Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

bluescreen after redirect trojans quarantined. I am in safemode now.


  • Please log in to reply
22 replies to this topic

#1 surf

surf

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 31 March 2013 - 03:16 PM

I had the redirect virus. malwarebytes found and quarantined 11 trojans. Then the bluescreens started in. I have the last 5 minidumps zipped up. Any help on what to do now to fix would be great.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:32 PM

Posted 31 March 2013 - 09:35 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run
  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please post the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply
  • Due to forum upgrade you may face issues posting the TDSSkiller log.Just last few lines of log is sufficient

===================================================

RKILL
  • Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another.) and save it to your desktop:
  • Link 1
  • Link 2

  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================

ESET Online Scanner

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    esetsmartinstaller_enu.png

    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button

===================================================

Junkware Removal Tool by thisisu
  • Please download Junkware Removal Tool
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply.

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • TDSSKiller log
  • RKILL log
  • ESET log
  • Junkware removal tool log


 



#3 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 01 April 2013 - 10:33 PM

Here is the rkill log. I am running the est now.

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/01/2013 10:29:29 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 108) [UP-HEUR]
 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 3268) [UP-HEUR]
 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 4960) [UP-HEUR]
 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 3980) [UP-HEUR]
 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 4308) [UP-HEUR]
 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 4320) [UP-HEUR]
 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 4372) [UP-HEUR]
 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 5904) [UP-HEUR]
 * C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe (PID: 4596) [UP-HEUR]

9 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA

Reg Hijack]
     * HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA

Reg Hijack]
     * C:\$Recycle.Bin\S-1-5-18\$fac262f162428134761cf949aef88739\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-18\$fac262f162428134761cf949aef88739\@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$fac262f162428134761cf949aef88739\L\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-18\$fac262f162428134761cf949aef88739\L\00000004.@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$fac262f162428134761cf949aef88739\L\201d3dde [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$fac262f162428134761cf949aef88739\L\76603ac3 [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$fac262f162428134761cf949aef88739\U\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-266725863-3690335571-4066993543-1001\

$fac262f162428134761cf949aef88739\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-266725863-3690335571-4066993543-1001\

$fac262f162428134761cf949aef88739\@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-21-266725863-3690335571-4066993543-1001\

$fac262f162428134761cf949aef88739\L\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-266725863-3690335571-4066993543-1001\

$fac262f162428134761cf949aef88739\U\ [ZA Dir]
     * C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
     * C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

 * BFE [Missing Service]
 * BITS [Missing Service]
 * iphlpsvc [Missing Service]
 * MpsSvc [Missing Service]
 * WinDefend [Missing Service]
 * wscsvc [Missing Service]
 * wuauserv [Missing Service]

 * SharedAccess [Missing ImagePath]

 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 04/01/2013 10:29:58 PM
Execution time: 0 hours(s), 0 minute(s), and 28 seconds(s)



#4 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 01 April 2013 - 10:41 PM

I thought i sent the tdsskiller that i ran, but i dont see that now. there were 4 items to skip. here is the second one i ran

22:38:00.0505 4900 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

22:38:00.0982 4900 ============================================================

22:38:00.0982 4900 Current date / time: 2013/04/01 22:38:00.0982

22:38:00.0982 4900 SystemInfo:

22:38:00.0982 4900

22:38:00.0982 4900 OS Version: 6.1.7601 ServicePack: 1.0

22:38:00.0982 4900 Product type: Workstation

22:38:00.0982 4900 ComputerName: CLIENT-PC

22:38:00.0982 4900 UserName: CLIENT

22:38:00.0983 4900 Windows directory: C:\Windows

22:38:00.0983 4900 System windows directory: C:\Windows

22:38:00.0983 4900 Running under WOW64

22:38:00.0983 4900 Processor architecture: Intel x64

22:38:00.0983 4900 Number of processors: 2

22:38:00.0983 4900 Page size: 0x1000

22:38:00.0983 4900 Boot type: Normal boot

22:38:00.0983 4900 ============================================================

22:38:02.0159 4900 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

22:38:02.0179 4900 ============================================================

22:38:02.0179 4900 \Device\Harddisk0\DR0:

22:38:02.0191 4900 MBR partitions:

22:38:02.0191 4900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

22:38:02.0191 4900 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353030

22:38:02.0191 4900 ============================================================

22:38:02.0242 4900 C: <-> \Device\Harddisk0\DR0\Partition2

22:38:02.0242 4900 ============================================================

22:38:02.0242 4900 Initialize success

22:38:02.0242 4900 ============================================================

22:38:03.0439 4768 ============================================================

22:38:03.0439 4768 Scan started

22:38:03.0439 4768 Mode: Manual;

22:38:03.0439 4768 ============================================================

22:38:07.0550 4768 ================ Scan system memory ========================

22:38:07.0550 4768 System memory - ok

22:38:07.0550 4768 ================ Scan services =============================

22:38:07.0748 4768 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

22:38:07.0752 4768 1394ohci - ok

22:38:07.0772 4768 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

22:38:07.0775 4768 ACPI - ok

22:38:07.0790 4768 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

22:38:07.0798 4768 AcpiPmi - ok

22:38:07.0933 4768 [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

22:38:07.0937 4768 AdobeActiveFileMonitor10.0 - ok

22:38:07.0997 4768 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

22:38:07.0999 4768 AdobeARMservice - ok

22:38:08.0080 4768 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

22:38:08.0084 4768 AdobeFlashPlayerUpdateSvc - ok

22:38:08.0122 4768 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

22:38:08.0128 4768 adp94xx - ok

22:38:08.0160 4768 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

22:38:08.0164 4768 adpahci - ok

22:38:08.0176 4768 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

22:38:08.0179 4768 adpu320 - ok

22:38:08.0207 4768 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

22:38:08.0209 4768 AeLookupSvc - ok

22:38:08.0271 4768 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

22:38:08.0276 4768 AFD - ok

22:38:08.0309 4768 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

22:38:08.0310 4768 agp440 - ok

22:38:08.0334 4768 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

22:38:08.0335 4768 ALG - ok

22:38:08.0366 4768 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

22:38:08.0367 4768 aliide - ok

22:38:08.0378 4768 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

22:38:08.0380 4768 amdide - ok

22:38:08.0413 4768 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

22:38:08.0415 4768 AmdK8 - ok

22:38:08.0432 4768 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

22:38:08.0433 4768 AmdPPM - ok

22:38:08.0461 4768 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

22:38:08.0463 4768 amdsata - ok

22:38:08.0483 4768 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

22:38:08.0487 4768 amdsbs - ok

22:38:08.0505 4768 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

22:38:08.0506 4768 amdxata - ok

22:38:08.0556 4768 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

22:38:08.0558 4768 AppID - ok

22:38:08.0584 4768 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

22:38:08.0585 4768 AppIDSvc - ok

22:38:08.0614 4768 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

22:38:08.0616 4768 Appinfo - ok

22:38:08.0647 4768 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

22:38:08.0649 4768 arc - ok

22:38:08.0662 4768 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

22:38:08.0665 4768 arcsas - ok

22:38:08.0689 4768 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

22:38:08.0690 4768 AsyncMac - ok

22:38:08.0722 4768 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

22:38:08.0723 4768 atapi - ok

22:38:08.0751 4768 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

22:38:08.0758 4768 AudioEndpointBuilder - ok

22:38:08.0771 4768 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

22:38:08.0775 4768 AudioSrv - ok

22:38:08.0802 4768 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

22:38:08.0804 4768 AxInstSV - ok

22:38:08.0820 4768 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

22:38:08.0825 4768 b06bdrv - ok

22:38:08.0838 4768 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

22:38:08.0841 4768 b57nd60a - ok

22:38:08.0861 4768 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

22:38:08.0862 4768 BDESVC - ok

22:38:08.0877 4768 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

22:38:08.0878 4768 Beep - ok

22:38:08.0893 4768 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

22:38:08.0895 4768 blbdrive - ok

22:38:08.0918 4768 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

22:38:08.0921 4768 bowser - ok

22:38:08.0939 4768 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

22:38:08.0941 4768 BrFiltLo - ok

22:38:08.0954 4768 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

22:38:08.0955 4768 BrFiltUp - ok

22:38:09.0010 4768 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

22:38:09.0012 4768 BridgeMP - ok

22:38:09.0034 4768 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

22:38:09.0036 4768 Browser - ok

22:38:09.0059 4768 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

22:38:09.0062 4768 Brserid - ok

22:38:09.0081 4768 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

22:38:09.0082 4768 BrSerWdm - ok

22:38:09.0095 4768 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

22:38:09.0096 4768 BrUsbMdm - ok

22:38:09.0109 4768 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

22:38:09.0111 4768 BrUsbSer - ok

22:38:09.0122 4768 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

22:38:09.0123 4768 BTHMODEM - ok

22:38:09.0153 4768 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

22:38:09.0154 4768 bthserv - ok

22:38:09.0181 4768 catchme - ok

22:38:09.0208 4768 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

22:38:09.0210 4768 cdfs - ok

22:38:09.0240 4768 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

22:38:09.0242 4768 cdrom - ok

22:38:09.0267 4768 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

22:38:09.0268 4768 CertPropSvc - ok

22:38:09.0285 4768 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

22:38:09.0286 4768 circlass - ok

22:38:09.0312 4768 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

22:38:09.0316 4768 CLFS - ok

22:38:09.0377 4768 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:38:09.0381 4768 clr_optimization_v2.0.50727_32 - ok

22:38:09.0418 4768 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

22:38:09.0422 4768 clr_optimization_v2.0.50727_64 - ok

22:38:09.0491 4768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:38:09.0514 4768 clr_optimization_v4.0.30319_32 - ok

22:38:09.0554 4768 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

22:38:09.0558 4768 clr_optimization_v4.0.30319_64 - ok

22:38:09.0582 4768 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

22:38:09.0583 4768 CmBatt - ok

22:38:09.0601 4768 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

22:38:09.0603 4768 cmdide - ok

22:38:09.0638 4768 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

22:38:09.0675 4768 CNG - ok

22:38:09.0697 4768 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

22:38:09.0698 4768 Compbatt - ok

22:38:09.0735 4768 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

22:38:09.0750 4768 CompositeBus - ok

22:38:09.0781 4768 COMSysApp - ok

22:38:09.0815 4768 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

22:38:09.0816 4768 crcdisk - ok

22:38:09.0863 4768 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

22:38:09.0866 4768 CryptSvc - ok

22:38:09.0933 4768 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

22:38:09.0942 4768 cvhsvc - ok

22:38:09.0971 4768 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

22:38:09.0975 4768 DcomLaunch - ok

22:38:10.0004 4768 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

22:38:10.0009 4768 defragsvc - ok

22:38:10.0049 4768 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

22:38:10.0052 4768 DfsC - ok

22:38:10.0145 4768 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

22:38:10.0148 4768 Dhcp - ok

22:38:10.0189 4768 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

22:38:10.0190 4768 discache - ok

22:38:10.0268 4768 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

22:38:10.0270 4768 Disk - ok

22:38:10.0331 4768 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

22:38:10.0334 4768 Dnscache - ok

22:38:10.0367 4768 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

22:38:10.0371 4768 dot3svc - ok

22:38:10.0439 4768 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

22:38:10.0442 4768 Dot4 - ok

22:38:10.0506 4768 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

22:38:10.0524 4768 Dot4Print - ok

22:38:10.0605 4768 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

22:38:10.0607 4768 dot4usb - ok

22:38:10.0638 4768 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

22:38:10.0641 4768 DPS - ok

22:38:10.0695 4768 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

22:38:10.0716 4768 drmkaud - ok

22:38:10.0904 4768 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

22:38:10.0947 4768 DXGKrnl - ok

22:38:11.0000 4768 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

22:38:11.0002 4768 EapHost - ok

22:38:11.0313 4768 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

22:38:11.0367 4768 ebdrv - ok

22:38:11.0412 4768 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

22:38:11.0413 4768 EFS - ok

22:38:11.0590 4768 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

22:38:11.0598 4768 ehRecvr - ok

22:38:11.0632 4768 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

22:38:11.0635 4768 ehSched - ok

22:38:11.0701 4768 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

22:38:11.0708 4768 elxstor - ok

22:38:11.0730 4768 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

22:38:11.0731 4768 ErrDev - ok

22:38:11.0850 4768 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

22:38:11.0855 4768 EventSystem - ok

22:38:11.0893 4768 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

22:38:11.0895 4768 exfat - ok

22:38:11.0909 4768 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

22:38:11.0911 4768 fastfat - ok

22:38:11.0946 4768 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

22:38:11.0953 4768 Fax - ok

22:38:11.0968 4768 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

22:38:11.0969 4768 fdc - ok

22:38:11.0994 4768 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

22:38:11.0995 4768 fdPHost - ok

22:38:12.0006 4768 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

22:38:12.0007 4768 FDResPub - ok

22:38:12.0022 4768 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

22:38:12.0023 4768 FileInfo - ok

22:38:12.0042 4768 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

22:38:12.0043 4768 Filetrace - ok

22:38:12.0058 4768 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

22:38:12.0059 4768 flpydisk - ok

22:38:12.0077 4768 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

22:38:12.0082 4768 FltMgr - ok

22:38:12.0127 4768 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

22:38:12.0145 4768 FontCache - ok

22:38:12.0182 4768 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

22:38:12.0184 4768 FontCache3.0.0.0 - ok

22:38:12.0198 4768 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

22:38:12.0200 4768 FsDepends - ok

22:38:12.0224 4768 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

22:38:12.0225 4768 Fs_Rec - ok

22:38:12.0265 4768 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

22:38:12.0268 4768 fvevol - ok

22:38:12.0271 4768 FXDrv32 - ok

22:38:12.0299 4768 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

22:38:12.0301 4768 gagp30kx - ok

22:38:12.0333 4768 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

22:38:12.0340 4768 gpsvc - ok

22:38:12.0396 4768 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

22:38:12.0398 4768 gupdate - ok

22:38:12.0407 4768 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

22:38:12.0408 4768 gupdatem - ok

22:38:12.0449 4768 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

22:38:12.0453 4768 gusvc - ok

22:38:12.0469 4768 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

22:38:12.0471 4768 hcw85cir - ok

22:38:12.0515 4768 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

22:38:12.0520 4768 HdAudAddService - ok

22:38:12.0545 4768 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

22:38:12.0547 4768 HDAudBus - ok

22:38:12.0566 4768 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

22:38:12.0567 4768 HidBatt - ok

22:38:12.0587 4768 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

22:38:12.0590 4768 HidBth - ok

22:38:12.0607 4768 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

22:38:12.0608 4768 HidIr - ok

22:38:12.0631 4768 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

22:38:12.0633 4768 hidserv - ok

22:38:12.0652 4768 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

22:38:12.0653 4768 HidUsb - ok

22:38:12.0680 4768 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

22:38:12.0681 4768 hkmsvc - ok

22:38:12.0711 4768 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

22:38:12.0717 4768 HomeGroupListener - ok

22:38:12.0761 4768 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

22:38:12.0764 4768 HomeGroupProvider - ok

22:38:12.0817 4768 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

22:38:12.0840 4768 HpSAMD - ok

22:38:12.0888 4768 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

22:38:12.0895 4768 HTTP - ok

22:38:12.0919 4768 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

22:38:12.0920 4768 hwpolicy - ok

22:38:12.0944 4768 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

22:38:12.0946 4768 i8042prt - ok

22:38:12.0977 4768 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

22:38:12.0983 4768 iaStorV - ok

22:38:13.0045 4768 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

22:38:13.0048 4768 IDriverT - ok

22:38:13.0087 4768 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

22:38:13.0097 4768 idsvc - ok

22:38:13.0128 4768 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

22:38:13.0130 4768 iirsp - ok

22:38:13.0187 4768 [ F82BC30BB2B608AF8B5540CDBAEA93A6 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

22:38:13.0189 4768 IJPLMSVC - ok

22:38:13.0232 4768 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

22:38:13.0241 4768 IKEEXT - ok

22:38:13.0308 4768 [ 5BA1779E2C84FDE2A5E201FFF9C42C9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

22:38:13.0359 4768 IntcAzAudAddService - ok

22:38:13.0385 4768 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

22:38:13.0387 4768 intelide - ok

22:38:13.0419 4768 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

22:38:13.0421 4768 intelppm - ok

22:38:13.0450 4768 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

22:38:13.0452 4768 IPBusEnum - ok

22:38:13.0482 4768 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

22:38:13.0486 4768 IpFilterDriver - ok

22:38:13.0519 4768 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

22:38:13.0522 4768 IPMIDRV - ok

22:38:13.0543 4768 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

22:38:13.0545 4768 IPNAT - ok

22:38:13.0571 4768 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

22:38:13.0573 4768 IRENUM - ok

22:38:13.0590 4768 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

22:38:13.0591 4768 isapnp - ok

22:38:13.0638 4768 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

22:38:13.0641 4768 iScsiPrt - ok

22:38:13.0664 4768 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

22:38:13.0666 4768 kbdclass - ok

22:38:13.0680 4768 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

22:38:13.0682 4768 kbdhid - ok

22:38:13.0701 4768 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

22:38:13.0702 4768 KeyIso - ok

22:38:13.0726 4768 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

22:38:13.0729 4768 KSecDD - ok

22:38:13.0760 4768 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

22:38:13.0762 4768 KSecPkg - ok

22:38:13.0792 4768 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

22:38:13.0794 4768 ksthunk - ok

22:38:13.0828 4768 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

22:38:13.0834 4768 KtmRm - ok

22:38:13.0858 4768 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

22:38:13.0862 4768 LanmanServer - ok

22:38:13.0895 4768 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

22:38:13.0898 4768 LanmanWorkstation - ok

22:38:13.0918 4768 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

22:38:13.0920 4768 lltdio - ok

22:38:13.0943 4768 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

22:38:13.0948 4768 lltdsvc - ok

22:38:13.0965 4768 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

22:38:13.0967 4768 lmhosts - ok

22:38:14.0001 4768 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

22:38:14.0004 4768 LSI_FC - ok

22:38:14.0014 4768 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

22:38:14.0015 4768 LSI_SAS - ok

22:38:14.0042 4768 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

22:38:14.0044 4768 LSI_SAS2 - ok

22:38:14.0064 4768 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

22:38:14.0065 4768 LSI_SCSI - ok

22:38:14.0082 4768 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

22:38:14.0083 4768 luafv - ok

22:38:14.0145 4768 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

22:38:14.0147 4768 MBAMProtector - ok

22:38:14.0214 4768 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

22:38:14.0218 4768 MBAMScheduler - ok

22:38:14.0252 4768 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

22:38:14.0259 4768 MBAMService - ok

22:38:14.0288 4768 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

22:38:14.0290 4768 Mcx2Svc - ok

22:38:14.0317 4768 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

22:38:14.0319 4768 megasas - ok

22:38:14.0339 4768 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

22:38:14.0342 4768 MegaSR - ok

22:38:14.0369 4768 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

22:38:14.0371 4768 MMCSS - ok

22:38:14.0387 4768 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

22:38:14.0389 4768 Modem - ok

22:38:14.0411 4768 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

22:38:14.0411 4768 monitor - ok

22:38:14.0425 4768 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

22:38:14.0426 4768 mouclass - ok

22:38:14.0444 4768 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

22:38:14.0446 4768 mouhid - ok

22:38:14.0477 4768 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

22:38:14.0479 4768 mountmgr - ok

22:38:14.0530 4768 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

22:38:14.0532 4768 MpFilter - ok

22:38:14.0557 4768 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

22:38:14.0560 4768 mpio - ok

22:38:14.0580 4768 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

22:38:14.0582 4768 mpsdrv - ok

22:38:14.0609 4768 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

22:38:14.0611 4768 MRxDAV - ok

22:38:14.0640 4768 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

22:38:14.0643 4768 mrxsmb - ok

22:38:14.0664 4768 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

22:38:14.0668 4768 mrxsmb10 - ok

22:38:14.0684 4768 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

22:38:14.0686 4768 mrxsmb20 - ok

22:38:14.0695 4768 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

22:38:14.0696 4768 msahci - ok

22:38:14.0711 4768 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

22:38:14.0713 4768 msdsm - ok

22:38:14.0723 4768 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

22:38:14.0726 4768 MSDTC - ok

22:38:14.0758 4768 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

22:38:14.0759 4768 Msfs - ok

22:38:14.0775 4768 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

22:38:14.0778 4768 mshidkmdf - ok

22:38:14.0796 4768 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

22:38:14.0798 4768 msisadrv - ok

22:38:14.0826 4768 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

22:38:14.0829 4768 MSiSCSI - ok

22:38:14.0834 4768 msiserver - ok

22:38:14.0859 4768 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

22:38:14.0860 4768 MSKSSRV - ok

22:38:14.0899 4768 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

22:38:14.0901 4768 MsMpSvc - ok

22:38:14.0911 4768 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

22:38:14.0912 4768 MSPCLOCK - ok

22:38:14.0926 4768 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

22:38:14.0927 4768 MSPQM - ok

22:38:14.0955 4768 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

22:38:14.0959 4768 MsRPC - ok

22:38:14.0972 4768 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

22:38:14.0973 4768 mssmbios - ok

22:38:14.0987 4768 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

22:38:14.0989 4768 MSTEE - ok

22:38:14.0997 4768 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

22:38:15.0000 4768 MTConfig - ok

22:38:15.0014 4768 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

22:38:15.0017 4768 Mup - ok

22:38:15.0048 4768 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

22:38:15.0054 4768 napagent - ok

22:38:15.0078 4768 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

22:38:15.0084 4768 NativeWifiP - ok

22:38:15.0123 4768 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

22:38:15.0132 4768 NDIS - ok

22:38:15.0148 4768 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

22:38:15.0149 4768 NdisCap - ok

22:38:15.0173 4768 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

22:38:15.0175 4768 NdisTapi - ok

22:38:15.0198 4768 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

22:38:15.0200 4768 Ndisuio - ok

22:38:15.0217 4768 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

22:38:15.0220 4768 NdisWan - ok

22:38:15.0235 4768 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

22:38:15.0239 4768 NDProxy - ok

22:38:15.0271 4768 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

22:38:15.0273 4768 Net Driver HPZ12 - ok

22:38:15.0283 4768 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

22:38:15.0285 4768 NetBIOS - ok

22:38:15.0310 4768 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

22:38:15.0318 4768 NetBT - ok

22:38:15.0333 4768 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

22:38:15.0334 4768 Netlogon - ok

22:38:15.0366 4768 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

22:38:15.0371 4768 Netman - ok

22:38:15.0382 4768 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

22:38:15.0388 4768 netprofm - ok

22:38:15.0411 4768 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:38:15.0413 4768 NetTcpPortSharing - ok

22:38:15.0426 4768 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

22:38:15.0428 4768 nfrd960 - ok

22:38:15.0453 4768 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

22:38:15.0465 4768 NisDrv - ok

22:38:15.0488 4768 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

22:38:15.0494 4768 NisSrv - ok

22:38:15.0517 4768 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

22:38:15.0521 4768 NlaSvc - ok

22:38:15.0576 4768 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

22:38:15.0585 4768 NMIndexingService - ok

22:38:15.0600 4768 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

22:38:15.0602 4768 Npfs - ok

22:38:15.0615 4768 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

22:38:15.0618 4768 nsi - ok

22:38:15.0643 4768 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

22:38:15.0648 4768 nsiproxy - ok

22:38:15.0695 4768 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

22:38:15.0722 4768 Ntfs - ok

22:38:15.0754 4768 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

22:38:15.0755 4768 Null - ok

22:38:15.0944 4768 [ AA0828F3223E1A2952F80A8D2047DD40 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

22:38:16.0105 4768 nvlddmkm - ok

22:38:16.0141 4768 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

22:38:16.0144 4768 nvraid - ok

22:38:16.0193 4768 [ E58D81FB8616D0CB55C1E36AA0B213C9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys

22:38:16.0193 4768 nvsmu - ok

22:38:16.0212 4768 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

22:38:16.0215 4768 nvstor - ok

22:38:16.0244 4768 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys

22:38:16.0245 4768 nvstor64 - ok

22:38:16.0295 4768 [ 57D0D222A9F22113FE3B55488DBFD761 ] nvsvc C:\Windows\system32\nvvsvc.exe

22:38:16.0298 4768 nvsvc - ok

22:38:16.0315 4768 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

22:38:16.0318 4768 nv_agp - ok

22:38:16.0343 4768 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

22:38:16.0345 4768 ohci1394 - ok

22:38:16.0376 4768 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:38:16.0380 4768 ose - ok

22:38:16.0495 4768 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

22:38:16.0583 4768 osppsvc - ok

22:38:16.0617 4768 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

22:38:16.0621 4768 p2pimsvc - ok

22:38:16.0647 4768 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

22:38:16.0658 4768 p2psvc - ok

22:38:16.0691 4768 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

22:38:16.0693 4768 Parport - ok

22:38:16.0722 4768 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

22:38:16.0724 4768 partmgr - ok

22:38:16.0737 4768 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

22:38:16.0740 4768 PcaSvc - ok

22:38:16.0764 4768 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

22:38:16.0766 4768 pci - ok

22:38:16.0787 4768 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

22:38:16.0789 4768 pciide - ok

22:38:16.0813 4768 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

22:38:16.0816 4768 pcmcia - ok

22:38:16.0830 4768 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

22:38:16.0832 4768 pcw - ok

22:38:16.0853 4768 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

22:38:16.0860 4768 PEAUTH - ok

22:38:16.0908 4768 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

22:38:16.0910 4768 PerfHost - ok

22:38:16.0964 4768 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

22:38:16.0990 4768 pla - ok

22:38:17.0027 4768 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

22:38:17.0032 4768 PlugPlay - ok

22:38:17.0067 4768 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

22:38:17.0069 4768 Pml Driver HPZ12 - ok

22:38:17.0090 4768 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

22:38:17.0092 4768 PNRPAutoReg - ok

22:38:17.0117 4768 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

22:38:17.0119 4768 PNRPsvc - ok

22:38:17.0144 4768 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

22:38:17.0150 4768 PolicyAgent - ok

22:38:17.0186 4768 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

22:38:17.0189 4768 Power - ok

22:38:17.0214 4768 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

22:38:17.0216 4768 PptpMiniport - ok

22:38:17.0240 4768 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

22:38:17.0242 4768 Processor - ok

22:38:17.0280 4768 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

22:38:17.0283 4768 ProfSvc - ok

22:38:17.0298 4768 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

22:38:17.0299 4768 ProtectedStorage - ok

22:38:17.0334 4768 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

22:38:17.0336 4768 Psched - ok

22:38:17.0405 4768 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

22:38:17.0407 4768 PxHlpa64 - ok

22:38:17.0449 4768 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

22:38:17.0476 4768 ql2300 - ok

22:38:17.0505 4768 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

22:38:17.0507 4768 ql40xx - ok

22:38:17.0533 4768 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

22:38:17.0537 4768 QWAVE - ok

22:38:17.0559 4768 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

22:38:17.0561 4768 QWAVEdrv - ok

22:38:17.0576 4768 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

22:38:17.0578 4768 RasAcd - ok

22:38:17.0613 4768 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

22:38:17.0615 4768 RasAgileVpn - ok

22:38:17.0633 4768 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

22:38:17.0637 4768 RasAuto - ok

22:38:17.0673 4768 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

22:38:17.0674 4768 Rasl2tp - ok

22:38:17.0690 4768 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

22:38:17.0695 4768 RasMan - ok

22:38:17.0711 4768 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

22:38:17.0713 4768 RasPppoe - ok

22:38:17.0734 4768 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

22:38:17.0738 4768 RasSstp - ok

22:38:17.0755 4768 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

22:38:17.0759 4768 rdbss - ok

22:38:17.0778 4768 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

22:38:17.0780 4768 rdpbus - ok

22:38:17.0796 4768 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

22:38:17.0798 4768 RDPCDD - ok

22:38:17.0830 4768 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

22:38:17.0832 4768 RDPENCDD - ok

22:38:17.0847 4768 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

22:38:17.0848 4768 RDPREFMP - ok

22:38:17.0884 4768 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

22:38:17.0888 4768 RDPWD - ok

22:38:18.0087 4768 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

22:38:18.0090 4768 rdyboost - ok

22:38:18.0113 4768 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

22:38:18.0116 4768 RemoteAccess - ok

22:38:18.0141 4768 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

22:38:18.0144 4768 RemoteRegistry - ok

22:38:18.0166 4768 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

22:38:18.0168 4768 RpcEptMapper - ok

22:38:18.0183 4768 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

22:38:18.0185 4768 RpcLocator - ok

22:38:18.0213 4768 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

22:38:18.0217 4768 RpcSs - ok

22:38:18.0240 4768 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

22:38:18.0242 4768 rspndr - ok

22:38:18.0272 4768 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

22:38:18.0276 4768 RTL8167 - ok

22:38:18.0289 4768 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

22:38:18.0289 4768 SamSs - ok

22:38:18.0307 4768 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

22:38:18.0309 4768 sbp2port - ok

22:38:18.0331 4768 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

22:38:18.0335 4768 SCardSvr - ok

22:38:18.0360 4768 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

22:38:18.0362 4768 scfilter - ok

22:38:18.0401 4768 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

22:38:18.0420 4768 Schedule - ok

22:38:18.0441 4768 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

22:38:18.0442 4768 SCPolicySvc - ok

22:38:18.0468 4768 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

22:38:18.0473 4768 SDRSVC - ok

22:38:18.0505 4768 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

22:38:18.0506 4768 secdrv - ok

22:38:18.0519 4768 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

22:38:18.0522 4768 seclogon - ok

22:38:18.0542 4768 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

22:38:18.0544 4768 SENS - ok

22:38:18.0560 4768 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

22:38:18.0562 4768 SensrSvc - ok

22:38:18.0581 4768 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

22:38:18.0582 4768 Serenum - ok

22:38:18.0599 4768 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

22:38:18.0601 4768 Serial - ok

22:38:18.0635 4768 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

22:38:18.0637 4768 sermouse - ok

22:38:18.0689 4768 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

22:38:18.0691 4768 SessionEnv - ok

22:38:18.0706 4768 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

22:38:18.0707 4768 sffdisk - ok

22:38:18.0725 4768 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

22:38:18.0726 4768 sffp_mmc - ok

22:38:18.0740 4768 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

22:38:18.0741 4768 sffp_sd - ok

22:38:18.0757 4768 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

22:38:18.0759 4768 sfloppy - ok

22:38:18.0834 4768 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

22:38:18.0842 4768 Sftfs - ok

22:38:18.0893 4768 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

22:38:18.0899 4768 sftlist - ok

22:38:18.0917 4768 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

22:38:18.0921 4768 Sftplay - ok

22:38:18.0939 4768 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

22:38:18.0940 4768 Sftredir - ok

22:38:18.0954 4768 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

22:38:18.0956 4768 Sftvol - ok

22:38:18.0978 4768 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

22:38:18.0981 4768 sftvsa - ok

22:38:19.0015 4768 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

22:38:19.0020 4768 ShellHWDetection - ok

22:38:19.0056 4768 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

22:38:19.0058 4768 SiSRaid2 - ok

22:38:19.0074 4768 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

22:38:19.0075 4768 SiSRaid4 - ok

22:38:19.0159 4768 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

22:38:19.0162 4768 SkypeUpdate - ok

22:38:19.0182 4768 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

22:38:19.0184 4768 Smb - ok

22:38:19.0222 4768 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

22:38:19.0224 4768 SNMPTRAP - ok

22:38:19.0237 4768 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

22:38:19.0238 4768 spldr - ok

22:38:19.0268 4768 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

22:38:19.0274 4768 Spooler - ok

22:38:19.0344 4768 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

22:38:19.0405 4768 sppsvc - ok

22:38:19.0424 4768 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

22:38:19.0427 4768 sppuinotify - ok

22:38:19.0459 4768 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

22:38:19.0464 4768 srv - ok

22:38:19.0500 4768 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

22:38:19.0505 4768 srv2 - ok

22:38:19.0536 4768 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

22:38:19.0538 4768 srvnet - ok

22:38:19.0574 4768 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys

22:38:19.0577 4768 sscdbus - ok

22:38:19.0602 4768 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys

22:38:19.0605 4768 sscdmdfl - ok

22:38:19.0620 4768 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys

22:38:19.0623 4768 sscdmdm - ok

22:38:19.0634 4768 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys

22:38:19.0636 4768 sscdserd - ok

22:38:19.0667 4768 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

22:38:19.0670 4768 SSDPSRV - ok

22:38:19.0694 4768 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

22:38:19.0697 4768 SstpSvc - ok

22:38:19.0738 4768 [ F9506327BB18C51ED720CB9E83BBAB66 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

22:38:19.0740 4768 Stereo Service - ok

22:38:19.0771 4768 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

22:38:19.0773 4768 stexstor - ok

22:38:19.0808 4768 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

22:38:19.0815 4768 stisvc - ok

22:38:19.0843 4768 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

22:38:19.0845 4768 swenum - ok

22:38:19.0924 4768 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

22:38:19.0941 4768 swprv - ok

22:38:19.0981 4768 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

22:38:20.0007 4768 SysMain - ok

22:38:20.0039 4768 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

22:38:20.0043 4768 TabletInputService - ok

22:38:20.0063 4768 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

22:38:20.0067 4768 TapiSrv - ok

22:38:20.0082 4768 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

22:38:20.0085 4768 TBS - ok

22:38:20.0132 4768 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

22:38:20.0167 4768 Tcpip - ok

22:38:20.0232 4768 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

22:38:20.0242 4768 TCPIP6 - ok

22:38:20.0279 4768 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

22:38:20.0281 4768 tcpipreg - ok

22:38:20.0308 4768 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

22:38:20.0310 4768 TDPIPE - ok

22:38:20.0340 4768 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

22:38:20.0342 4768 TDTCP - ok

22:38:20.0370 4768 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

22:38:20.0372 4768 tdx - ok

22:38:20.0392 4768 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

22:38:20.0394 4768 TermDD - ok

22:38:20.0420 4768 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

22:38:20.0428 4768 TermService - ok

22:38:20.0452 4768 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

22:38:20.0455 4768 Themes - ok

22:38:20.0471 4768 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

22:38:20.0472 4768 THREADORDER - ok

22:38:20.0519 4768 [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys

22:38:20.0522 4768 TIEHDUSB - ok

22:38:20.0547 4768 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

22:38:20.0559 4768 TrkWks - ok

22:38:20.0599 4768 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

22:38:20.0601 4768 TrustedInstaller - ok

22:38:20.0625 4768 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

22:38:20.0626 4768 tssecsrv - ok

22:38:20.0661 4768 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

22:38:20.0663 4768 TsUsbFlt - ok

22:38:20.0704 4768 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

22:38:20.0707 4768 tunnel - ok

22:38:20.0728 4768 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

22:38:20.0733 4768 uagp35 - ok

22:38:20.0758 4768 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

22:38:20.0762 4768 udfs - ok

22:38:20.0794 4768 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

22:38:20.0797 4768 UI0Detect - ok

22:38:20.0813 4768 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

22:38:20.0815 4768 uliagpkx - ok

22:38:20.0830 4768 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

22:38:20.0833 4768 umbus - ok

22:38:20.0852 4768 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

22:38:20.0854 4768 UmPass - ok

22:38:20.0878 4768 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

22:38:20.0883 4768 upnphost - ok

22:38:20.0915 4768 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

22:38:20.0918 4768 usbaudio - ok

22:38:20.0946 4768 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

22:38:20.0949 4768 usbccgp - ok

22:38:20.0975 4768 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

22:38:20.0977 4768 usbcir - ok

22:38:21.0002 4768 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

22:38:21.0004 4768 usbehci - ok

22:38:21.0033 4768 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

22:38:21.0037 4768 usbhub - ok

22:38:21.0063 4768 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

22:38:21.0065 4768 usbohci - ok

22:38:21.0098 4768 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

22:38:21.0099 4768 usbprint - ok

22:38:21.0129 4768 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

22:38:21.0131 4768 usbscan - ok

22:38:21.0159 4768 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

22:38:21.0161 4768 USBSTOR - ok

22:38:21.0178 4768 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

22:38:21.0180 4768 usbuhci - ok

22:38:21.0206 4768 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

22:38:21.0209 4768 usbvideo - ok

22:38:21.0236 4768 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

22:38:21.0238 4768 UxSms - ok

22:38:21.0252 4768 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

22:38:21.0253 4768 VaultSvc - ok

22:38:21.0281 4768 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

22:38:21.0283 4768 vdrvroot - ok

22:38:21.0326 4768 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

22:38:21.0334 4768 vds - ok

22:38:21.0349 4768 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

22:38:21.0350 4768 vga - ok

22:38:21.0365 4768 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

22:38:21.0367 4768 VgaSave - ok

22:38:21.0385 4768 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

22:38:21.0387 4768 vhdmp - ok

22:38:21.0412 4768 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

22:38:21.0413 4768 viaide - ok

22:38:21.0433 4768 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

22:38:21.0435 4768 volmgr - ok

22:38:21.0470 4768 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

22:38:21.0475 4768 volmgrx - ok

22:38:21.0490 4768 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

22:38:21.0493 4768 volsnap - ok

22:38:21.0518 4768 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

22:38:21.0523 4768 vsmraid - ok

22:38:21.0569 4768 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

22:38:21.0595 4768 VSS - ok

22:38:21.0615 4768 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

22:38:21.0617 4768 vwifibus - ok

22:38:21.0651 4768 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

22:38:21.0656 4768 W32Time - ok

22:38:21.0678 4768 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

22:38:21.0680 4768 WacomPen - ok

22:38:21.0716 4768 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

22:38:21.0719 4768 WANARP - ok

22:38:21.0734 4768 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

22:38:21.0735 4768 Wanarpv6 - ok

22:38:21.0789 4768 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

22:38:21.0815 4768 WatAdminSvc - ok

22:38:21.0857 4768 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

22:38:21.0883 4768 wbengine - ok

22:38:21.0908 4768 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

22:38:21.0913 4768 WbioSrvc - ok

22:38:21.0950 4768 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

22:38:21.0955 4768 wcncsvc - ok

22:38:21.0970 4768 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

22:38:21.0973 4768 WcsPlugInService - ok

22:38:21.0995 4768 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

22:38:21.0997 4768 Wd - ok

22:38:22.0035 4768 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

22:38:22.0036 4768 WDC_SAM - ok

22:38:22.0073 4768 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

22:38:22.0081 4768 Wdf01000 - ok

22:38:22.0094 4768 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

22:38:22.0097 4768 WdiServiceHost - ok

22:38:22.0106 4768 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

22:38:22.0108 4768 WdiSystemHost - ok

22:38:22.0134 4768 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

22:38:22.0138 4768 WebClient - ok

22:38:22.0158 4768 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

22:38:22.0162 4768 Wecsvc - ok

22:38:22.0184 4768 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

22:38:22.0187 4768 wercplsupport - ok

22:38:22.0207 4768 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

22:38:22.0210 4768 WerSvc - ok

22:38:22.0247 4768 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

22:38:22.0249 4768 WfpLwf - ok

22:38:22.0264 4768 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

22:38:22.0266 4768 WIMMount - ok

22:38:22.0279 4768 WinHttpAutoProxySvc - ok

22:38:22.0338 4768 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

22:38:22.0342 4768 Winmgmt - ok

22:38:22.0392 4768 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

22:38:22.0427 4768 WinRM - ok

22:38:22.0481 4768 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

22:38:22.0485 4768 WinUsb - ok

22:38:22.0525 4768 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

22:38:22.0536 4768 Wlansvc - ok

22:38:22.0567 4768 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

22:38:22.0569 4768 WmiAcpi - ok

22:38:22.0598 4768 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

22:38:22.0602 4768 wmiApSrv - ok

22:38:22.0645 4768 WMPNetworkSvc - ok

22:38:22.0725 4768 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe

22:38:22.0730 4768 WMZuneComm - ok

22:38:22.0753 4768 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

22:38:22.0757 4768 WPCSvc - ok

22:38:22.0799 4768 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

22:38:22.0815 4768 WPDBusEnum - ok

22:38:22.0842 4768 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

22:38:22.0844 4768 ws2ifsl - ok

22:38:22.0853 4768 WSearch - ok

22:38:22.0892 4768 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

22:38:22.0895 4768 WudfPf - ok

22:38:22.0944 4768 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

22:38:22.0948 4768 WUDFRd - ok

22:38:22.0977 4768 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

22:38:22.0980 4768 wudfsvc - ok

22:38:23.0005 4768 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

22:38:23.0008 4768 WwanSvc - ok

22:38:23.0269 4768 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe

22:38:23.0398 4768 ZuneNetworkSvc - ok

22:38:23.0560 4768 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe

22:38:23.0636 4768 ZuneWlanCfgSvc - ok

22:38:23.0653 4768 ================ Scan global ===============================

22:38:23.0722 4768 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

22:38:23.0792 4768 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

22:38:23.0802 4768 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

22:38:23.0843 4768 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

22:38:23.0858 4768 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

22:38:23.0864 4768 [Global] - ok

22:38:23.0867 4768 ================ Scan MBR ==================================

22:38:23.0871 4768 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

22:38:23.0871 4768 Suspicious mbr (Forged): \Device\Harddisk0\DR0

22:38:23.0930 4768 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

22:38:23.0930 4768 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

22:38:23.0930 4768 ================ Scan VBR ==================================

22:38:23.0938 4768 [ 3C6BC8E394B29360374F821D4EB06B57 ] \Device\Harddisk0\DR0\Partition1

22:38:23.0940 4768 \Device\Harddisk0\DR0\Partition1 - ok

22:38:23.0952 4768 [ 4EBC6B3CDFC9343D2FA30552E517992D ] \Device\Harddisk0\DR0\Partition2

22:38:23.0954 4768 \Device\Harddisk0\DR0\Partition2 - ok

22:38:23.0958 4768 ============================================================

22:38:23.0958 4768 Scan finished

22:38:23.0958 4768 ============================================================

22:38:23.0972 5956 Detected object count: 1

22:38:23.0972 5956 Actual detected object count: 1

22:38:33.0417 5956 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user

22:38:33.0417 5956 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip



#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:32 PM

Posted 02 April 2013 - 05:34 AM

Run TDSSkiller again and select CURE for

 

22:38:33.0417 5956 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user

 

Restart the PC ,run TDSSkiller and post the new log

 

Post other logs too.



#6 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 03 April 2013 - 01:11 AM

here is the ESET-had to run in safe mode

C:\Users\All Users\Microsoft\Windows\DRM\F3FF.tmp Win64/Olmarik.AY trojan 
C:\Users\All Users\Microsoft\Windows\DRM\F400.tmp Win64/Olmarik.AY trojan 
C:\ProgramData\Microsoft\Windows\DRM\F3FF.tmp Win64/Olmarik.AY trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\F400.tmp Win64/Olmarik.AY trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.11.2012_20.42.13\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.11.2012_20.42.13\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.11.2012_20.42.13\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.11.2012_20.42.13\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.11.2012_20.42.13\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\CLIENT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1bfff50d-5cbd0464 a variant of Java/Exploit.CVE-2012-1723.CF trojan cleaned by deleting - quarantined
C:\Users\CLIENT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\664ee59d-59522c5c Java/Exploit.Agent.NOF trojan cleaned by deleting - quarantined
C:\Users\CLIENT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\6dd0d303-50293aab Java/Exploit.Agent.NPG trojan cleaned by deleting - quarantined
C:\Users\CLIENT\AppData\Roaming\Avuwno\ybirac.exe a variant of Win32/Kryptik.AXWJ trojan cleaned by deleting - quarantined
C:\Users\CLIENT\AppData\Roaming\Eryvyx\kahoqie.exe a variant of Win32/Kryptik.AXWJ trojan cleaned by deleting - quarantined
C:\Users\CLIENT\Downloads\pdflite_d2171682.exe probably a variant of Win32/InstallIQ application cleaned by deleting - quarantined
 

ALSO HERE IS THE JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.0 (04.02.2013:1)
OS: Windows 7 Home Premium x64
Ran by CLIENT on Wed 04/03/2013 at  0:50:51.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"
Failed to delete [File] C:\Windows\svchost.exe  [Check for TDL4 Rootkit!]

 

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 04/03/2013 at  1:00:51.16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

I ended up doing a reimage download/scan by mistake, WHEN i MEANT TO DO THE jrt I CLICKED ON THE AD. there was no notepad document that came up. This is what was listed for Boot up Viruses and Other Malicious Programs
c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe --- APPL/InstallBrain.Gen

 

As a computer event I am now having an error and message of Recycle Bin corrupt. Weird.

 

Now I will run the TDSSKILLER again and select CURE. I thought it was strange that the directions didnt mention doing that.



#7 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 03 April 2013 - 06:02 PM

Here is the TDSSKiller final message

TDSKiller scan run 4/3/13

17:56:30.0398 1144  Scan finished
17:56:30.0398 1144  ============================================================
17:56:30.0411 1356  Detected object count: 1
17:56:30.0411 1356  Actual detected object count: 1
17:56:42.0139 1356  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:56:42.0139 1356  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:32 PM

Posted 03 April 2013 - 09:32 PM

JRT log?

 

17:56:42.0139 1356  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

 

Run TDSSkiller again and select DELETE

 

Malwarebytes

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

===================================================

Farbar's MiniToolBox
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.

  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================

Farbar's Service Scanner

Please download Farbar Service Scanner, save it to your desktop, and run it.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services

  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================

AdwCleaner by Xplode - Search for Adware
  • Please download AdwCleaner by Xplode onto your desktop.
  • Security softwares may flag it as malicious.This is a false positive and can be ignored.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • Click YES if you receive a warning for reboot
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================

Autoruns
 
  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply



  • Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Autoruns log

 



#9 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 05 April 2013 - 12:38 AM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.04.01.02

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
CLIENT :: CLIENT-PC [administrator]

3/31/2013 10:31:41 PM
MBAM-log-2013-04-01 (08-14-37).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 415028
Time elapsed: 49 minute(s), 7 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 6408 -> No action taken.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.
C:\Windows\Tasks\Security Center Update - 993164743.job (Trojan.Agent.RvGen) -> No action taken.

(end)

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by CLIENT (administrator) on 05-04-2013 at 00:32:46
Running from "C:\Users\CLIENT\Desktop\march 2013 bleeping computer"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 2 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : CLIENT-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 90-FB-A6-26-D0-44
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9ddb:2ff7:e0df:4bcc%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, April 04, 2013 11:25:01 PM
   Lease Expires . . . . . . . . . . : Friday, April 05, 2013 11:25:01 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 277937062
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-E4-2E-B5-90-FB-A6-26-C7-78
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{3282F547-4335-425A-BD2E-E3CAFF2B2EF2}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4000:803::1007
   173.194.46.7
   173.194.46.8
   173.194.46.9
   173.194.46.14
   173.194.46.0
   173.194.46.1
   173.194.46.2
   173.194.46.3
   173.194.46.4
   173.194.46.5
   173.194.46.6


Pinging google.com [173.194.46.8] with 32 bytes of data:
Reply from 173.194.46.8: bytes=32 time=49ms TTL=49
Reply from 173.194.46.8: bytes=32 time=49ms TTL=50

Ping statistics for 173.194.46.8:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 49ms, Average = 49ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
   206.190.36.45
   98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=76ms TTL=51
Reply from 206.190.36.45: bytes=32 time=134ms TTL=51

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 76ms, Maximum = 134ms, Average = 105ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...90 fb a6 26 d0 44 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.6    276
      192.168.1.6  255.255.255.255         On-link       192.168.1.6    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.6    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.6    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.6    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::9ddb:2ff7:e0df:4bcc/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File not found] ()
Catalog9 02 mswsock.dll [File not found] ()
Catalog9 03 mswsock.dll [File not found] ()
Catalog9 04 mswsock.dll [File not found] ()
Catalog9 05 mswsock.dll [File not found] ()
Catalog9 06 mswsock.dll [File not found] ()
Catalog9 07 mswsock.dll [File not found] ()
Catalog9 08 mswsock.dll [File not found] ()
Catalog9 09 mswsock.dll [File not found] ()
Catalog9 10 mswsock.dll [File not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/04/2013 11:35:05 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error:  Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (04/04/2013 11:29:09 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (04/04/2013 11:29:09 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (04/04/2013 11:09:54 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error:  Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (04/04/2013 11:03:58 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (04/04/2013 11:03:58 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (04/04/2013 10:31:10 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error:  Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (04/04/2013 10:26:56 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (04/04/2013 10:26:56 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (04/04/2013 01:52:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (04/04/2013 11:35:01 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.147.839.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.2.0223.00

 Source Path: 4.2.0223.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (04/04/2013 11:25:10 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (04/04/2013 11:25:10 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (04/04/2013 11:25:01 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (04/04/2013 11:24:09 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service has reported an invalid current state 32.

Error: (04/04/2013 11:09:50 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.147.839.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.2.0223.00

 Source Path: 4.2.0223.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (04/04/2013 11:00:04 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (04/04/2013 11:00:04 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (04/04/2013 10:59:56 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Component: AMD Northbridge
Error Source: 3
Error Type: 2
Processor ID: 0

The details view of this entry contains further information.

Error: (04/04/2013 10:59:50 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (04/04/2013 11:35:05 PM) (Source: CVHSVC)(User: )
Description: Error:  Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (04/04/2013 11:29:09 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/04/2013 11:29:09 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (04/04/2013 11:09:54 PM) (Source: CVHSVC)(User: )
Description: Error:  Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (04/04/2013 11:03:58 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/04/2013 11:03:58 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (04/04/2013 10:31:10 PM) (Source: CVHSVC)(User: )
Description: Error:  Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (04/04/2013 10:26:56 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/04/2013 10:26:56 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (04/04/2013 01:52:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2012-11-28 21:46:47.985
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 21:46:47.899
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 21:46:47.811
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 21:46:47.722
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 11:54:44.829
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 11:54:44.746
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 11:54:44.654
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 11:54:44.571
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 11:23:20.452
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 11:23:20.367
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.2)
Adobe AIR (Version: 2.7.0.19530)
Adobe Community Help (Version: 3.5.23)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Photoshop Elements 10 (Version: 10.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Canon Easy-PhotoPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.1
Canon MX360 series MP Drivers
Canon MX360 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
CCleaner (Version: 3.25)
Coupon Printer for Windows (Version: 5.0.0.1)
DJ_SF_06_D1600_SW_Min (Version: 140.0.690.000)
Elements 10 Organizer (Version: 10.0)
ESET Online Scanner v3
Google Chrome (Version: 26.0.1410.43)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
HP Deskjet D1600 Printer Driver 14.0 Rel. 6 (Version: 14.0)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 Essentials (Version: 8.3.569)
neroxml (Version: 1.0.0)
NVIDIA Drivers (Version: 1.7)
NVIDIA Stereoscopic 3D Driver (Version: 7.15.11.9038)
PSE10 STI Installer (Version: 10.0)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
Realtek High Definition Audio Driver (Version: 6.0.1.5936)
Reimage Repair (Version: 1.6.3.7)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.800.0)
Skype Toolbars (Version: 5.3.7280)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.8.8.450.gd9413516)
TI Connect 1.6 (Version: 1.6)
Toolbox (Version: 140.0.428.000)
Unreal Anthology (Version: 1.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VCRedistSetup (Version: 1.0.0)
Visual Site Designer (Trial Version) (Version: 7.0.75)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Zoo Tycoon 2 - Marine Mania (Version: 1.00.0000)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Devices: ================================

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: nvstor
Description: nvstor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nvstor

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard RAM Controller
Description: PCI standard RAM Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard RAM Controller
Description: PCI standard RAM Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: AMD Athlon™ II X2 250 Processor
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: G:\
Description: SD/MMC         
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: NVIDIA nForce PCI System Management
Description: NVIDIA nForce PCI System Management
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service:

Name: NVIDIA nForce Serial ATA Controller
Description: NVIDIA nForce Serial ATA Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA Corporation
Service: nvstor64

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Canon MX360 series
Description: Canon MX360 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: usbscan

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: RAS Async Adapter
Description: RAS Async Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: AsyncMac

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: USB Printing Support
Description: USB Printing Support
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: NVIDIA nForce Serial ATA Controller
Description: NVIDIA nForce Serial ATA Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA Corporation
Service: nvstor64

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic- Compact Flash USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: I:\
Description: SM/xD-Picture  
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: ATAPI iHAS124   B SCSI CdRom Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Printing Support
Description: USB Printing Support
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: NVIDIA GeForce 6150SE nForce 430
Description: NVIDIA GeForce 6150SE nForce 430
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic- MS/MS-Pro USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: Winsock IFS Driver
Description: Winsock IFS Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ws2ifsl

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: msisadrv

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: Printer Port (LPT1)
Description: Printer Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Parport

Name: H:\
Description: Compact Flash  
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: Sftfs
Description: Sftfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Sftfs

Name: ST350041 8AS SCSI Disk Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: Generic- SD/MMC USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: Sftplay
Description: Sftplay
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Sftplay

Name: Communications Port (COM2)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: PCI Express standard Root Port
Description: PCI Express standard Root Port
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Standard floppy disk controller
Description: Standard floppy disk controller
Class Guid: {4d36e969-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard floppy disk controllers)
Service: fdc

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: Printer Port Logical Interface
Description: Printer Port Logical Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: FXDrv32
Description: FXDrv32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: FXDrv32

Name: Canon MX360 series Printer
Description: Canon MX360 series Printer
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Canon
Service:

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Sftvol
Description: Sftvol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Sftvol

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic- SM/xD-Picture USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: PCI Express standard Root Port
Description: PCI Express standard Root Port
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: J:\
Description: MS/MS-Pro      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Floppy disk drive
Description: Floppy disk drive
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard floppy disk drives)
Service: flpydisk

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: AMD Athlon™ II X2 250 Processor
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI Express standard Root Port
Description: PCI Express standard Root Port
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: NVIDIA nForce System Management Controller
Description: NVIDIA nForce System Management Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvsmu

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Canon MX360 series FAX
Description: Canon MX360 series FAX
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Canon
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 1919.37 MB
Available physical RAM: 1118.15 MB
Total Pagefile: 3838.73 MB
Available Pagefile: 2610.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3950.39 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.66 GB) (Free:405.79 GB) NTFS
3 Drive d: (ZT2-MM) (CDROM) (Total:0.6 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\CLIENT-PC

Administrator            CLIENT                   Guest                   

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

28-02-2013 04:16:21 Windows Update
04-03-2013 00:31:26 Windows Update
05-03-2013 03:55:06 Windows Update
08-03-2013 13:44:34 Windows Update
12-03-2013 00:47:29 Windows Update
14-03-2013 03:33:30 Windows Update
17-03-2013 13:37:33 Windows Update
20-03-2013 17:30:43 Windows Update
24-03-2013 16:11:32 Windows Update
27-03-2013 08:00:25 Windows Update
03-04-2013 22:42:02 Scheduled Checkpoint

**** End of log ****

 

Farbar Service Scanner Version: 03-03-2013
Ran by CLIENT (administrator) on 04-04-2013 at 23:18:22
Running from "C:\Users\CLIENT\Desktop\march 2013 bleeping computer"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

# AdwCleaner v2.200 - Logfile created 04/04/2013 at 23:23:41
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : CLIENT - CLIENT-PC
# Boot Mode : Normal
# Running from : C:\Users\CLIENT\Desktop\march 2013 bleeping computer\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.43

File : C:\Users\CLIENT\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1084 octets] - [04/04/2013 23:22:41]
AdwCleaner[S1].txt - [4608 octets] - [19/11/2012 23:40:13]
AdwCleaner[S2].txt - [1026 octets] - [04/04/2013 23:23:41]

########## EOF - C:\AdwCleaner[S2].txt - [1086 octets] ##########

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "7/13/2009 11:49 PM"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/28/2012 10:48 PM"
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" "5/6/2011 5:48 AM"
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe" "7/1/2010 6:59 PM"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe" "1/25/2013 2:57 AM"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe" "9/11/2009 6:48 AM"
+ "Zune Launcher" "Zune Auto-Launcher" "Microsoft Corporation" "c:\program files\zune\zunelauncher.exe" "8/5/2011 2:34 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "4/4/2013 11:24 PM"
+ "CanonSolutionMenuEx" "Canon Solution Menu EX" "CANON INC." "c:\program files (x86)\canon\solution menu ex\cnsemain.exe" "9/10/2010 12:59 AM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "2/9/2011 6:09 AM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "7/13/2009 6:58 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "2/9/2011 6:09 AM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "7/13/2009 6:42 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/28/2012 10:40 PM"
+ "3763631150" "" "" "File not found: C:\Users\CLIENT\AppData\Roaming\Yxavizu\ypimo.exe" ""
+ "4178989566" "" "" "File not found: C:\Users\CLIENT\AppData\Roaming\Oqxuag\urbeary.exe" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\client\appdata\local\google\update\googleupdate.exe" "3/9/2010 1:10 AM"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe" "5/12/2008 1:14 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "1/25/2013 2:57 AM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files (x86)\nero\nero8\nero coverdesigner\coveredextension.dll" "6/6/2008 3:50 AM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "1/25/2013 2:57 AM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "7/13/2009 8:32 PM"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll" "7/14/2009 3:22 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll" "7/13/2009 8:09 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "2/8/2011 3:48 PM"
+ "NeroDigitalColumnHandler Class" "Nero Digital Shell Extension" "Nero AG" "c:\program files (x86)\common files\nero\lib\nerodigitalext.dll" "5/27/2008 4:28 AM"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "7/27/2012 2:25 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "3/31/2013 11:52 AM"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll" "12/7/2012 6:02 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "4/4/2013 11:24 PM"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll" "7/27/2012 1:58 PM"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll" "12/7/2012 6:15 PM"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll" "9/25/2012 1:04 AM"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll" "9/25/2012 1:03 AM"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll" "3/18/2011 7:01 AM"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" "" "3/14/2013 11:01 AM"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll" "12/7/2012 6:02 PM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" "" "3/14/2013 11:01 AM"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll" "12/7/2012 6:15 PM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "3/14/2013 11:01 AM"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll" "3/18/2011 7:01 AM"
"Task Scheduler" "" "" "" ""
+ "\AdobeAAMUpdater-1.0-CLIENT-PC-CLIENT" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" "5/6/2011 5:48 AM"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "11/23/2012 5:46 PM"
+ "\GoogleUpdateTaskUserS-1-5-21-266725863-3690335571-4066993543-1001Core" "Google Installer" "Google Inc." "c:\users\client\appdata\local\google\update\googleupdate.exe" "3/9/2010 1:10 AM"
+ "\GoogleUpdateTaskUserS-1-5-21-266725863-3690335571-4066993543-1001UA" "Google Installer" "Google Inc." "c:\users\client\appdata\local\google\update\googleupdate.exe" "3/9/2010 1:10 AM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "6/10/2009 3:36 PM"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "7/13/2009 7:24 PM"
+ "\Security Center Update - 1185855003" "" "" "File not found: C:\Users\CLIENT\AppData\Roaming\Eryvyx\kahoqie.exe" ""
+ "\Security Center Update - 1793516189" "" "" "File not found: C:\Users\CLIENT\AppData\Roaming\Oqxuag\urbeary.exe" ""
+ "\Security Center Update - 2136445168" "" "" "File not found: C:\Users\CLIENT\AppData\Roaming\Avuwno\ybirac.exe" ""
+ "\Security Center Update - 993164743" "" "" "File not found: C:\Users\CLIENT\AppData\Roaming\Gireowu\suzyiky.exe" ""
+ "\{B1F85D50-150A-476E-8A36-C26FAFA61B21}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe" "7/13/2012 7:29 AM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "3/4/2013 10:56 PM"
+ "AdobeActiveFileMonitor10.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 10 organizer\photoshopelementsfileagent.exe" "9/14/2011 9:33 AM"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe" "7/12/2012 2:29 AM"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "2/28/2013 9:40 PM"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe" "1/4/2012 9:15 AM"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "3/9/2010 1:10 AM"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "3/9/2010 1:10 AM"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe" "3/2/2012 4:13 PM"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe" "4/4/2005 12:41 AM"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files (x86)\canon\ijplm\ijplmsvc.exe" "7/26/2010 7:43 PM"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe" "12/14/2012 3:51 PM"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe" "12/14/2012 3:51 PM"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe" "1/25/2013 2:55 AM"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll" "5/14/2009 6:19 AM"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe" "1/25/2013 2:56 AM"
+ "NMIndexingService" "Nero Home" "Nero AG" "c:\program files (x86)\common files\nero\lib\nmindexingservice.exe" "6/24/2008 5:26 AM"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe" "7/14/2009 3:23 PM"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "1/9/2010 11:16 PM"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe" "8/11/2009 9:00 PM"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll" "5/14/2009 6:19 AM"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe" "9/30/2011 9:21 AM"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe" "9/30/2011 9:19 AM"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe" "7/13/2012 7:28 AM"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe" "7/14/2009 2:23 PM"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "11/20/2010 6:18 AM"
+ "WMZuneComm" "Zune Connectivity for Windows Mobile devices" "Microsoft Corporation" "c:\program files\zune\wmzunecomm.exe" "8/5/2011 2:32 PM"
+ "ZuneNetworkSvc" "Shares Zune media libraries to Zune devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\zune\zunenss.exe" "8/5/2011 2:46 PM"
+ "ZuneWlanCfgSvc" "Configures Zune for wireless syncing" "Microsoft Corporation" "c:\program files\zune\zunewlancfgsvc.exe" "8/5/2011 2:34 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "3/4/2013 10:56 PM"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "12/5/2008 6:54 PM"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "5/1/2007 12:30 PM"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "2/27/2007 7:04 PM"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "7/13/2009 6:19 PM"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "3/18/2010 7:45 PM"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "3/20/2009 1:36 PM"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "3/19/2010 11:18 AM"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "5/24/2007 4:27 PM"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "1/14/2009 2:27 PM"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys" "2/13/2009 5:18 PM"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys" "4/26/2009 6:14 AM"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "8/6/2006 8:51 PM"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "8/6/2006 8:51 PM"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "8/6/2006 8:51 PM"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "8/6/2006 8:51 PM"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "8/6/2006 8:51 PM"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "8/9/2006 7:11 AM"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys" ""
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "7/13/2009 6:19 PM"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys" "12/31/2008 11:29 AM"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "2/3/2009 5:52 PM"
+ "FXDrv32" "" "" "File not found: D:\FXDrv64.sys" ""
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "5/11/2009 3:26 AM"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "4/20/2010 1:32 PM"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "6/10/2010 7:46 PM"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "12/13/2005 4:47 PM"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys" "9/11/2009 8:45 AM"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "12/9/2008 5:46 PM"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "5/18/2009 7:20 PM"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "5/18/2009 7:31 PM"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "4/16/2009 5:13 PM"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys" "8/20/2012 11:49 AM"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "5/18/2009 8:09 PM"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "5/18/2009 8:25 PM"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "6/6/2006 4:11 PM"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 190.38 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys" "7/14/2009 2:50 PM"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "3/19/2010 3:59 PM"
+ "nvsmu" "NVIDIA nForce™ SMU Microcontroller Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvsmu.sys" "6/29/2009 2:36 AM"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "3/19/2010 3:45 PM"
+ "nvstor64" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor64.sys" "8/4/2009 7:31 PM"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys" "10/20/2009 1:08 PM"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "1/22/2009 6:05 PM"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "5/18/2009 8:18 PM"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys" "8/20/2009 11:05 AM"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "9/13/2006 8:18 AM"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys" "7/13/2009 7:00 PM"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "9/24/2008 1:28 PM"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "10/1/2008 4:56 PM"
+ "sscdbus" "SAMSUNG USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\sscdbus.sys" "11/10/2010 4:37 PM"
+ "sscdmdfl" "SAMSUNG Mobile Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdfl.sys" "11/10/2010 4:41 PM"
+ "sscdmdm" "SAMSUNG Mobile Modem Drivers" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdm.sys" "11/10/2010 4:41 PM"
+ "sscdserd" "SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\sscdserd.sys" "11/10/2010 4:44 PM"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "2/17/2009 6:03 PM"
+ "TIEHDUSB" "tiehdusb.sys" "Texas Instruments" "c:\windows\system32\drivers\tiehdusb.sys" "9/3/2009 4:15 PM"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "7/13/2009 6:19 PM"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "1/30/2009 8:18 PM"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys" "4/16/2008 3:39 AM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "2/14/2013 4:41 PM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "7/13/2009 8:28 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "4/4/2013 11:24 PM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "7/13/2009 8:06 PM"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "11/20/2010 6:59 AM"
"HKLM\Software\Classes\Filter" "" "" "" "4/4/2013 11:09 PM"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax" "7/26/2011 10:43 PM"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax" "7/26/2011 10:44 PM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 11:53 PM"
+ "Microsoft Zune H.264 Video Decoder" "Microsoft Zune H.264 Video Decoder" "Microsoft Corporation" "c:\program files\zune\zuneh264dec.dll" "8/5/2011 2:31 PM"
+ "WMEnc Screen Capture Filter" "ZuneSrcWrp Module" "Microsoft Corporation" "c:\program files\zune\zunesrcwrp.dll" "8/5/2011 2:46 PM"
+ "Zune Enhanced Video Renderer" "Enhanced Video Renderer DLL" "Microsoft Corporation" "c:\program files\zune\zuneevr.dll" "8/5/2011 2:31 PM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 11:53 PM"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files (x86)\nero\nero8\nero vision\nvdv.dll" "7/18/2007 7:19 AM"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files (x86)\nero\nero8\nero vision\nvdv.dll" "7/18/2007 7:19 AM"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_bc_dec_avc_ds.ax" "7/26/2011 10:58 PM"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_dec_aac_ds.ax" "7/26/2011 11:01 PM"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_dec_avc_ds.ax" "7/26/2011 10:57 PM"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax" "7/26/2011 10:43 PM"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax" "7/26/2011 10:44 PM"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax" "7/26/2011 10:43 PM"
+ "NeAudio2" "Nero Audio Decoder 2" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudio2.ax" "7/8/2008 8:27 AM"
+ "NeAudioRender" "Nero Audio Renderer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudiorender.ax" "7/8/2008 8:26 AM"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudible.ax" "7/8/2008 8:29 AM"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudcd.ax" "7/8/2008 8:27 AM"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudcd.ax" "7/8/2008 8:27 AM"
+ "Nero Audio Transcoder" "Audio Transcoding Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\netranscoder.ax" "7/8/2008 8:27 AM"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neavsync.ax" "7/8/2008 8:45 AM"
+ "Nero Colorspace Converter" "Colorspace Converter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\necolorspace.ax" "7/8/2008 9:20 AM"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nedeinterlace.ax" "7/8/2008 9:20 AM"
+ "Nero Digital Audio Encoder 8" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendaud.ax" "7/8/2008 8:46 AM"
+ "Nero Digital File Writer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendmux.ax" "7/8/2008 8:46 AM"
+ "Nero Digital Muxer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendmux.ax" "7/8/2008 8:46 AM"
+ "Nero Digital Null Renderer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendmux.ax" "7/8/2008 8:46 AM"
+ "Nero Digital Subpicture Enc 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendmux.ax" "7/8/2008 8:46 AM"
+ "Nero Digital Video Enc 8" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendvid.ax" "7/8/2008 8:46 AM"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nedvsplitter.ax" "7/8/2008 8:29 AM"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideo.ax" "7/8/2008 8:44 AM"
+ "Nero DVD Navigator" "DVD Navigator Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nedvd.ax" "7/8/2008 8:41 AM"
+ "Nero Elementary Stream Parser" "Nero Elementary Stream Parser" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neesparser.ax" "7/8/2008 8:28 AM"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nefilesourceasync.ax" "7/8/2008 9:25 AM"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neflvsplitter.ax" "7/8/2008 9:20 AM"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\necapture.ax" "7/8/2008 8:45 AM"
+ "Nero Framerate Converter" "Framerate Conversion DirectShow Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neframerate.ax" "7/8/2008 9:20 AM"
+ "Nero HD Audio Mixer" "Nero Audio Mixer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nehdaudiomixer.ax" "7/8/2008 8:28 AM"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nebdgraphic.ax" "7/8/2008 8:43 AM"
+ "Nero MP2 Audio Encoder" "MP2 Audio Encoding Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nemp2audioenc.ax" "7/8/2008 8:27 AM"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nemp3encoder.ax" "7/8/2008 8:27 AM"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nemp4splitter.ax" "7/8/2008 8:29 AM"
+ "Nero Mpeg Video Encoder" "NeroMpeg Dynamic Link Library" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nempegvideoenc.ax" "7/8/2008 9:24 AM"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevcr.ax" "7/8/2008 9:24 AM"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neoggsplitter.ax" "7/8/2008 8:29 AM"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nephotosource.ax" "7/8/2008 9:25 AM"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nebdgraphic.ax" "7/8/2008 8:43 AM"
+ "Nero PS Muxer" "PS Muxer Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nepsmuxer.ax" "7/8/2008 8:29 AM"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neqtdec.ax" "7/8/2008 9:21 AM"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neqtdec.ax" "7/8/2008 9:21 AM"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neresize.ax" "7/8/2008 9:20 AM"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nescenedetector.ax" "7/8/2008 9:18 AM"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nescenedetector.ax" "7/8/2008 9:18 AM"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesoundproc.ax" "7/8/2008 8:28 AM"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesplitter.ax" "7/8/2008 8:29 AM"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesbe.ax" "7/8/2008 8:29 AM"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesbe.ax" "7/8/2008 8:29 AM"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesubpicture.ax" "7/8/2008 8:46 AM"
+ "Nero Subtitle" "Subtitle Renderer & Mixer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesubtitle.ax" "7/8/2008 9:20 AM"
+ "Nero Teletext Decoder" "Teletext Decoder Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neteletext.ax" "7/8/2008 9:19 AM"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nebdthumbnail.ax" "7/8/2008 8:43 AM"
+ "Nero TS Muxer" "Nero Transport Stream Muxltiplexer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\netsmuxer.ax" "7/8/2008 9:21 AM"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevcd.ax" "7/8/2008 8:43 AM"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideoanalyzer.ax" "7/8/2008 9:19 AM"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideo.ax" "7/8/2008 8:44 AM"
+ "Nero Video Decoder HD" "Nero HD Video Decoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideohd.ax" "7/8/2008 8:45 AM"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nerovideoproc.ax" "7/8/2008 9:19 AM"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideorenderer.ax" "7/8/2008 9:19 AM"
+ "Nero VMR Modules Filter" "Nero VMR Modules" "Nero AG" "c:\program files (x86)\common files\nero\lib\nerovmrmodules.dll" "7/8/2008 8:25 AM"
+ "NeroVobuGenerator" "Nero Vobu Generator" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nerovobugenerator.ax" "7/8/2008 9:25 AM"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesoundswitch.ax" "7/8/2008 8:29 AM"
+ "Track1Filter" "Adobe Photoshop Elements 10.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 10 organizer\track1filter.dll" "9/14/2011 9:32 AM"
+ "Track2Filter" "Adobe Photoshop Elements 10.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 10 organizer\track2filter.dll" "9/14/2011 9:32 AM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "4/4/2013 11:25 PM"
+ "Canon BJ FAX Language Monitor MX360 series" "Canon Inkjet Fax Driver" "CANON INC." "c:\windows\system32\cncalak.dll" "10/18/2010 3:29 AM"
+ "Canon BJ Language Monitor MX360 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmak.dll" "3/13/2012 2:45 AM"
+ "Canon BJ Language Monitor MX360 series XPS" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmxlmak.dll" "9/17/2010 12:38 PM"
+ "Epson Inbox Language Monitor01" "Epson Printer Driver" "SEIKO EPSON CORPORATION" "c:\windows\system32\ep0slm01.dll" "7/13/2009 8:29 PM"
+ "hpfll70v.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpfll70v.dll" "4/16/2009 3:38 AM"
 



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:32 PM

Posted 05 April 2013 - 01:01 AM

I want you to run malwarebytes and ESET online scanner in normal mode and post the new log



#11 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 05 April 2013 - 09:07 AM


Here is Half of the TDSSKiller report after finally getting to the delete. I got a message that the whole post was too long. The second half will follow.

08:44:52.0515 2840  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:44:52.0936 2840  ============================================================
08:44:52.0936 2840  Current date / time: 2013/04/05 08:44:52.0936
08:44:52.0936 2840  SystemInfo:
08:44:52.0936 2840 
08:44:52.0936 2840  OS Version: 6.1.7601 ServicePack: 1.0
08:44:52.0936 2840  Product type: Workstation
08:44:52.0936 2840  ComputerName: CLIENT-PC
08:44:52.0936 2840  UserName: CLIENT
08:44:52.0936 2840  Windows directory: C:\Windows
08:44:52.0936 2840  System windows directory: C:\Windows
08:44:52.0936 2840  Running under WOW64
08:44:52.0936 2840  Processor architecture: Intel x64
08:44:52.0936 2840  Number of processors: 2
08:44:52.0936 2840  Page size: 0x1000
08:44:52.0936 2840  Boot type: Normal boot
08:44:52.0936 2840  ============================================================
08:45:00.0808 2840  BG loaded
08:45:01.0182 2840  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:45:01.0202 2840  ============================================================
08:45:01.0202 2840  \Device\Harddisk0\DR0:
08:45:01.0202 2840  MBR partitions:
08:45:01.0202 2840  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:45:01.0202 2840  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353030
08:45:01.0202 2840  ============================================================
08:45:01.0248 2840  C: <-> \Device\Harddisk0\DR0\Partition2
08:45:01.0248 2840  ============================================================
08:45:01.0248 2840  Initialize success
08:45:01.0248 2840  ============================================================
08:45:12.0894 3352  ============================================================
08:45:12.0894 3352  Scan started
08:45:12.0894 3352  Mode: Manual; TDLFS;
08:45:12.0894 3352  ============================================================
08:45:15.0273 3352  ================ Scan system memory ========================
08:45:15.0273 3352  System memory - ok
08:45:15.0274 3352  ================ Scan services =============================
08:45:15.0437 3352  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:45:15.0447 3352  1394ohci - ok
08:45:15.0470 3352  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:45:15.0478 3352  ACPI - ok
08:45:15.0503 3352  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:45:15.0507 3352  AcpiPmi - ok
08:45:15.0670 3352  [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
08:45:15.0674 3352  AdobeActiveFileMonitor10.0 - ok
08:45:15.0743 3352  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:45:15.0745 3352  AdobeARMservice - ok
08:45:15.0862 3352  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:45:15.0866 3352  AdobeFlashPlayerUpdateSvc - ok
08:45:15.0914 3352  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:45:15.0925 3352  adp94xx - ok
08:45:15.0950 3352  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:45:15.0957 3352  adpahci - ok
08:45:15.0971 3352  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:45:15.0976 3352  adpu320 - ok
08:45:16.0011 3352  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:45:16.0012 3352  AeLookupSvc - ok
08:45:16.0050 3352  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
08:45:16.0054 3352  AFD - ok
08:45:16.0088 3352  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:45:16.0090 3352  agp440 - ok
08:45:16.0104 3352  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:45:16.0106 3352  ALG - ok
08:45:16.0128 3352  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:45:16.0129 3352  aliide - ok
08:45:16.0141 3352  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:45:16.0142 3352  amdide - ok
08:45:16.0167 3352  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:45:16.0169 3352  AmdK8 - ok
08:45:16.0186 3352  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:45:16.0187 3352  AmdPPM - ok
08:45:16.0206 3352  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:45:16.0209 3352  amdsata - ok
08:45:16.0220 3352  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:45:16.0224 3352  amdsbs - ok
08:45:16.0234 3352  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:45:16.0235 3352  amdxata - ok
08:45:16.0252 3352  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
08:45:16.0253 3352  AppID - ok
08:45:16.0279 3352  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:45:16.0280 3352  AppIDSvc - ok
08:45:16.0301 3352  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
08:45:16.0302 3352  Appinfo - ok
08:45:16.0326 3352  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:45:16.0328 3352  arc - ok
08:45:16.0341 3352  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:45:16.0343 3352  arcsas - ok
08:45:16.0359 3352  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:45:16.0360 3352  AsyncMac - ok
08:45:16.0385 3352  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:45:16.0386 3352  atapi - ok
08:45:16.0413 3352  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:45:16.0417 3352  AudioEndpointBuilder - ok
08:45:16.0426 3352  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:45:16.0430 3352  AudioSrv - ok
08:45:16.0451 3352  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:45:16.0453 3352  AxInstSV - ok
08:45:16.0490 3352  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:45:16.0495 3352  b06bdrv - ok
08:45:16.0509 3352  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:45:16.0512 3352  b57nd60a - ok
08:45:16.0541 3352  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:45:16.0543 3352  BDESVC - ok
08:45:16.0556 3352  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:45:16.0556 3352  Beep - ok
08:45:16.0564 3352  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:45:16.0565 3352  blbdrive - ok
08:45:16.0589 3352  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:45:16.0590 3352  bowser - ok
08:45:16.0609 3352  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:45:16.0611 3352  BrFiltLo - ok
08:45:16.0625 3352  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:45:16.0626 3352  BrFiltUp - ok
08:45:16.0664 3352  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
08:45:16.0668 3352  BridgeMP - ok
08:45:16.0698 3352  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
08:45:16.0701 3352  Browser - ok
08:45:16.0723 3352  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:45:16.0731 3352  Brserid - ok
08:45:16.0752 3352  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:45:16.0755 3352  BrSerWdm - ok
08:45:16.0774 3352  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:45:16.0776 3352  BrUsbMdm - ok
08:45:16.0788 3352  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:45:16.0791 3352  BrUsbSer - ok
08:45:16.0810 3352  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:45:16.0812 3352  BTHMODEM - ok
08:45:16.0840 3352  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
08:45:16.0842 3352  bthserv - ok
08:45:16.0874 3352  catchme - ok
08:45:16.0896 3352  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:45:16.0898 3352  cdfs - ok
08:45:16.0927 3352  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
08:45:16.0929 3352  cdrom - ok
08:45:16.0954 3352  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:45:16.0956 3352  CertPropSvc - ok
08:45:16.0980 3352  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:45:16.0982 3352  circlass - ok
08:45:17.0008 3352  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
08:45:17.0012 3352  CLFS - ok
08:45:17.0073 3352  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:45:17.0089 3352  clr_optimization_v2.0.50727_32 - ok
08:45:17.0130 3352  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:45:17.0135 3352  clr_optimization_v2.0.50727_64 - ok
08:45:17.0204 3352  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:45:17.0226 3352  clr_optimization_v4.0.30319_32 - ok
08:45:17.0252 3352  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:45:17.0255 3352  clr_optimization_v4.0.30319_64 - ok
08:45:17.0303 3352  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:45:17.0305 3352  CmBatt - ok
08:45:17.0322 3352  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:45:17.0325 3352  cmdide - ok
08:45:17.0387 3352  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
08:45:17.0405 3352  CNG - ok
08:45:17.0426 3352  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:45:17.0427 3352  Compbatt - ok
08:45:17.0448 3352  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:45:17.0448 3352  CompositeBus - ok
08:45:17.0458 3352  COMSysApp - ok
08:45:17.0477 3352  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:45:17.0479 3352  crcdisk - ok
08:45:17.0517 3352  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:45:17.0518 3352  CryptSvc - ok
08:45:17.0594 3352  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
08:45:17.0606 3352  cvhsvc - ok
08:45:17.0643 3352  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:45:17.0648 3352  DcomLaunch - ok
08:45:17.0682 3352  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
08:45:17.0686 3352  defragsvc - ok
08:45:17.0703 3352  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:45:17.0704 3352  DfsC - ok
08:45:17.0748 3352  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:45:17.0754 3352  Dhcp - ok
08:45:17.0785 3352  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
08:45:17.0786 3352  discache - ok
08:45:17.0806 3352  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:45:17.0809 3352  Disk - ok
08:45:17.0828 3352  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:45:17.0831 3352  Dnscache - ok
08:45:17.0855 3352  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:45:17.0859 3352  dot3svc - ok
08:45:17.0885 3352  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
08:45:17.0888 3352  Dot4 - ok
08:45:17.0902 3352  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:45:17.0904 3352  Dot4Print - ok
08:45:17.0918 3352  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
08:45:17.0919 3352  dot4usb - ok
08:45:17.0950 3352  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
08:45:17.0952 3352  DPS - ok
08:45:17.0974 3352  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:45:17.0976 3352  drmkaud - ok
08:45:18.0018 3352  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:45:18.0026 3352  DXGKrnl - ok
08:45:18.0046 3352  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
08:45:18.0049 3352  EapHost - ok
08:45:18.0145 3352  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:45:18.0210 3352  ebdrv - ok
08:45:18.0234 3352  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
08:45:18.0234 3352  EFS - ok
08:45:18.0359 3352  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:45:18.0393 3352  ehRecvr - ok
08:45:18.0430 3352  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
08:45:18.0433 3352  ehSched - ok
08:45:18.0502 3352  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:45:18.0514 3352  elxstor - ok
08:45:18.0535 3352  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:45:18.0537 3352  ErrDev - ok
08:45:18.0576 3352  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
08:45:18.0579 3352  EventSystem - ok
08:45:18.0598 3352  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
08:45:18.0601 3352  exfat - ok
08:45:18.0613 3352  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:45:18.0615 3352  fastfat - ok
08:45:18.0651 3352  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
08:45:18.0655 3352  Fax - ok
08:45:18.0672 3352  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:45:18.0673 3352  fdc - ok
08:45:18.0699 3352  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:45:18.0699 3352  fdPHost - ok
08:45:18.0727 3352  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:45:18.0728 3352  FDResPub - ok
08:45:18.0743 3352  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:45:18.0745 3352  FileInfo - ok
08:45:18.0755 3352  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:45:18.0756 3352  Filetrace - ok
08:45:18.0771 3352  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:45:18.0771 3352  flpydisk - ok
08:45:18.0799 3352  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:45:18.0800 3352  FltMgr - ok
08:45:18.0840 3352  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
08:45:18.0846 3352  FontCache - ok
08:45:18.0887 3352  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:45:18.0891 3352  FontCache3.0.0.0 - ok
08:45:18.0911 3352  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:45:18.0914 3352  FsDepends - ok
08:45:18.0946 3352  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:45:18.0949 3352  Fs_Rec - ok
08:45:18.0989 3352  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:45:18.0994 3352  fvevol - ok
08:45:19.0001 3352  FXDrv32 - ok
08:45:19.0021 3352  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:45:19.0024 3352  gagp30kx - ok
08:45:19.0056 3352  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
08:45:19.0062 3352  gpsvc - ok
08:45:19.0118 3352  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:45:19.0119 3352  gupdate - ok
08:45:19.0129 3352  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:45:19.0131 3352  gupdatem - ok
08:45:19.0171 3352  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:45:19.0175 3352  gusvc - ok
08:45:19.0199 3352  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:45:19.0201 3352  hcw85cir - ok
08:45:19.0246 3352  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:45:19.0254 3352  HdAudAddService - ok
08:45:19.0267 3352  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:45:19.0268 3352  HDAudBus - ok
08:45:19.0279 3352  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:45:19.0281 3352  HidBatt - ok
08:45:19.0293 3352  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:45:19.0295 3352  HidBth - ok
08:45:19.0311 3352  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:45:19.0313 3352  HidIr - ok
08:45:19.0336 3352  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
08:45:19.0337 3352  hidserv - ok
08:45:19.0373 3352  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:45:19.0374 3352  HidUsb - ok
08:45:19.0401 3352  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:45:19.0409 3352  hkmsvc - ok
08:45:19.0431 3352  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:45:19.0434 3352  HomeGroupListener - ok
08:45:19.0457 3352  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:45:19.0459 3352  HomeGroupProvider - ok
08:45:19.0497 3352  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:45:19.0499 3352  HpSAMD - ok
08:45:19.0534 3352  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:45:19.0538 3352  HTTP - ok
08:45:19.0557 3352  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:45:19.0559 3352  hwpolicy - ok
08:45:19.0574 3352  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:45:19.0576 3352  i8042prt - ok
08:45:19.0607 3352  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:45:19.0612 3352  iaStorV - ok
08:45:19.0692 3352  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:45:19.0697 3352  IDriverT - ok
08:45:19.0766 3352  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:45:19.0792 3352  idsvc - ok
08:45:19.0825 3352  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:45:19.0828 3352  iirsp - ok
08:45:19.0893 3352  [ F82BC30BB2B608AF8B5540CDBAEA93A6 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
08:45:19.0896 3352  IJPLMSVC - ok
08:45:19.0961 3352  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
08:45:19.0987 3352  IKEEXT - ok
08:45:20.0049 3352  [ 5BA1779E2C84FDE2A5E201FFF9C42C9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:45:20.0064 3352  IntcAzAudAddService - ok
08:45:20.0090 3352  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
08:45:20.0092 3352  intelide - ok
08:45:20.0124 3352  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:45:20.0126 3352  intelppm - ok
08:45:20.0146 3352  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:45:20.0149 3352  IPBusEnum - ok
08:45:20.0170 3352  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:45:20.0172 3352  IpFilterDriver - ok
08:45:20.0199 3352  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:45:20.0201 3352  IPMIDRV - ok
08:45:20.0231 3352  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:45:20.0233 3352  IPNAT - ok
08:45:20.0251 3352  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:45:20.0252 3352  IRENUM - ok
08:45:20.0261 3352  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:45:20.0263 3352  isapnp - ok
08:45:20.0276 3352  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:45:20.0280 3352  iScsiPrt - ok
08:45:20.0302 3352  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:45:20.0303 3352  kbdclass - ok
08:45:20.0310 3352  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:45:20.0311 3352  kbdhid - ok
08:45:20.0323 3352  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
08:45:20.0324 3352  KeyIso - ok
08:45:20.0348 3352  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:45:20.0358 3352  KSecDD - ok
08:45:20.0381 3352  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:45:20.0383 3352  KSecPkg - ok
08:45:20.0405 3352  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:45:20.0406 3352  ksthunk - ok
08:45:20.0433 3352  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:45:20.0438 3352  KtmRm - ok
08:45:20.0463 3352  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
08:45:20.0466 3352  LanmanServer - ok
08:45:20.0483 3352  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:45:20.0485 3352  LanmanWorkstation - ok
08:45:20.0515 3352  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:45:20.0516 3352  lltdio - ok
08:45:20.0540 3352  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:45:20.0544 3352  lltdsvc - ok
08:45:20.0553 3352  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:45:20.0554 3352  lmhosts - ok
08:45:20.0573 3352  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:45:20.0574 3352  LSI_FC - ok
08:45:20.0581 3352  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:45:20.0583 3352  LSI_SAS - ok
08:45:20.0597 3352  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:45:20.0599 3352  LSI_SAS2 - ok
08:45:20.0610 3352  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:45:20.0612 3352  LSI_SCSI - ok
08:45:20.0628 3352  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
08:45:20.0629 3352  luafv - ok
08:45:20.0692 3352  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
08:45:20.0692 3352  MBAMProtector - ok
08:45:20.0756 3352  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:45:20.0762 3352  MBAMScheduler - ok
08:45:20.0804 3352  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
08:45:20.0815 3352  MBAMService - ok
08:45:20.0851 3352  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:45:20.0854 3352  Mcx2Svc - ok
08:45:20.0881 3352  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:45:20.0883 3352  megasas - ok
08:45:20.0894 3352  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:45:20.0898 3352  MegaSR - ok
08:45:20.0924 3352  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
08:45:20.0926 3352  MMCSS - ok
08:45:20.0950 3352  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
08:45:20.0952 3352  Modem - ok
08:45:20.0974 3352  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:45:20.0975 3352  monitor - ok
08:45:20.0988 3352  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:45:20.0989 3352  mouclass - ok
08:45:21.0008 3352  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:45:21.0009 3352  mouhid - ok
08:45:21.0032 3352  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:45:21.0035 3352  mountmgr - ok
08:45:21.0079 3352  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
08:45:21.0083 3352  MpFilter - ok
08:45:21.0113 3352  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:45:21.0118 3352  mpio - ok
08:45:21.0144 3352  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:45:21.0151 3352  mpsdrv - ok
08:45:21.0173 3352  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:45:21.0178 3352  MRxDAV - ok
08:45:21.0205 3352  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:45:21.0207 3352  mrxsmb - ok
08:45:21.0219 3352  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:45:21.0222 3352  mrxsmb10 - ok
08:45:21.0231 3352  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:45:21.0232 3352  mrxsmb20 - ok
08:45:21.0242 3352  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:45:21.0243 3352  msahci - ok
08:45:21.0257 3352  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:45:21.0259 3352  msdsm - ok
08:45:21.0270 3352  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
08:45:21.0273 3352  MSDTC - ok
08:45:21.0296 3352  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:45:21.0297 3352  Msfs - ok
08:45:21.0314 3352  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:45:21.0315 3352  mshidkmdf - ok
08:45:21.0335 3352  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:45:21.0336 3352  msisadrv - ok
08:45:21.0364 3352  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:45:21.0367 3352  MSiSCSI - ok
08:45:21.0373 3352  msiserver - ok
08:45:21.0406 3352  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:45:21.0407 3352  MSKSSRV - ok
08:45:21.0446 3352  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:45:21.0447 3352  MsMpSvc - ok
08:45:21.0457 3352  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:45:21.0459 3352  MSPCLOCK - ok
08:45:21.0481 3352  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:45:21.0483 3352  MSPQM - ok
08:45:21.0511 3352  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:45:21.0515 3352  MsRPC - ok
08:45:21.0535 3352  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:45:21.0536 3352  mssmbios - ok
08:45:21.0559 3352  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:45:21.0561 3352  MSTEE - ok
08:45:21.0577 3352  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:45:21.0579 3352  MTConfig - ok
08:45:21.0594 3352  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:45:21.0596 3352  Mup - ok
08:45:21.0628 3352  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
08:45:21.0633 3352  napagent - ok
08:45:21.0668 3352  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:45:21.0673 3352  NativeWifiP - ok
08:45:21.0721 3352  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:45:21.0742 3352  NDIS - ok
08:45:21.0853 3352  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:45:21.0857 3352  NdisCap - ok
08:45:21.0878 3352  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:45:21.0880 3352  NdisTapi - ok
08:45:21.0912 3352  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:45:21.0914 3352  Ndisuio - ok
08:45:21.0948 3352  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:45:21.0951 3352  NdisWan - ok
08:45:21.0974 3352  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:45:21.0976 3352  NDProxy - ok
08:45:22.0010 3352  [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:45:22.0012 3352  Net Driver HPZ12 - ok
08:45:22.0038 3352  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:45:22.0040 3352  NetBIOS - ok
08:45:22.0075 3352  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:45:22.0079 3352  NetBT - ok
08:45:22.0097 3352  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
08:45:22.0099 3352  Netlogon - ok
08:45:22.0138 3352  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
08:45:22.0142 3352  Netman - ok
08:45:22.0159 3352  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
08:45:22.0164 3352  netprofm - ok
08:45:22.0183 3352  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:45:22.0186 3352  NetTcpPortSharing - ok
08:45:22.0215 3352  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:45:22.0216 3352  nfrd960 - ok
08:45:22.0241 3352  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:45:22.0243 3352  NisDrv - ok
08:45:22.0269 3352  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
08:45:22.0274 3352  NisSrv - ok
08:45:22.0297 3352  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:45:22.0301 3352  NlaSvc - ok
08:45:22.0369 3352  [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
08:45:22.0385 3352  NMIndexingService - ok
08:45:22.0397 3352  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:45:22.0398 3352  Npfs - ok
08:45:22.0412 3352  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
08:45:22.0413 3352  nsi - ok
08:45:22.0439 3352  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:45:22.0440 3352  nsiproxy - ok
08:45:22.0508 3352  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:45:22.0534 3352  Ntfs - ok
08:45:22.0550 3352  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
08:45:22.0551 3352  Null - ok
08:45:22.0766 3352  [ AA0828F3223E1A2952F80A8D2047DD40 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:45:22.0821 3352  nvlddmkm - ok
08:45:22.0872 3352  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:45:22.0877 3352  nvraid - ok
08:45:22.0906 3352  [ E58D81FB8616D0CB55C1E36AA0B213C9 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
08:45:22.0907 3352  nvsmu - ok
08:45:22.0927 3352  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:45:22.0931 3352  nvstor - ok
08:45:22.0957 3352  [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
08:45:22.0959 3352  nvstor64 - ok
08:45:23.0001 3352  [ 57D0D222A9F22113FE3B55488DBFD761 ] nvsvc           C:\Windows\system32\nvvsvc.exe
08:45:23.0004 3352  nvsvc - ok
08:45:23.0020 3352  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:45:23.0023 3352  nv_agp - ok
08:45:23.0048 3352  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:45:23.0050 3352  ohci1394 - ok
08:45:23.0073 3352  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:45:23.0077 3352  ose - ok
08:45:23.0202 3352  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:45:23.0301 3352  osppsvc - ok
08:45:23.0330 3352  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:45:23.0334 3352  p2pimsvc - ok
08:45:23.0352 3352  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:45:23.0357 3352  p2psvc - ok
08:45:23.0379 3352  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:45:23.0380 3352  Parport - ok
08:45:23.0410 3352  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:45:23.0413 3352  partmgr - ok
08:45:23.0435 3352  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:45:23.0441 3352  PcaSvc - ok
08:45:23.0461 3352  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
08:45:23.0464 3352  pci - ok
08:45:23.0483 3352  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
08:45:23.0485 3352  pciide - ok
08:45:23.0501 3352  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:45:23.0505 3352  pcmcia - ok
08:45:23.0519 3352  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:45:23.0521 3352  pcw - ok
08:45:23.0542 3352  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:45:23.0548 3352  PEAUTH - ok
08:45:23.0621 3352  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:45:23.0625 3352  PerfHost - ok
08:45:23.0700 3352  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
08:45:23.0740 3352  pla - ok
08:45:23.0775 3352  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:45:23.0779 3352  PlugPlay - ok
08:45:23.0805 3352  [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:45:23.0806 3352  Pml Driver HPZ12 - ok
08:45:23.0828 3352  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:45:23.0830 3352  PNRPAutoReg - ok
08:45:23.0847 3352  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:45:23.0850 3352  PNRPsvc - ok
08:45:23.0884 3352  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:45:23.0890 3352  PolicyAgent - ok
08:45:23.0924 3352  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
08:45:23.0927 3352  Power - ok
08:45:23.0960 3352  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:45:23.0961 3352  PptpMiniport - ok
08:45:23.0987 3352  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:45:23.0989 3352  Processor - ok
08:45:24.0018 3352  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:45:24.0021 3352  ProfSvc - ok
08:45:24.0036 3352  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:45:24.0037 3352  ProtectedStorage - ok
08:45:24.0061 3352  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:45:24.0063 3352  Psched - ok
08:45:24.0111 3352  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
08:45:24.0112 3352  PxHlpa64 - ok
08:45:24.0149 3352  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:45:24.0183 3352  ql2300 - ok
08:45:24.0208 3352  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:45:24.0210 3352  ql40xx - ok
08:45:24.0238 3352  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
08:45:24.0242 3352  QWAVE - ok
08:45:24.0255 3352  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:45:24.0257 3352  QWAVEdrv - ok
08:45:24.0264 3352  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:45:24.0266 3352  RasAcd - ok
08:45:24.0293 3352  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:45:24.0294 3352  RasAgileVpn - ok
08:45:24.0305 3352  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
08:45:24.0308 3352  RasAuto - ok
08:45:24.0328 3352  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:45:24.0329 3352  Rasl2tp - ok
08:45:24.0362 3352  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
08:45:24.0367 3352  RasMan - ok
08:45:24.0383 3352  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:45:24.0384 3352  RasPppoe - ok
08:45:24.0398 3352  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:45:24.0399 3352  RasSstp - ok
08:45:24.0427 3352  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:45:24.0430 3352  rdbss - ok
08:45:24.0441 3352  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:45:24.0443 3352  rdpbus - ok
08:45:24.0460 3352  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:45:24.0460 3352  RDPCDD - ok
08:45:24.0485 3352  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:45:24.0486 3352  RDPENCDD - ok
08:45:24.0494 3352  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:45:24.0495 3352  RDPREFMP - ok
08:45:24.0546 3352  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:45:24.0549 3352  RDPWD - ok
08:45:24.0585 3352  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:45:24.0590 3352  rdyboost - ok
08:45:24.0619 3352  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:45:24.0625 3352  RemoteAccess - ok
08:45:24.0650 3352  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:45:24.0656 3352  RemoteRegistry - ok
08:45:24.0672 3352  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:45:24.0676 3352  RpcEptMapper - ok
08:45:24.0696 3352  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
08:45:24.0699 3352  RpcLocator - ok
08:45:24.0727 3352  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
08:45:24.0733 3352  RpcSs - ok
08:45:24.0770 3352  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:45:24.0771 3352  rspndr - ok
08:45:24.0795 3352  [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:45:24.0797 3352  RTL8167 - ok
08:45:24.0810 3352  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
08:45:24.0812 3352  SamSs - ok
08:45:24.0829 3352  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:45:24.0831 3352  sbp2port - ok
08:45:24.0852 3352  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:45:24.0855 3352  SCardSvr - ok
08:45:24.0873 3352  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:45:24.0875 3352  scfilter - ok
08:45:24.0906 3352  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
08:45:24.0912 3352  Schedule - ok
08:45:24.0929 3352  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:45:24.0930 3352  SCPolicySvc - ok
08:45:24.0957 3352  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:45:24.0960 3352  SDRSVC - ok
08:45:24.0985 3352  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:45:24.0986 3352  secdrv - ok
08:45:25.0008 3352  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
08:45:25.0009 3352  seclogon - ok
08:45:25.0031 3352  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
08:45:25.0032 3352  SENS - ok
08:45:25.0049 3352  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:45:25.0050 3352  SensrSvc - ok
08:45:25.0069 3352  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:45:25.0069 3352  Serenum - ok
08:45:25.0079 3352  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:45:25.0080 3352  Serial - ok
08:45:25.0098 3352  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:45:25.0100 3352  sermouse - ok
08:45:25.0127 3352  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:45:25.0130 3352  SessionEnv - ok
08:45:25.0144 3352  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:45:25.0146 3352  sffdisk - ok
08:45:25.0155 3352  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:45:25.0156 3352  sffp_mmc - ok
08:45:25.0170 3352  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:45:25.0171 3352  sffp_sd - ok
08:45:25.0179 3352  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:45:25.0181 3352  sfloppy - ok
08:45:25.0206 3352  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
08:45:25.0210 3352  Sftfs - ok
08:45:25.0265 3352  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
08:45:25.0268 3352  sftlist - ok
08:45:25.0290 3352  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
08:45:25.0292 3352  Sftplay - ok
08:45:25.0302 3352  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
08:45:25.0303 3352  Sftredir - ok
08:45:25.0310 3352  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
08:45:25.0310 3352  Sftvol - ok
08:45:25.0341 3352  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
08:45:25.0343 3352  sftvsa - ok
08:45:25.0379 3352  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:45:25.0382 3352  ShellHWDetection - ok
08:45:25.0412 3352  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:45:25.0413 3352  SiSRaid2 - ok
08:45:25.0421 3352  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:45:25.0422 3352  SiSRaid4 - ok
08:45:25.0464 3352  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
08:45:25.0465 3352  SkypeUpdate - ok
08:45:25.0487 3352  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:45:25.0490 3352  Smb - ok
08:45:25.0519 3352  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:45:25.0521 3352  SNMPTRAP - ok
08:45:25.0534 3352  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:45:25.0535 3352  spldr - ok
08:45:25.0556 3352  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
08:45:25.0560 3352  Spooler - ok
08:45:25.0660 3352  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
08:45:25.0687 3352  sppsvc - ok
08:45:25.0721 3352  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:45:25.0723 3352  sppuinotify - ok
08:45:25.0748 3352  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:45:25.0750 3352  srv - ok
08:45:25.0790 3352  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:45:25.0793 3352  srv2 - ok
08:45:25.0823 3352  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:45:25.0824 3352  srvnet - ok
08:45:25.0972 3352  [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
08:45:25.0976 3352  sscdbus - ok
08:45:26.0058 3352  [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
08:45:26.0060 3352  sscdmdfl - ok
08:45:26.0105 3352  [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
08:45:26.0127 3352  sscdmdm - ok
08:45:26.0178 3352  [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
08:45:26.0181 3352  sscdserd - ok
08:45:26.0214 3352  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:45:26.0217 3352  SSDPSRV - ok
08:45:26.0241 3352  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:45:26.0244 3352  SstpSvc - ok
08:45:26.0302 3352  [ F9506327BB18C51ED720CB9E83BBAB66 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:45:26.0304 3352  Stereo Service - ok
08:45:26.0326 3352  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:45:26.0332 3352  stexstor - ok
08:45:26.0373 3352  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
08:45:26.0397 3352  stisvc - ok
08:45:26.0432 3352  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:45:26.0432 3352  swenum - ok
08:45:26.0484 3352  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
08:45:26.0501 3352  swprv - ok
08:45:26.0554 3352  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
08:45:26.0564 3352  SysMain - ok
08:45:26.0594 3352  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:45:26.0602 3352  TabletInputService - ok
08:45:26.0626 3352  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:45:26.0635 3352  TapiSrv - ok
08:45:26.0670 3352  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
08:45:26.0686 3352  TBS - ok
08:45:26.0845 3352  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:45:26.0884 3352  Tcpip - ok
08:45:26.0920 3352  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:45:26.0930 3352  TCPIP6 - ok
08:45:26.0959 3352  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:45:26.0960 3352  tcpipreg - ok
08:45:26.0997 3352  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:45:26.0998 3352  TDPIPE - ok
08:45:27.0020 3352  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:45:27.0021 3352  TDTCP - ok
08:45:27.0058 3352  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:45:27.0059 3352  tdx - ok
08:45:27.0072 3352  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:45:27.0072 3352  TermDD - ok
08:45:27.0092 3352  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
08:45:27.0099 3352  TermService - ok
08:45:27.0123 3352  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
08:45:27.0125 3352  Themes - ok
08:45:27.0131 3352  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
08:45:27.0132 3352  THREADORDER - ok
08:45:27.0166 3352  [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB        C:\Windows\system32\DRIVERS\tiehdusb.sys
08:45:27.0168 3352  TIEHDUSB - ok
08:45:27.0193 3352  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
08:45:27.0195 3352  TrkWks - ok
08:45:27.0245 3352  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:45:27.0256 3352  TrustedInstaller - ok
08:45:27.0280 3352  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:45:27.0282 3352  tssecsrv - ok
08:45:27.0316 3352  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:45:27.0318 3352  TsUsbFlt - ok
08:45:27.0342 3352  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:45:27.0344 3352  tunnel - ok
08:45:27.0367 3352  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:45:27.0369 3352  uagp35 - ok
08:45:27.0396 3352  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:45:27.0402 3352  udfs - ok
08:45:27.0433 3352  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:45:27.0435 3352  UI0Detect - ok
08:45:27.0459 3352  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:45:27.0461 3352  uliagpkx - ok
08:45:27.0486 3352  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
08:45:27.0486 3352  umbus - ok
08:45:27.0498 3352  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:45:27.0500 3352  UmPass - ok
08:45:27.0517 3352  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
08:45:27.0521 3352  upnphost - ok
08:45:27.0554 3352  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
08:45:27.0557 3352  usbaudio - ok
08:45:27.0585 3352  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:45:27.0586 3352  usbccgp - ok
08:45:27.0605 3352  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:45:27.0616 3352  usbcir - ok
08:45:27.0632 3352  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:45:27.0633 3352  usbehci - ok
08:45:27.0655 3352  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:45:27.0658 3352  usbhub - ok
08:45:27.0668 3352  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
08:45:27.0669 3352  usbohci - ok
08:45:27.0703 3352  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:45:27.0704 3352  usbprint - ok
08:45:27.0734 3352  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
08:45:27.0735 3352  usbscan - ok
08:45:27.0755 3352  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:45:27.0757 3352  USBSTOR - ok
08:45:27.0775 3352  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
08:45:27.0777 3352  usbuhci - ok
08:45:27.0795 3352  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
08:45:27.0799 3352  usbvideo - ok
08:45:27.0824 3352  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
08:45:27.0826 3352  UxSms - ok
08:45:27.0841 3352  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
08:45:27.0842 3352  VaultSvc - ok
08:45:27.0863 3352  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:45:27.0865 3352  vdrvroot - ok
08:45:27.0891 3352  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
08:45:27.0900 3352  vds - ok
08:45:27.0920 3352  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:45:27.0922 3352  vga - ok
08:45:27.0937 3352  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:45:27.0938 3352  VgaSave - ok
08:45:27.0957 3352  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:45:27.0960 3352  vhdmp - ok
08:45:27.0975 3352  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:45:27.0976 3352  viaide - ok
08:45:27.0988 3352  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:45:27.0990 3352  volmgr - ok
08:45:28.0017 3352  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:45:28.0020 3352  volmgrx - ok
08:45:28.0036 3352  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:45:28.0039 3352  volsnap - ok
08:45:28.0056 3352  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:45:28.0058 3352  vsmraid - ok
08:45:28.0099 3352  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
08:45:28.0115 3352  VSS - ok
08:45:28.0128 3352  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
08:45:28.0130 3352  vwifibus - ok
08:45:28.0156 3352  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
08:45:28.0161 3352  W32Time - ok
08:45:28.0175 3352  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:45:28.0176 3352  WacomPen - ok
08:45:28.0213 3352  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:45:28.0213 3352  WANARP - ok
08:45:28.0218 3352  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:45:28.0219 3352  Wanarpv6 - ok
08:45:28.0269 3352  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:45:28.0295 3352  WatAdminSvc - ok
08:45:28.0329 3352  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
08:45:28.0345 3352  wbengine - ok
08:45:28.0364 3352  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:45:28.0367 3352  WbioSrvc - ok
08:45:28.0397 3352  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:45:28.0402 3352  wcncsvc - ok
08:45:28.0417 3352  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:45:28.0419 3352  WcsPlugInService - ok
08:45:28.0442 3352  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:45:28.0443 3352  Wd - ok
08:45:28.0473 3352  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
08:45:28.0474 3352  WDC_SAM - ok
08:45:28.0527 3352  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:45:28.0553 3352  Wdf01000 - ok
08:45:28.0575 3352  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:45:28.0577 3352  WdiServiceHost - ok
08:45:28.0583 3352  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:45:28.0585 3352  WdiSystemHost - ok
08:45:28.0614 3352  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
08:45:28.0619 3352  WebClient - ok
08:45:28.0647 3352  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:45:28.0652 3352  Wecsvc - ok
08:45:28.0664 3352  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:45:28.0668 3352  wercplsupport - ok
08:45:28.0687 3352  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:45:28.0690 3352  WerSvc - ok
08:45:28.0719 3352  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:45:28.0719 3352  WfpLwf - ok
08:45:28.0736 3352  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:45:28.0738 3352  WIMMount - ok
08:45:28.0745 3352  WinHttpAutoProxySvc - ok
08:45:28.0812 3352  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:45:28.0816 3352  Winmgmt - ok
08:45:28.0867 3352  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
08:45:28.0898 3352  WinRM - ok
08:45:28.0945 3352  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:45:28.0946 3352  WinUsb - ok
08:45:29.0004 3352  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:45:29.0023 3352  Wlansvc - ok
08:45:29.0047 3352  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:45:29.0049 3352  WmiAcpi - ok
08:45:29.0078 3352  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:45:29.0082 3352  wmiApSrv - ok
08:45:29.0100 3352  WMPNetworkSvc - ok
08:45:29.0173 3352  [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
08:45:29.0182 3352  WMZuneComm - ok
08:45:29.0208 3352  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:45:29.0214 3352  WPCSvc - ok
08:45:29.0238 3352  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:45:29.0241 3352  WPDBusEnum - ok
08:45:29.0256 3352  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:45:29.0256 3352  ws2ifsl - ok
08:45:29.0261 3352  WSearch - ok
08:45:29.0297 3352  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:45:29.0298 3352  WudfPf - ok
08:45:29.0316 3352  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:45:29.0318 3352  WUDFRd - ok
08:45:29.0341 3352  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:45:29.0343 3352  wudfsvc - ok
08:45:29.0360 3352  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:45:29.0373 3352  WwanSvc - ok
08:45:29.0562 3352  [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
08:45:29.0718 3352  ZuneNetworkSvc - ok
08:45:29.0757 3352  [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
08:45:29.0763 3352  ZuneWlanCfgSvc - ok
08:45:29.0780 3352  ================ Scan global ===============================
08:45:29.0795 3352  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:45:29.0814 3352  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:45:29.0820 3352  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:45:29.0840 3352  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:45:29.0867 3352  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:45:29.0874 3352  [Global] - ok
08:45:29.0875 3352  ================ Scan MBR ==================================
08:45:29.0886 3352  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:45:30.0200 3352  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:45:30.0200 3352  \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:45:30.0200 3352  ================ Scan VBR ==================================
08:45:30.0205 3352  [ 3C6BC8E394B29360374F821D4EB06B57 ] \Device\Harddisk0\DR0\Partition1
08:45:30.0206 3352  \Device\Harddisk0\DR0\Partition1 - ok
08:45:30.0232 3352  [ 4EBC6B3CDFC9343D2FA30552E517992D ] \Device\Harddisk0\DR0\Partition2
08:45:30.0234 3352  \Device\Harddisk0\DR0\Partition2 - ok
08:45:30.0235 3352  ================ Scan active images ========================
08:45:30.0237 3352  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
08:45:30.0237 3352  C:\Windows\System32\drivers\crashdmp.sys - ok
08:45:30.0243 3352  [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
08:45:30.0243 3352  C:\Windows\System32\drivers\Diskdump.sys - ok
08:45:30.0249 3352  [ 1E45F96342429D63DC30E0D9117DA3D8 ] C:\Windows\System32\drivers\nvstor64.sys
08:45:30.0249 3352  C:\Windows\System32\drivers\nvstor64.sys - ok
08:45:30.0257 3352  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
08:45:30.0257 3352  C:\Windows\System32\drivers\dumpfve.sys - ok
08:45:30.0261 3352  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
08:45:30.0261 3352  C:\Windows\System32\drivers\cdrom.sys - ok
08:45:30.0266 3352  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
08:45:30.0267 3352  C:\Windows\System32\drivers\beep.sys - ok
08:45:30.0272 3352  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
08:45:30.0272 3352  C:\Windows\System32\drivers\null.sys - ok
08:45:30.0279 3352  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
08:45:30.0279 3352  C:\Windows\System32\drivers\RDPCDD.sys - ok
08:45:30.0285 3352  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
08:45:30.0285 3352  C:\Windows\System32\drivers\RDPENCDD.sys - ok
08:45:30.0292 3352  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
08:45:30.0292 3352  C:\Windows\System32\drivers\vga.sys - ok
08:45:30.0298 3352  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
08:45:30.0298 3352  C:\Windows\System32\drivers\videoprt.sys - ok
08:45:30.0304 3352  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
08:45:30.0304 3352  C:\Windows\System32\drivers\watchdog.sys - ok
08:45:30.0310 3352  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
08:45:30.0310 3352  C:\Windows\System32\drivers\msfs.sys - ok
08:45:30.0315 3352  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
08:45:30.0315 3352  C:\Windows\System32\drivers\npfs.sys - ok
08:45:30.0321 3352  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
08:45:30.0321 3352  C:\Windows\System32\drivers\RDPREFMP.sys - ok
08:45:30.0327 3352  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
08:45:30.0327 3352  C:\Windows\System32\drivers\tdi.sys - ok
08:45:30.0332 3352  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
08:45:30.0332 3352  C:\Windows\System32\drivers\tdx.sys - ok
08:45:30.0338 3352  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
08:45:30.0338 3352  C:\Windows\System32\drivers\afd.sys - ok
08:45:30.0344 3352  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
08:45:30.0344 3352  C:\Windows\System32\drivers\netbt.sys - ok
08:45:30.0349 3352  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
08:45:30.0349 3352  C:\Windows\System32\drivers\ws2ifsl.sys - ok
08:45:30.0354 3352  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
08:45:30.0354 3352  C:\Windows\System32\drivers\wfplwf.sys - ok
08:45:30.0360 3352  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
08:45:30.0360 3352  C:\Windows\System32\drivers\netbios.sys - ok
08:45:30.0368 3352  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
08:45:30.0368 3352  C:\Windows\System32\drivers\pacer.sys - ok
08:45:30.0373 3352  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
08:45:30.0373 3352  C:\Windows\System32\drivers\serial.sys - ok
08:45:30.0380 3352  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
08:45:30.0380 3352  C:\Windows\System32\drivers\nsiproxy.sys - ok
08:45:30.0385 3352  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
08:45:30.0385 3352  C:\Windows\System32\drivers\rdbss.sys - ok
08:45:30.0391 3352  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
08:45:30.0391 3352  C:\Windows\System32\drivers\termdd.sys - ok
08:45:30.0400 3352  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
08:45:30.0400 3352  C:\Windows\System32\drivers\wanarp.sys - ok
08:45:30.0404 3352  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
08:45:30.0404 3352  C:\Windows\System32\drivers\blbdrive.sys - ok
08:45:30.0409 3352  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
08:45:30.0409 3352  C:\Windows\System32\drivers\dfsc.sys - ok
08:45:30.0414 3352  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
08:45:30.0414 3352  C:\Windows\System32\drivers\discache.sys - ok
08:45:30.0421 3352  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
08:45:30.0421 3352  C:\Windows\System32\drivers\mssmbios.sys - ok
08:45:30.0426 3352  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
08:45:30.0426 3352  C:\Windows\System32\drivers\tunnel.sys - ok
08:45:30.0431 3352  [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
08:45:30.0432 3352  C:\Windows\System32\drivers\amdppm.sys - ok
08:45:30.0437 3352  [ D765D19CD8EF61F650C384F62FAC00AB ] C:\Windows\System32\drivers\fdc.sys
08:45:30.0437 3352  C:\Windows\System32\drivers\fdc.sys - ok
08:45:30.0442 3352  [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
08:45:30.0443 3352  C:\Windows\System32\drivers\parport.sys - ok
08:45:30.0448 3352  [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
08:45:30.0448 3352  C:\Windows\System32\drivers\serenum.sys - ok
08:45:30.0454 3352  [ E58D81FB8616D0CB55C1E36AA0B213C9 ] C:\Windows\System32\drivers\nvsmu.sys
08:45:30.0454 3352  C:\Windows\System32\drivers\nvsmu.sys - ok
08:45:30.0460 3352  [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
08:45:30.0460 3352  C:\Windows\System32\drivers\usbohci.sys - ok
08:45:30.0463 3352  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
08:45:30.0463 3352  C:\Windows\System32\drivers\usbport.sys - ok
08:45:30.0469 3352  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
08:45:30.0469 3352  C:\Windows\System32\ntdll.dll - ok
08:45:30.0474 3352  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
08:45:30.0475 3352  C:\Windows\System32\smss.exe - ok
08:45:30.0480 3352  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
08:45:30.0480 3352  C:\Windows\System32\drivers\hdaudbus.sys - ok
08:45:30.0486 3352  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
08:45:30.0486 3352  C:\Windows\System32\drivers\usbehci.sys - ok
08:45:30.0491 3352  [ 3B01789EE4EAEE97F5EB46B711387D5E ] C:\Windows\System32\drivers\Rt64win7.sys
08:45:30.0492 3352  C:\Windows\System32\drivers\Rt64win7.sys - ok
08:45:30.0497 3352  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
08:45:30.0497 3352  C:\Windows\System32\autochk.exe - ok
08:45:30.0503 3352  [ 2516219F0CDFB842311F89D20BF437A3 ] C:\Windows\System32\drivers\nvBridge.kmd
08:45:30.0503 3352  C:\Windows\System32\drivers\nvBridge.kmd - ok
08:45:30.0508 3352  [ AA0828F3223E1A2952F80A8D2047DD40 ] C:\Windows\System32\drivers\nvlddmkm.sys
08:45:30.0508 3352  C:\Windows\System32\drivers\nvlddmkm.sys - ok
08:45:30.0514 3352  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
08:45:30.0514 3352  C:\Windows\System32\drivers\dxgkrnl.sys - ok
08:45:30.0520 3352  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
08:45:30.0520 3352  C:\Windows\System32\drivers\CompositeBus.sys - ok
08:45:30.0526 3352  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
08:45:30.0526 3352  C:\Windows\System32\drivers\dxgmms1.sys - ok
08:45:30.0532 3352  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
08:45:30.0532 3352  C:\Windows\System32\drivers\agilevpn.sys - ok
08:45:30.0539 3352  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
08:45:30.0539 3352  C:\Windows\System32\drivers\rasl2tp.sys - ok
08:45:30.0544 3352  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
08:45:30.0544 3352  C:\Windows\System32\drivers\ndistapi.sys - ok
08:45:30.0550 3352  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
08:45:30.0550 3352  C:\Windows\System32\drivers\ndiswan.sys - ok
08:45:30.0557 3352  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
08:45:30.0557 3352  C:\Windows\System32\drivers\kbdclass.sys - ok
08:45:30.0563 3352  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
08:45:30.0563 3352  C:\Windows\System32\drivers\mouclass.sys - ok
08:45:30.0570 3352  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
08:45:30.0570 3352  C:\Windows\System32\drivers\raspppoe.sys - ok
08:45:30.0576 3352  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
08:45:30.0576 3352  C:\Windows\System32\drivers\raspptp.sys - ok
08:45:30.0581 3352  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
08:45:30.0581 3352  C:\Windows\System32\drivers\rassstp.sys - ok
08:45:30.0588 3352  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
08:45:30.0588 3352  C:\Windows\System32\drivers\ks.sys - ok
08:45:30.0594 3352  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
08:45:30.0594 3352  C:\Windows\System32\drivers\swenum.sys - ok
08:45:30.0599 3352  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
08:45:30.0599 3352  C:\Windows\System32\drivers\umbus.sys - ok
08:45:30.0604 3352  [ C172A0F53008EAEB8EA33FE10E177AF5 ] C:\Windows\System32\drivers\flpydisk.sys
08:45:30.0604 3352  C:\Windows\System32\drivers\flpydisk.sys - ok
08:45:30.0610 3352  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
08:45:30.0610 3352  C:\Windows\System32\drivers\usbhub.sys - ok
08:45:30.0616 3352  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
08:45:30.0616 3352  C:\Windows\System32\usp10.dll - ok
08:45:30.0621 3352  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
08:45:30.0621 3352  C:\Windows\System32\drivers\ndproxy.sys - ok
08:45:30.0627 3352  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
08:45:30.0627 3352  C:\Windows\System32\msvcrt.dll - ok
08:45:30.0632 3352  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
08:45:30.0632 3352  C:\Windows\System32\rpcrt4.dll - ok
08:45:30.0638 3352  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
08:45:30.0638 3352  C:\Windows\System32\drivers\drmk.sys - ok
08:45:30.0644 3352  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
08:45:30.0644 3352  C:\Windows\System32\drivers\portcls.sys - ok
08:45:30.0650 3352  [ 5BA1779E2C84FDE2A5E201FFF9C42C9C ] C:\Windows\System32\drivers\RTKVHD64.sys
08:45:30.0650 3352  C:\Windows\System32\drivers\RTKVHD64.sys - ok
08:45:30.0655 3352  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
08:45:30.0655 3352  C:\Windows\System32\drivers\ksthunk.sys - ok
08:45:30.0661 3352  [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
08:45:30.0661 3352  C:\Windows\System32\drivers\cdfs.sys - ok
08:45:30.0666 3352  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
08:45:30.0666 3352  C:\Windows\System32\shell32.dll - ok
08:45:30.0672 3352  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
08:45:30.0672 3352  C:\Windows\System32\nsi.dll - ok
08:45:30.0678 3352  [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
08:45:30.0678 3352  C:\Windows\System32\wininet.dll - ok
08:45:30.0683 3352  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
08:45:30.0683 3352  C:\Windows\System32\imm32.dll - ok
08:45:30.0689 3352  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
08:45:30.0689 3352  C:\Windows\System32\clbcatq.dll - ok
08:45:30.0695 3352  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
08:45:30.0695 3352  C:\Windows\System32\sechost.dll - ok
08:45:30.0700 3352  [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
08:45:30.0700 3352  C:\Windows\System32\iertutil.dll - ok
08:45:30.0705 3352  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
08:45:30.0706 3352  C:\Windows\System32\ole32.dll - ok
08:45:30.0711 3352  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
08:45:30.0711 3352  C:\Windows\System32\kernel32.dll - ok
08:45:30.0714 3352  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
08:45:30.0714 3352  C:\Windows\System32\lpk.dll - ok
08:45:30.0720 3352  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
08:45:30.0720 3352  C:\Windows\System32\Wldap32.dll - ok
08:45:30.0725 3352  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
08:45:30.0725 3352  C:\Windows\System32\setupapi.dll - ok
08:45:30.0731 3352  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
08:45:30.0731 3352  C:\Windows\System32\advapi32.dll - ok
08:45:30.0736 3352  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
08:45:30.0736 3352  C:\Windows\System32\normaliz.dll - ok
08:45:30.0742 3352  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
08:45:30.0742 3352  C:\Windows\System32\gdi32.dll - ok
08:45:30.0747 3352  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
08:45:30.0747 3352  C:\Windows\System32\shlwapi.dll - ok
08:45:30.0754 3352  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
08:45:30.0754 3352  C:\Windows\System32\user32.dll - ok
08:45:30.0759 3352  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
08:45:30.0759 3352  C:\Windows\System32\drivers\usbccgp.sys - ok
08:45:30.0764 3352  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
08:45:30.0764 3352  C:\Windows\System32\drivers\usbd.sys - ok
08:45:30.0770 3352  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
08:45:30.0770 3352  C:\Windows\System32\drivers\USBSTOR.SYS - ok
08:45:30.0776 3352  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
08:45:30.0776 3352  C:\Windows\System32\difxapi.dll - ok
08:45:30.0781 3352  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
08:45:30.0781 3352  C:\Windows\System32\drivers\hidclass.sys - ok
08:45:30.0787 3352  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
08:45:30.0787 3352  C:\Windows\System32\drivers\hidparse.sys - ok
08:45:30.0792 3352  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
08:45:30.0792 3352  C:\Windows\System32\msctf.dll - ok
08:45:30.0797 3352  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
08:45:30.0797 3352  C:\Windows\System32\drivers\hidusb.sys - ok
08:45:30.0803 3352  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
08:45:30.0803 3352  C:\Windows\System32\comdlg32.dll - ok
08:45:30.0808 3352  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
08:45:30.0809 3352  C:\Windows\System32\psapi.dll - ok
08:45:30.0814 3352  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
08:45:30.0814 3352  C:\Windows\System32\oleaut32.dll - ok
08:45:30.0819 3352  [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
08:45:30.0819 3352  C:\Windows\System32\urlmon.dll - ok
08:45:30.0825 3352  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
08:45:30.0825 3352  C:\Windows\System32\ws2_32.dll - ok
08:45:30.0830 3352  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
08:45:30.0831 3352  C:\Windows\System32\imagehlp.dll - ok
08:45:30.0836 3352  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
08:45:30.0836 3352  C:\Windows\System32\comctl32.dll - ok
08:45:30.0842 3352  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
08:45:30.0842 3352  C:\Windows\System32\wintrust.dll - ok
08:45:30.0848 3352  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
08:45:30.0848 3352  C:\Windows\System32\crypt32.dll - ok
08:45:30.0853 3352  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
08:45:30.0853 3352  C:\Windows\System32\cfgmgr32.dll - ok
08:45:30.0859 3352  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
08:45:30.0859 3352  C:\Windows\System32\devobj.dll - ok
08:45:30.0864 3352  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
08:45:30.0864 3352  C:\Windows\System32\KernelBase.dll - ok
08:45:30.0870 3352  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
08:45:30.0870 3352  C:\Windows\System32\msasn1.dll - ok
08:45:30.0876 3352  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
08:45:30.0877 3352  C:\Windows\System32\drivers\mouhid.sys - ok
08:45:30.0882 3352  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
08:45:30.0882 3352  C:\Windows\SysWOW64\normaliz.dll - ok
08:45:30.0888 3352  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
08:45:30.0888 3352  C:\Windows\System32\drivers\dxapi.sys - ok
08:45:30.0894 3352  [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
08:45:30.0894 3352  C:\Windows\System32\win32k.sys - ok
08:45:30.0900 3352  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
08:45:30.0900 3352  C:\Windows\System32\drivers\kbdhid.sys - ok
08:45:30.0905 3352  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
08:45:30.0905 3352  C:\Windows\System32\csrss.exe - ok
08:45:30.0911 3352  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
08:45:30.0911 3352  C:\Windows\System32\basesrv.dll - ok
08:45:30.0916 3352  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
08:45:30.0916 3352  C:\Windows\System32\csrsrv.dll - ok
08:45:30.0922 3352  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
08:45:30.0922 3352  C:\Windows\System32\winsrv.dll - ok
08:45:30.0929 3352  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] C:\Windows\System32\drivers\usbscan.sys
08:45:30.0929 3352  C:\Windows\System32\drivers\usbscan.sys - ok
08:45:30.0934 3352  [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
08:45:30.0935 3352  C:\Windows\System32\drivers\usbprint.sys - ok
08:45:30.0940 3352  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
08:45:30.0940 3352  C:\Windows\System32\drivers\monitor.sys - ok
08:45:30.0947 3352  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
08:45:30.0947 3352  C:\Windows\System32\tsddd.dll - ok
08:45:30.0953 3352  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
08:45:30.0953 3352  C:\Windows\System32\sxssrv.dll - ok
08:45:30.0958 3352  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
08:45:30.0958 3352  C:\Windows\System32\profapi.dll - ok
08:45:30.0963 3352  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
08:45:30.0963 3352  C:\Windows\System32\RpcRtRemote.dll - ok
08:45:30.0969 3352  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
08:45:30.0969 3352  C:\Windows\System32\wininit.exe - ok
08:45:30.0974 3352  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
08:45:30.0974 3352  C:\Windows\System32\cdd.dll - ok
08:45:30.0980 3352  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
08:45:30.0980 3352  C:\Windows\System32\KBDUS.DLL - ok
08:45:30.0986 3352  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
08:45:30.0986 3352  C:\Windows\System32\WlS0WndH.dll - ok
08:45:30.0992 3352  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
08:45:30.0992 3352  C:\Windows\System32\sxs.dll - ok
08:45:30.0998 3352  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
08:45:30.0998 3352  C:\Windows\System32\cryptbase.dll - ok
08:45:31.0003 3352  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
08:45:31.0003 3352  C:\Windows\System32\apphelp.dll - ok
08:45:31.0009 3352  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
08:45:31.0009 3352  C:\Windows\System32\lsass.exe - ok
08:45:31.0014 3352  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
08:45:31.0015 3352  C:\Windows\System32\lsm.exe - ok
08:45:31.0019 3352  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
08:45:31.0020 3352  C:\Windows\System32\services.exe - ok
08:45:31.0025 3352  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
08:45:31.0025 3352  C:\Windows\System32\lsasrv.dll - ok
08:45:31.0031 3352  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
08:45:31.0031 3352  C:\Windows\System32\sspisrv.dll - ok
08:45:31.0037 3352  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
08:45:31.0037 3352  C:\Windows\System32\sspicli.dll - ok
08:45:31.0042 3352  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
08:45:31.0042 3352  C:\Windows\System32\samsrv.dll - ok
08:45:31.0049 3352  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
08:45:31.0049 3352  C:\Windows\System32\scesrv.dll - ok
08:45:31.0054 3352  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
08:45:31.0054 3352  C:\Windows\System32\scext.dll - ok
08:45:31.0060 3352  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
08:45:31.0060 3352  C:\Windows\System32\secur32.dll - ok
08:45:31.0066 3352  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
08:45:31.0066 3352  C:\Windows\System32\sysntfy.dll - ok
08:45:31.0072 3352  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
08:45:31.0072 3352  C:\Windows\System32\wmsgapi.dll - ok
08:45:31.0078 3352  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
08:45:31.0078 3352  C:\Windows\System32\cryptdll.dll - ok
08:45:31.0085 3352  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
08:45:31.0085 3352  C:\Windows\System32\srvcli.dll - ok
08:45:31.0090 3352  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
08:45:31.0090 3352  C:\Windows\System32\wevtapi.dll - ok
08:45:31.0096 3352  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
08:45:31.0096 3352  C:\Windows\System32\authz.dll - ok
08:45:31.0103 3352  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
08:45:31.0103 3352  C:\Windows\System32\cngaudit.dll - ok
08:45:31.0108 3352  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
08:45:31.0109 3352  C:\Windows\System32\bcrypt.dll - ok
08:45:31.0114 3352  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
08:45:31.0114 3352  C:\Windows\System32\ncrypt.dll - ok
08:45:31.0121 3352  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
08:45:31.0121 3352  C:\Windows\System32\msprivs.dll - ok
08:45:31.0127 3352  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
08:45:31.0127 3352  C:\Windows\System32\negoexts.dll - ok
08:45:31.0132 3352  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
08:45:31.0132 3352  C:\Windows\System32\netjoin.dll - ok
08:45:31.0139 3352  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
08:45:31.0139 3352  C:\Windows\System32\winlogon.exe - ok
08:45:31.0145 3352  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
08:45:31.0145 3352  C:\Windows\System32\winsta.dll - ok
08:45:31.0152 3352  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
08:45:31.0152 3352  C:\Windows\System32\kerberos.dll - ok
08:45:31.0157 3352  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
08:45:31.0157 3352  C:\Windows\System32\cryptsp.dll - ok
08:45:31.0162 3352  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
08:45:31.0163 3352  C:\Windows\System32\mswsock.dll - ok
08:45:31.0169 3352  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
08:45:31.0169 3352  C:\Windows\System32\msv1_0.dll - ok
08:45:31.0175 3352  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
08:45:31.0175 3352  C:\Windows\System32\wship6.dll - ok
08:45:31.0182 3352  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
08:45:31.0182 3352  C:\Windows\System32\netlogon.dll - ok
08:45:31.0187 3352  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
08:45:31.0187 3352  C:\Windows\System32\dnsapi.dll - ok
08:45:31.0193 3352  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
08:45:31.0193 3352  C:\Windows\System32\logoncli.dll - ok
08:45:31.0199 3352  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
08:45:31.0199 3352  C:\Windows\System32\schannel.dll - ok
08:45:31.0204 3352  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
08:45:31.0204 3352  C:\Windows\System32\rsaenh.dll - ok
08:45:31.0210 3352  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
08:45:31.0210 3352  C:\Windows\System32\TSpkg.dll - ok
08:45:31.0215 3352  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
08:45:31.0215 3352  C:\Windows\System32\wdigest.dll - ok
08:45:31.0218 3352  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
08:45:31.0218 3352  C:\Windows\System32\bcryptprimitives.dll - ok
08:45:31.0225 3352  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
08:45:31.0225 3352  C:\Windows\System32\pku2u.dll - ok
08:45:31.0231 3352  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
08:45:31.0231 3352  C:\Windows\System32\credssp.dll - ok
08:45:31.0238 3352  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
08:45:31.0238 3352  C:\Windows\System32\efslsaext.dll - ok
08:45:31.0244 3352  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
08:45:31.0244 3352  C:\Windows\System32\scecli.dll - ok
08:45:31.0249 3352  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
08:45:31.0249 3352  C:\Windows\System32\ubpm.dll - ok
08:45:31.0256 3352  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
08:45:31.0256 3352  C:\Windows\System32\svchost.exe - ok
08:45:31.0262 3352  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
08:45:31.0262 3352  C:\Windows\System32\umpnpmgr.dll - ok
08:45:31.0267 3352  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
08:45:31.0267 3352  C:\Windows\System32\devrtl.dll - ok
08:45:31.0275 3352  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
08:45:31.0275 3352  C:\Windows\System32\SPInf.dll - ok
08:45:31.0279 3352  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
08:45:31.0279 3352  C:\Windows\System32\gpapi.dll - ok
08:45:31.0285 3352  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
08:45:31.0285 3352  C:\Windows\System32\userenv.dll - ok
08:45:31.0291 3352  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
08:45:31.0291 3352  C:\Windows\System32\umpo.dll - ok
08:45:31.0296 3352  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
08:45:31.0296 3352  C:\Windows\System32\pcwum.dll - ok
08:45:31.0301 3352  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
08:45:31.0301 3352  C:\Windows\System32\powrprof.dll - ok
08:45:31.0307 3352  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
08:45:31.0307 3352  C:\Windows\System32\drivers\luafv.sys - ok
08:45:31.0313 3352  [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys
08:45:31.0313 3352  C:\Windows\System32\drivers\mbam.sys - ok
08:45:31.0318 3352  [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
08:45:31.0318 3352  C:\Windows\System32\drivers\Sftvollh.sys - ok
08:45:31.0323 3352  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
08:45:31.0323 3352  C:\Windows\System32\drivers\WUDFPf.sys - ok
08:45:31.0329 3352  [ 57D0D222A9F22113FE3B55488DBFD761 ] C:\Windows\System32\nvvsvc.exe
08:45:31.0330 3352  C:\Windows\System32\nvvsvc.exe - ok
08:45:31.0335 3352  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
08:45:31.0335 3352  C:\Windows\System32\rpcss.dll - ok
08:45:31.0340 3352  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
08:45:31.0340 3352  C:\Windows\System32\RpcEpMap.dll - ok
08:45:31.0347 3352  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
08:45:31.0347 3352  C:\Windows\System32\WSHTCPIP.DLL - ok
08:45:31.0353 3352  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
08:45:31.0353 3352  C:\Windows\System32\wshqos.dll - ok



#12 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 05 April 2013 - 09:09 AM

Here is the second half. now I will do MWB and ESET in normal and post those logs.

08:45:31.0358 3352  [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
08:45:31.0358 3352  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
08:45:31.0364 3352  [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
08:45:31.0364 3352  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
08:45:31.0370 3352  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
08:45:31.0370 3352  C:\Windows\System32\FirewallAPI.dll - ok
08:45:31.0377 3352  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
08:45:31.0377 3352  C:\Windows\System32\LogonUI.exe - ok
08:45:31.0383 3352  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
08:45:31.0383 3352  C:\Windows\System32\authui.dll - ok
08:45:31.0387 3352  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
08:45:31.0387 3352  C:\Windows\System32\version.dll - ok
08:45:31.0393 3352  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
08:45:31.0393 3352  C:\Windows\System32\wtsapi32.dll - ok
08:45:31.0400 3352  [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
08:45:31.0400 3352  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
08:45:31.0406 3352  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
08:45:31.0406 3352  C:\Windows\System32\ntmarta.dll - ok
08:45:31.0412 3352  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
08:45:31.0412 3352  C:\Windows\System32\cryptui.dll - ok
08:45:31.0419 3352  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
08:45:31.0419 3352  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
08:45:31.0425 3352  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
08:45:31.0425 3352  C:\Windows\System32\samlib.dll - ok
08:45:31.0432 3352  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
08:45:31.0432 3352  C:\Windows\System32\shacct.dll - ok
08:45:31.0438 3352  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
08:45:31.0438 3352  C:\Windows\System32\propsys.dll - ok
08:45:31.0444 3352  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
08:45:31.0445 3352  C:\Windows\System32\uxtheme.dll - ok
08:45:31.0452 3352  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
08:45:31.0452 3352  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
08:45:31.0457 3352  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
08:45:31.0457 3352  C:\Windows\System32\dui70.dll - ok
08:45:31.0462 3352  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
08:45:31.0462 3352  C:\Windows\System32\duser.dll - ok
08:45:31.0470 3352  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
08:45:31.0470 3352  C:\Windows\System32\SndVolSSO.dll - ok
08:45:31.0475 3352  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
08:45:31.0475 3352  C:\Windows\System32\dwmapi.dll - ok
08:45:31.0480 3352  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
08:45:31.0480 3352  C:\Windows\System32\hid.dll - ok
08:45:31.0487 3352  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
08:45:31.0487 3352  C:\Windows\System32\MMDevAPI.dll - ok
08:45:31.0491 3352  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
08:45:31.0492 3352  C:\Windows\System32\xmllite.dll - ok
08:45:31.0497 3352  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
08:45:31.0497 3352  C:\Windows\System32\WindowsCodecs.dll - ok
08:45:31.0502 3352  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
08:45:31.0502 3352  C:\Windows\System32\VaultCredProvider.dll - ok
08:45:31.0508 3352  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
08:45:31.0508 3352  C:\Windows\System32\winbrand.dll - ok
08:45:31.0514 3352  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
08:45:31.0514 3352  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
08:45:31.0519 3352  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
08:45:31.0519 3352  C:\Windows\System32\BioCredProv.dll - ok
08:45:31.0525 3352  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
08:45:31.0525 3352  C:\Windows\System32\credui.dll - ok
08:45:31.0530 3352  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
08:45:31.0530 3352  C:\Windows\System32\winbio.dll - ok
08:45:31.0536 3352  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
08:45:31.0536 3352  C:\Windows\System32\netapi32.dll - ok
08:45:31.0544 3352  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
08:45:31.0544 3352  C:\Windows\System32\vaultcli.dll - ok
08:45:31.0548 3352  [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
08:45:31.0548 3352  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
08:45:31.0553 3352  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
08:45:31.0553 3352  C:\Windows\System32\netutils.dll - ok
08:45:31.0560 3352  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
08:45:31.0560 3352  C:\Windows\System32\samcli.dll - ok
08:45:31.0565 3352  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
08:45:31.0565 3352  C:\Windows\System32\wkscli.dll - ok
08:45:31.0570 3352  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
08:45:31.0570 3352  C:\Windows\System32\certCredProvider.dll - ok
08:45:31.0576 3352  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
08:45:31.0576 3352  C:\Windows\System32\rasplap.dll - ok
08:45:31.0581 3352  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
08:45:31.0581 3352  C:\Windows\System32\rasapi32.dll - ok
08:45:31.0587 3352  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
08:45:31.0587 3352  C:\Windows\System32\rasman.dll - ok
08:45:31.0592 3352  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
08:45:31.0592 3352  C:\Windows\System32\rtutils.dll - ok
08:45:31.0598 3352  [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
08:45:31.0598 3352  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
08:45:31.0603 3352  [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
08:45:31.0603 3352  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
08:45:31.0608 3352  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\Windows\System32\drivers\MpFilter.sys
08:45:31.0609 3352  C:\Windows\System32\drivers\MpFilter.sys - ok
08:45:31.0614 3352  [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
08:45:31.0615 3352  C:\Windows\System32\fltLib.dll - ok
08:45:31.0620 3352  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
08:45:31.0620 3352  C:\Windows\System32\wevtsvc.dll - ok
08:45:31.0625 3352  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
08:45:31.0625 3352  C:\Windows\System32\avrt.dll - ok
08:45:31.0632 3352  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
08:45:31.0632 3352  C:\Windows\System32\mmcss.dll - ok
08:45:31.0637 3352  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
08:45:31.0637 3352  C:\Windows\System32\audiosrv.dll - ok
08:45:31.0642 3352  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
08:45:31.0642 3352  C:\Windows\System32\netprofm.dll - ok
08:45:31.0648 3352  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
08:45:31.0648 3352  C:\Windows\System32\adtschema.dll - ok
08:45:31.0653 3352  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
08:45:31.0653 3352  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
08:45:31.0659 3352  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
08:45:31.0659 3352  C:\Windows\System32\FntCache.dll - ok
08:45:31.0665 3352  [ 747E9FD93A32202BE6DC5D1321BE977C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpengine.dll
08:45:31.0665 3352  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpengine.dll - ok
08:45:31.0670 3352  [ A58F4E888905822C479B4CDC642AE278 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpasbase.vdm
08:45:31.0670 3352  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpasbase.vdm - ok
08:45:31.0676 3352  [ A9D28813E31981EC0E34624A8B1D5DFC ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpasdlta.vdm
08:45:31.0676 3352  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpasdlta.vdm - ok
08:45:31.0682 3352  [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpavbase.vdm
08:45:31.0683 3352  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpavbase.vdm - ok
08:45:31.0688 3352  [ ACE045FD5FBEE10D7DB58EC5D5F1EB1E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpavdlta.vdm
08:45:31.0688 3352  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2F5A787-5D49-46B1-9E82-BAAD1A79740D}\mpavdlta.vdm - ok
08:45:31.0693 3352  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
08:45:31.0693 3352  C:\Windows\System32\audiodg.exe - ok
08:45:31.0699 3352  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
08:45:31.0699 3352  C:\Windows\System32\WUDFPlatform.dll - ok
08:45:31.0705 3352  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
08:45:31.0705 3352  C:\Windows\System32\gpsvc.dll - ok
08:45:31.0710 3352  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
08:45:31.0710 3352  C:\Windows\System32\drivers\fltMgr.sys - ok
08:45:31.0715 3352  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
08:45:31.0715 3352  C:\Windows\System32\nlaapi.dll - ok
08:45:31.0721 3352  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
08:45:31.0721 3352  C:\Windows\System32\profsvc.dll - ok
08:45:31.0724 3352  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
08:45:31.0724 3352  C:\Windows\System32\PSHED.DLL - ok
08:45:31.0729 3352  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
08:45:31.0729 3352  C:\Windows\System32\atl.dll - ok
08:45:31.0736 3352  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
08:45:31.0736 3352  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
08:45:31.0741 3352  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
08:45:31.0741 3352  C:\Windows\System32\dsrole.dll - ok
08:45:31.0747 3352  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
08:45:31.0747 3352  C:\Windows\System32\es.dll - ok
08:45:31.0753 3352  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
08:45:31.0753 3352  C:\Windows\System32\themeservice.dll - ok
08:45:31.0759 3352  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
08:45:31.0759 3352  C:\Windows\System32\slc.dll - ok
08:45:31.0764 3352  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
08:45:31.0764 3352  C:\Windows\System32\comres.dll - ok
08:45:31.0770 3352  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
08:45:31.0770 3352  C:\Windows\System32\Sens.dll - ok
08:45:31.0776 3352  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
08:45:31.0776 3352  C:\Windows\System32\uxsms.dll - ok
08:45:31.0781 3352  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
08:45:31.0782 3352  C:\Windows\System32\WUDFSvc.dll - ok
08:45:31.0787 3352  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
08:45:31.0787 3352  C:\Windows\System32\drivers\lltdio.sys - ok
08:45:31.0793 3352  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
08:45:31.0793 3352  C:\Windows\System32\drivers\rspndr.sys - ok
08:45:31.0799 3352  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
08:45:31.0799 3352  C:\Windows\System32\IPHLPAPI.DLL - ok
08:45:31.0804 3352  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
08:45:31.0804 3352  C:\Windows\System32\lmhsvc.dll - ok
08:45:31.0809 3352  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
08:45:31.0809 3352  C:\Windows\System32\nsisvc.dll - ok
08:45:31.0815 3352  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
08:45:31.0815 3352  C:\Windows\System32\dhcpcore.dll - ok
08:45:31.0820 3352  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
08:45:31.0820 3352  C:\Windows\System32\dnsrslvr.dll - ok
08:45:31.0826 3352  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
08:45:31.0826 3352  C:\Windows\System32\nrpsrv.dll - ok
08:45:31.0832 3352  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
08:45:31.0832 3352  C:\Windows\System32\winnsi.dll - ok
08:45:31.0837 3352  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
08:45:31.0837 3352  C:\Windows\System32\dhcpcore6.dll - ok
08:45:31.0844 3352  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
08:45:31.0844 3352  C:\Windows\System32\FWPUCLNT.DLL - ok
08:45:31.0849 3352  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
08:45:31.0849 3352  C:\Windows\System32\dnsext.dll - ok
08:45:31.0854 3352  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
08:45:31.0854 3352  C:\Windows\System32\dhcpcsvc6.dll - ok
08:45:31.0860 3352  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
08:45:31.0860 3352  C:\Windows\System32\dhcpcsvc.dll - ok
08:45:31.0865 3352  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
08:45:31.0865 3352  C:\Windows\System32\shsvcs.dll - ok
08:45:31.0870 3352  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
08:45:31.0870 3352  C:\Windows\System32\schedsvc.dll - ok
08:45:31.0876 3352  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
08:45:31.0876 3352  C:\Windows\System32\UXInit.dll - ok
08:45:31.0882 3352  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
08:45:31.0882 3352  C:\Windows\System32\ktmw32.dll - ok
08:45:31.0887 3352  [ BE3B17A78942A9938749FAB692AAD232 ] C:\Windows\System32\nvsvc64.dll
08:45:31.0887 3352  C:\Windows\System32\nvsvc64.dll - ok
08:45:31.0893 3352  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
08:45:31.0893 3352  C:\Windows\System32\winmm.dll - ok
08:45:31.0898 3352  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
08:45:31.0899 3352  C:\Windows\System32\imageres.dll - ok
08:45:31.0904 3352  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
08:45:31.0904 3352  C:\Windows\System32\msimg32.dll - ok
08:45:31.0909 3352  [ E0FAE4A9D199E570979D027E1812BA96 ] C:\Windows\System32\nvapi64.dll
08:45:31.0909 3352  C:\Windows\System32\nvapi64.dll - ok
08:45:31.0915 3352  [ A3D2788C81C1E1C0C8AD85593C2121A4 ] C:\Windows\System32\nvsvcr.dll
08:45:31.0915 3352  C:\Windows\System32\nvsvcr.dll - ok
08:45:31.0921 3352  [ 32E8E8A832FA5152935A6A2BCC6746EE ] C:\Windows\System32\nvcpl.dll
08:45:31.0921 3352  C:\Windows\System32\nvcpl.dll - ok
08:45:31.0926 3352  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
08:45:31.0926 3352  C:\Windows\System32\oleacc.dll - ok
08:45:31.0931 3352  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
08:45:31.0931 3352  C:\Windows\System32\winspool.drv - ok
08:45:31.0937 3352  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
08:45:31.0937 3352  C:\Windows\System32\fveapi.dll - ok
08:45:31.0942 3352  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
08:45:31.0942 3352  C:\Windows\System32\taskcomp.dll - ok
08:45:31.0949 3352  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
08:45:31.0949 3352  C:\Windows\System32\fvecerts.dll - ok
08:45:31.0954 3352  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
08:45:31.0954 3352  C:\Windows\System32\tbs.dll - ok
08:45:31.0959 3352  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
08:45:31.0959 3352  C:\Windows\System32\drivers\http.sys - ok
08:45:31.0966 3352  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
08:45:31.0967 3352  C:\Windows\System32\spoolsv.exe - ok
08:45:31.0971 3352  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
08:45:31.0971 3352  C:\Windows\System32\wiarpc.dll - ok
08:45:31.0974 3352  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
08:45:31.0974 3352  C:\Windows\System32\dllhost.exe - ok
08:45:31.0980 3352  [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
08:45:31.0980 3352  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
08:45:31.0985 3352  [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
08:45:31.0986 3352  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
08:45:31.0991 3352  [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
08:45:31.0991 3352  C:\Windows\System32\conhost.exe - ok
08:45:31.0996 3352  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
08:45:31.0996 3352  C:\Windows\System32\cabinet.dll - ok
08:45:32.0002 3352  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
08:45:32.0002 3352  C:\Windows\System32\p2pcollab.dll - ok
08:45:32.0008 3352  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
08:45:32.0008 3352  C:\Windows\System32\QAGENTRT.DLL - ok
08:45:32.0013 3352  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
08:45:32.0013 3352  C:\Windows\System32\fveui.dll - ok
08:45:32.0018 3352  [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
08:45:32.0019 3352  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
08:45:32.0024 3352  [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
08:45:32.0024 3352  C:\Windows\System32\slwga.dll - ok
08:45:32.0030 3352  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
08:45:32.0030 3352  C:\Windows\System32\drivers\bowser.sys - ok
08:45:32.0036 3352  [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
08:45:32.0036 3352  C:\Windows\System32\sppc.dll - ok
08:45:32.0042 3352  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
08:45:32.0042 3352  C:\Windows\System32\drivers\mrxsmb.sys - ok
08:45:32.0047 3352  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
08:45:32.0047 3352  C:\Windows\System32\drivers\mrxsmb10.sys - ok
08:45:32.0052 3352  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
08:45:32.0052 3352  C:\Windows\System32\drivers\mrxsmb20.sys - ok
08:45:32.0059 3352  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
08:45:32.0059 3352  C:\Windows\System32\wkssvc.dll - ok
08:45:32.0064 3352  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:45:32.0064 3352  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
08:45:32.0069 3352  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
08:45:32.0069 3352  C:\Windows\SysWOW64\ntdll.dll - ok
08:45:32.0076 3352  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
08:45:32.0076 3352  C:\Windows\System32\wow64.dll - ok
08:45:32.0081 3352  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
08:45:32.0081 3352  C:\Windows\System32\wow64cpu.dll - ok
08:45:32.0086 3352  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
08:45:32.0086 3352  C:\Windows\System32\wow64win.dll - ok
08:45:32.0092 3352  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
08:45:32.0092 3352  C:\Windows\SysWOW64\kernel32.dll - ok
08:45:32.0098 3352  [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
08:45:32.0098 3352  C:\Windows\SysWOW64\KernelBase.dll - ok
08:45:32.0103 3352  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
08:45:32.0103 3352  C:\Windows\SysWOW64\user32.dll - ok
08:45:32.0109 3352  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
08:45:32.0109 3352  C:\Windows\SysWOW64\gdi32.dll - ok
08:45:32.0114 3352  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
08:45:32.0114 3352  C:\Windows\SysWOW64\lpk.dll - ok
08:45:32.0119 3352  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
08:45:32.0119 3352  C:\Windows\SysWOW64\usp10.dll - ok
08:45:32.0127 3352  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
08:45:32.0127 3352  C:\Windows\SysWOW64\msvcrt.dll - ok
08:45:32.0131 3352  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
08:45:32.0132 3352  C:\Windows\SysWOW64\advapi32.dll - ok
08:45:32.0137 3352  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
08:45:32.0137 3352  C:\Windows\SysWOW64\sechost.dll - ok
08:45:32.0142 3352  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
08:45:32.0142 3352  C:\Windows\SysWOW64\cryptbase.dll - ok
08:45:32.0148 3352  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
08:45:32.0148 3352  C:\Windows\SysWOW64\rpcrt4.dll - ok
08:45:32.0154 3352  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
08:45:32.0154 3352  C:\Windows\SysWOW64\shell32.dll - ok
08:45:32.0159 3352  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
08:45:32.0159 3352  C:\Windows\SysWOW64\sspicli.dll - ok
08:45:32.0165 3352  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
08:45:32.0165 3352  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
08:45:32.0170 3352  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
08:45:32.0170 3352  C:\Windows\System32\IDStore.dll - ok
08:45:32.0176 3352  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
08:45:32.0176 3352  C:\Windows\System32\taskhost.exe - ok
08:45:32.0183 3352  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
08:45:32.0183 3352  C:\Windows\System32\AtBroker.exe - ok
08:45:32.0188 3352  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
08:45:32.0188 3352  C:\Windows\System32\rasadhlp.dll - ok
08:45:32.0193 3352  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
08:45:32.0193 3352  C:\Windows\System32\localspl.dll - ok
08:45:32.0199 3352  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
08:45:32.0199 3352  C:\Windows\System32\umb.dll - ok
08:45:32.0204 3352  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
08:45:32.0204 3352  C:\Windows\System32\PlaySndSrv.dll - ok
08:45:32.0209 3352  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
08:45:32.0209 3352  C:\Windows\System32\MsCtfMonitor.dll - ok
08:45:32.0215 3352  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
08:45:32.0215 3352  C:\Windows\System32\taskeng.exe - ok
08:45:32.0221 3352  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
08:45:32.0221 3352  C:\Windows\System32\msutb.dll - ok
08:45:32.0226 3352  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
08:45:32.0226 3352  C:\Windows\System32\HotStartUserAgent.dll - ok
08:45:32.0230 3352  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
08:45:32.0230 3352  C:\Windows\System32\TSChannel.dll - ok
08:45:32.0236 3352  [ 1B7DE44565C9AB33A302916686DCA078 ] C:\Windows\System32\CNCALAK.DLL
08:45:32.0236 3352  C:\Windows\System32\CNCALAK.DLL - ok
08:45:32.0241 3352  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
08:45:32.0241 3352  C:\Windows\System32\PrintIsolationProxy.dll - ok
08:45:32.0247 3352  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
08:45:32.0247 3352  C:\Windows\System32\spoolss.dll - ok
08:45:32.0252 3352  [ 93B9E4D0B7BD601372C5B50FE0381533 ] C:\Windows\System32\CNMLMAK.DLL
08:45:32.0252 3352  C:\Windows\System32\CNMLMAK.DLL - ok
08:45:32.0258 3352  [ 2E79644DA7AF84C94F605C81D3300834 ] C:\Windows\System32\CNMXLMAK.DLL
08:45:32.0258 3352  C:\Windows\System32\CNMXLMAK.DLL - ok
08:45:32.0263 3352  [ 46B8E04B3C35CB93F89EF27746D7A908 ] C:\Windows\System32\EP0SLM01.DLL
08:45:32.0263 3352  C:\Windows\System32\EP0SLM01.DLL - ok
08:45:32.0269 3352  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
08:45:32.0270 3352  C:\Windows\System32\FXSMON.dll - ok
08:45:32.0275 3352  [ 45D22F0B253D67C54B0F9DCFB3F811C9 ] C:\Windows\System32\hpfll70v.dll
08:45:32.0275 3352  C:\Windows\System32\hpfll70v.dll - ok
08:45:32.0280 3352  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
08:45:32.0280 3352  C:\Windows\SysWOW64\ole32.dll - ok
08:45:32.0286 3352  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
08:45:32.0287 3352  C:\Windows\SysWOW64\shlwapi.dll - ok
08:45:32.0292 3352  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
08:45:32.0292 3352  C:\Windows\SysWOW64\oleaut32.dll - ok
08:45:32.0297 3352  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
08:45:32.0297 3352  C:\Windows\SysWOW64\crypt32.dll - ok
08:45:32.0303 3352  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
08:45:32.0303 3352  C:\Windows\SysWOW64\msasn1.dll - ok
08:45:32.0308 3352  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
08:45:32.0308 3352  C:\Windows\SysWOW64\wintrust.dll - ok
08:45:32.0314 3352  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
08:45:32.0314 3352  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
08:45:32.0321 3352  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
08:45:32.0321 3352  C:\Windows\SysWOW64\imm32.dll - ok
08:45:32.0326 3352  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
08:45:32.0326 3352  C:\Windows\SysWOW64\msctf.dll - ok
08:45:32.0332 3352  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
08:45:32.0332 3352  C:\Windows\System32\cryptsvc.dll - ok
08:45:32.0338 3352  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
08:45:32.0338 3352  C:\Windows\System32\cryptnet.dll - ok
08:45:32.0343 3352  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
08:45:32.0343 3352  C:\Windows\System32\dps.dll - ok
08:45:32.0348 3352  [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
08:45:32.0348 3352  C:\Windows\System32\efscore.dll - ok
08:45:32.0353 3352  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
08:45:32.0353 3352  C:\Windows\System32\efssvc.dll - ok
08:45:32.0359 3352  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
08:45:32.0359 3352  C:\Windows\System32\vssapi.dll - ok
08:45:32.0364 3352  [ F82BC30BB2B608AF8B5540CDBAEA93A6 ] C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
08:45:32.0364 3352  C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe - ok
08:45:32.0370 3352  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
08:45:32.0370 3352  C:\Windows\System32\FDResPub.dll - ok
08:45:32.0376 3352  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
08:45:32.0376 3352  C:\Windows\System32\WSDApi.dll - ok
08:45:32.0382 3352  [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
08:45:32.0382 3352  C:\Windows\System32\efsutil.dll - ok
08:45:32.0388 3352  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
08:45:32.0388 3352  C:\Windows\SysWOW64\psapi.dll - ok
08:45:32.0394 3352  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
08:45:32.0394 3352  C:\Windows\SysWOW64\winspool.drv - ok
08:45:32.0400 3352  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
08:45:32.0400 3352  C:\Windows\System32\taskschd.dll - ok
08:45:32.0406 3352  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:45:32.0406 3352  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
08:45:32.0413 3352  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
08:45:32.0413 3352  C:\Windows\SysWOW64\profapi.dll - ok
08:45:32.0419 3352  [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
08:45:32.0419 3352  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
08:45:32.0425 3352  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
08:45:32.0425 3352  C:\Windows\System32\webservices.dll - ok
08:45:32.0431 3352  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
08:45:32.0432 3352  C:\Windows\SysWOW64\version.dll - ok
08:45:32.0437 3352  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
08:45:32.0437 3352  C:\Windows\System32\fundisc.dll - ok
08:45:32.0444 3352  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
08:45:32.0444 3352  C:\Windows\System32\vsstrace.dll - ok
08:45:32.0450 3352  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
08:45:32.0450 3352  C:\Windows\System32\mpr.dll - ok
08:45:32.0456 3352  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
08:45:32.0456 3352  C:\Windows\System32\tcpmon.dll - ok
08:45:32.0461 3352  [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
08:45:32.0461 3352  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
08:45:32.0467 3352  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
08:45:32.0467 3352  C:\Windows\System32\userinit.exe - ok
08:45:32.0475 3352  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
08:45:32.0475 3352  C:\Windows\System32\dwm.exe - ok
08:45:32.0481 3352  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
08:45:32.0481 3352  C:\Windows\System32\snmpapi.dll - ok
08:45:32.0486 3352  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
08:45:32.0486 3352  C:\Windows\System32\wsnmp32.dll - ok
08:45:32.0492 3352  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
08:45:32.0492 3352  C:\Windows\System32\msxml6.dll - ok
08:45:32.0498 3352  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
08:45:32.0499 3352  C:\Windows\System32\dwmredir.dll - ok
08:45:32.0504 3352  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
08:45:32.0504 3352  C:\Windows\System32\dwmcore.dll - ok
08:45:32.0510 3352  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
08:45:32.0510 3352  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
08:45:32.0517 3352  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
08:45:32.0517 3352  C:\Windows\SysWOW64\nsi.dll - ok
08:45:32.0522 3352  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
08:45:32.0522 3352  C:\Windows\SysWOW64\userenv.dll - ok
08:45:32.0528 3352  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
08:45:32.0528 3352  C:\Windows\SysWOW64\winnsi.dll - ok
08:45:32.0535 3352  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
08:45:32.0535 3352  C:\Windows\SysWOW64\ws2_32.dll - ok
08:45:32.0540 3352  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
08:45:32.0540 3352  C:\Windows\SysWOW64\wtsapi32.dll - ok
08:45:32.0546 3352  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
08:45:32.0546 3352  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
08:45:32.0552 3352  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
08:45:32.0552 3352  C:\Windows\SysWOW64\cryptsp.dll - ok
08:45:32.0558 3352  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
08:45:32.0558 3352  C:\Windows\System32\d3d10_1.dll - ok
08:45:32.0563 3352  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
08:45:32.0563 3352  C:\Windows\SysWOW64\rsaenh.dll - ok
08:45:32.0569 3352  [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
08:45:32.0569 3352  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
08:45:32.0574 3352  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
08:45:32.0574 3352  C:\Windows\System32\d3d10_1core.dll - ok
08:45:32.0579 3352  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
08:45:32.0579 3352  C:\Windows\System32\usbmon.dll - ok
08:45:32.0585 3352  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
08:45:32.0585 3352  C:\Windows\System32\WSDMon.dll - ok
08:45:32.0590 3352  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
08:45:32.0590 3352  C:\Windows\System32\d3d11.dll - ok
08:45:32.0596 3352  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
08:45:32.0596 3352  C:\Windows\System32\dxgi.dll - ok
08:45:32.0602 3352  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
08:45:32.0602 3352  C:\Windows\SysWOW64\mpr.dll - ok
08:45:32.0607 3352  [ DC6530A291D4BDF6DF399F1F128E7F8F ] C:\Windows\System32\HPZinw12.dll
08:45:32.0607 3352  C:\Windows\System32\HPZinw12.dll - ok
08:45:32.0613 3352  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
08:45:32.0613 3352  C:\Windows\System32\wsock32.dll - ok
08:45:32.0620 3352  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
08:45:32.0620 3352  C:\Windows\explorer.exe - ok
08:45:32.0626 3352  [ 372FAE3FDDB8C3DB9BE3D4D30033A0AF ] C:\Windows\System32\nvd3dumx.dll
08:45:32.0627 3352  C:\Windows\System32\nvd3dumx.dll - ok
08:45:32.0631 3352  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
08:45:32.0631 3352  C:\Windows\System32\fdPnp.dll - ok
08:45:32.0638 3352  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
08:45:32.0638 3352  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
08:45:32.0644 3352  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:45:32.0644 3352  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
08:45:32.0650 3352  [ 474E7750C4ACDC5CBEDF9923A56E977B ] C:\Windows\System32\spool\prtprocs\x64\CNMPDAK.DLL
08:45:32.0650 3352  C:\Windows\System32\spool\prtprocs\x64\CNMPDAK.DLL - ok
08:45:32.0657 3352  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
08:45:32.0658 3352  C:\Windows\System32\nlasvc.dll - ok
08:45:32.0663 3352  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
08:45:32.0663 3352  C:\Windows\System32\ncsi.dll - ok
08:45:32.0669 3352  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
08:45:32.0669 3352  C:\Windows\System32\winhttp.dll - ok
08:45:32.0676 3352  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
08:45:32.0676 3352  C:\Windows\System32\webio.dll - ok
08:45:32.0681 3352  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
08:45:32.0681 3352  C:\Windows\System32\ssdpapi.dll - ok
08:45:32.0686 3352  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
08:45:32.0686 3352  C:\Windows\System32\drivers\PEAuth.sys - ok
08:45:32.0692 3352  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
08:45:32.0692 3352  C:\Windows\System32\drivers\secdrv.sys - ok
08:45:32.0697 3352  [ 71F62C51DFDFBC04C83C5C64B2B8058E ] C:\Windows\System32\HPZipm12.dll
08:45:32.0697 3352  C:\Windows\System32\HPZipm12.dll - ok
08:45:32.0703 3352  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
08:45:32.0703 3352  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
08:45:32.0709 3352  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
08:45:32.0709 3352  C:\Windows\SysWOW64\netapi32.dll - ok
08:45:32.0714 3352  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
08:45:32.0715 3352  C:\Windows\SysWOW64\netutils.dll - ok
08:45:32.0720 3352  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
08:45:32.0720 3352  C:\Windows\SysWOW64\srvcli.dll - ok
08:45:32.0726 3352  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
08:45:32.0726 3352  C:\Windows\SysWOW64\wkscli.dll - ok
08:45:32.0731 3352  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
08:45:32.0731 3352  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
08:45:32.0734 3352  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
08:45:32.0734 3352  C:\Windows\SysWOW64\imagehlp.dll - ok
08:45:32.0739 3352  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
08:45:32.0739 3352  C:\Windows\SysWOW64\msi.dll - ok
08:45:32.0745 3352  [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
08:45:32.0745 3352  C:\Windows\SysWOW64\wininet.dll - ok
08:45:32.0750 3352  [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
08:45:32.0750 3352  C:\Windows\SysWOW64\iertutil.dll - ok
08:45:32.0755 3352  [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
08:45:32.0755 3352  C:\Windows\SysWOW64\urlmon.dll - ok
08:45:32.0761 3352  [ 3834316FE8A653227282196525E07DFE ] C:\Windows\System32\d3d10level9.dll
08:45:32.0761 3352  C:\Windows\System32\d3d10level9.dll - ok
08:45:32.0766 3352  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
08:45:32.0766 3352  C:\Windows\SysWOW64\cscapi.dll - ok
08:45:32.0771 3352  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
08:45:32.0771 3352  C:\Windows\System32\seclogon.dll - ok
08:45:32.0778 3352  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
08:45:32.0778 3352  C:\Windows\SysWOW64\ntmarta.dll - ok
08:45:32.0785 3352  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
08:45:32.0786 3352  C:\Windows\SysWOW64\Wldap32.dll - ok
08:45:32.0790 3352  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
08:45:32.0791 3352  C:\Windows\SysWOW64\dbghelp.dll - ok
08:45:32.0798 3352  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
08:45:32.0798 3352  C:\Windows\SysWOW64\winsta.dll - ok
08:45:32.0803 3352  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
08:45:32.0803 3352  C:\Windows\System32\pcasvc.dll - ok
08:45:32.0808 3352  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
08:45:32.0808 3352  C:\Windows\System32\aepic.dll - ok
08:45:32.0815 3352  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
08:45:32.0815 3352  C:\Windows\System32\sfc.dll - ok
08:45:32.0821 3352  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
08:45:32.0821 3352  C:\Windows\System32\sfc_os.dll - ok
08:45:32.0827 3352  [ 86265C4E264E0FFB05BCF7B69C0D2004 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll
08:45:32.0827 3352  C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll - ok
08:45:32.0833 3352  [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
08:45:32.0833 3352  C:\Windows\System32\win32spl.dll - ok
08:45:32.0839 3352  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
08:45:32.0839 3352  C:\Windows\System32\inetpp.dll - ok
08:45:32.0844 3352  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
08:45:32.0844 3352  C:\Windows\SysWOW64\apphelp.dll - ok
08:45:32.0850 3352  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
08:45:32.0850 3352  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
08:45:32.0855 3352  [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
08:45:32.0855 3352  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
08:45:32.0861 3352  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
08:45:32.0861 3352  C:\Windows\SysWOW64\clbcatq.dll - ok
08:45:32.0867 3352  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
08:45:32.0867 3352  C:\Windows\System32\cscapi.dll - ok
08:45:32.0873 3352  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
08:45:32.0873 3352  C:\Windows\System32\aeevts.dll - ok
08:45:32.0877 3352  [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
08:45:32.0877 3352  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
08:45:32.0883 3352  [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
08:45:32.0883 3352  C:\Windows\System32\drivers\Sftfslh.sys - ok
08:45:32.0889 3352  [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
08:45:32.0889 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
08:45:32.0894 3352  [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
08:45:32.0894 3352  C:\Windows\System32\drivers\Sftplaylh.sys - ok
08:45:32.0901 3352  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
08:45:32.0901 3352  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
08:45:32.0907 3352  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
08:45:32.0907 3352  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
08:45:32.0912 3352  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
08:45:32.0912 3352  C:\Windows\SysWOW64\credssp.dll - ok
08:45:32.0917 3352  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
08:45:32.0917 3352  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
08:45:32.0925 3352  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
08:45:32.0925 3352  C:\Windows\SysWOW64\secur32.dll - ok
08:45:32.0930 3352  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
08:45:32.0930 3352  C:\Windows\System32\ExplorerFrame.dll - ok
08:45:32.0935 3352  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
08:45:32.0935 3352  C:\Windows\System32\EhStorShell.dll - ok
08:45:32.0942 3352  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
08:45:32.0942 3352  C:\Windows\System32\ntshrui.dll - ok
08:45:32.0947 3352  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
08:45:32.0947 3352  C:\Windows\System32\IconCodecService.dll - ok
08:45:32.0952 3352  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
08:45:32.0952 3352  C:\Windows\SysWOW64\uxtheme.dll - ok
08:45:32.0959 3352  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
08:45:32.0959 3352  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
08:45:32.0964 3352  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
08:45:32.0964 3352  C:\Windows\System32\drivers\srvnet.sys - ok
08:45:32.0970 3352  [ F9506327BB18C51ED720CB9E83BBAB66 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:45:32.0970 3352  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
08:45:32.0978 3352  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
08:45:32.0978 3352  C:\Windows\SysWOW64\setupapi.dll - ok
08:45:32.0983 3352  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
08:45:32.0983 3352  C:\Windows\SysWOW64\cfgmgr32.dll - ok
08:45:32.0986 3352  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
08:45:32.0986 3352  C:\Windows\SysWOW64\devobj.dll - ok
08:45:32.0993 3352  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
08:45:32.0993 3352  C:\Windows\SysWOW64\oleacc.dll - ok
08:45:32.0998 3352  [ 0AB85750B9AC8F5D6A67271D7301391A ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
08:45:32.0998 3352  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
08:45:33.0004 3352  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
08:45:33.0004 3352  C:\Windows\SysWOW64\devrtl.dll - ok
08:45:33.0011 3352  [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
08:45:33.0011 3352  C:\Windows\SysWOW64\SPInf.dll - ok
08:45:33.0017 3352  [ 1690642B98BE1C11729700984719A348 ] C:\Windows\System32\spool\drivers\x64\3\CNCARAK.DLL
08:45:33.0017 3352  C:\Windows\System32\spool\drivers\x64\3\CNCARAK.DLL - ok
08:45:33.0023 3352  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
08:45:33.0023 3352  C:\Windows\System32\wiaservc.dll - ok
08:45:33.0028 3352  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
08:45:33.0029 3352  C:\Windows\System32\wiatrace.dll - ok
08:45:33.0034 3352  [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
08:45:33.0034 3352  C:\Windows\System32\wsdchngr.dll - ok
08:45:33.0039 3352  [ AC3F5C50E94037619AC93D01BBF0CA27 ] C:\Windows\System32\CNC360C.dll
08:45:33.0039 3352  C:\Windows\System32\CNC360C.dll - ok
08:45:33.0046 3352  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
08:45:33.0046 3352  C:\Windows\System32\drivers\tcpipreg.sys - ok
08:45:33.0051 3352  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
08:45:33.0051 3352  C:\Windows\System32\wbem\WMIsvc.dll - ok
08:45:33.0056 3352  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
08:45:33.0056 3352  C:\Windows\System32\wbemcomn.dll - ok
08:45:33.0063 3352  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
08:45:33.0063 3352  C:\Windows\System32\wbem\WinMgmtR.dll - ok
08:45:33.0068 3352  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
08:45:33.0068 3352  C:\Windows\System32\sysmain.dll - ok
08:45:33.0074 3352  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
08:45:33.0074 3352  C:\Windows\System32\trkwks.dll - ok
08:45:33.0080 3352  [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
08:45:33.0080 3352  C:\Windows\System32\ntprint.dll - ok
08:45:33.0085 3352  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
08:45:33.0085 3352  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
08:45:33.0091 3352  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
08:45:33.0091 3352  C:\Windows\System32\wbem\fastprox.dll - ok
08:45:33.0098 3352  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
08:45:33.0098 3352  C:\Windows\System32\ntdsapi.dll - ok
08:45:33.0103 3352  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
08:45:33.0104 3352  C:\Windows\System32\wbem\wbemprox.dll - ok
08:45:33.0109 3352  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
08:45:33.0109 3352  C:\Windows\System32\wbem\wbemcore.dll - ok
08:45:33.0115 3352  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
08:45:33.0115 3352  C:\Windows\System32\wbem\esscli.dll - ok
08:45:33.0121 3352  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
08:45:33.0121 3352  C:\Windows\System32\wbem\wbemsvc.dll - ok
08:45:33.0126 3352  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
08:45:33.0126 3352  C:\Windows\System32\wbem\wmiutils.dll - ok
08:45:33.0132 3352  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
08:45:33.0132 3352  C:\Windows\System32\wbem\repdrvfs.dll - ok
08:45:33.0138 3352  [ F325980A000E2FD05C3D9D0313F3A1BE ] C:\Windows\System32\CNC360L.dll
08:45:33.0138 3352  C:\Windows\System32\CNC360L.dll - ok
08:45:33.0143 3352  [ D61211C6242AE4D6C914CB62EE3D3473 ] C:\Windows\twain_32\MX360 series\SG_ENU.dll
08:45:33.0143 3352  C:\Windows\twain_32\MX360 series\SG_ENU.dll - ok
08:45:33.0149 3352  [ 493574E218AA18161D14EECFD572A0E8 ] C:\Windows\System32\CNHMCA6.dll
08:45:33.0149 3352  C:\Windows\System32\CNHMCA6.dll - ok
08:45:33.0154 3352  [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
08:45:33.0154 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
08:45:33.0160 3352  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
08:45:33.0160 3352  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
08:45:33.0166 3352  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
08:45:33.0166 3352  C:\Windows\SysWOW64\dwmapi.dll - ok
08:45:33.0171 3352  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
08:45:33.0171 3352  C:\Windows\System32\ncobjapi.dll - ok
08:45:33.0177 3352  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
08:45:33.0177 3352  C:\Windows\System32\wbem\wbemess.dll - ok
08:45:33.0183 3352  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
08:45:33.0183 3352  C:\Windows\SysWOW64\mstask.dll - ok
08:45:33.0188 3352  [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
08:45:33.0188 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
08:45:33.0194 3352  [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
08:45:33.0194 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
08:45:33.0201 3352  [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
08:45:33.0201 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
08:45:33.0206 3352  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
08:45:33.0206 3352  C:\Windows\System32\dbghelp.dll - ok
08:45:33.0212 3352  [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
08:45:33.0212 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
08:45:33.0218 3352  [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
08:45:33.0218 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
08:45:33.0224 3352  [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
08:45:33.0224 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
08:45:33.0229 3352  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
08:45:33.0229 3352  C:\Windows\SysWOW64\SensApi.dll - ok
08:45:33.0236 3352  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
08:45:33.0236 3352  C:\Windows\SysWOW64\winhttp.dll - ok
08:45:33.0241 3352  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
08:45:33.0241 3352  C:\Windows\SysWOW64\logoncli.dll - ok
08:45:33.0245 3352  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
08:45:33.0245 3352  C:\Windows\SysWOW64\webio.dll - ok
08:45:33.0253 3352  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
08:45:33.0253 3352  C:\Windows\SysWOW64\wsock32.dll - ok
08:45:33.0258 3352  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
08:45:33.0258 3352  C:\Windows\System32\drivers\srv2.sys - ok
08:45:33.0264 3352  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
08:45:33.0264 3352  C:\Windows\System32\drivers\fastfat.sys - ok
08:45:33.0271 3352  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
08:45:33.0271 3352  C:\Windows\System32\drivers\srv.sys - ok
08:45:33.0277 3352  [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
08:45:33.0277 3352  C:\Windows\System32\drivers\Sftredirlh.sys - ok
08:45:33.0282 3352  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
08:45:33.0283 3352  C:\Windows\SysWOW64\fltLib.dll - ok
08:45:33.0288 3352  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
08:45:33.0288 3352  C:\Windows\SysWOW64\schannel.dll - ok
08:45:33.0294 3352  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
08:45:33.0294 3352  C:\Windows\System32\dssenh.dll - ok
08:45:33.0299 3352  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
08:45:33.0299 3352  C:\Windows\SysWOW64\msxml6.dll - ok
08:45:33.0305 3352  [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
08:45:33.0305 3352  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
08:45:33.0311 3352  [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
08:45:33.0311 3352  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
08:45:33.0317 3352  [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
08:45:33.0317 3352  C:\Windows\SysWOW64\credui.dll - ok
08:45:33.0323 3352  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
08:45:33.0323 3352  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
08:45:33.0328 3352  [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
08:45:33.0328 3352  C:\Windows\SysWOW64\hlink.dll - ok
08:45:33.0333 3352  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
08:45:33.0333 3352  C:\Windows\System32\browser.dll - ok
08:45:33.0339 3352  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
08:45:33.0340 3352  C:\Windows\System32\netmsg.dll - ok
08:45:33.0345 3352  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
08:45:33.0345 3352  C:\Windows\System32\srvsvc.dll - ok
08:45:33.0350 3352  [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
08:45:33.0350 3352  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
08:45:33.0357 3352  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
08:45:33.0357 3352  C:\Windows\System32\clusapi.dll - ok
08:45:33.0361 3352  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
08:45:33.0362 3352  C:\Windows\System32\sscore.dll - ok
08:45:33.0367 3352  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
08:45:33.0367 3352  C:\Windows\System32\resutils.dll - ok
08:45:33.0373 3352  [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
08:45:33.0373 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
08:45:33.0379 3352  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
08:45:33.0379 3352  C:\Windows\SysWOW64\msv1_0.dll - ok
08:45:33.0384 3352  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
08:45:33.0384 3352  C:\Windows\SysWOW64\cryptdll.dll - ok
08:45:33.0390 3352  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
08:45:33.0390 3352  C:\Windows\SysWOW64\msxml3.dll - ok
08:45:33.0395 3352  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
08:45:33.0396 3352  C:\Windows\SysWOW64\wbemcomn.dll - ok
08:45:33.0401 3352  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
08:45:33.0401 3352  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
08:45:33.0406 3352  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
08:45:33.0406 3352  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
08:45:33.0412 3352  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
08:45:33.0412 3352  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
08:45:33.0417 3352  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
08:45:33.0417 3352  C:\Windows\SysWOW64\ntdsapi.dll - ok
08:45:33.0423 3352  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
08:45:33.0423 3352  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
08:45:33.0429 3352  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
08:45:33.0429 3352  C:\Windows\System32\wbem\cimwin32.dll - ok
08:45:33.0434 3352  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
08:45:33.0434 3352  C:\Windows\System32\framedynos.dll - ok
08:45:33.0439 3352  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
08:45:33.0439 3352  C:\Windows\System32\hidserv.dll - ok
08:45:33.0445 3352  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
08:45:33.0445 3352  C:\Windows\System32\wdi.dll - ok
08:45:33.0450 3352  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
08:45:33.0450 3352  C:\Windows\System32\appinfo.dll - ok
08:45:33.0455 3352  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
08:45:33.0455 3352  C:\Windows\System32\diagperf.dll - ok
08:45:33.0461 3352  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
08:45:33.0461 3352  C:\Windows\System32\perftrack.dll - ok
08:45:33.0467 3352  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
08:45:33.0467 3352  C:\Windows\System32\wpdbusenum.dll - ok
08:45:33.0473 3352  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
08:45:33.0476 3352  C:\Windows\System32\PortableDeviceApi.dll - ok
08:45:33.0480 3352  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
08:45:33.0480 3352  C:\Windows\System32\wdiasqmmodule.dll - ok
08:45:33.0485 3352  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
08:45:33.0485 3352  C:\Windows\System32\wer.dll - ok
08:45:33.0488 3352  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
08:45:33.0488 3352  C:\Windows\SysWOW64\mswsock.dll - ok
08:45:33.0494 3352  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
08:45:33.0494 3352  C:\Windows\System32\Apphlpdm.dll - ok
08:45:33.0499 3352  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
08:45:33.0500 3352  C:\Windows\System32\pnpts.dll - ok
08:45:33.0505 3352  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
08:45:33.0505 3352  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
08:45:33.0510 3352  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
08:45:33.0510 3352  C:\Windows\System32\radardt.dll - ok
08:45:33.0516 3352  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
08:45:33.0516 3352  C:\Windows\SysWOW64\dnsapi.dll - ok
08:45:33.0522 3352  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
08:45:33.0522 3352  C:\Windows\SysWOW64\wship6.dll - ok
08:45:33.0527 3352  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
08:45:33.0527 3352  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
08:45:33.0532 3352  [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
08:45:33.0532 3352  C:\Windows\System32\drivers\WUDFRd.sys - ok
08:45:33.0538 3352  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
08:45:33.0538 3352  C:\Windows\SysWOW64\rasadhlp.dll - ok
08:45:33.0544 3352  [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
08:45:33.0544 3352  C:\Windows\System32\WUDFHost.exe - ok
08:45:33.0549 3352  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
08:45:33.0549 3352  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
08:45:33.0555 3352  [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
08:45:33.0555 3352  C:\Windows\System32\WUDFx.dll - ok
08:45:33.0561 3352  [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
08:45:33.0561 3352  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
08:45:33.0566 3352  [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
08:45:33.0566 3352  C:\Windows\System32\WMVCORE.DLL - ok
08:45:33.0572 3352  [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
08:45:33.0572 3352  C:\Windows\System32\WMASF.DLL - ok
08:45:33.0577 3352  [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
08:45:33.0577 3352  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
08:45:33.0583 3352  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
08:45:33.0583 3352  C:\Windows\System32\PortableDeviceTypes.dll - ok
08:45:33.0589 3352  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
08:45:33.0589 3352  C:\Windows\System32\dimsjob.dll - ok
08:45:33.0594 3352  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
08:45:33.0594 3352  C:\Windows\System32\npmproxy.dll - ok
08:45:33.0599 3352  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
08:45:33.0599 3352  C:\Windows\System32\certcli.dll - ok
08:45:33.0605 3352  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
08:45:33.0605 3352  C:\Windows\System32\pautoenr.dll - ok
08:45:33.0611 3352  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
08:45:33.0611 3352  C:\Windows\System32\CertEnroll.dll - ok
08:45:33.0616 3352  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
08:45:33.0616 3352  C:\Windows\System32\runonce.exe - ok
08:45:33.0621 3352  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
08:45:33.0621 3352  C:\Windows\SysWOW64\runonce.exe - ok
08:45:33.0627 3352  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
08:45:33.0628 3352  C:\Windows\SysWOW64\propsys.dll - ok
08:45:33.0633 3352  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
08:45:33.0633 3352  C:\Windows\SysWOW64\cmd.exe - ok
08:45:33.0638 3352  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
08:45:33.0638 3352  C:\Windows\SysWOW64\winbrand.dll - ok
08:45:33.0644 3352  [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\SysWOW64\ieframe.dll
08:45:33.0645 3352  C:\Windows\SysWOW64\ieframe.dll - ok
08:45:33.0650 3352  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
08:45:33.0650 3352  C:\Windows\SysWOW64\shdocvw.dll - ok
08:45:33.0655 3352  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
08:45:33.0655 3352  C:\Windows\SysWOW64\ncrypt.dll - ok
08:45:33.0661 3352  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
08:45:33.0661 3352  C:\Windows\SysWOW64\bcrypt.dll - ok
08:45:33.0666 3352  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
08:45:33.0666 3352  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
08:45:33.0672 3352  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\CLIENT\AppData\Local\Temp\D2392B74-2B5C-4286-B5CF-2836B872E9D6.exe
08:45:33.0672 3352  C:\Users\CLIENT\AppData\Local\Temp\D2392B74-2B5C-4286-B5CF-2836B872E9D6.exe - ok
08:45:33.0678 3352  [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
08:45:33.0678 3352  C:\Windows\SysWOW64\cryptnet.dll - ok
08:45:33.0683 3352  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
08:45:33.0683 3352  C:\Windows\SysWOW64\gpapi.dll - ok
08:45:33.0689 3352  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
08:45:33.0689 3352  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
08:45:33.0695 3352  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
08:45:33.0695 3352  C:\Windows\SysWOW64\EhStorShell.dll - ok
08:45:33.0700 3352  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
08:45:33.0700 3352  C:\Windows\SysWOW64\ntshrui.dll - ok
08:45:33.0705 3352  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
08:45:33.0705 3352  C:\Windows\SysWOW64\slc.dll - ok
08:45:33.0711 3352  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
08:45:33.0711 3352  C:\Windows\SysWOW64\imageres.dll - ok
08:45:33.0717 3352  [ F2C82BA7E80C6054D5D20F3FBD4CFD34 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
08:45:33.0717 3352  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE - ok
08:45:33.0722 3352  [ 193B810608624D9D66B40E7CE3B86905 ] C:\Windows\SysWOW64\sftldr_wow64.dll
08:45:33.0722 3352  C:\Windows\SysWOW64\sftldr_wow64.dll - ok
08:45:33.0727 3352  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
08:45:33.0727 3352  C:\Windows\System32\NapiNSP.dll - ok
08:45:33.0733 3352  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
08:45:33.0733 3352  C:\Windows\System32\pnrpnsp.dll - ok
08:45:33.0738 3352  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
08:45:33.0738 3352  C:\Windows\System32\winrnr.dll - ok
08:45:33.0742 3352  [ 56DE449CE5F659D4492E81094542392B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sentinel.dll
08:45:33.0742 3352  C:\Program Files (x86)\Microsoft Application Virtualization Client\sentinel.dll - ok
08:45:33.0748 3352  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
08:45:33.0748 3352  C:\Windows\System32\aelupsvc.dll - ok
08:45:33.0754 3352  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
08:45:33.0754 3352  C:\Windows\System32\SensApi.dll - ok
08:45:33.0759 3352  [ EA856F4A46320389D1899B2CAA7BF40F ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:45:33.0760 3352  C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
08:45:33.0765 3352  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
08:45:33.0765 3352  C:\Windows\System32\esent.dll - ok
08:45:33.0771 3352  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
08:45:33.0771 3352  C:\Windows\System32\wbem\NCProv.dll - ok
08:45:33.0776 3352  [ 047BD1EB681453A7FE492A71802AC9F3 ] C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
08:45:33.0776 3352  C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe - ok
08:45:33.0782 3352  [ FBA9BE8D36B645D17521DB4525003D8B ] C:\Program Files (x86)\Adobe\Elements 10 Organizer\platform.DLL
08:45:33.0782 3352  C:\Program Files (x86)\Adobe\Elements 10 Organizer\platform.DLL - ok
08:45:33.0788 3352  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:45:33.0789 3352  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
08:45:33.0794 3352  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
08:45:33.0794 3352  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
08:45:33.0799 3352  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
08:45:33.0799 3352  C:\Windows\SysWOW64\mscoree.dll - ok
08:45:33.0805 3352  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:45:33.0805 3352  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
08:45:33.0811 3352  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
08:45:33.0811 3352  C:\Windows\System32\msvcr100_clr0400.dll - ok
08:45:33.0816 3352  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
08:45:33.0816 3352  C:\Windows\System32\mscoree.dll - ok
08:45:33.0823 3352  [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
08:45:33.0823 3352  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
08:45:33.0829 3352  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
08:45:33.0829 3352  C:\Windows\System32\sppsvc.exe - ok
08:45:33.0834 3352  [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
08:45:33.0834 3352  C:\Windows\System32\drivers\spsys.sys - ok
08:45:33.0839 3352  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
08:45:33.0840 3352  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
08:45:33.0845 3352  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
08:45:33.0845 3352  C:\Windows\System32\wmdrmdev.dll - ok
08:45:33.0850 3352  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
08:45:33.0850 3352  C:\Windows\System32\drmv2clt.dll - ok
08:45:33.0856 3352  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
08:45:33.0856 3352  C:\Windows\System32\mfplat.dll - ok
08:45:33.0861 3352  [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
08:45:33.0861 3352  C:\Windows\System32\sppwinob.dll - ok
08:45:33.0866 3352  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
08:45:33.0866 3352  C:\Windows\System32\SearchIndexer.exe - ok
08:45:33.0873 3352  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
08:45:33.0874 3352  C:\Windows\System32\blackbox.dll - ok
08:45:33.0878 3352  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
08:45:33.0878 3352  C:\Windows\System32\tquery.dll - ok
08:45:33.0884 3352  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
08:45:33.0884 3352  C:\Windows\System32\upnp.dll - ok
08:45:33.0888 3352  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
08:45:33.0888 3352  C:\Windows\System32\mssrch.dll - ok
08:45:33.0894 3352  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
08:45:33.0894 3352  C:\Windows\System32\msidle.dll - ok
08:45:33.0900 3352  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
08:45:33.0900 3352  C:\Windows\System32\ssdpsrv.dll - ok
08:45:33.0905 3352  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
08:45:33.0905 3352  C:\Windows\System32\en-US\tquery.dll.mui - ok
08:45:33.0911 3352  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
08:45:33.0912 3352  C:\Windows\System32\wmp.dll - ok
08:45:33.0917 3352  [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
08:45:33.0917 3352  C:\Windows\System32\sppobjs.dll - ok
08:45:33.0923 3352  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
08:45:33.0923 3352  C:\Windows\System32\wmploc.DLL - ok
08:45:33.0928 3352  [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
08:45:33.0928 3352  C:\Program Files\Internet Explorer\ieproxy.dll - ok
08:45:33.0934 3352  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
08:45:33.0934 3352  C:\Windows\System32\provsvc.dll - ok
08:45:33.0939 3352  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
08:45:33.0939 3352  C:\Windows\System32\wmpps.dll - ok
08:45:33.0945 3352  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
08:45:33.0945 3352  C:\Windows\System32\msxml3.dll - ok
08:45:33.0950 3352  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
08:45:33.0950 3352  C:\Windows\System32\wmpmde.dll - ok
08:45:33.0956 3352  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
08:45:33.0956 3352  C:\Windows\System32\httpapi.dll - ok
08:45:33.0962 3352  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
08:45:33.0962 3352  C:\Windows\System32\WinSATAPI.dll - ok
08:45:33.0967 3352  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
08:45:33.0967 3352  C:\Windows\System32\MSMPEG2ENC.DLL - ok
08:45:33.0972 3352  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
08:45:33.0972 3352  C:\Windows\System32\devenum.dll - ok
08:45:33.0979 3352  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
08:45:33.0979 3352  C:\Windows\System32\msdmo.dll - ok
08:45:33.0984 3352  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
08:45:33.0984 3352  C:\Windows\System32\upnphost.dll - ok
08:45:33.0989 3352  [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys
08:45:33.0989 3352  C:\Windows\System32\drivers\asyncmac.sys - ok
08:45:33.0992 3352  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
08:45:33.0992 3352  C:\Windows\System32\wbem\wmiprov.dll - ok
08:45:33.0998 3352  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
08:45:33.0998 3352  C:\Windows\System32\udhisapi.dll - ok
08:45:34.0004 3352  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
08:45:34.0004 3352  C:\Windows\System32\linkinfo.dll - ok
08:45:34.0009 3352  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
08:45:34.0009 3352  C:\Windows\System32\networkexplorer.dll - ok
08:45:34.0015 3352  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
08:45:34.0015 3352  C:\Windows\System32\drprov.dll - ok
08:45:34.0020 3352  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
08:45:34.0020 3352  C:\Windows\System32\ntlanman.dll - ok
08:45:34.0025 3352  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
08:45:34.0025 3352  C:\Windows\System32\davclnt.dll - ok
08:45:34.0031 3352  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
08:45:34.0031 3352  C:\Windows\System32\davhlpr.dll - ok
08:45:34.0037 3352  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
08:45:34.0037 3352  C:\Windows\SysWOW64\sfc.dll - ok
08:45:34.0042 3352  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
08:45:34.0042 3352  C:\Windows\SysWOW64\sfc_os.dll - ok
08:45:34.0047 3352  [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
08:45:34.0047 3352  C:\Windows\System32\ie4uinit.exe - ok
08:45:34.0053 3352  [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
08:45:34.0053 3352  C:\Windows\System32\iedkcs32.dll - ok
08:45:34.0058 3352  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
08:45:34.0059 3352  C:\Windows\System32\timedate.cpl - ok
08:45:34.0064 3352  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
08:45:34.0064 3352  C:\Windows\System32\actxprxy.dll - ok
08:45:34.0071 3352  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
08:45:34.0071 3352  C:\Windows\System32\shdocvw.dll - ok
08:45:34.0076 3352  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
08:45:34.0076 3352  C:\Windows\System32\gameux.dll - ok
08:45:34.0081 3352  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
08:45:34.0081 3352  C:\Windows\System32\msftedit.dll - ok
08:45:34.0087 3352  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
08:45:34.0087 3352  C:\Windows\System32\msls31.dll - ok
08:45:34.0092 3352  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
08:45:34.0092 3352  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
08:45:34.0097 3352  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
08:45:34.0097 3352  C:\Windows\System32\DeviceCenter.dll - ok
08:45:34.0104 3352  [ E829C45F0D77852C43BE99C4B1BD215D ] C:\Windows\System32\ieframe.dll
08:45:34.0104 3352  C:\Windows\System32\ieframe.dll - ok
08:45:34.0110 3352  [ F2630985F531662B5A04DB5207F2F362 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
08:45:34.0110 3352  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
08:45:34.0114 3352  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
08:45:34.0115 3352  C:\Windows\System32\wdmaud.drv - ok
08:45:34.0121 3352  [ 68D45D36DD827738A2F2E8E21E53C193 ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
08:45:34.0121 3352  C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
08:45:34.0126 3352  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
08:45:34.0126 3352  C:\Windows\System32\msiltcfg.dll - ok
08:45:34.0132 3352  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
08:45:34.0132 3352  C:\Windows\System32\ksuser.dll - ok
08:45:34.0138 3352  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
08:45:34.0138 3352  C:\Windows\System32\msi.dll - ok
08:45:34.0143 3352  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
08:45:34.0143 3352  C:\Windows\System32\AudioSes.dll - ok
08:45:34.0149 3352  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
08:45:34.0149 3352  C:\Windows\System32\msacm32.drv - ok
08:45:34.0155 3352  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
08:45:34.0155 3352  C:\Windows\System32\msacm32.dll - ok
08:45:34.0160 3352  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
08:45:34.0160 3352  C:\Windows\System32\midimap.dll - ok
08:45:34.0165 3352  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
08:45:34.0165 3352  C:\Windows\System32\AudioEng.dll - ok
08:45:34.0172 3352  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
08:45:34.0173 3352  C:\Windows\System32\AUDIOKSE.dll - ok
08:45:34.0178 3352  [ C389DCD78E4BD8294097517A70CCE0E6 ] C:\Program Files\Canon\MyPrinter\CNMPU.DLL
08:45:34.0178 3352  C:\Program Files\Canon\MyPrinter\CNMPU.DLL - ok
08:45:34.0183 3352  [ 3F5C431A0CC2D4202ADCF344D4AAAB6D ] C:\Windows\System32\RtkAPO64.dll
08:45:34.0183 3352  C:\Windows\System32\RtkAPO64.dll - ok
08:45:34.0189 3352  [ F9C48B76DA59CF5FF2ED937B62F5ED39 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
08:45:34.0189 3352  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
08:45:34.0195 3352  [ 4AF2942743C865FE1708998ED8CED178 ] C:\Program Files\Canon\MyPrinter\BJMYRES.DLL
08:45:34.0195 3352  C:\Program Files\Canon\MyPrinter\BJMYRES.DLL - ok
08:45:34.0200 3352  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
08:45:34.0200 3352  C:\Windows\System32\thumbcache.dll - ok
08:45:34.0206 3352  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
08:45:34.0206 3352  C:\Windows\System32\UIAnimation.dll - ok
08:45:34.0212 3352  [ 3911917B93DD9023DAA8258147AA7BCF ] C:\Program Files\Microsoft Security Client\msseces.exe
08:45:34.0212 3352  C:\Program Files\Microsoft Security Client\msseces.exe - ok
08:45:34.0217 3352  [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C ] C:\Program Files\Zune\ZuneLauncher.exe
08:45:34.0217 3352  C:\Program Files\Zune\ZuneLauncher.exe - ok
08:45:34.0223 3352  [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
08:45:34.0223 3352  C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
08:45:34.0228 3352  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
08:45:34.0228 3352  C:\Windows\System32\WMALFXGFXDSP.dll - ok
08:45:34.0234 3352  [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\CLIENT\AppData\Local\Google\Update\GoogleUpdate.exe
08:45:34.0234 3352  C:\Users\CLIENT\AppData\Local\Google\Update\GoogleUpdate.exe - ok
08:45:34.0240 3352  [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
08:45:34.0240 3352  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
08:45:34.0243 3352  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
08:45:34.0243 3352  C:\Windows\SysWOW64\taskschd.dll - ok
08:45:34.0249 3352  [ A905E156A7D52B55892C3255670FE97B ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
08:45:34.0249 3352  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
08:45:34.0255 3352  [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
08:45:34.0255 3352  C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
08:45:34.0261 3352  [ 6521891B67EAD77CAFD877D8A24ED769 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
08:45:34.0261 3352  C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE - ok
08:45:34.0266 3352  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Users\CLIENT\AppData\Local\Google\Update\1.3.21.135\goopdate.dll
08:45:34.0267 3352  C:\Users\CLIENT\AppData\Local\Google\Update\1.3.21.135\goopdate.dll - ok
08:45:34.0272 3352  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
08:45:34.0272 3352  C:\Windows\SysWOW64\rasapi32.dll - ok
08:45:34.0278 3352  [ B3A029E4F539D2EAAB73C7307FE28147 ] C:\Program Files\Zune\ZuneCfg.dll
08:45:34.0278 3352  C:\Program Files\Zune\ZuneCfg.dll - ok
08:45:34.0283 3352  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
08:45:34.0283 3352  C:\Windows\SysWOW64\rasman.dll - ok
08:45:34.0288 3352  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
08:45:34.0288 3352  C:\Windows\System32\dsound.dll - ok
08:45:34.0295 3352  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
08:45:34.0295 3352  C:\Windows\System32\oledlg.dll - ok
08:45:34.0300 3352  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
08:45:34.0300 3352  C:\Windows\SysWOW64\rtutils.dll - ok
08:45:34.0306 3352  [ E366F0C5D6C948B76EEB3BE21762CAF6 ] C:\Program Files\Zune\ZuneShellExt.dll
08:45:34.0306 3352  C:\Program Files\Zune\ZuneShellExt.dll - ok
08:45:34.0312 3352  [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
08:45:34.0312 3352  C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
08:45:34.0317 3352  [ 36A040EA35C2089ACAF2297B9F4FE942 ] C:\Windows\System32\RtkCfg64.dll
08:45:34.0317 3352  C:\Windows\System32\RtkCfg64.dll - ok
08:45:34.0323 3352  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Users\CLIENT\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
08:45:34.0323 3352  C:\Users\CLIENT\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
08:45:34.0329 3352  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
08:45:34.0329 3352  C:\Windows\System32\SearchProtocolHost.exe - ok
08:45:34.0334 3352  [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Users\CLIENT\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
08:45:34.0335 3352  C:\Users\CLIENT\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
08:45:34.0340 3352  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
08:45:34.0340 3352  C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
08:45:34.0346 3352  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
08:45:34.0346 3352  C:\Windows\System32\msshooks.dll - ok
08:45:34.0351 3352  [ DDE5A0DFAF7C6370FB36402D7A746ED3 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
08:45:34.0351 3352  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
08:45:34.0356 3352  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
08:45:34.0356 3352  C:\Windows\System32\stobject.dll - ok
08:45:34.0362 3352  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
08:45:34.0363 3352  C:\Windows\System32\SearchFilterHost.exe - ok
08:45:34.0368 3352  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
08:45:34.0368 3352  C:\Windows\SysWOW64\sxs.dll - ok
08:45:34.0373 3352  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
08:45:34.0374 3352  C:\Windows\System32\batmeter.dll - ok
08:45:34.0380 3352  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
08:45:34.0380 3352  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
08:45:34.0385 3352  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
08:45:34.0385 3352  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
08:45:34.0391 3352  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
08:45:34.0391 3352  C:\Windows\System32\mssprxy.dll - ok
08:45:34.0396 3352  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
08:45:34.0396 3352  C:\Windows\System32\mlang.dll - ok
08:45:34.0403 3352  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
08:45:34.0403 3352  C:\Windows\System32\prnfldr.dll - ok
08:45:34.0409 3352  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
08:45:34.0409 3352  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
08:45:34.0415 3352  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
08:45:34.0415 3352  C:\Windows\SysWOW64\msimg32.dll - ok
08:45:34.0422 3352  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
08:45:34.0422 3352  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
08:45:34.0427 3352  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
08:45:34.0428 3352  C:\Windows\SysWOW64\winmm.dll - ok
08:45:34.0435 3352  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
08:45:34.0436 3352  C:\Windows\System32\DXP.dll - ok
08:45:34.0441 3352  [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
08:45:34.0441 3352  C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
08:45:34.0447 3352  [ 823DC6C38A6BA9668F5D8B01413FD5F5 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMLNG.DLL
08:45:34.0447 3352  C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMLNG.DLL - ok
08:45:34.0453 3352  [ 163A95975E1D8819E653AA3E961371CA ] C:\Windows\twain_32.dll
08:45:34.0453 3352  C:\Windows\twain_32.dll - ok
08:45:34.0459 3352  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
08:45:34.0459 3352  C:\Windows\System32\rundll32.exe - ok
08:45:34.0464 3352  [ C6106E98EC11ACBB728A6C47556C1263 ] C:\Windows\twain_32\MX360 series\CISDS.DS
08:45:34.0464 3352  C:\Windows\twain_32\MX360 series\CISDS.DS - ok
08:45:34.0469 3352  [ FBC54E5EEBE895A19AFA015609FB5101 ] C:\Windows\twain_32\TITWAIN.ds
08:45:34.0469 3352  C:\Windows\twain_32\TITWAIN.ds - ok
08:45:34.0476 3352  [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
08:45:34.0476 3352  C:\Windows\SysWOW64\mfc42.dll - ok
08:45:34.0481 3352  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
08:45:34.0481 3352  C:\Windows\System32\AltTab.dll - ok
08:45:34.0487 3352  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
08:45:34.0487 3352  C:\Windows\System32\pnidui.dll - ok
08:45:34.0490 3352  [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
08:45:34.0490 3352  C:\Windows\SysWOW64\odbc32.dll - ok
08:45:34.0496 3352  [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
08:45:34.0496 3352  C:\Windows\SysWOW64\odbcint.dll - ok
08:45:34.0501 3352  [ 0503D60AFCED7CB601C7CA70C08E8CAC ] C:\Windows\twain_32\wiatwain.ds
08:45:34.0501 3352  C:\Windows\twain_32\wiatwain.ds - ok
08:45:34.0508 3352  [ 80279007CAB3549A5999348BD0C23732 ] C:\Windows\SysWOW64\wiadss.dll
08:45:34.0508 3352  C:\Windows\SysWOW64\wiadss.dll - ok
08:45:34.0513 3352  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
08:45:34.0513 3352  C:\Windows\System32\QUTIL.DLL - ok
08:45:34.0518 3352  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
08:45:34.0518 3352  C:\Windows\System32\Syncreg.dll - ok
08:45:34.0524 3352  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\60705001.sys
08:45:34.0524 3352  C:\Windows\System32\drivers\60705001.sys - ok
08:45:34.0530 3352  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
08:45:34.0530 3352  C:\Windows\System32\bthprops.cpl - ok
08:45:34.0535 3352  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
08:45:34.0535 3352  C:\Windows\ehome\ehSSO.dll - ok
08:45:34.0541 3352  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
08:45:34.0541 3352  C:\Windows\System32\netshell.dll - ok
08:45:34.0546 3352  [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll
08:45:34.0546 3352  C:\Windows\System32\sti.dll - ok
08:45:34.0551 3352  [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
08:45:34.0551 3352  C:\Windows\SysWOW64\sti.dll - ok
08:45:34.0557 3352  [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll
08:45:34.0557 3352  C:\Windows\SysWOW64\wiatrace.dll - ok
08:45:34.0563 3352  [ F8E2BDEED312CB62D5C7F135A2A26A91 ] C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\EN\CNSELANG.DLL
08:45:34.0563 3352  C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\EN\CNSELANG.DLL - ok
08:45:34.0568 3352  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
08:45:34.0568 3352  C:\Windows\System32\WPDShServiceObj.dll - ok
08:45:34.0574 3352  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
08:45:34.0574 3352  C:\Windows\System32\srchadmin.dll - ok
08:45:34.0580 3352  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
08:45:34.0580 3352  C:\Windows\System32\webcheck.dll - ok
08:45:34.0585 3352  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
08:45:34.0585 3352  C:\Windows\System32\netman.dll - ok
08:45:34.0590 3352  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
08:45:34.0590 3352  C:\Windows\System32\SyncCenter.dll - ok
08:45:34.0596 3352  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
08:45:34.0596 3352  C:\Windows\SysWOW64\riched20.dll - ok
08:45:34.0602 3352  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
08:45:34.0602 3352  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
08:45:34.0607 3352  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
08:45:34.0607 3352  C:\Windows\SysWOW64\duser.dll - ok
08:45:34.0613 3352  [ D0278156167EC2D8B4206CEFB0FF9FF5 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZSMEX.DLL
08:45:34.0613 3352  C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZSMEX.DLL - ok
08:45:34.0618 3352  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
08:45:34.0618 3352  C:\Windows\System32\hgcpl.dll - ok
08:45:34.0624 3352  [ D202F8A7BF7391A099F99B4BC9057F93 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMME.DLL
08:45:34.0624 3352  C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMME.DLL - ok
08:45:34.0631 3352  [ F063B868865F684B24F65312749C1B47 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDM.DLL
08:45:34.0631 3352  C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDM.DLL - ok
08:45:34.0636 3352  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
08:45:34.0636 3352  C:\Windows\SysWOW64\dui70.dll - ok
08:45:34.0641 3352  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
08:45:34.0641 3352  C:\Windows\System32\fdPHost.dll - ok
08:45:34.0647 3352  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
08:45:34.0647 3352  C:\Windows\System32\rasdlg.dll - ok
08:45:34.0653 3352  [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
08:45:34.0653 3352  C:\Windows\System32\fdWSD.dll - ok
08:45:34.0658 3352  [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
08:45:34.0658 3352  C:\Windows\System32\fdSSDP.dll - ok
08:45:34.0664 3352  [ 802467DB6F104AD4EF8789206E1755D6 ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDMRC.DLL
08:45:34.0664 3352  C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDMRC.DLL - ok
08:45:34.0669 3352  [ 4A31D1D93A0E359639FADC23B006883E ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDBAC.DLL
08:45:34.0669 3352  C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZDBAC.DLL - ok
08:45:34.0675 3352  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
08:45:34.0675 3352  C:\Windows\System32\mprapi.dll - ok
08:45:34.0681 3352  [ B9BFE20689398A7618C4AF5137F4068C ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\LEJES.DLL
08:45:34.0681 3352  C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\LEJES.DLL - ok
08:45:34.0686 3352  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
08:45:34.0686 3352  C:\Windows\System32\netcfgx.dll - ok
08:45:34.0691 3352  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
08:45:34.0692 3352  C:\Windows\System32\dot3api.dll - ok
08:45:34.0697 3352  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
08:45:34.0697 3352  C:\Windows\System32\eappcfg.dll - ok
08:45:34.0703 3352  [ 97548D6969BC66D01B89E1F80B35E83E ] C:\Windows\System32\spool\drivers\x64\3\CNMDRAK.DLL
08:45:34.0703 3352  C:\Windows\System32\spool\drivers\x64\3\CNMDRAK.DLL - ok
08:45:34.0709 3352  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
08:45:34.0709 3352  C:\Windows\System32\wlanapi.dll - ok
08:45:34.0714 3352  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
08:45:34.0714 3352  C:\Windows\System32\wlanhlp.dll - ok
08:45:34.0720 3352  [ 127AA81343A7C6F665C22CB1293B0A90 ] C:\Windows\splwow64.exe
08:45:34.0720 3352  C:\Windows\splwow64.exe - ok
08:45:34.0725 3352  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
08:45:34.0725 3352  C:\Windows\System32\wlanutil.dll - ok
08:45:34.0730 3352  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
08:45:34.0730 3352  C:\Windows\System32\onex.dll - ok
08:45:34.0736 3352  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
08:45:34.0736 3352  C:\Windows\System32\eappprxy.dll - ok
08:45:34.0742 3352  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
08:45:34.0742 3352  C:\Windows\System32\hnetcfg.dll - ok
08:45:34.0745 3352  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
08:45:34.0745 3352  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
08:45:34.0750 3352  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
08:45:34.0750 3352  C:\Windows\System32\WWanAPI.dll - ok
08:45:34.0755 3352  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
08:45:34.0755 3352  C:\Windows\System32\wwapi.dll - ok
08:45:34.0761 3352  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
08:45:34.0761 3352  C:\Windows\System32\QAGENT.DLL - ok
08:45:34.0766 3352  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
08:45:34.0766 3352  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
08:45:34.0772 3352  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
08:45:34.0772 3352  C:\Windows\System32\mscms.dll - ok
08:45:34.0778 3352  [ DEAB2B98FFC24E784D6B81BFD42130F7 ] C:\Windows\System32\spool\drivers\x64\3\CNMUIAK.DLL
08:45:34.0778 3352  C:\Windows\System32\spool\drivers\x64\3\CNMUIAK.DLL - ok
08:45:34.0783 3352  [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
08:45:34.0783 3352  C:\Windows\System32\PrintIsolationHost.exe - ok
08:45:34.0789 3352  [ BC28E1A649FCEB93F08B9D26C2221C56 ] C:\Windows\System32\spool\drivers\x64\3\CNMCPAK.DLL
08:45:34.0789 3352  C:\Windows\System32\spool\drivers\x64\3\CNMCPAK.DLL - ok
08:45:34.0794 3352  [ 4D2A265C64B0EAAD21BC175902F35E63 ] C:\Windows\System32\spool\drivers\x64\3\CNMBS3AK.DLL
08:45:34.0795 3352  C:\Windows\System32\spool\drivers\x64\3\CNMBS3AK.DLL - ok
08:45:34.0800 3352  [ C0035666593496CA0FCD61600A11C83B ] C:\Windows\System32\spool\drivers\x64\3\CNMFUAK.DLL
08:45:34.0800 3352  C:\Windows\System32\spool\drivers\x64\3\CNMFUAK.DLL - ok
08:45:34.0806 3352  [ A7934B26A096F39B15960E0A56C1C8C4 ] C:\Windows\SysWOW64\bidispl.dll
08:45:34.0806 3352  C:\Windows\SysWOW64\bidispl.dll - ok
08:45:34.0811 3352  [ 7403E983C3B76A4D92A92229DA1FFBE7 ] C:\Windows\System32\spool\drivers\x64\3\CNMBM3AK.DLL
08:45:34.0812 3352  C:\Windows\System32\spool\drivers\x64\3\CNMBM3AK.DLL - ok
08:45:34.0817 3352  [ 7271B4BB5DE60D0C713AD0489EC87965 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0401\CNMurAK.dll
08:45:34.0817 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0401\CNMurAK.dll - ok
08:45:34.0823 3352  [ A3431E97742183236BF02C7F7FA7AB25 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0404\CNMurAK.dll
08:45:34.0823 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0404\CNMurAK.dll - ok
08:45:34.0829 3352  [ E61AB1015F1DF865880B033E3E1EE0A0 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0405\CNMurAK.dll
08:45:34.0829 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0405\CNMurAK.dll - ok
08:45:34.0835 3352  [ FDC2882C03154835F7B523363493830A ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0406\CNMurAK.dll
08:45:34.0835 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0406\CNMurAK.dll - ok
08:45:34.0843 3352  [ 92BC10AAF1B7497987DCE24B9EE1AB4E ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0407\CNMurAK.dll
08:45:34.0843 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0407\CNMurAK.dll - ok
08:45:34.0849 3352  [ 4044150AC5E943B1B34DE04B3E4F9E5A ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0408\CNMurAK.dll
08:45:34.0849 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0408\CNMurAK.dll - ok
08:45:34.0854 3352  [ 592D6989F8464A1700748A5B96A7FD4E ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0409\CNMurAK.dll
08:45:34.0854 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0409\CNMurAK.dll - ok
08:45:34.0863 3352  [ 1CA712B01500CD1AC0DC329A90D2FC70 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\040b\CNMurAK.dll
08:45:34.0863 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\040b\CNMurAK.dll - ok
08:45:34.0868 3352  [ 828B289739D4643F272B83E57045D964 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\040c\CNMurAK.dll
08:45:34.0868 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\040c\CNMurAK.dll - ok
08:45:34.0875 3352  [ 64AB0EE2028A465B765A8458C6208140 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\040e\CNMurAK.dll
08:45:34.0875 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\040e\CNMurAK.dll - ok
08:45:34.0881 3352  [ 4AC9458DB0A67A94D1645A4BAE330F80 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0410\CNMurAK.dll
08:45:34.0881 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0410\CNMurAK.dll - ok
08:45:34.0887 3352  [ FD16677B09FAE5D68D0AEE998D721D36 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0411\CNMurAK.dll
08:45:34.0887 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0411\CNMurAK.dll - ok
08:45:34.0893 3352  [ 5422CA729AB4FCF796D3386AE7698694 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0412\CNMurAK.dll
08:45:34.0894 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0412\CNMurAK.dll - ok
08:45:34.0899 3352  [ 13D2F5AD32EFB0A25831548BB17FBC71 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0413\CNMurAK.dll
08:45:34.0899 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0413\CNMurAK.dll - ok
08:45:34.0905 3352  [ 621A062498FE5131D73A9ADE53E0D112 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0414\CNMurAK.dll
08:45:34.0905 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0414\CNMurAK.dll - ok
08:45:34.0911 3352  [ 75BC0D565426E01EB6AB41A5A14EBAC1 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0415\CNMurAK.dll
08:45:34.0911 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0415\CNMurAK.dll - ok
08:45:34.0917 3352  [ 0E750342D9A6348FFD0D3C3E1E90D4F0 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0416\CNMurAK.dll
08:45:34.0917 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0416\CNMurAK.dll - ok
08:45:34.0923 3352  [ B6BD201CFC34E11095F037AD70DE5F1A ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0419\CNMurAK.dll
08:45:34.0923 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0419\CNMurAK.dll - ok
08:45:34.0929 3352  [ 9BCF861A8B1DCF3303D0B38EA6A9FD2F ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\041D\CNMurAK.dll
08:45:34.0929 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\041D\CNMurAK.dll - ok
08:45:34.0934 3352  [ F2BF05A83DFEC8278CBFDE2D1DA59E18 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\041E\CNMurAK.dll
08:45:34.0935 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\041E\CNMurAK.dll - ok
08:45:34.0940 3352  [ 7FD251C248B2A366CDB75F1A401AA615 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\041F\CNMurAK.dll
08:45:34.0940 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\041F\CNMurAK.dll - ok
08:45:34.0947 3352  [ 259ED5726E9B95143BCF8906F7F8057E ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0421\CNMurAK.dll
08:45:34.0947 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0421\CNMurAK.dll - ok
08:45:34.0952 3352  [ 582BD75E50CF3E6C725EEED6B3233F50 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0804\CNMurAK.dll
08:45:34.0952 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0804\CNMurAK.dll - ok
08:45:34.0958 3352  [ 1589D8C640EC72EF93492DB78D8E86E4 ] C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0c0a\CNMurAK.dll
08:45:34.0958 3352  C:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon MX360 series Printer\LanguageModules\0c0a\CNMurAK.dll - ok
08:45:34.0965 3352  [ 1C23F466CF992B99A0C6E6317AB2E3EB ] C:\Windows\System32\spool\drivers\x64\3\CNMUBAK.DLL
08:45:34.0965 3352  C:\Windows\System32\spool\drivers\x64\3\CNMUBAK.DLL - ok
08:45:34.0970 3352  [ 5E3BA3887FA79E2588FAF1CC51EE3DB6 ] C:\Windows\System32\spool\drivers\x64\3\CNMBS6AK.DLL
08:45:34.0970 3352  C:\Windows\System32\spool\drivers\x64\3\CNMBS6AK.DLL - ok
08:45:34.0976 3352  [ 9FA56171C452530E2F51E3238B52140B ] C:\Windows\System32\bidispl.dll
08:45:34.0976 3352  C:\Windows\System32\bidispl.dll - ok
08:45:34.0981 3352  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
08:45:34.0982 3352  C:\Windows\System32\FXSST.dll - ok
08:45:34.0987 3352  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
08:45:34.0987 3352  C:\Windows\System32\FXSAPI.dll - ok
08:45:34.0992 3352  [ 2362B23E77CF7B05EFBBC18AC7E72694 ] C:\Windows\System32\spool\drivers\x64\3\CNMEIAK.DLL
08:45:34.0992 3352  C:\Windows\System32\spool\drivers\x64\3\CNMEIAK.DLL - ok
08:45:34.0995 3352  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
08:45:34.0995 3352  C:\Windows\System32\FXSRESM.dll - ok
08:45:35.0002 3352  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
08:45:35.0002 3352  C:\Windows\System32\FXSSVC.exe - ok
08:45:35.0007 3352  [ C52F93F01FB4E92B8852C9BD9DD9C75D ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE
08:45:35.0007 3352  C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE - ok
08:45:35.0013 3352  [ FF6ABD2340BC42194C1FD9FD667A55A1 ] C:\Program Files (x86)\Canon\MP Navigator EX 4.1\mpnex41.exe
08:45:35.0013 3352  C:\Program Files (x86)\Canon\MP Navigator EX 4.1\mpnex41.exe - ok
08:45:35.0019 3352  [ 2537D941F11279765D7DA9CB89D627C2 ] C:\Program Files (x86)\Canon\Speed Dial Utility\sdutil.exe
08:45:35.0020 3352  C:\Program Files (x86)\Canon\Speed Dial Utility\sdutil.exe - ok
08:45:35.0025 3352  [ 9B642E45C4BC5E84957CD7397DD48E3C ] C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe
08:45:35.0025 3352  C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe - ok
08:45:35.0030 3352  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
08:45:35.0030 3352  C:\Windows\SysWOW64\mscms.dll - ok
08:45:35.0036 3352  [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
08:45:35.0036 3352  C:\Windows\SysWOW64\icm32.dll - ok
08:45:35.0041 3352  [ B1DC63F4196C05F45467A3274CB23933 ] C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.dll
08:45:35.0042 3352  C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.dll - ok
08:45:35.0047 3352  [ 7B6A36D8CA5E86096448EACE16464CDD ] C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe
08:45:35.0047 3352  C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe - ok
08:45:35.0053 3352  [ F54C825F545AEBBD060BBE1BC862051A ] C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpdllng.dll
08:45:35.0053 3352  C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpdllng.dll - ok
08:45:35.0056 3352  ============================================================
08:45:35.0056 3352  Scan finished
08:45:35.0056 3352  ============================================================
08:45:35.0069 3344  Detected object count: 1
08:45:35.0069 3344  Actual detected object count: 1
08:45:49.0152 3344  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
08:45:49.0162 3344  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
08:45:49.0194 3344  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
08:45:49.0207 3344  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
08:45:49.0211 3344  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
08:45:49.0213 3344  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
08:45:49.0217 3344  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
08:45:49.0221 3344  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
08:45:49.0226 3344  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
08:45:49.0230 3344  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
08:45:49.0233 3344  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
08:45:49.0236 3344  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
08:45:49.0241 3344  \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine
08:45:49.0242 3344  \Device\Harddisk0\DR0\TDLFS - deleted
08:45:49.0242 3344  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
 



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:32 PM

Posted 05 April 2013 - 11:57 PM

I hope you noticed this one

 

I want you to run malwarebytes and ESET online scanner in normal mode and post the new log



#14 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 06 April 2013 - 04:47 AM

Here is  the ESET log. But First here is the recycle bin error notice.

 

The Recycle Bin on C:/ is corrupted. Do you want to empy the Recycle Bin for this drive?

 

C:\TDSSKiller_Quarantine\03.04.2013_01.11.54\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.04.2013_01.11.54\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.04.2013_01.11.54\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.04.2013_01.11.54\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.04.2013_01.11.54\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2013_08.44.52\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2013_08.44.52\tdlfs0000\tsk0001.dta Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2013_08.44.52\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2013_08.44.52\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.04.2013_08.44.52\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
 



#15 surf

surf
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:32 PM

Posted 06 April 2013 - 05:15 AM

There is no MBAM log run on quick scan - nothing malicious found.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users