37.0431 3920 C:\Windows\SysWOW64\ieframe.dll - ok
23:07:37.0431 3920 [ 90CC31E54E79E9E5800FFF3CCF2FC5DB ] C:\Windows\System32\inetmib1.dll
23:07:37.0431 3920 C:\Windows\System32\inetmib1.dll - ok
23:07:37.0447 3920 [ 37FC5DEAED21A8B7B7D377504CCA445D ] C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\SyncService.exe
23:07:37.0447 3920 C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\SyncService.exe - ok
23:07:37.0447 3920 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
23:07:37.0447 3920 C:\Windows\System32\netcfgx.dll - ok
23:07:37.0447 3920 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
23:07:37.0447 3920 C:\Windows\System32\nci.dll - ok
23:07:37.0447 3920 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
23:07:37.0447 3920 C:\Windows\System32\wlaninst.dll - ok
23:07:37.0447 3920 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
23:07:37.0447 3920 C:\Windows\System32\wwaninst.dll - ok
23:07:37.0447 3920 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
23:07:37.0447 3920 C:\Windows\System32\drivers\tcpipreg.sys - ok
23:07:37.0462 3920 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
23:07:37.0462 3920 C:\Windows\System32\wbemcomn.dll - ok
23:07:37.0462 3920 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:07:37.0462 3920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
23:07:37.0462 3920 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
23:07:37.0462 3920 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
23:07:37.0462 3920 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
23:07:37.0462 3920 C:\Windows\System32\wbem\fastprox.dll - ok
23:07:37.0462 3920 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
23:07:37.0462 3920 C:\Windows\System32\ntdsapi.dll - ok
23:07:37.0478 3920 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
23:07:37.0478 3920 C:\Windows\System32\wbem\wbemprox.dll - ok
23:07:37.0478 3920 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
23:07:37.0478 3920 C:\Windows\System32\wbem\wbemcore.dll - ok
23:07:37.0478 3920 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
23:07:37.0478 3920 C:\Windows\System32\SensApi.dll - ok
23:07:37.0478 3920 [ 5746BD7E255DD6A8AFA06F7C42C1BA41 ] C:\Windows\System32\cmd.exe
23:07:37.0478 3920 C:\Windows\System32\cmd.exe - ok
23:07:37.0478 3920 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
23:07:37.0478 3920 C:\Windows\System32\wbem\esscli.dll - ok
23:07:37.0478 3920 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
23:07:37.0478 3920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
23:07:37.0494 3920 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
23:07:37.0494 3920 C:\Windows\SysWOW64\oleacc.dll - ok
23:07:37.0494 3920 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
23:07:37.0494 3920 C:\Windows\System32\wbem\wbemsvc.dll - ok
23:07:37.0494 3920 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
23:07:37.0494 3920 C:\Windows\System32\wer.dll - ok
23:07:37.0494 3920 [ 21F81090A00932C5E96700EDF2977582 ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
23:07:37.0494 3920 C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe - ok
23:07:37.0494 3920 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
23:07:37.0494 3920 C:\Windows\System32\sqmapi.dll - ok
23:07:37.0509 3920 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
23:07:37.0509 3920 C:\Windows\System32\wdscore.dll - ok
23:07:37.0509 3920 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
23:07:37.0509 3920 C:\Windows\System32\wbem\WinMgmtR.dll - ok
23:07:37.0509 3920 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
23:07:37.0509 3920 C:\Windows\SysWOW64\shdocvw.dll - ok
23:07:37.0509 3920 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Bernie\AppData\Local\Temp\637A94D5-CCED-446D-A872-8432B9903182.exe
23:07:37.0509 3920 C:\Users\Bernie\AppData\Local\Temp\637A94D5-CCED-446D-A872-8432B9903182.exe - ok
23:07:37.0509 3920 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
23:07:37.0509 3920 C:\Windows\SysWOW64\imagehlp.dll - ok
23:07:37.0509 3920 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
23:07:37.0509 3920 C:\Windows\SysWOW64\ncrypt.dll - ok
23:07:37.0525 3920 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
23:07:37.0525 3920 C:\Windows\SysWOW64\bcrypt.dll - ok
23:07:37.0525 3920 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
23:07:37.0525 3920 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
23:07:37.0525 3920 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
23:07:37.0525 3920 C:\Windows\SysWOW64\gpapi.dll - ok
23:07:37.0525 3920 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
23:07:37.0525 3920 C:\Windows\SysWOW64\cryptnet.dll - ok
23:07:37.0525 3920 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
23:07:37.0525 3920 C:\Windows\SysWOW64\SensApi.dll - ok
23:07:37.0525 3920 [ 295657F93F6B19DEEA804048E1CB4FF9 ] C:\Windows\System32\lz32.dll
23:07:37.0525 3920 C:\Windows\System32\lz32.dll - ok
23:07:37.0540 3920 [ 490300236AB3D1F6E1384B0670540A6B ] C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll
23:07:37.0540 3920 C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll - ok
23:07:37.0540 3920 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
23:07:37.0540 3920 C:\Windows\System32\hnetcfg.dll - ok
23:07:37.0540 3920 [ D1E42B22C1E33CF752E23AFC32F89675 ] C:\Windows\System32\hpinksts5912LM.dll
23:07:37.0540 3920 C:\Windows\System32\hpinksts5912LM.dll - ok
23:07:37.0540 3920 [ 69010CE2D5CD2EBE5DB44E13776840B0 ] C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\synctime.exe
23:07:37.0540 3920 C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\synctime.exe - ok
23:07:37.0540 3920 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
23:07:37.0540 3920 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
23:07:37.0556 3920 [ 110453D6CE8C1F21A247AA24F5E33A76 ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll
23:07:37.0556 3920 C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll - ok
23:07:37.0556 3920 [ 120713E6FB08CFBDB7F0C546DE8631C7 ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll
23:07:37.0556 3920 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll - ok
23:07:37.0556 3920 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
23:07:37.0556 3920 C:\Windows\System32\msxml3.dll - ok
23:07:37.0556 3920 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
23:07:37.0556 3920 C:\Windows\System32\wbem\wmiutils.dll - ok
23:07:37.0556 3920 [ 4977CBC52959FDBD6B2E40BAA1B631C5 ] C:\Windows\System32\hpzllw71.dll
23:07:37.0556 3920 C:\Windows\System32\hpzllw71.dll - ok
23:07:37.0556 3920 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
23:07:37.0556 3920 C:\Windows\System32\shfolder.dll - ok
23:07:37.0572 3920 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
23:07:37.0572 3920 C:\Windows\System32\wbem\repdrvfs.dll - ok
23:07:37.0572 3920 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
23:07:37.0572 3920 C:\Windows\System32\FXSMON.dll - ok
23:07:37.0572 3920 [ AC1EE7827FA99B3BA3A079FC5E3F984A ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll
23:07:37.0572 3920 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll - ok
23:07:37.0572 3920 [ C5E82BCFD577AF98F3A7937A69A338B9 ] C:\Windows\System32\HPZ3LWN7.DLL
23:07:37.0572 3920 C:\Windows\System32\HPZ3LWN7.DLL - ok
23:07:37.0572 3920 [ F2CBE03CAC6B7358022B6F7F27553720 ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll
23:07:37.0572 3920 C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll - ok
23:07:37.0572 3920 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
23:07:37.0572 3920 C:\Windows\System32\tcpmon.dll - ok
23:07:37.0587 3920 [ 7958FF72E2C41FC534790CC20EE55F26 ] C:\Program Files\Common Files\mcafee\systemcore\ftl.dll
23:07:37.0587 3920 C:\Program Files\Common Files\mcafee\systemcore\ftl.dll - ok
23:07:37.0587 3920 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
23:07:37.0587 3920 C:\Windows\System32\wsnmp32.dll - ok
23:07:37.0587 3920 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
23:07:37.0587 3920 C:\Windows\SysWOW64\dwmapi.dll - ok
23:07:37.0587 3920 [ 83EBCD7849E8F19A574580E7A5AA3E6F ] C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll
23:07:37.0587 3920 C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll - ok
23:07:37.0587 3920 [ C4F521310E40327BBC8E8E71DA344F48 ] C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
23:07:37.0587 3920 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe - ok
23:07:37.0603 3920 [ D527B872E44A968C81F12F4919CE799F ] C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll
23:07:37.0603 3920 C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll - ok
23:07:37.0603 3920 [ 64E077C362E1A20E482923407A4E6F4D ] C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll
23:07:37.0603 3920 C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll - ok
23:07:37.0603 3920 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
23:07:37.0603 3920 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
23:07:37.0603 3920 [ 491B9734A22E94C4126F511333861D16 ] C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll
23:07:37.0603 3920 C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll - ok
23:07:37.0603 3920 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
23:07:37.0603 3920 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
23:07:37.0603 3920 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
23:07:37.0618 3920 C:\Windows\SysWOW64\EhStorShell.dll - ok
23:07:37.0618 3920 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
23:07:37.0618 3920 C:\Windows\SysWOW64\msvcr71.dll - ok
23:07:37.0618 3920 [ 074BD3B7CD21EA7E0013D62CAEE4DACF ] C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\vfp9r.dll
23:07:37.0618 3920 C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\vfp9r.dll - ok
23:07:37.0618 3920 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
23:07:37.0618 3920 C:\Windows\SysWOW64\ntshrui.dll - ok
23:07:37.0618 3920 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
23:07:37.0618 3920 C:\Windows\SysWOW64\srvcli.dll - ok
23:07:37.0618 3920 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
23:07:37.0618 3920 C:\Windows\SysWOW64\cscapi.dll - ok
23:07:37.0634 3920 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
23:07:37.0634 3920 C:\Windows\SysWOW64\slc.dll - ok
23:07:37.0634 3920 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
23:07:37.0634 3920 C:\Windows\SysWOW64\imageres.dll - ok
23:07:37.0634 3920 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
23:07:37.0634 3920 C:\Windows\SysWOW64\winspool.drv - ok
23:07:37.0634 3920 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
23:07:37.0634 3920 C:\Windows\SysWOW64\comdlg32.dll - ok
23:07:37.0634 3920 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
23:07:37.0634 3920 C:\Windows\SysWOW64\oledlg.dll - ok
23:07:37.0650 3920 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
23:07:37.0650 3920 C:\Windows\SysWOW64\mpr.dll - ok
23:07:37.0650 3920 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
23:07:37.0650 3920 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
23:07:37.0650 3920 [ 72CF503ED5085888009577AADA63F6A3 ] C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\VFP9RENU.DLL
23:07:37.0650 3920 C:\Program Files (x86)\FingerTec Worldwide\TCMSv2\VFP9RENU.DLL - ok
23:07:37.0650 3920 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
23:07:37.0650 3920 C:\Windows\SysWOW64\shfolder.dll - ok
23:07:37.0665 3920 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
23:07:37.0665 3920 C:\Windows\System32\ncobjapi.dll - ok
23:07:37.0665 3920 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
23:07:37.0665 3920 C:\Windows\System32\usbmon.dll - ok
23:07:37.0665 3920 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
23:07:37.0665 3920 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
23:07:37.0665 3920 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
23:07:37.0665 3920 C:\Windows\System32\wbem\wbemess.dll - ok
23:07:37.0681 3920 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
23:07:37.0681 3920 C:\Windows\System32\WSDMon.dll - ok
23:07:37.0681 3920 [ 7760899D95C2D1AAC5C1D34AF41A11C7 ] C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll
23:07:37.0681 3920 C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll - ok
23:07:37.0681 3920 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
23:07:37.0681 3920 C:\Windows\System32\WSDApi.dll - ok
23:07:37.0681 3920 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
23:07:37.0681 3920 C:\Windows\System32\dssenh.dll - ok
23:07:37.0696 3920 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
23:07:37.0696 3920 C:\Windows\System32\drivers\srv2.sys - ok
23:07:37.0696 3920 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
23:07:37.0696 3920 C:\Windows\System32\webservices.dll - ok
23:07:37.0696 3920 [ F928E5E72BBA15DD0CE9A26E0413D236 ] C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
23:07:37.0696 3920 C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe - ok
23:07:37.0696 3920 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
23:07:37.0696 3920 C:\Windows\System32\fundisc.dll - ok
23:07:37.0712 3920 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
23:07:37.0712 3920 C:\Windows\System32\msvcr100.dll - ok
23:07:37.0712 3920 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
23:07:37.0712 3920 C:\Windows\System32\fdPnp.dll - ok
23:07:37.0712 3920 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
23:07:37.0712 3920 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
23:07:37.0712 3920 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
23:07:37.0712 3920 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
23:07:37.0728 3920 [ 2C0D7AA2DACF6E11C71F22BFC0050147 ] C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll
23:07:37.0728 3920 C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll - ok
23:07:37.0728 3920 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
23:07:37.0728 3920 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
23:07:37.0728 3920 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
23:07:37.0728 3920 C:\Windows\System32\win32spl.dll - ok
23:07:37.0728 3920 [ F729E8C4FEB3FDC586769EBF51233E1B ] C:\PROGRA~1\mcafee\msc\McOobeSv.dll
23:07:37.0728 3920 C:\PROGRA~1\mcafee\msc\McOobeSv.dll - ok
23:07:37.0743 3920 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
23:07:37.0743 3920 C:\Windows\System32\drivers\srv.sys - ok
23:07:37.0743 3920 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
23:07:37.0743 3920 C:\Windows\System32\inetpp.dll - ok
23:07:37.0743 3920 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
23:07:37.0743 3920 C:\Windows\System32\p2pcollab.dll - ok
23:07:37.0743 3920 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
23:07:37.0743 3920 C:\Windows\System32\fveui.dll - ok
23:07:37.0759 3920 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
23:07:37.0759 3920 C:\Windows\System32\ntprint.dll - ok
23:07:37.0759 3920 [ A62EDFFE66C0D7916D73A6DE75758024 ] C:\Program Files\Common Files\mcafee\mcproxy\McProxy.dll
23:07:37.0759 3920 C:\Program Files\Common Files\mcafee\mcproxy\McProxy.dll - ok
23:07:37.0759 3920 [ 5A55E3E6F53592F8170623DEFA2B7954 ] C:\Windows\System32\atl100.dll
23:07:37.0759 3920 C:\Windows\System32\atl100.dll - ok
23:07:37.0759 3920 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
23:07:37.0759 3920 C:\Windows\System32\msvcp100.dll - ok
23:07:37.0774 3920 [ E30E33FEA53642563CF4C240CACA5D2E ] C:\PROGRA~1\mcafee\mpf\MpfSvc.dll
23:07:37.0774 3920 C:\PROGRA~1\mcafee\mpf\MpfSvc.dll - ok
23:07:37.0774 3920 [ 2DBB4E43F9553756350947E4AF41F9C4 ] C:\PROGRA~1\mcafee\msk\msksrvr.dll
23:07:37.0774 3920 C:\PROGRA~1\mcafee\msk\msksrvr.dll - ok
23:07:37.0774 3920 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
23:07:37.0774 3920 C:\Windows\System32\netmsg.dll - ok
23:07:37.0774 3920 [ BBB982171B6F6A1D1ED9D7F83B9D4CE9 ] C:\Program Files\Common Files\mcafee\systemcore\mfefwctl.dll
23:07:37.0774 3920 C:\Program Files\Common Files\mcafee\systemcore\mfefwctl.dll - ok
23:07:37.0774 3920 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
23:07:37.0774 3920 C:\Windows\System32\sscore.dll - ok
23:07:37.0790 3920 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
23:07:37.0790 3920 C:\Windows\System32\clusapi.dll - ok
23:07:37.0790 3920 [ C97C8EC408AC6F2453EB9417E5EF355A ] C:\Program Files\Common Files\mcafee\msc\McRTMui.dll
23:07:37.0790 3920 C:\Program Files\Common Files\mcafee\msc\McRTMui.dll - ok
23:07:37.0790 3920 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
23:07:37.0790 3920 C:\Windows\System32\resutils.dll - ok
23:07:37.0790 3920 [ 57FA62B72A77EA12B95EB73501D92B63 ] C:\Program Files\Common Files\mcafee\msc\LangSel.dll
23:07:37.0790 3920 C:\Program Files\Common Files\mcafee\msc\LangSel.dll - ok
23:07:37.0790 3920 [ 75F40B422E78C5B9D4D0A59EC0AA2B38 ] C:\PROGRA~1\mcafee\mps\mps.dll
23:07:37.0790 3920 C:\PROGRA~1\mcafee\mps\mps.dll - ok
23:07:37.0806 3920 [ 8A80968A897BCFC38512AEE1D7B73501 ] C:\PROGRA~1\mcafee\msk\mskengn.dll
23:07:37.0806 3920 C:\PROGRA~1\mcafee\msk\mskengn.dll - ok
23:07:37.0806 3920 [ 732D589A84B44BD986DBF795A99FD311 ] C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll
23:07:37.0806 3920 C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll - ok
23:07:37.0806 3920 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
23:07:37.0806 3920 C:\Windows\System32\perftrack.dll - ok
23:07:37.0806 3920 [ 1FA5C7F6E7296AEC651489AD07BAB866 ] C:\PROGRA~1\mcafee\mps\mpscfg.dll
23:07:37.0806 3920 C:\PROGRA~1\mcafee\mps\mpscfg.dll - ok
23:07:37.0806 3920 [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] C:\Windows\System32\drivers\mfeapfk.sys
23:07:37.0806 3920 C:\Windows\System32\drivers\mfeapfk.sys - ok
23:07:37.0821 3920 [ 30830E9DA7F0BA3946665827D5247EC0 ] C:\PROGRA~1\mcafee\mpf\MpfEvt.dll
23:07:37.0821 3920 C:\PROGRA~1\mcafee\mpf\MpfEvt.dll - ok
23:07:37.0821 3920 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
23:07:37.0821 3920 C:\Windows\System32\npmproxy.dll - ok
23:07:37.0821 3920 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
23:07:37.0821 3920 C:\Windows\System32\diagperf.dll - ok
23:07:37.0821 3920 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
23:07:37.0821 3920 C:\Windows\System32\PortableDeviceApi.dll - ok
23:07:37.0821 3920 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
23:07:37.0821 3920 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
23:07:37.0837 3920 [ 1CD479BBDB6714D58C76B26912FF2327 ] C:\PROGRA~1\mcafee\msk\mskupd.dll
23:07:37.0837 3920 C:\PROGRA~1\mcafee\msk\mskupd.dll - ok
23:07:37.0837 3920 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
23:07:37.0837 3920 C:\Windows\System32\Apphlpdm.dll - ok
23:07:37.0837 3920 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
23:07:37.0837 3920 C:\Windows\System32\pnpts.dll - ok
23:07:37.0837 3920 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
23:07:37.0837 3920 C:\Windows\System32\radardt.dll - ok
23:07:37.0837 3920 [ 19B8FEB9455D9D63425514271F5752E6 ] C:\PROGRA~1\mcafee\msc\mclwapi.dll
23:07:37.0837 3920 C:\PROGRA~1\mcafee\msc\mclwapi.dll - ok
23:07:37.0852 3920 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
23:07:37.0852 3920 C:\Windows\System32\wdiasqmmodule.dll - ok
23:07:37.0852 3920 [ 254C46A466484D4169DFF44B29F6A979 ] C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~2\mcutil.dll
23:07:37.0852 3920 C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~2\mcutil.dll - ok
23:07:37.0852 3920 [ 89E9ABC86EB600565D24516B170B0E39 ] C:\PROGRA~1\mcafee\msk\mskwm.dll
23:07:37.0852 3920 C:\PROGRA~1\mcafee\msk\mskwm.dll - ok
23:07:37.0868 3920 [ 4742F810686D2C7883CD69036CE15542 ] C:\PROGRA~1\mcafee\msk\mskxaif.dll
23:07:37.0868 3920 C:\PROGRA~1\mcafee\msk\mskxaif.dll - ok
23:07:37.0868 3920 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
23:07:37.0868 3920 C:\Windows\System32\IPSECSVC.DLL - ok
23:07:37.0868 3920 [ 8ED06C74B9BC9CE0E24EA0CB0C5CF2A7 ] C:\PROGRA~1\COMMON~1\mcafee\core\McEvtBrk.dll
23:07:37.0868 3920 C:\PROGRA~1\COMMON~1\mcafee\core\McEvtBrk.dll - ok
23:07:37.0868 3920 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
23:07:37.0868 3920 C:\Windows\System32\FwRemoteSvr.dll - ok
23:07:37.0884 3920 [ 9FFD32E56D61E1514892EB170186DC0A ] C:\PROGRA~1\mcafee\mps\mpsevh.dll
23:07:37.0884 3920 C:\PROGRA~1\mcafee\mps\mpsevh.dll - ok
23:07:37.0884 3920 [ 5E3FDBD96C880A600C7E4B60D091D4E1 ] C:\PROGRA~1\mcafee\mps\MPSMisp.dll
23:07:37.0884 3920 C:\PROGRA~1\mcafee\mps\MPSMisp.dll - ok
23:07:37.0884 3920 [ F1F438402FC37991A0502F09CC0AA284 ] C:\PROGRA~1\COMMON~1\mcafee\HACKER~1\HWAPI.dll
23:07:37.0884 3920 C:\PROGRA~1\COMMON~1\mcafee\HACKER~1\HWAPI.dll - ok
23:07:37.0884 3920 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
23:07:37.0884 3920 C:\Windows\System32\dimsjob.dll - ok
23:07:37.0899 3920 [ 490300236AB3D1F6E1384B0670540A6B ] C:\Program Files\Common Files\mcafee\VSCore\lockdown.dll
23:07:37.0899 3920 C:\Program Files\Common Files\mcafee\VSCore\lockdown.dll - ok
23:07:37.0899 3920 [ B89910DBAD3A7C4782ECFD5F582D37D3 ] C:\PROGRA~1\mcafee\msc\mcmscsub.dll
23:07:37.0899 3920 C:\PROGRA~1\mcafee\msc\mcmscsub.dll - ok
23:07:37.0899 3920 [ FFB6E1AACCF286EBD549DFDAA93BC940 ] C:\PROGRA~1\mcafee\msc\mcregobj\11_6_4~1\mcregobj.dll
23:07:37.0899 3920 C:\PROGRA~1\mcafee\msc\mcregobj\11_6_4~1\mcregobj.dll - ok
23:07:37.0899 3920 [ D065827C0915CCBA48D47B4E4F855E54 ] C:\Program Files\mcafee\msc\mcoemres.dll
23:07:37.0899 3920 C:\Program Files\mcafee\msc\mcoemres.dll - ok
23:07:37.0915 3920 [ A444C15772749F572E61DAFED66F51C4 ] C:\Program Files\mcafee\msc\oemui.dll
23:07:37.0915 3920 C:\Program Files\mcafee\msc\oemui.dll - ok
23:07:37.0915 3920 [ 1565AEDA55469D030E35801ECD17E1A5 ] C:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll
23:07:37.0915 3920 C:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll - ok
23:07:37.0915 3920 [ 3C5AE07EECF8CF0A69E0D9E9AB3D06C1 ] C:\Program Files\mcafee\msc\mcprlres.dll
23:07:37.0915 3920 C:\Program Files\mcafee\msc\mcprlres.dll - ok
23:07:37.0915 3920 [ F177C9CB3990D25F700F0962CC686BF3 ] C:\PROGRA~1\COMMON~1\mcafee\msc\sqlite3.dll
23:07:37.0915 3920 C:\PROGRA~1\COMMON~1\mcafee\msc\sqlite3.dll - ok
23:07:37.0930 3920 [ 88FD96AD1B0C56474ADDC97100FFFA39 ] C:\Program Files\mcafee\mpf\L10N.dll
23:07:37.0930 3920 C:\Program Files\mcafee\mpf\L10N.dll - ok
23:07:37.0930 3920 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
23:07:37.0930 3920 C:\Windows\System32\NapiNSP.dll - ok
23:07:37.0930 3920 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
23:07:37.0930 3920 C:\Windows\System32\pnrpnsp.dll - ok
23:07:37.0930 3920 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
23:07:37.0930 3920 C:\Windows\System32\winrnr.dll - ok
23:07:37.0946 3920 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
23:07:37.0946 3920 C:\Windows\System32\drivers\WUDFRd.sys - ok
23:07:37.0946 3920 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
23:07:37.0946 3920 C:\Windows\System32\WUDFHost.exe - ok
23:07:37.0946 3920 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
23:07:37.0946 3920 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
23:07:37.0946 3920 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
23:07:37.0946 3920 C:\Windows\System32\WUDFx.dll - ok
23:07:37.0946 3920 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
23:07:37.0946 3920 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
23:07:37.0946 3920 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
23:07:37.0946 3920 C:\Windows\System32\WMVCORE.DLL - ok
23:07:37.0962 3920 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
23:07:37.0962 3920 C:\Windows\System32\wbem\cimwin32.dll - ok
23:07:37.0962 3920 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
23:07:37.0962 3920 C:\Windows\System32\framedynos.dll - ok
23:07:37.0962 3920 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
23:07:37.0962 3920 C:\Windows\System32\WMASF.DLL - ok
23:07:37.0962 3920 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
23:07:37.0962 3920 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
23:07:37.0977 3920 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
23:07:37.0977 3920 C:\Windows\System32\PortableDeviceTypes.dll - ok
23:07:37.0977 3920 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
23:07:37.0977 3920 C:\Windows\System32\wmi.dll - ok
23:07:37.0977 3920 [ D2B3252AD4EB499C935A56467997AA3C ] C:\Windows\System32\drivers\cfwids.sys
23:07:37.0977 3920 C:\Windows\System32\drivers\cfwids.sys - ok
23:07:37.0977 3920 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
23:07:37.0977 3920 C:\Windows\SysWOW64\sfc.dll - ok
23:07:37.0993 3920 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
23:07:37.0993 3920 C:\Windows\SysWOW64\sfc_os.dll - ok
23:07:37.0993 3920 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
23:07:37.0993 3920 C:\Windows\SysWOW64\devrtl.dll - ok
23:07:37.0993 3920 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
23:07:37.0993 3920 C:\Windows\SysWOW64\netutils.dll - ok
23:07:37.0993 3920 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
23:07:37.0993 3920 C:\Windows\System32\wmploc.DLL - ok
23:07:38.0008 3920 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
23:07:38.0008 3920 C:\Windows\SysWOW64\winhttp.dll - ok
23:07:38.0008 3920 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
23:07:38.0008 3920 C:\Windows\SysWOW64\webio.dll - ok
23:07:38.0008 3920 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
23:07:38.0008 3920 C:\Windows\System32\themeui.dll - ok
23:07:38.0008 3920 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
23:07:38.0008 3920 C:\Windows\System32\ie4uinit.exe - ok
23:07:38.0024 3920 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
23:07:38.0024 3920 C:\Windows\System32\iedkcs32.dll - ok
23:07:38.0024 3920 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
23:07:38.0024 3920 C:\Windows\System32\timedate.cpl - ok
23:07:38.0024 3920 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
23:07:38.0024 3920 C:\Windows\SysWOW64\credssp.dll - ok
23:07:38.0024 3920 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
23:07:38.0024 3920 C:\Windows\System32\actxprxy.dll - ok
23:07:38.0024 3920 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
23:07:38.0024 3920 C:\Windows\SysWOW64\dnsapi.dll - ok
23:07:38.0024 3920 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
23:07:38.0024 3920 C:\Windows\SysWOW64\wship6.dll - ok
23:07:38.0040 3920 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
23:07:38.0040 3920 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
23:07:38.0040 3920 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
23:07:38.0040 3920 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
23:07:38.0040 3920 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
23:07:38.0040 3920 C:\Windows\System32\shdocvw.dll - ok
23:07:38.0040 3920 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
23:07:38.0040 3920 C:\Windows\SysWOW64\rasadhlp.dll - ok
23:07:38.0040 3920 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
23:07:38.0040 3920 C:\Windows\System32\linkinfo.dll - ok
23:07:38.0055 3920 [ 64B328D52DFC8CDA123093E3F6E4C37C ] C:\Windows\System32\unregmp2.exe
23:07:38.0055 3920 C:\Windows\System32\unregmp2.exe - ok
23:07:38.0055 3920 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
23:07:38.0055 3920 C:\Windows\System32\msi.dll - ok
23:07:38.0055 3920 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
23:07:38.0055 3920 C:\Windows\System32\msiltcfg.dll - ok
23:07:38.0055 3920 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
23:07:38.0055 3920 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
23:07:38.0071 3920 [ FD28E3B46F63337EAF905120F1E00070 ] C:\Windows\System32\accessibilitycpl.dll
23:07:38.0071 3920 C:\Windows\System32\accessibilitycpl.dll - ok
23:07:38.0071 3920 [ BC70295C58B087182275C56CA0D21021 ] C:\PROGRA~1\COMMON~1\mcafee\nmc\McMPFEvt.dll
23:07:38.0071 3920 C:\PROGRA~1\COMMON~1\mcafee\nmc\McMPFEvt.dll - ok
23:07:38.0071 3920 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
23:07:38.0071 3920 C:\Windows\System32\msftedit.dll - ok
23:07:38.0071 3920 [ EC84D7DCAE6AE0FE87EE5D4F0D50DC55 ] C:\Windows\System32\sud.dll
23:07:38.0071 3920 C:\Windows\System32\sud.dll - ok
23:07:38.0086 3920 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
23:07:38.0086 3920 C:\Windows\System32\msls31.dll - ok
23:07:38.0086 3920 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
23:07:38.0086 3920 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
23:07:38.0086 3920 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
23:07:38.0086 3920 C:\Program Files\Windows Sidebar\sidebar.exe - ok
23:07:38.0086 3920 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
23:07:38.0086 3920 C:\Windows\System32\DeviceCenter.dll - ok
23:07:38.0086 3920 [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
23:07:38.0086 3920 C:\Program Files\DVD Maker\DVDMaker.exe - ok
23:07:38.0102 3920 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
23:07:38.0102 3920 C:\Windows\System32\networkexplorer.dll - ok
23:07:38.0102 3920 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
23:07:38.0102 3920 C:\Windows\System32\thumbcache.dll - ok
23:07:38.0102 3920 [ B2A88B3F19791E540B4A6228E5412C16 ] C:\PROGRA~2\WIC4A1~1\Mail\maillang.dll
23:07:38.0102 3920 C:\PROGRA~2\WIC4A1~1\Mail\maillang.dll - ok
23:07:38.0102 3920 [ 3CBECBC83287258DC78B7D2F2821F7E5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:07:38.0102 3920 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
23:07:38.0102 3920 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
23:07:38.0102 3920 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
23:07:38.0118 3920 [ 812DD9FBA5EF2136AEF738CAA499D47C ] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
23:07:38.0118 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe - ok
23:07:38.0118 3920 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
23:07:38.0118 3920 C:\Windows\System32\drprov.dll - ok
23:07:38.0118 3920 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
23:07:38.0118 3920 C:\Windows\System32\ntlanman.dll - ok
23:07:38.0118 3920 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
23:07:38.0118 3920 C:\Windows\System32\davclnt.dll - ok
23:07:38.0133 3920 [ EB8224F66FD54B08DCBB52C409B1C3F4 ] C:\PROGRA~2\WIC4A1~1\PHOTOG~1\MOVIEM~2.DLL
23:07:38.0133 3920 C:\PROGRA~2\WIC4A1~1\PHOTOG~1\MOVIEM~2.DLL - ok
23:07:38.0133 3920 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
23:07:38.0133 3920 C:\Windows\System32\davhlpr.dll - ok
23:07:38.0133 3920 [ A300D780F0A80E5099002B7295B73430 ] C:\Windows\System32\igfxtray.exe
23:07:38.0133 3920 C:\Windows\System32\igfxtray.exe - ok
23:07:38.0133 3920 [ B8868A9397AC7541F600A323704ECF06 ] C:\Windows\System32\hkcmd.exe
23:07:38.0133 3920 C:\Windows\System32\hkcmd.exe - ok
23:07:38.0149 3920 [ 0B0B165A9A3C4564BF36260AB854AB42 ] C:\Windows\System32\igfxpers.exe
23:07:38.0149 3920 C:\Windows\System32\igfxpers.exe - ok
23:07:38.0149 3920 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
23:07:38.0149 3920 C:\Windows\System32\wdmaud.drv - ok
23:07:38.0149 3920 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
23:07:38.0149 3920 C:\Windows\System32\ksuser.dll - ok
23:07:38.0149 3920 [ F6FFD0DD7BE7BC682350F1296E1E9742 ] C:\PROGRA~2\WIC4A1~1\PHOTOG~1\WL09BB~1.DLL
23:07:38.0149 3920 C:\PROGRA~2\WIC4A1~1\PHOTOG~1\WL09BB~1.DLL - ok
23:07:38.0149 3920 [ B795E6138E29A37508285FC31E92BD78 ] C:\Windows\System32\DisplaySwitch.exe
23:07:38.0149 3920 C:\Windows\System32\DisplaySwitch.exe - ok
23:07:38.0164 3920 [ 98F1C94E108DF0811CC5EF098ECFB842 ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
23:07:38.0164 3920 C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
23:07:38.0164 3920 [ FA4C36B574BF387D9582ED2C54A347A8 ] C:\Windows\System32\mblctr.exe
23:07:38.0164 3920 C:\Windows\System32\mblctr.exe - ok
23:07:38.0164 3920 [ 47CC4EE5C9D98DC4F03FCD77DF8DF176 ] C:\Windows\System32\NetProjW.dll
23:07:38.0164 3920 C:\Windows\System32\NetProjW.dll - ok
23:07:38.0164 3920 [ 98C04A60A10777D99B569636C55FE91C ] C:\Windows\System32\mstsc.exe
23:07:38.0164 3920 C:\Windows\System32\mstsc.exe - ok
23:07:38.0164 3920 [ 384AE90BAC1738B0FDB3EEF24BFF44AA ] C:\Windows\System32\hccutils.dll
23:07:38.0164 3920 C:\Windows\System32\hccutils.dll - ok
23:07:38.0180 3920 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\95438903.sys
23:07:38.0180 3920 C:\Windows\System32\drivers\95438903.sys - ok
23:07:38.0180 3920 [ C8604D59DC57749ED70A2F04D65FA4C9 ] C:\Windows\System32\igfxsrvc.exe
23:07:38.0180 3920 C:\Windows\System32\igfxsrvc.exe - ok
23:07:38.0180 3920 [ 7633F554EEAFDE7F144B41C2FCAF5F63 ] C:\Windows\System32\SnippingTool.exe
23:07:38.0180 3920 C:\Windows\System32\SnippingTool.exe - ok
23:07:38.0180 3920 [ 47F0F526AD4982806C54B845B3289DE1 ] C:\Windows\System32\SoundRecorder.exe
23:07:38.0180 3920 C:\Windows\System32\SoundRecorder.exe - ok
23:07:38.0180 3920 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
23:07:38.0180 3920 C:\Windows\System32\SyncCenter.dll - ok
23:07:38.0180 3920 [ 0B7FBCAF83258819112F4AE22EA07F17 ] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
23:07:38.0180 3920 C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe - ok
23:07:38.0196 3920 [ A7749965A3923D024922A86BAAECAFF4 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
23:07:38.0196 3920 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe - ok
23:07:38.0196 3920 [ ADCB9A3CC1DB2F027BE463824A1D6F42 ] C:\Program Files\mcafee.com\agent\mcagent.exe
23:07:38.0196 3920 C:\Program Files\mcafee.com\agent\mcagent.exe - ok
23:07:38.0196 3920 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
23:07:38.0196 3920 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
23:07:38.0196 3920 [ 4260CDD7292900C79EF2F360C28100C1 ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
23:07:38.0196 3920 C:\Program Files (x86)\Citrix\ICA Client\concentr.exe - ok
23:07:38.0196 3920 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:07:38.0196 3920 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
23:07:38.0211 3920 [ 53EDBE9C1D6B0CEC11A573852B5B6DAD ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
23:07:38.0211 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe - ok
23:07:38.0211 3920 [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
23:07:38.0211 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
23:07:38.0211 3920 [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
23:07:38.0211 3920 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
23:07:38.0211 3920 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
23:07:38.0211 3920 C:\Windows\SysWOW64\msi.dll - ok
23:07:38.0211 3920 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
23:07:38.0211 3920 C:\Windows\svchost.exe - ok
23:07:38.0227 3920 [ 2C68D1CEAA96FE39E44B4979ACD6D9B3 ] C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll
23:07:38.0227 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll - ok
23:07:38.0227 3920 [ FCF433BFE9F44C8FD2FAF1E8DED23D72 ] C:\Windows\System32\OobeFldr.dll
23:07:38.0227 3920 C:\Windows\System32\OobeFldr.dll - ok
23:07:38.0227 3920 [ F121FF27B30D62EB148E928C4769328B ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
23:07:38.0227 3920 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
23:07:38.0227 3920 [ C7301A1D3DB09DE86528D9D916069859 ] C:\Windows\System32\dfrgui.exe
23:07:38.0227 3920 C:\Windows\System32\dfrgui.exe - ok
23:07:38.0227 3920 [ 6E26EE228F60D75C732D209688FB546C ] C:\Windows\System32\wdc.dll
23:07:38.0227 3920 C:\Windows\System32\wdc.dll - ok
23:07:38.0227 3920 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
23:07:38.0227 3920 C:\Windows\SysWOW64\riched20.dll - ok
23:07:38.0242 3920 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
23:07:38.0242 3920 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
23:07:38.0242 3920 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
23:07:38.0242 3920 C:\Windows\System32\stobject.dll - ok
23:07:38.0242 3920 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
23:07:38.0242 3920 C:\Windows\System32\batmeter.dll - ok
23:07:38.0242 3920 [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\Windows\System32\msinfo32.exe
23:07:38.0242 3920 C:\Windows\System32\msinfo32.exe - ok
23:07:38.0242 3920 [ 3DB5A1EACE7F3049ECC49FA64461E254 ] C:\Windows\System32\rstrui.exe
23:07:38.0242 3920 C:\Windows\System32\rstrui.exe - ok
23:07:38.0242 3920 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
23:07:38.0242 3920 C:\Windows\SysWOW64\duser.dll - ok
23:07:38.0258 3920 [ 51D186B582C905E49D84B70322F70B21 ] C:\Windows\System32\miguiresource.dll
23:07:38.0258 3920 C:\Windows\System32\miguiresource.dll - ok
23:07:38.0258 3920 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
23:07:38.0258 3920 C:\Windows\SysWOW64\dui70.dll - ok
23:07:38.0258 3920 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
23:07:38.0258 3920 C:\Windows\System32\dsound.dll - ok
23:07:38.0258 3920 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
23:07:38.0258 3920 C:\Windows\System32\opengl32.dll - ok
23:07:38.0258 3920 [ A440A6EFED28AB4A8741E76BBDCF4B78 ] C:\Windows\System32\migwiz\wet.dll
23:07:38.0258 3920 C:\Windows\System32\migwiz\wet.dll - ok
23:07:38.0274 3920 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
23:07:38.0274 3920 C:\Windows\System32\glu32.dll - ok
23:07:38.0274 3920 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
23:07:38.0274 3920 C:\Windows\System32\ddraw.dll - ok
23:07:38.0274 3920 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
23:07:38.0274 3920 C:\Windows\System32\dciman32.dll - ok
23:07:38.0274 3920 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
23:07:38.0274 3920 C:\Windows\System32\msimg32.dll - ok
23:07:38.0274 3920 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
23:07:38.0274 3920 C:\Windows\System32\oledlg.dll - ok
23:07:38.0274 3920 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
23:07:38.0274 3920 C:\Windows\System32\AudioSes.dll - ok
23:07:38.0289 3920 [ 64817817D46F2C57694C7BBAA242008B ] C:\Windows\System32\RtkAPO64.dll
23:07:38.0289 3920 C:\Windows\System32\RtkAPO64.dll - ok
23:07:38.0289 3920 [ 5C4AFB5C6ED90291BE565082A1DBFC9E ] C:\Windows\System32\RtkCfg64.dll
23:07:38.0289 3920 C:\Windows\System32\RtkCfg64.dll - ok
23:07:38.0289 3920 [ 43CD4141DF3A0818A56704FBAC0E0830 ] C:\Windows\System32\igfxsrvc.dll
23:07:38.0289 3920 C:\Windows\System32\igfxsrvc.dll - ok
23:07:38.0289 3920 [ 00F08F21EF4D64932393F0A83E76FBA9 ] C:\Windows\System32\igfxdev.dll
23:07:38.0289 3920 C:\Windows\System32\igfxdev.dll - ok
23:07:38.0289 3920 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
23:07:38.0289 3920 C:\Windows\System32\IccLibDll_x64.dll - ok
23:07:38.0289 3920 [ 1DC04742F68DE1E369CC6456CFD667E3 ] C:\Windows\System32\igfxrenu.lrc
23:07:38.0289 3920 C:\Windows\System32\igfxrenu.lrc - ok
23:07:38.0305 3920 [ AC6EE4B07B9A78B155DEE7529ACCE355 ] C:\Program Files (x86)\Dell Stage\Dell Stage\libmmd.dll
23:07:38.0305 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\libmmd.dll - ok
23:07:38.0305 3920 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
23:07:38.0305 3920 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
23:07:38.0305 3920 [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
23:07:38.0305 3920 C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
23:07:38.0305 3920 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
23:07:38.0305 3920 C:\Windows\System32\prnfldr.dll - ok
23:07:38.0305 3920 [ D5A787E18D3C67894CDAC0A81D617DB4 ] C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
23:07:38.0305 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll - ok
23:07:38.0305 3920 [ 1C09858449980D64577E377EB262C9D7 ] C:\Program Files\Windows Journal\Journal.exe
23:07:38.0305 3920 C:\Program Files\Windows Journal\Journal.exe - ok
23:07:38.0320 3920 [ 852D67A27E454BD389FA7F02A8CBE23F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
23:07:38.0320 3920 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
23:07:38.0320 3920 [ 06A6FE79BD96C7FEF7322AFE5B45FFFF ] C:\Windows\System32\mycomput.dll
23:07:38.0320 3920 C:\Windows\System32\mycomput.dll - ok
23:07:38.0320 3920 [ 7C74C407EEFE30A423B49E2D10850281 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
23:07:38.0320 3920 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
23:07:38.0320 3920 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
23:07:38.0320 3920 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
23:07:38.0320 3920 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
23:07:38.0320 3920 C:\Windows\System32\drivers\fastfat.sys - ok
23:07:38.0320 3920 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
23:07:38.0320 3920 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
23:07:38.0336 3920 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
23:07:38.0336 3920 C:\Windows\System32\odbcint.dll - ok
23:07:38.0336 3920 [ 0F32154980452B85CF05A892D7CE1C33 ] C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll
23:07:38.0336 3920 C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll - ok
23:07:38.0336 3920 [ 2C68D1CEAA96FE39E44B4979ACD6D9B3 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll
23:07:38.0336 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll - ok
23:07:38.0336 3920 [ 317EBF206D8FD56352F64E461F6BEEF3 ] C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll
23:07:38.0336 3920 C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll - ok
23:07:38.0336 3920 [ B9CE8CF2FF2D5EAFFDBAA340E7B385A5 ] C:\Windows\System32\iscsicpl.dll
23:07:38.0336 3920 C:\Windows\System32\iscsicpl.dll - ok
23:07:38.0336 3920 [ A23F7345E43A96D7DB581D08BBAFFE05 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.dll
23:07:38.0336 3920 C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.dll - ok
23:07:38.0352 3920 [ 9553459D4BFCFB0D2D9B79255202AFB0 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.dll
23:07:38.0352 3920 C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.dll - ok
23:07:38.0352 3920 [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\Windows\System32\MdSched.exe
23:07:38.0352 3920 C:\Windows\System32\MdSched.exe - ok
23:07:38.0352 3920 [ 2ECD9D9087DC15E7AAD130883E665219 ] C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
23:07:38.0352 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll - ok
23:07:38.0352 3920 [ 279AC1AD3CBD3980D5517924A7CBFCE2 ] C:\Windows\System32\pmcsnap.dll
23:07:38.0352 3920 C:\Windows\System32\pmcsnap.dll - ok
23:07:38.0352 3920 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
23:07:38.0352 3920 C:\Windows\System32\DXP.dll - ok
23:07:38.0352 3920 [ 1BCA343802DB1682A6C61FEB1C064B20 ] C:\Windows\System32\wsecedit.dll
23:07:38.0367 3920 C:\Windows\System32\wsecedit.dll - ok
23:07:38.0367 3920 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
23:07:38.0367 3920 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
23:07:38.0367 3920 [ 8B2946085FE12BA716EB5C4901EC1505 ] C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
23:07:38.0367 3920 C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe - ok
23:07:38.0367 3920 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
23:07:38.0367 3920 C:\Windows\SysWOW64\ddraw.dll - ok
23:07:38.0367 3920 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
23:07:38.0367 3920 C:\Windows\SysWOW64\glu32.dll - ok
23:07:38.0383 3920 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
23:07:38.0383 3920 C:\Windows\SysWOW64\msacm32.dll - ok
23:07:38.0383 3920 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
23:07:38.0383 3920 C:\Windows\SysWOW64\opengl32.dll - ok
23:07:38.0383 3920 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
23:07:38.0383 3920 C:\Windows\SysWOW64\dciman32.dll - ok
23:07:38.0383 3920 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
23:07:38.0383 3920 C:\Windows\SysWOW64\powrprof.dll - ok
23:07:38.0383 3920 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
23:07:38.0383 3920 C:\Windows\SysWOW64\dbghelp.dll - ok
23:07:38.0383 3920 [ DE038C40F3033EDA732655FA42DCBD18 ] C:\Windows\System32\filemgmt.dll
23:07:38.0383 3920 C:\Windows\System32\filemgmt.dll - ok
23:07:38.0383 3920 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
23:07:38.0383 3920 C:\Windows\System32\Syncreg.dll - ok
23:07:38.0398 3920 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
23:07:38.0398 3920 C:\Windows\ehome\ehSSO.dll - ok
23:07:38.0398 3920 [ E19D102BAF266F34592F7C742FBFA886 ] C:\Windows\System32\msconfig.exe
23:07:38.0398 3920 C:\Windows\System32\msconfig.exe - ok
23:07:38.0398 3920 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
23:07:38.0398 3920 C:\Windows\System32\netshell.dll - ok
23:07:38.0398 3920 [ 8504944851DF6175CC489A8F3328459E ] C:\Windows\SysWOW64\d3d10.dll
23:07:38.0398 3920 C:\Windows\SysWOW64\d3d10.dll - ok
23:07:38.0398 3920 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
23:07:38.0398 3920 C:\Windows\SysWOW64\winsta.dll - ok
23:07:38.0398 3920 [ FB3F036EF6A467F7AF46C821FF5D198D ] C:\Windows\SysWOW64\d3d10core.dll
23:07:38.0398 3920 C:\Windows\SysWOW64\d3d10core.dll - ok
23:07:38.0414 3920 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
23:07:38.0414 3920 C:\Windows\SysWOW64\msvcp71.dll - ok
23:07:38.0414 3920 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
23:07:38.0414 3920 C:\Windows\SysWOW64\dxgi.dll - ok
23:07:38.0414 3920 [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
23:07:38.0414 3920 C:\Windows\SysWOW64\d3d11.dll - ok
23:07:38.0414 3920 [ B9E362680ADB83F0E0134F4567DBF656 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\LayoutDLL12OEM.dll
23:07:38.0414 3920 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\LayoutDLL12OEM.dll - ok
23:07:38.0414 3920 [ A51A7D0C82C93827532DF3B8FE7804EA ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\CPSCommonTools12OEM.dll
23:07:38.0414 3920 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\CPSCommonTools12OEM.dll - ok
23:07:38.0414 3920 [ 0DD60844DE36251CEDC6910D9B74ED57 ] C:\Windows\SysWOW64\igd10umd32.dll
23:07:38.0414 3920 C:\Windows\SysWOW64\igd10umd32.dll - ok
23:07:38.0430 3920 [ 3B1247FC09F82A1ECD1294EA13C79C3E ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\roxippEMC12.dll
23:07:38.0430 3920 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\roxippEMC12.dll - ok
23:07:38.0430 3920 [ 11F174ED2050121C394C17B4F7B69983 ] C:\Windows\System32\AuthFWGP.dll
23:07:38.0430 3920 C:\Windows\System32\AuthFWGP.dll - ok
23:07:38.0430 3920 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
23:07:38.0430 3920 C:\Windows\System32\WPDShServiceObj.dll - ok
23:07:38.0430 3920 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
23:07:38.0430 3920 C:\Windows\System32\cscobj.dll - ok
23:07:38.0430 3920 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
23:07:38.0430 3920 C:\Windows\System32\AltTab.dll - ok
23:07:38.0445 3920 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
23:07:38.0445 3920 C:\Windows\System32\pnidui.dll - ok
23:07:38.0445 3920 [ 0CD666503B26081E4E7BA8193017422F ] C:\PROGRA~3\PC-DOC~1\STARTM~1\603247~1.MUI
23:07:38.0445 3920 C:\PROGRA~3\PC-DOC~1\STARTM~1\603247~1.MUI - ok
23:07:38.0445 3920 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
23:07:38.0445 3920 C:\Windows\System32\QUTIL.DLL - ok
23:07:38.0445 3920 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
23:07:38.0445 3920 C:\Windows\System32\ActionCenter.dll - ok
23:07:38.0445 3920 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
23:07:38.0445 3920 C:\Windows\System32\gameux.dll - ok
23:07:38.0445 3920 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
23:07:38.0445 3920 C:\Windows\System32\srchadmin.dll - ok
23:07:38.0461 3920 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
23:07:38.0461 3920 C:\Windows\System32\FXSST.dll - ok
23:07:38.0461 3920 [ AC6EE4B07B9A78B155DEE7529ACCE355 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libmmd.dll
23:07:38.0461 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libmmd.dll - ok
23:07:38.0461 3920 [ CF8D43B5CE132414CC0667E9C5EB5574 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig12OEM.dll
23:07:38.0461 3920 C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig12OEM.dll - ok
23:07:38.0461 3920 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
23:07:38.0461 3920 C:\Windows\System32\FXSAPI.dll - ok
23:07:38.0461 3920 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
23:07:38.0461 3920 C:\Windows\SysWOW64\netapi32.dll - ok
23:07:38.0461 3920 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
23:07:38.0461 3920 C:\Windows\SysWOW64\wkscli.dll - ok
23:07:38.0476 3920 [ 837115C004022C7C9317848645D714FD ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rsl.dll
23:07:38.0476 3920 C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rsl.dll - ok
23:07:38.0476 3920 [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
23:07:38.0476 3920 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
23:07:38.0476 3920 [ E7B1B5D5A1D1E4C77AE995D725A1FEE5 ] C:\Windows\System32\sdcpl.dll
23:07:38.0476 3920 C:\Windows\System32\sdcpl.dll - ok
23:07:38.0476 3920 [ 6046C98205A35C2CEC330B15F88D4443 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
23:07:38.0476 3920 C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll - ok
23:07:38.0476 3920 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
23:07:38.0476 3920 C:\Windows\SysWOW64\snmpapi.dll - ok
23:07:38.0492 3920 [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
23:07:38.0492 3920 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
23:07:38.0492 3920 [ 5BD85ABB12E057257D9D93C0838ABC0B ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rcsl.dll
23:07:38.0492 3920 C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok
23:07:38.0492 3920 [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
23:07:38.0492 3920 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
23:07:38.0492 3920 [ 72E6BB97A33137004FAC46CA43938F6C ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient12OEM.dll
23:07:38.0492 3920 C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient12OEM.dll - ok
23:07:38.0492 3920 [ 132AB9DB9A673FC20EE2D786E8CEC447 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager12OEM.dll
23:07:38.0492 3920 C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager12OEM.dll - ok
23:07:38.0492 3920 [ D5A787E18D3C67894CDAC0A81D617DB4 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
23:07:38.0492 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll - ok
23:07:38.0508 3920 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
23:07:38.0508 3920 C:\Windows\System32\FXSSVC.exe - ok
23:07:38.0508 3920 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
23:07:38.0508 3920 C:\Windows\SysWOW64\rasapi32.dll - ok
23:07:38.0508 3920 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
23:07:38.0508 3920 C:\Windows\SysWOW64\wbemcomn.dll - ok
23:07:38.0508 3920 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
23:07:38.0508 3920 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
23:07:38.0508 3920 [ F3B306179F1840C0813DC6771B018358 ] C:\Windows\System32\recdisc.exe
23:07:38.0508 3920 C:\Windows\System32\recdisc.exe - ok
23:07:38.0523 3920 [ E79DF53BAD587E24B3CF965A5746C7B6 ] C:\Windows\System32\msra.exe
23:07:38.0523 3920 C:\Windows\System32\msra.exe - ok
23:07:38.0523 3920 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
23:07:38.0523 3920 C:\Windows\SysWOW64\rasman.dll - ok
23:07:38.0523 3920 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
23:07:38.0523 3920 C:\Windows\SysWOW64\rtutils.dll - ok
23:07:38.0523 3920 [ 1F0C93C5EF2624C922798AB3F0C91BD1 ] C:\PROGRA~2\WIC4A1~1\Mesh\WLSYNC~3.DLL
23:07:38.0523 3920 C:\PROGRA~2\WIC4A1~1\Mesh\WLSYNC~3.DLL - ok
23:07:38.0523 3920 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
23:07:38.0523 3920 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
23:07:38.0523 3920 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
23:07:38.0523 3920 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
23:07:38.0539 3920 [ EC971A8E4CA132D6F8482B0C8B79A9AD ] C:\PROGRA~2\WIC4A1~1\Writer\WI68BE~1.DLL
23:07:38.0539 3920 C:\PROGRA~2\WIC4A1~1\Writer\WI68BE~1.DLL - ok
23:07:38.0539 3920 [ A50815623DE70BF856E83962F0CA02C0 ] C:\Windows\System32\VMCPropertyHandler.dll
23:07:38.0539 3920 C:\Windows\System32\VMCPropertyHandler.dll - ok
23:07:38.0539 3920 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
23:07:38.0539 3920 C:\Windows\SysWOW64\ntdsapi.dll - ok
23:07:38.0539 3920 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
23:07:38.0539 3920 C:\Windows\System32\bthprops.cpl - ok
23:07:38.0539 3920 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
23:07:38.0539 3920 C:\Windows\System32\browcli.dll - ok
23:07:38.0539 3920 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
23:07:38.0539 3920 C:\Windows\System32\schedcli.dll - ok
23:07:38.0554 3920 [ 807B6562009E5858C93E1C0F435C0382 ] C:\Windows\SysWOW64\netbios.dll
23:07:38.0554 3920 C:\Windows\SysWOW64\netbios.dll - ok
23:07:38.0554 3920 [ 35126DDDE8241C4C4A5F15F6CDDF4434 ] C:\Windows\System32\ieframe.dll
23:07:38.0554 3920 C:\Windows\System32\ieframe.dll - ok
23:07:38.0554 3920 [ 2ECD9D9087DC15E7AAD130883E665219 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
23:07:38.0554 3920 C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll - ok
23:07:38.0554 3920 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
23:07:38.0554 3920 C:\Windows\SysWOW64\dsound.dll - ok
23:07:38.0554 3920 [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
23:07:38.0554 3920 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
23:07:38.0570 3920 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
23:07:38.0570 3920 C:\Windows\System32\tquery.dll - ok
23:07:38.0570 3920 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
23:07:38.0570 3920 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
23:07:38.0570 3920 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
23:07:38.0570 3920 C:\Windows\SysWOW64\IconCodecService.dll - ok
23:07:38.0570 3920 [ E6318B3E4C465D3E3F97CBB09ADA41F1 ] C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll
23:07:38.0570 3920 C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll - ok
23:07:38.0570 3920 [ 85191F8BBBD2F19DC371B0F56A98405C ] C:\Program Files (x86)\Citrix\ICA Client\wfcwinn.dll
23:07:38.0570 3920 C:\Program Files (x86)\Citrix\ICA Client\wfcwinn.dll - ok
23:07:38.0570 3920 [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
23:07:38.0570 3920 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
23:07:38.0586 3920 [ B80B73C036A4144C8AE7131CA4CD8441 ] C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll
23:07:38.0586 3920 C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll - ok
23:07:38.0586 3920 [ 48D31132F0A3A588FFE7B5D0F7FA7D6A ] C:\Program Files (x86)\Citrix\ICA Client\statuin.dll
23:07:38.0586 3920 C:\Program Files (x86)\Citrix\ICA Client\statuin.dll - ok
23:07:38.0586 3920 [ D2B6D000F901E33C3DED56114AE2CBE4 ] C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll
23:07:38.0586 3920 C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll - ok
23:07:38.0586 3920 [ 92F935051A2339CC14424BD43F4F5505 ] C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll
23:07:38.0586 3920 C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll - ok
23:07:38.0586 3920 [ 6DC7580A651B55128DDAE8A687CA8B73 ] C:\Program Files (x86)\Citrix\ICA Client\icafile.dll
23:07:38.0586 3920 C:\Program Files (x86)\Citrix\ICA Client\icafile.dll - ok
23:07:38.0601 3920 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
23:07:38.0601 3920 C:\Windows\System32\mssrch.dll - ok
23:07:38.0601 3920 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
23:07:38.0601 3920 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
23:07:38.0601 3920 [ 5FD202489FEF9555FD3417C51206F0A2 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll
23:07:38.0601 3920 C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll - ok
23:07:38.0601 3920 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
23:07:38.0601 3920 C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll - ok
23:07:38.0601 3920 [ 508DFBBD0DAAE0FAAA519A8F549B5449 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.dll
23:07:38.0601 3920 C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.dll - ok
23:07:38.0617 3920 [ A04D1D1D004F6EF0C0FBAC38EECAA361 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.dll
23:07:38.0617 3920 C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.dll - ok
23:07:38.0617 3920 [ 2DA48F2C163AB854A7D1041F1209DB8F ] C:\Windows\SysWOW64\ctl3d32.dll
23:07:38.0617 3920 C:\Windows\SysWOW64\ctl3d32.dll - ok
23:07:38.0617 3920 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
23:07:38.0617 3920 C:\Windows\SysWOW64\nlaapi.dll - ok
23:07:38.0617 3920 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
23:07:38.0617 3920 C:\Windows\System32\esent.dll - ok
23:07:38.0617 3920 [ 84B7EB7DEBBB8BAFC83F9CABD9EFF430 ] C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll
23:07:38.0617 3920 C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll - ok
23:07:38.0617 3920 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
23:07:38.0617 3920 C:\Windows\System32\UIAnimation.dll - ok
23:07:38.0632 3920 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
23:07:38.0632 3920 C:\Windows\System32\msidle.dll - ok
23:07:38.0632 3920 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
23:07:38.0632 3920 C:\Windows\System32\mssprxy.dll - ok
23:07:38.0632 3920 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] C:\Program Files\iPod\bin\iPodService.exe
23:07:38.0632 3920 C:\Program Files\iPod\bin\iPodService.exe - ok
23:07:38.0632 3920 [ B4E69051E313551F894C74B12042485D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
23:07:38.0632 3920 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
23:07:38.0632 3920 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
23:07:38.0632 3920 C:\Windows\System32\rasdlg.dll - ok
23:07:38.0648 3920 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
23:07:38.0648 3920 C:\Windows\System32\en-US\tquery.dll.mui - ok
23:07:38.0648 3920 [ 1105A14047A0D99C2770601EB61FBF5C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
23:07:38.0648 3920 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
23:07:38.0648 3920 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
23:07:38.0648 3920 C:\Windows\SysWOW64\sxs.dll - ok
23:07:38.0648 3920 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
23:07:38.0648 3920 C:\Windows\System32\mprapi.dll - ok
23:07:38.0648 3920 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
23:07:38.0648 3920 C:\Windows\System32\wlanhlp.dll - ok
23:07:38.0664 3920 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
23:07:38.0664 3920 C:\Windows\System32\wlanapi.dll - ok
23:07:38.0664 3920 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
23:07:38.0664 3920 C:\Windows\System32\dot3api.dll - ok
23:07:38.0664 3920 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
23:07:38.0664 3920 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
23:07:38.0664 3920 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
23:07:38.0664 3920 C:\Windows\System32\WWanAPI.dll - ok
23:07:38.0664 3920 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
23:07:38.0664 3920 C:\Windows\System32\wwapi.dll - ok
23:07:38.0664 3920 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
23:07:38.0664 3920 C:\Windows\System32\QAGENT.DLL - ok
23:07:38.0679 3920 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
23:07:38.0679 3920 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
23:07:38.0679 3920 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
23:07:38.0679 3920 C:\Windows\System32\wsock32.dll - ok
23:07:38.0679 3920 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
23:07:38.0679 3920 C:\Windows\System32\wmdrmdev.dll - ok
23:07:38.0679 3920 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
23:07:38.0679 3920 C:\Windows\System32\drmv2clt.dll - ok
23:07:38.0679 3920 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
23:07:38.0679 3920 C:\Windows\System32\mfplat.dll - ok
23:07:38.0679 3920 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
23:07:38.0679 3920 C:\Windows\System32\wmp.dll - ok
23:07:38.0695 3920 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
23:07:38.0695 3920 C:\Windows\System32\webcheck.dll - ok
23:07:38.0695 3920 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
23:07:38.0695 3920 C:\Windows\System32\mlang.dll - ok
23:07:38.0695 3920 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
23:07:38.0695 3920 C:\Windows\System32\imapi2.dll - ok
23:07:38.0695 3920 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
23:07:38.0695 3920 C:\Windows\System32\hgcpl.dll - ok
23:07:38.0695 3920 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
23:07:38.0695 3920 C:\Windows\System32\fdWSD.dll - ok
23:07:38.0695 3920 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
23:07:38.0695 3920 C:\Windows\System32\fdSSDP.dll - ok
23:07:38.0710 3920 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
23:07:38.0710 3920 C:\Windows\System32\httpapi.dll - ok
23:07:38.0710 3920 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
23:07:38.0710 3920 C:\Windows\System32\fdProxy.dll - ok
23:07:38.0710 3920 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
23:07:38.0710 3920 C:\Windows\System32\P2P.dll - ok
23:07:38.0710 3920 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
23:07:38.0710 3920 C:\Windows\System32\IdListen.dll - ok
23:07:38.0710 3920 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
23:07:38.0710 3920 C:\Windows\System32\hgprint.dll - ok
23:07:38.0726 3920 [ 66E4246FEF8C364611F9782AA0809F42 ] C:\Program Files\Internet Explorer\ieproxy.dll
23:07:38.0726 3920 C:\Program Files\Internet Explorer\ieproxy.dll - ok
23:07:38.0726 3920 [ 86766A1BBF0E5993E2283ECE0B454177 ] C:\Program Files\mcafee\msk\MskSet64.dll
23:07:38.0726 3920 C:\Program Files\mcafee\msk\MskSet64.dll - ok
23:07:38.0726 3920 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
23:07:38.0726 3920 C:\Windows\System32\P2PGraph.dll - ok
23:07:38.0726 3920 [ 698EB1E5F8C66344D97C00B5699E871D ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
23:07:38.0726 3920 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
23:07:38.0726 3920 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
23:07:38.0726 3920 C:\Windows\AppPatch\AcGenral.dll - ok
23:07:38.0726 3920 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
23:07:38.0726 3920 C:\Windows\SysWOW64\samcli.dll - ok
23:07:38.0742 3920 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
23:07:38.0742 3920 C:\Windows\SysWOW64\netprofm.dll - ok
23:07:38.0742 3920 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
23:07:38.0742 3920 C:\Windows\SysWOW64\npmproxy.dll - ok
23:07:38.0742 3920 [ 7F73235D527DCF16C38578CD1CD9F7A8 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
23:07:38.0742 3920 C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
23:07:38.0742 3920 [ F8D269134EEC097B7E47C818AF4862A7 ] C:\Windows\SysWOW64\ieui.dll
23:07:38.0742 3920 C:\Windows\SysWOW64\ieui.dll - ok
23:07:38.0742 3920 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
23:07:38.0742 3920 C:\Windows\SysWOW64\msimg32.dll - ok
23:07:38.0742 3920 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
23:07:38.0742 3920 C:\Windows\SysWOW64\mssprxy.dll - ok
23:07:38.0757 3920 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
23:07:38.0757 3920 C:\Windows\SysWOW64\xmllite.dll - ok
23:07:38.0757 3920 [ CBC39CAD3421AB71966BDD98ABF847E0 ] C:\Windows\SysWOW64\msfeeds.dll
23:07:38.0757 3920 C:\Windows\SysWOW64\msfeeds.dll - ok
23:07:38.0757 3920 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
23:07:38.0757 3920 C:\Windows\System32\wbem\NCProv.dll - ok
23:07:38.0757 3920 [ F7BC1D90C3A976A5259BD1A5D7D43038 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
23:07:38.0757 3920 C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
23:07:38.0757 3920 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
23:07:38.0757 3920 C:\Windows\SysWOW64\mlang.dll - ok
23:07:38.0757 3920 [ 9352AF851D98380738161620C916A042 ] C:\Windows\SysWOW64\url.dll
23:07:38.0757 3920 C:\Windows\SysWOW64\url.dll - ok
23:07:38.0773 3920 ============================================================
23:07:38.0773 3920 Scan finished
23:07:38.0773 3920 ============================================================
23:07:38.0773 3912 Detected object count: 1
23:07:38.0773 3912 Actual detected object count: 1
23:07:47.0290 3912 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
23:07:47.0290 3912 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
23:08:01.0986 3164 Deinitialize success


aswMBR log

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-09 23:10:26
-----------------------------
23:10:26.535 OS Version: Windows x64 6.1.7601 Service Pack 1
23:10:26.535 Number of processors: 4 586 0x2505
23:10:26.535 ComputerName: WADDILL-DELL UserName: Bernie
23:10:28.095 Initialize success
23:11:56.423 AVAST engine defs: 13030901
23:12:21.991 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:12:21.991 Disk 0 Vendor: WDC_WD10EALX-759BA1 17.01H17 Size: 953869MB BusType: 3
23:12:21.991 Device \Driver\atapi -> MajorFunction fffffa80086cf5e8
23:12:22.022 Disk 0 MBR read successfully
23:12:22.022 Disk 0 MBR scan
23:12:22.038 Disk 0 Windows VISTA default MBR code
23:12:22.038 Disk 0 MBR hidden
23:12:22.038 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
23:12:22.054 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 17214 MB offset 81920
23:12:22.069 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 936614 MB offset 35336192
23:12:22.085 Disk 0 scanning C:\Windows\system32\drivers
23:12:34.471 Service scanning
23:13:00.151 Modules scanning
23:13:00.151 Disk 0 trace - called modules:
23:13:00.151 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80086cf5e8]<<
23:13:00.151 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007c8b060]
23:13:00.166 3 CLASSPNP.SYS[fffff88000fc843f] -> nt!IofCallDriver -> [0xfffffa80079ef480]
23:13:00.166 5 ACPI.sys[fffff88000efe7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80079f9060]
23:13:00.166 \Driver\atapi[0xfffffa80085d5ac0] -> IRP_MJ_CREATE -> 0xfffffa80086cf5e8
23:13:04.519 AVAST engine scan C:\Windows
23:13:21.492 AVAST engine scan C:\Windows\system32
23:16:36.576 AVAST engine scan C:\Windows\system32\drivers
23:17:19.897 AVAST engine scan C:\Users\Bernie
23:22:36.500 AVAST engine scan C:\ProgramData
23:28:02.291 Scan finished successfully
23:28:09.358 Disk 0 MBR has been saved successfully to "C:\Users\Bernie\Desktop\MBR.dat"
23:28:09.358 The log file has been saved successfully to "C:\Users\Bernie\Desktop\aswMBR.txt"


ESET.txt

C:\Users\Bernie\AppData\Local\Temp\APNStub.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Windows\Installer\786df.msi a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined

 

Thanks for your time. Will check back in the morning - Gary



#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 PM

Posted 10 March 2013 - 07:56 AM

Launch TDSSkiller and select CURE for this

 

23:07:47.0290 3912 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip

 

Restart the PC,run TDSSkiller again and post the new log

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.
 

  • Make sure you are connected to the Internet and double-click on the it to install the application.
    When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------



  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.
 

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------
 

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------
 

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:
 


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------
 

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
 

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

Edited by narenxp, 10 March 2013 - 07:57 AM.


#6 milehieagle

milehieagle
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:39 PM

Posted 10 March 2013 - 11:05 AM

Hrere are the new logs -

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.09.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bernie :: WADDILL-DELL [administrator]

3/10/2013 9:23:47 AM
mbam-log-2013-03-10 (09-23-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232395
Time elapsed: 4 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Bernie (administrator) on 10-03-2013 at 09:38:18
Running from "C:\Users\Bernie\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)
SonicWALL Virtual NIC = Local Area Connection 2 (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Local Area Connection" address=192.168.0.247 mask=255.255.255.0


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Waddill-Dell
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.actdsltmp

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 78-2B-CB-8B-42-B1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4428:e8e4:8465:8815%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.28(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, March 10, 2013 9:33:11 AM
   Lease Expires . . . . . . . . . . : Monday, March 11, 2013 9:33:11 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 242756555
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-78-29-6B-78-2B-CB-8B-42-B1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       205.171.3.25
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:10cf:26d0:b454:3b09(Preferred)
   Link-local IPv6 Address . . . . . : fe80::10cf:26d0:b454:3b09%27(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{5DFBEA7D-5498-44A7-BB7B-C50E59CC93A7}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.domain.actdsltmp:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  qwestmodem.domain.actdsltmp
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:400f:801::100e
   74.125.225.201
   74.125.225.206
   74.125.225.192
   74.125.225.193
   74.125.225.194
   74.125.225.195
   74.125.225.196
   74.125.225.197
   74.125.225.198
   74.125.225.199
   74.125.225.200


Pinging google.com [74.125.225.194] with 32 bytes of data:
Reply from 74.125.225.194: bytes=32 time=24ms TTL=57
Reply from 74.125.225.194: bytes=32 time=24ms TTL=57

Ping statistics for 74.125.225.194:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 24ms, Average = 24ms
Server:  qwestmodem.domain.actdsltmp
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  98.138.253.109
   98.139.183.24
   206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=627ms TTL=52
Reply from 98.138.253.109: bytes=32 time=657ms TTL=52

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 627ms, Maximum = 657ms, Average = 642ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...78 2b cb 8b 42 b1 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 27...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.28     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.28    276
     192.168.0.28  255.255.255.255         On-link      192.168.0.28    276
    192.168.0.255  255.255.255.255         On-link      192.168.0.28    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.28    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.28    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 27     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 27     58 2001::/32                On-link
 27    306 2001:0:4137:9e76:10cf:26d0:b454:3b09/128
                                    On-link
 11    276 fe80::/64                On-link
 27    306 fe80::/64                On-link
 27    306 fe80::10cf:26d0:b454:3b09/128
                                    On-link
 11    276 fe80::4428:e8e4:8465:8815/128
                                    On-link
  1    306 ff00::/8                 On-link
 27    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/10/2013 09:34:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 09:22:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 09:02:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 00:16:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x000326d1
Faulting process id: 0xdd0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/10/2013 00:06:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 10:57:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 00:15:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 11:08:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 10:56:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 10:46:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/10/2013 09:06:55 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (03/10/2013 02:18:22 AM) (Source: Service Control Manager) (User: )
Description: The Windows Time service terminated with the following error:
%%1115

Error: (03/10/2013 02:18:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2799494).

Error: (03/09/2013 03:08:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2799494).

Error: (03/09/2013 11:05:07 AM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{395633B1-EED9-4DFC-B67F-9788B51C9F06}

Error: (03/09/2013 10:58:41 AM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (03/09/2013 10:56:51 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (03/09/2013 10:55:51 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (03/09/2013 10:55:51 AM) (Source: DCOM) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (03/09/2013 10:55:04 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (03/10/2013 09:34:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 09:22:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 09:02:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2013 00:16:34 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5ntdll.dll6.1.7601.177254ec49b8fc0000005000326d1dd001ce1d556310aafd\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\ntdll.dll0e2d9408-894a-11e2-b3c8-782bcb8b42b1

Error: (03/10/2013 00:06:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 10:57:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 00:15:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 11:08:11 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 10:56:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2013 10:46:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-03-08 23:56:14.715
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-08 23:56:14.700
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-08 23:56:14.700
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-07 15:14:09.805
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\SETF5A9.tmp because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-07 15:14:09.805
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\SETF5A9.tmp because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader X (10.1.6) MUI (Version: 10.1.6)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Avery Template (Version: 2.0.0.0)
Belkin N300 Micro USB Wireless Adapter (Version: 1.00.0155)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Cisco WebEx Meetings
Citrix online plug-in - web (Version: 11.2.0.31560)
Citrix online plug-in (DV) (Version: 11.2.0.31560)
Citrix online plug-in (HDX) (Version: 11.2.0.31560)
Citrix online plug-in (USB) (Version: 11.2.0.31560)
Citrix online plug-in (Web) (Version: 11.2.0.31560)
Consumer In-Home Service Agreement (Version: 2.0.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Marketplace Webslice IE8 (Version: 8.0)
Dell MusicStage (Version: 1.4.162.0)
Dell PhotoStage (Version: 1.5.0.30)
Dell Stage (Version: 1.7.209.0)
Dell Support Center (Version: 3.2.6032.125)
Dell VideoStage (Version: 1.1.1.1408)
DirectX 9 Runtime (Version: 1.00.0000)
ESET Online Scanner v3
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
FingerTec TCMS v2.2 (Version: 2.2.022)
I.R.I.S. OCR (Version: 12.3.4.0)
Intel® Processor Graphics (Version: 8.15.10.2827)
Internet Explorer (Enable DEP)
Internet Explorer (Version: 8)
iTunes (Version: 11.0.2.26)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Luxor (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee SecurityCenter (Version: 11.6.477)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.6.915.87)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
PDF Settings (Version: 1.0)
Penguins! (Version: 2.2.0.95)
PhotoShowExpress (Version: 2.0.063)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Samantha Swift (Version: 2.2.0.95)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SonicWALL Global VPN Client (Version: 4.7.3)
TrustedID (Version: 5.0)
TweetDeck (Version: 1.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wedding Dash - Ready, Aim, Love! (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.2.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma Deluxe (Version: 2.2.0.95)

========================= Devices: ================================

Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 7991.12 MB
Available physical RAM: 6017.91 MB
Total Pagefile: 15980.43 MB
Available Pagefile: 13804.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.22 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:914.66 GB) (Free:816.29 GB) NTFS

========================= Users: ========================================

User accounts for \\WADDILL-DELL

Administrator            ASPNET                   Bernie                  
Guest                   


**** End of log ****

 

 

Farbar Service Scanner Version: 03-03-2013
Ran by Bernie (administrator) on 10-03-2013 at 09:40:02
Running from "C:\Users\Bernie\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

# AdwCleaner v2.114 - Logfile created 03/10/2013 at 09:40:55
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Bernie - WADDILL-DELL
# Boot Mode : Normal
# Running from : C:\Users\Bernie\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [852 octets] - [10/03/2013 09:40:55]

########## EOF - C:\AdwCleaner[S1].txt - [911 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Professional x64
Ran by Bernie on Sun 03/10/2013 at  9:45:45.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/10/2013 at  9:50:58.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/10/2013 09:58:28 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Bernie\Desktop\rkill\rkill-03-10-2013-09-58-32.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 03/10/2013 09:58:39 AM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

 

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DellStage" "Dell Stage" "" "c:\program files (x86)\dell stage\dell stage\stage_primary.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AccuWeatherWidget" "AccuWeather.com desktop weather widget" "" "c:\program files (x86)\dell stage\dell stage\accuweather\accuweather.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 10.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "ConnectionCenter" "Citrix online plug-in Connection Center" "Citrix Systems, Inc." "c:\program files (x86)\citrix\ica client\concentr.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "RoxWatchTray" "RoxMMTrayApp Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatchtray12oem.exe"
+ "ShwiconXP9106" "IconUtility ShwiconXP Application" "Alcor Micro Corp." "c:\program files (x86)\multimedia card reader(9106)\shwiconxp9106.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" "" "" "File not found: C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "" "" "File not found: C:\Users\Bernie\AppData\Local\Akamai\netsession_win.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files\roxio\roxio burn\rb_contextmenu64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\roxio\oem\roxio burn\rb_contextmenu.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files\Java\jre6\bin\jp2ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "McAfee Phishing Filter" "" "" "c:\program files\mcafee\msk\mskapbho.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "SmartPrint" "HP Smart Print Setup" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\smartprint\smartprintsetup.exe"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.6 r602" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\PCDoctorBackgroundMonitorTask-Retry" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Macrovision Europe Ltd." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "McAWFwk" "McAfee Activation Service" "McAfee, Inc." "c:\program files\mcafee\msc\mcawfwk.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RoxMediaDB12OEM" "Roxio RoxMediaDB12OEM Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxmediadb12oem.exe"
+ "RoxWatch12" "RoxWatch12 Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatch12oem.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "SWGVCSvc" "Provides services for the SonicWALL Global VPN Client." "SonicWALL, Inc." "c:\program files\sonicwall\sonicwall global vpn client\swgvcsvc.exe"
+ "TCMSv2 Synchronise Service" "" "" "c:\program files (x86)\fingertec worldwide\tcmsv2\syncservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BVRPMPR5a64" "BVRP NDIS 5.0 MPR Protocol Driver" "Avanquest Software" "c:\windows\system32\drivers\bvrpmpr5a64.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpudrv64" "" "" "File not found: C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys"
+ "ctxusbm" "Citrix USB Filter Driver" "Citrix Systems, Inc." "c:\windows\system32\drivers\ctxusbm.sys"
+ "DNE" "DNE LightWeight Filter" "Citrix Systems, Inc." "c:\windows\system32\drivers\dnelwf64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfehidk01" "" "" "File not found: \Device\mfehidk01.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8192cu" "Realtek RTL8192C USB NDIS Driver" "Realtek Semiconductor Corporation                           " "c:\windows\system32\drivers\rtl8192cu.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SWIPsec" "SonicWALL VPN Client IPsec Driver" "SonicWALL, Inc." "c:\windows\system32\drivers\swipsec.sys"
+ "SWVNIC" "SonicWALL Virtual NIC" "SonicWALL, Inc." "c:\windows\system32\drivers\swvnic.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Half Size to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmwriter.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mediaanalyser.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic" "c:\program files (x86)\roxio\oem\videocore 12\roxfilewriterwrapper.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmasync.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mgirawwriter.dll"
+ "Roxio RealD to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mginullip.ax"
+ "Roxio StereoSource Cropper" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Integrate" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Video Rotater," "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mvwcdsutil.dll"
+ "Sonic Audio Resampler" "Audio Resampler Direct Show Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_trans_audio_samplerate_ds.ax"
+ "Sonic Cinemaster® Audio Decoder 4.3 (No Dolby)" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemasteraudiond.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC12)" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\oem\common\sonichddemuxer.dll"
+ "Sonic MPEG Multiplexer" "MPEG Multiplexer-Plus DS Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_mux_mp2_ds.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\c12oem_dec_mp2v_ds.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files (x86)\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 5912 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts5912lm.dll"
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
+ "PCL hpz3lwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3lwn7.dll"
 



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 PM

Posted 10 March 2013 - 11:36 AM

Adware cleaner log,Junkware log?

 

Run TDSSkiller and malwarebytes once again and post the new log.



#8 milehieagle

milehieagle
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:39 PM

Posted 10 March 2013 - 11:52 AM

# AdwCleaner v2.114 - Logfile created 03/10/2013 at 09:40:55
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Bernie - WADDILL-DELL
# Boot Mode : Normal
# Running from : C:\Users\Bernie\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [852 octets] - [10/03/2013 09:40:55]

########## EOF - C:\AdwCleaner[S1].txt - [911 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Professional x64
Ran by Bernie on Sun 03/10/2013 at  9:45:45.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/10/2013 at  9:50:58.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.09.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bernie :: WADDILL-DELL [administrator]

3/10/2013 10:41:29 AM
mbam-log-2013-03-10 (10-41-29).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232331
Time elapsed: 3 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

TDSSkiller showed no results. Do I need to check Loaded Modules and Detect TDLFS file system and reboot or is a normal scan sufficient?



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 PM

Posted 10 March 2013 - 12:05 PM

Normal scan is sufficient



#10 milehieagle

milehieagle
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:39 PM

Posted 10 March 2013 - 12:07 PM

Ok. Logs are posted above your reply. Thanks again - Gary



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 PM

Posted 10 March 2013 - 12:11 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)



#12 milehieagle

milehieagle
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:39 PM

Posted 10 March 2013 - 12:20 PM

Pardon my ignorance, "Remove temporary and junk files" Are you refering to what have been downloaded and used in this process?



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 PM

Posted 10 March 2013 - 12:21 PM

That was a title for these steps :P

 


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

 



#14 milehieagle

milehieagle
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:39 PM

Posted 10 March 2013 - 12:23 PM

Got it. Thank you very very much much! Really appreciate your help :).



#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 PM

Posted 10 March 2013 - 12:24 PM

:welcome:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users