Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit Issue in svchost.exe


  • This topic is locked This topic is locked
29 replies to this topic

#1 RKollas

RKollas

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 03 April 2013 - 12:10 AM

I've been dealing with rootkit issue on my main laptop for a couple of months now. In fact about a month ago I just shut off the wireless connection on it and have left the machine turned off since then. However, I do need to get this machine back up and running. System is Running Win 7 Professional 64 SP1, 4gb ram, Intel Core 2 Duo T5450.

 

Initially I tried to clean the infection myself utilizing Malware Bytes, TDSS Killer, and Malware Bytes own rootkit removal. It seemed to have some success. Malware Bytes had found Rootkit.0Access, Trojan.Lameshield.124, both of which were successfully removed, and Trojan.Agent in the svchost.exe file which was to be deleted on reboot, but was never successfully deleted. Currently the computer runs stable in Safemode, but will BSOD prior to everything fully loading shortly after booting normally. The BSOD Error is IRQ_NOT_LESS_OR_EQUAL.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 10.9.2
Run by Robert at 23:37:47 on 2013-04-02
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.4086.3420 [GMT -5:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Windows\helppane.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: PE_IE_Helper Class: {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [PMCRemote] C:\Program Files (x86)\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
uRun: [PMCLoader] C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
uRun: [Facebook Update] "C:\Users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [WheelMouse] C:\ADVANC~1\wh_exec.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [TkBellExe] "C:\program files (x86)\real\realplayer\update\realsched.exe"  -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PDANET~1.LNK - C:\Program Files (x86)\PdaNet for Windows Mobile\PdaNetPC.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} - hxxp://www.ulib.niu.edu:3701/lib/niluniv/support/plugins/ebraryRdr.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://secure.niu.edu/CACHE/stc/1/binaries/vpnweb.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://secure.niu.edu/CACHE/stc/1/binaries/vpnweb.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{EA972992-863C-42AA-B5D2-734350708B93} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EA972992-863C-42AA-B5D2-734350708B93}\2516D616461602C496D6964756460213D22425 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{EA972992-863C-42AA-B5D2-734350708B93}\260236F6 : DHCPNameServer = 68.87.72.134 68.87.77.134 192.168.1.1
TCP: Interfaces\{EA972992-863C-42AA-B5D2-734350708B93}\260236F6F5548545 : DHCPNameServer = 68.87.72.134 68.87.77.134 192.168.1.1
TCP: Interfaces\{EA972992-863C-42AA-B5D2-734350708B93}\8416774786F627E6022302E4F6274786 : DHCPNameServer = 68.87.72.130 68.87.77.130 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scriptsn.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: psfus - C:\Windows\System32\psqlpwd.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\a5s6yox6.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: network.proxy.type - 0
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\a5s6yox6.default\extensions\passwordbank@upek.com\components\pbgk1_92.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\npjpi170_09.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Robert\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Robert\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: RealPlayer Browser Record Plugin: {0153E448-190B-4987-BDE1-F256CADA672F} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: PasswordBank: passwordbank@upek.com - %profile%\extensions\passwordbank@upek.com
.
============= SERVICES / DRIVERS ===============
.
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 SMARTMouseFilterx64;HID-compliant mouse;C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [2009-9-17 12584]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device;C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [2009-9-17 15784]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;C:\Windows\System32\drivers\whfltr2k.sys [2007-1-26 9600]
S0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-9-18 469400]
S2 ac.sharedstore;ActivIdentity Shared Store Service;C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-6-3 277032]
S2 acautoupdate;ActivClient Auto-Update Service;C:\Program Files\ActivIdentity\ActivClient\acautoup.exe [2009-6-3 61992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McAfeeEngineService;McAfee Engine Service;C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe [2010-1-6 20792]
S2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2009-8-25 103744]
S2 McShield;McAfee McShield;C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe [2010-1-6 180968]
S2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [2010-1-6 66896]
S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2010-9-18 79504]
S2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 stdiscover;Sun Service Tag Discovery;C:\Program Files (x86)\Sun\servicetag\stdiscoverer.exe [2008-1-25 71680]
S2 stlisten;Sun Service Tag Listener;C:\Program Files (x86)\Sun\servicetag\stlisten.exe [2008-1-25 80384]
S3 acsock;acsock;C:\Windows\System32\drivers\acsock64.sys [2012-9-17 107432]
S3 GKUPRO2D;GKUPRO2D;C:\Windows\System32\drivers\GKUPRO2D.sys [2005-2-18 120704]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-9-18 120096]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-9-18 78896]
S3 pnetmdm;PdaNet Modem;C:\Windows\System32\drivers\pnetmdm64.sys [2010-6-4 17920]
S3 S3XXx64;SCR3xx USB SmartCardReader64;C:\Windows\System32\drivers\S3XXx64.sys [2010-11-11 69376]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-18 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-21 1255736]
S3 whmice2k;Advanced Wheel Mouse Upper Filter Driver;C:\Windows\System32\drivers\whmice2k.sys [2007-1-26 10752]
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2013-02-27 06:03:50 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 06:03:50 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
.
============= FINISH: 23:40:29.63 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:42 AM

Posted 03 April 2013 - 08:16 AM


Hello RKollas

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-
  • Download Security Check by screen317 from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
-AdwCleaner-
  • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+
  • Gringo




I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:42 AM

Posted 06 April 2013 - 01:58 AM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?

  • if after 48hrs you have not replied to this thread then it will have to be closed!

  • Gringo


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 RKollas

RKollas
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 06 April 2013 - 07:05 PM

Sorry, for some reason I did not get the notifications for these replies. will work through shortly.



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:42 AM

Posted 06 April 2013 - 08:03 PM

no problem and I will be here
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 RKollas

RKollas
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 07 April 2013 - 06:21 PM

Here we go.

 

Had one issue while running the programs. After running the ADWCleaner and the system rebooted, I recieved the same BSOD. A new issue came up that has mne concerned. Upon reboot, instead of showing the POST operations as I had my bios set to, it gave me the manufacture splash screen instead. Instead of messing with bios at the moment, i went ahead booted into safe mode to finish running the steps outlined.

 

Here are the logs:

 Results of screen317's Security Check version 0.99.62 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 9 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
McAfee VirusScan Enterprise  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 McAfee AntiSpyware Enterprise Module 
 Malwarebytes Anti-Malware version 1.70.0.1100 
 TuneUp Companion 1.9.0  
 Java 7 Update 9 
 Java version out of Date!
 Adobe Flash Player 11.6.602.171 
 Adobe Reader 10.1.5 Adobe Reader out of Date! 
 Mozilla Firefox (3.6.18) Firefox out of Date! 
 Google Chrome 24.0.1312.57 
 Google Chrome 25.0.1364.97 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
 

# AdwCleaner v2.200 - Logfile created 04/07/2013 at 17:45:32
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Robert - ROBERT-LAPTOP
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Robert\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.18 (en-US)

File : C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\a5s6yox6.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.97

File : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1281 octets] - [07/04/2013 17:45:32]

########## EOF - C:\AdwCleaner[S1].txt - [1341 octets] ##########

 

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Robert [Admin rights]
Mode : Scan -- Date : 04/07/2013 18:09:58
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SVCHOST] svchost.exe -- C:\Windows\\svchost.exe [x] -> KILLED [TermProc]

¤¤¤ Registry Entries : 9 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543225L9A300 ATA Device +++++
--- User ---
[MBR] 46da3018f932241a67e0ebe0afdef2f0
[BSP] 729cf56e0ab774be0641d538074b1d1c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 236974 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 12e1333b2d3be819f7cec5179df3aa57
[BSP] 729cf56e0ab774be0641d538074b1d1c : Windows 7/8 MBR Code
Partition table:
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 236974 Mo

Finished : << RKreport[1]_S_04072013_02d1809.txt >>
RKreport[1]_S_04072013_02d1809.txt

 

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Robert [Admin rights]
Mode : Remove -- Date : 04/07/2013 18:12:17
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SVCHOST] svchost.exe -- C:\Windows\\svchost.exe [x] -> KILLED [TermProc]

¤¤¤ Registry Entries : 7 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543225L9A300 ATA Device +++++
--- User ---
[MBR] 46da3018f932241a67e0ebe0afdef2f0
[BSP] 729cf56e0ab774be0641d538074b1d1c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 236974 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 12e1333b2d3be819f7cec5179df3aa57
[BSP] 729cf56e0ab774be0641d538074b1d1c : Windows 7/8 MBR Code
Partition table:
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 236974 Mo

Finished : << RKreport[2]_D_04072013_02d1812.txt >>
RKreport[1]_S_04072013_02d1809.txt ; RKreport[2]_D_04072013_02d1812.txt

 

 



#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:42 AM

Posted 07 April 2013 - 08:23 PM


Hello RKollas

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had

  • How is the computer doing now?

  • Gringo




I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 RKollas

RKollas
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 08 April 2013 - 02:55 AM

Still recieving a BSOD after normal boot up (this is prior to running Combo Fix) so I had to run Combo Fix from safe mode. Gave a warning that my McAfee was still running, but checking the services and opening the console showed everthing to be disabled or stopped.

 

ComboFix 13-04-08.01 - Robert 04/08/2013   1:40.2.2 - x64 NETWORK
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.4086.3301 [GMT -5:00]
Running from: E:\ComboFix.exe
AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ism_0_llatsni.pad
c:\programdata\Microsoft\Windows\DRM\982.tmp
c:\programdata\Microsoft\Windows\DRM\992.tmp
c:\programdata\Microsoft\Windows\DRM\AB40.tmp
c:\programdata\Microsoft\Windows\DRM\AB41.tmp
c:\windows\svchost.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-03-08 to 2013-04-08  )))))))))))))))))))))))))))))))
.
.
2013-04-08 07:04 . 2013-04-08 07:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-08 07:04 . 2013-04-08 07:04 -------- d-----w- c:\users\Default\AppData\Local\temp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 06:03 . 2012-04-02 16:19 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 06:03 . 2011-06-16 12:20 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-13 09:08 . 2010-05-28 16:39 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-13 21:17 . 2013-02-28 16:02 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-28 16:02 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-28 16:02 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-28 16:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 16:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 16:02 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 16:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 16:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 16:02 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:35 . 2013-02-28 16:02 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-28 16:02 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-28 16:02 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-28 16:02 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-28 16:02 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 16:02 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 16:02 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 16:02 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 16:02 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-28 16:02 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-28 16:02 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-28 16:02 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-28 16:02 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-28 16:02 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-28 16:02 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-28 16:02 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-28 16:02 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-28 16:02 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-28 16:02 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-28 16:06 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-28 16:02 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-28 16:02 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-28 16:02 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-28 16:02 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-28 16:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-28 16:02 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-28 16:02 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-28 16:02 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-28 16:01 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-28 16:02 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-28 16:02 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-28 16:06 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-28 16:02 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-28 16:02 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-28 16:02 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-28 16:02 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-28 16:04 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-28 16:02 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-28 16:04 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-28 16:02 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-28 16:02 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-28 16:02 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-09 01:48 . 2013-02-13 09:01 17812992 ----a-w- c:\windows\system32\mshtml.dll
2013-01-09 01:22 . 2013-02-13 09:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2013-01-09 01:19 . 2013-02-13 09:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-09 01:12 . 2013-02-13 09:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2013-01-09 01:12 . 2013-02-13 09:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2013-01-09 01:11 . 2013-02-13 09:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-09 01:10 . 2013-02-13 09:01 237056 ----a-w- c:\windows\system32\url.dll
2013-01-09 01:09 . 2013-02-13 09:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2013-01-09 01:07 . 2013-02-13 09:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-09 01:07 . 2013-02-13 09:01 816640 ----a-w- c:\windows\system32\jscript.dll
2013-01-09 01:07 . 2013-02-13 09:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2013-01-09 01:06 . 2013-02-13 09:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2013-01-09 01:05 . 2013-02-13 09:01 2147840 ----a-w- c:\windows\system32\iertutil.dll
2013-01-09 01:04 . 2013-02-13 09:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-01-09 01:04 . 2013-02-13 09:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-09 01:00 . 2013-02-13 09:01 248320 ----a-w- c:\windows\system32\ieui.dll
2013-01-08 22:11 . 2013-02-13 09:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-01-08 22:03 . 2013-02-13 09:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2013-01-08 22:03 . 2013-02-13 09:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-01-08 21:59 . 2013-02-13 09:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-01-08 21:58 . 2013-02-13 09:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-01-08 21:56 . 2013-02-13 09:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-02-23 6591800]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"PMCRemote"="c:\program files (x86)\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2008-02-22 267536]
"PMCLoader"="c:\program files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe" [2008-02-22 644368]
"Facebook Update"="c:\users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-29 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-14 34088]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2007-03-11 86016]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"McAfeeUpdaterUI"="c:\program files (x86)\McAfee\Common Framework\udaterui.exe" [2009-08-25 136512]
"ShStatEXE"="c:\program files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2010-01-07 124240]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2008-03-14 233472]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"TkBellExe"="c:\program files (x86)\real\realplayer\update\realsched.exe" [2012-09-27 296096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
PdaNet Desktop.lnk - c:\program files (x86)\PdaNet for Windows Mobile\PdaNetPC.exe [2010-6-4 185560]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2009-6-3 164904]
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-24 2684256]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
.
R2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 acautoupdate;ActivClient Auto-Update Service;c:\program files\ActivIdentity\ActivClient\acautoup.exe [2009-06-03 61992]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe [2010-01-07 20792]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-01-07 79504]
R2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 stdiscover;Sun Service Tag Discovery;c:\program files (x86)\Sun\servicetag\stdiscoverer.exe [2008-01-25 71680]
R2 stlisten;Sun Service Tag Listener;c:\program files (x86)\Sun\servicetag\stlisten.exe [2008-01-25 80384]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2012-08-03 107432]
R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\Drivers\GKUPRO2D.sys [2005-02-18 120704]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-01-07 78896]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys [2010-11-12 69376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1255736]
R3 whmice2k;Advanced Wheel Mouse Upper Filter Driver;c:\windows\system32\DRIVERS\whmice2k.sys [2007-01-26 10752]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2009-09-17 12584]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2009-09-17 15784]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-26 9600]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 06:03]
.
2013-02-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-244622575-1389691358-600998405-1001Core.job
- c:\users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-19 02:54]
.
2013-03-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-244622575-1389691358-600998405-1001UA.job
- c:\users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-19 02:54]
.
2013-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28 00:22]
.
2013-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28 00:22]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-244622575-1389691358-600998405-1001Core.job
- c:\users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-19 03:49]
.
2013-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-244622575-1389691358-600998405-1001UA.job
- c:\users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-19 03:49]
.
2013-03-29 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-244622575-1389691358-600998405-1001.job
- c:\program files (x86)\Real\RealUpgrade\realupgrade.exe [2012-07-27 19:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-11-14 18:36 3708168 ----a-w- c:\program files\Protector Suite QL\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-11-14 18:36 3708168 ----a-w- c:\program files\Protector Suite QL\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-11-14 69896]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 196648]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 483880]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 363544]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1533736]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: hsbccreditcard.com\www
TCP: DhcpNameServer = 192.168.1.1
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://secure.niu.edu/CACHE/stc/1/binaries/vpnweb.cab
FF - ProfilePath - c:\users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\a5s6yox6.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: RealPlayer Browser Record Plugin: {0153E448-190B-4987-BDE1-F256CADA672F} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: PasswordBank: passwordbank@upek.com - %profile%\extensions\passwordbank@upek.com
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-08  02:15:36
ComboFix-quarantined-files.txt  2013-04-08 07:15
ComboFix2.txt  2011-12-23 17:52
.
Pre-Run: 46,240,251,904 bytes free
Post-Run: 47,700,996,096 bytes free
.
- - End Of File - - 145706EBEE38AE26E0AAB504E222BB8D
 

Still BSOD on normal boot. Continuing to run in Safe Mode with networking, however wireless is manually disabled. I'm posting and operating from a secondary machine.



#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:42 AM

Posted 08 April 2013 - 03:27 AM



Hello RKollas


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
  • and I will see if I want to see the whole report

    Malwarebytes Anti-Rootkit

    1.Download Malwarebytes Anti-Rootkit
    2.Unzip the contents to a folder in a convenient location.
    3.Open the folder where the contents were unzipped and run mbar.exe
    4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    6.Wait while the system shuts down and the cleanup process is performed.
    7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
    • •Internet access
      •Windows Update
      •Windows Firewall
    9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
    10.Verify that your system is now functioning normally.

    If you have any problems running either one come back and let me know

    please reply with the reports from TDSSKiller and MBAR

    Gringo







I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 RKollas

RKollas
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 08 April 2013 - 01:09 PM

Still having a BSOD on normal boot. Will try to run TDSS in safe mode with the required settings.

 

Upon reboot into safemode, it will not allow the scanning loaded modules. With the BSOD, I'm unable to run it in normal mode.


Edited by RKollas, 08 April 2013 - 01:15 PM.


#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:42 AM

Posted 08 April 2013 - 08:49 PM

run the second program and let me have the report
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 RKollas

RKollas
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 09 April 2013 - 02:06 AM

Prior to your most recent reply, I ran TDSS from Safe Mode minus the checking the loaded modules. That actually enabled the machine to boot and maintain a stable run within normal boot. From there I re-ran TDSS with the loaded modules scan. Both logs will be posted below. After the TDSS loaded Modules scan, I ran the MBAR scan as directed as well. MBAR still found the trajan.agent within svchost.exe. log posted below.

 

13:14:21.0663 1804  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:14:21.0804 1804  ============================================================
13:14:21.0804 1804  Current date / time: 2013/04/08 13:14:21.0804
13:14:21.0804 1804  SystemInfo:
13:14:21.0804 1804 
13:14:21.0804 1804  OS Version: 6.1.7601 ServicePack: 1.0
13:14:21.0804 1804  Product type: Workstation
13:14:21.0804 1804  ComputerName: ROBERT-LAPTOP
13:14:21.0804 1804  UserName: Robert
13:14:21.0804 1804  Windows directory: C:\Windows
13:14:21.0804 1804  System windows directory: C:\Windows
13:14:21.0804 1804  Running under WOW64
13:14:21.0804 1804  Processor architecture: Intel x64
13:14:21.0804 1804  Number of processors: 2
13:14:21.0804 1804  Page size: 0x1000
13:14:21.0804 1804  Boot type: Safe boot with network
13:14:21.0804 1804  ============================================================
13:14:23.0504 1804  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:14:23.0504 1804  Drive \Device\Harddisk1\DR1 - Size: 0x1DD400000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:14:23.0520 1804  ============================================================
13:14:23.0520 1804  \Device\Harddisk0\DR0:
13:14:23.0520 1804  MBR partitions:
13:14:23.0520 1804  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1CED7000
13:14:23.0520 1804  \Device\Harddisk1\DR1:
13:14:23.0520 1804  MBR partitions:
13:14:23.0520 1804  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEE8080
13:14:23.0520 1804  ============================================================
13:14:23.0566 1804  C: <-> \Device\Harddisk0\DR0\Partition1
13:14:23.0566 1804  ============================================================
13:14:23.0566 1804  Initialize success
13:14:23.0566 1804  ============================================================
15:05:02.0314 1668  ============================================================
15:05:02.0314 1668  Scan started
15:05:02.0314 1668  Mode: Manual; SigCheck; TDLFS;
15:05:02.0314 1668  ============================================================
15:05:02.0611 1668  ================ Scan system memory ========================
15:05:02.0611 1668  System memory - ok
15:05:02.0611 1668  ================ Scan services =============================
15:05:02.0845 1668  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:05:03.0687 1668  1394ohci - ok
15:05:03.0734 1668  82641948 - ok
15:05:03.0827 1668  [ 5E8EFEB338DEB1F485420B090FE6C85E ] ac.sharedstore  C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
15:05:03.0874 1668  ac.sharedstore - ok
15:05:03.0905 1668  [ 0803574AD22B3AA83A54966CD07B1B50 ] acautoupdate    C:\Program Files\ActivIdentity\ActivClient\acautoup.exe
15:05:03.0937 1668  acautoupdate - ok
15:05:04.0015 1668  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:05:04.0077 1668  ACPI - ok
15:05:04.0139 1668  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:05:04.0264 1668  AcpiPmi - ok
15:05:04.0358 1668  [ E5568164C070A4988BD79C896920B3C6 ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
15:05:04.0701 1668  acsock - ok
15:05:04.0904 1668  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:05:04.0935 1668  AdobeARMservice - ok
15:05:05.0091 1668  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:05:05.0138 1668  AdobeFlashPlayerUpdateSvc - ok
15:05:05.0216 1668  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:05:05.0278 1668  adp94xx - ok
15:05:05.0325 1668  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:05:05.0387 1668  adpahci - ok
15:05:05.0434 1668  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:05:05.0497 1668  adpu320 - ok
15:05:05.0559 1668  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:05:05.0809 1668  AeLookupSvc - ok
15:05:05.0871 1668  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:05:05.0996 1668  AFD - ok
15:05:06.0074 1668  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
15:05:06.0214 1668  AgereSoftModem - ok
15:05:06.0292 1668  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:05:06.0323 1668  agp440 - ok
15:05:06.0370 1668  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:05:06.0464 1668  ALG - ok
15:05:06.0511 1668  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:05:06.0557 1668  aliide - ok
15:05:06.0589 1668  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:05:06.0635 1668  amdide - ok
15:05:06.0682 1668  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:05:06.0760 1668  AmdK8 - ok
15:05:06.0776 1668  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:05:06.0869 1668  AmdPPM - ok
15:05:06.0932 1668  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:05:06.0979 1668  amdsata - ok
15:05:07.0025 1668  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:05:07.0072 1668  amdsbs - ok
15:05:07.0103 1668  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:05:07.0150 1668  amdxata - ok
15:05:07.0213 1668  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:05:07.0462 1668  AppID - ok
15:05:07.0509 1668  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:05:07.0681 1668  AppIDSvc - ok
15:05:07.0759 1668  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:05:07.0915 1668  Appinfo - ok
15:05:08.0024 1668  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:05:08.0055 1668  Apple Mobile Device - ok
15:05:08.0102 1668  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:05:08.0164 1668  AppMgmt - ok
15:05:08.0211 1668  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:05:08.0258 1668  arc - ok
15:05:08.0305 1668  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:05:08.0351 1668  arcsas - ok
15:05:08.0383 1668  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:05:08.0554 1668  AsyncMac - ok
15:05:08.0601 1668  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:05:08.0648 1668  atapi - ok
15:05:08.0726 1668  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:05:08.0913 1668  AudioEndpointBuilder - ok
15:05:08.0944 1668  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:05:09.0100 1668  AudioSrv - ok
15:05:09.0209 1668  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:05:09.0287 1668  AxInstSV - ok
15:05:09.0350 1668  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:05:09.0412 1668  b06bdrv - ok
15:05:09.0475 1668  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:05:09.0553 1668  b57nd60a - ok
15:05:09.0615 1668  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:05:09.0677 1668  BDESVC - ok
15:05:09.0724 1668  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:05:09.0849 1668  Beep - ok
15:05:10.0036 1668  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:05:10.0223 1668  BFE - ok
15:05:10.0301 1668  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
15:05:10.0582 1668  BITS - ok
15:05:10.0645 1668  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:05:10.0707 1668  blbdrive - ok
15:05:10.0785 1668  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:05:10.0832 1668  Bonjour Service - ok
15:05:10.0894 1668  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:05:10.0972 1668  bowser - ok
15:05:11.0019 1668  [ FD3978D71D82A4C951C67599FC5E6A35 ] BRCMDECO        C:\Windows\system32\DRIVERS\BRCMHD64.sys
15:05:11.0081 1668  BRCMDECO - ok
15:05:11.0113 1668  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:05:11.0237 1668  BrFiltLo - ok
15:05:11.0269 1668  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:05:11.0315 1668  BrFiltUp - ok
15:05:11.0362 1668  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:05:11.0534 1668  BridgeMP - ok
15:05:11.0674 1668  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:05:11.0737 1668  Browser - ok
15:05:11.0768 1668  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:05:11.0846 1668  Brserid - ok
15:05:11.0893 1668  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:05:11.0955 1668  BrSerWdm - ok
15:05:11.0986 1668  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:05:12.0080 1668  BrUsbMdm - ok
15:05:12.0111 1668  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:05:12.0173 1668  BrUsbSer - ok
15:05:12.0236 1668  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:05:12.0376 1668  BthEnum - ok
15:05:12.0407 1668  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:05:12.0485 1668  BTHMODEM - ok
15:05:12.0548 1668  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:05:12.0610 1668  BthPan - ok
15:05:12.0704 1668  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:05:12.0813 1668  BTHPORT - ok
15:05:12.0860 1668  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:05:13.0016 1668  bthserv - ok
15:05:13.0078 1668  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:05:13.0141 1668  BTHUSB - ok
15:05:13.0187 1668  catchme - ok
15:05:13.0234 1668  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:05:13.0406 1668  cdfs - ok
15:05:13.0484 1668  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:05:13.0546 1668  cdrom - ok
15:05:13.0609 1668  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:05:13.0780 1668  CertPropSvc - ok
15:05:13.0827 1668  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:05:13.0905 1668  circlass - ok
15:05:13.0952 1668  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:05:14.0014 1668  CLFS - ok
15:05:14.0108 1668  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:05:14.0155 1668  clr_optimization_v2.0.50727_32 - ok
15:05:14.0217 1668  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:05:14.0264 1668  clr_optimization_v2.0.50727_64 - ok
15:05:14.0389 1668  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:05:14.0467 1668  clr_optimization_v4.0.30319_32 - ok
15:05:14.0513 1668  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:05:14.0560 1668  clr_optimization_v4.0.30319_64 - ok
15:05:14.0607 1668  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:05:14.0669 1668  CmBatt - ok
15:05:14.0716 1668  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:05:14.0763 1668  cmdide - ok
15:05:14.0825 1668  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:05:14.0950 1668  CNG - ok
15:05:14.0981 1668  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:05:15.0028 1668  Compbatt - ok
15:05:15.0059 1668  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:05:15.0137 1668  CompositeBus - ok
15:05:15.0169 1668  COMSysApp - ok
15:05:15.0200 1668  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:05:15.0247 1668  crcdisk - ok
15:05:15.0325 1668  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:05:15.0403 1668  CryptSvc - ok
15:05:15.0481 1668  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
15:05:15.0574 1668  CSC - ok
15:05:15.0652 1668  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
15:05:15.0730 1668  CscService - ok
15:05:15.0824 1668  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:05:15.0995 1668  DcomLaunch - ok
15:05:16.0042 1668  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:05:16.0198 1668  defragsvc - ok
15:05:16.0261 1668  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:05:16.0432 1668  DfsC - ok
15:05:16.0510 1668  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:05:16.0604 1668  Dhcp - ok
15:05:16.0651 1668  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:05:16.0807 1668  discache - ok
15:05:16.0853 1668  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:05:16.0900 1668  Disk - ok
15:05:16.0963 1668  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:05:17.0025 1668  Dnscache - ok
15:05:17.0087 1668  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:05:17.0243 1668  dot3svc - ok
15:05:17.0353 1668  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:05:17.0509 1668  DPS - ok
15:05:17.0540 1668  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:05:17.0602 1668  drmkaud - ok
15:05:17.0680 1668  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:05:17.0789 1668  DXGKrnl - ok
15:05:17.0836 1668  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:05:17.0992 1668  EapHost - ok
15:05:18.0179 1668  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:05:18.0413 1668  ebdrv - ok
15:05:18.0460 1668  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:05:18.0523 1668  EFS - ok
15:05:18.0647 1668  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:05:18.0741 1668  ehRecvr - ok
15:05:18.0788 1668  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:05:18.0850 1668  ehSched - ok
15:05:18.0944 1668  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:05:19.0022 1668  elxstor - ok
15:05:19.0069 1668  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:05:19.0131 1668  ErrDev - ok
15:05:19.0209 1668  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:05:19.0365 1668  EventSystem - ok
15:05:19.0412 1668  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:05:19.0583 1668  exfat - ok
15:05:19.0630 1668  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:05:19.0786 1668  fastfat - ok
15:05:19.0895 1668  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:05:19.0989 1668  Fax - ok
15:05:20.0036 1668  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:05:20.0083 1668  fdc - ok
15:05:20.0129 1668  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:05:20.0270 1668  fdPHost - ok
15:05:20.0285 1668  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:05:20.0441 1668  FDResPub - ok
15:05:20.0473 1668  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:05:20.0519 1668  FileInfo - ok
15:05:20.0535 1668  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:05:20.0691 1668  Filetrace - ok
15:05:20.0785 1668  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:05:20.0863 1668  FLEXnet Licensing Service - ok
15:05:20.0909 1668  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:05:20.0956 1668  flpydisk - ok
15:05:21.0019 1668  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:05:21.0081 1668  FltMgr - ok
15:05:21.0175 1668  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:05:21.0284 1668  FontCache - ok
15:05:21.0362 1668  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:05:21.0393 1668  FontCache3.0.0.0 - ok
15:05:21.0440 1668  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:05:21.0487 1668  FsDepends - ok
15:05:21.0565 1668  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:05:21.0611 1668  Fs_Rec - ok
15:05:21.0689 1668  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:05:21.0752 1668  fvevol - ok
15:05:21.0799 1668  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:05:21.0845 1668  gagp30kx - ok
15:05:21.0908 1668  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:05:21.0939 1668  GEARAspiWDM - ok
15:05:22.0064 1668  [ 78DF6B481A14C0C6532BCC9E6BD3B259 ] GKUPRO2D        C:\Windows\system32\Drivers\GKUPRO2D.sys
15:05:22.0111 1668  GKUPRO2D - ok
15:05:22.0189 1668  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:05:22.0376 1668  gpsvc - ok
15:05:22.0532 1668  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:22.0563 1668  gupdate - ok
15:05:22.0594 1668  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:22.0625 1668  gupdatem - ok
15:05:22.0672 1668  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:05:22.0719 1668  hcw85cir - ok
15:05:22.0813 1668  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:05:22.0891 1668  HdAudAddService - ok
15:05:22.0969 1668  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:05:23.0047 1668  HDAudBus - ok
15:05:23.0093 1668  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:05:23.0140 1668  HidBatt - ok
15:05:23.0187 1668  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:05:23.0234 1668  HidBth - ok
15:05:23.0265 1668  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:05:23.0327 1668  HidIr - ok
15:05:23.0359 1668  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
15:05:23.0515 1668  hidserv - ok
15:05:23.0577 1668  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:05:23.0624 1668  HidUsb - ok
15:05:23.0686 1668  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:05:23.0858 1668  hkmsvc - ok
15:05:23.0905 1668  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:05:23.0983 1668  HomeGroupListener - ok
15:05:24.0045 1668  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:05:24.0107 1668  HomeGroupProvider - ok
15:05:24.0185 1668  [ 08457D8F8149757C70CEA59C71EC5D27 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:05:24.0248 1668  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:05:24.0248 1668  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:05:24.0263 1668  [ 75CC8C5146A3FB76221A7606628778D5 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:05:24.0310 1668  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
15:05:24.0310 1668  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
15:05:24.0373 1668  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:05:24.0419 1668  HpSAMD - ok
15:05:24.0544 1668  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:05:24.0685 1668  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
15:05:24.0685 1668  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
15:05:24.0763 1668  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:05:24.0903 1668  HTCAND64 - ok
15:05:24.0981 1668  [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
15:05:25.0028 1668  htcnprot - ok
15:05:25.0090 1668  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:05:25.0262 1668  HTTP - ok
15:05:25.0324 1668  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:05:25.0371 1668  hwpolicy - ok
15:05:25.0433 1668  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:05:25.0480 1668  i8042prt - ok
15:05:25.0574 1668  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:05:25.0636 1668  iaStorV - ok
15:05:25.0730 1668  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:05:25.0823 1668  idsvc - ok
15:05:26.0120 1668  [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:05:26.0666 1668  igfx - ok
15:05:26.0728 1668  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:05:26.0775 1668  iirsp - ok
15:05:26.0869 1668  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:05:27.0087 1668  IKEEXT - ok
15:05:27.0134 1668  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:05:27.0181 1668  intelide - ok
15:05:27.0243 1668  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:05:27.0305 1668  intelppm - ok
15:05:27.0352 1668  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:05:27.0524 1668  IPBusEnum - ok
15:05:27.0680 1668  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:05:27.0867 1668  IpFilterDriver - ok
15:05:27.0945 1668  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:05:28.0007 1668  IPMIDRV - ok
15:05:28.0085 1668  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:05:28.0241 1668  IPNAT - ok
15:05:28.0382 1668  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:05:28.0460 1668  iPod Service - ok
15:05:28.0491 1668  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:05:28.0616 1668  IRENUM - ok
15:05:28.0663 1668  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:05:28.0709 1668  isapnp - ok
15:05:28.0756 1668  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:05:28.0819 1668  iScsiPrt - ok
15:05:28.0850 1668  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:05:28.0912 1668  kbdclass - ok
15:05:28.0959 1668  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:05:29.0037 1668  kbdhid - ok
15:05:29.0068 1668  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:05:29.0099 1668  KeyIso - ok
15:05:29.0177 1668  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:05:29.0224 1668  KSecDD - ok
15:05:29.0287 1668  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:05:29.0333 1668  KSecPkg - ok
15:05:29.0380 1668  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:05:29.0521 1668  ksthunk - ok
15:05:29.0567 1668  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:05:29.0755 1668  KtmRm - ok
15:05:29.0864 1668  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:05:30.0020 1668  LanmanServer - ok
15:05:30.0145 1668  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:05:30.0301 1668  LanmanWorkstation - ok
15:05:30.0441 1668  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:05:30.0597 1668  lltdio - ok
15:05:30.0644 1668  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:05:30.0847 1668  lltdsvc - ok
15:05:30.0909 1668  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:05:31.0049 1668  lmhosts - ok
15:05:31.0159 1668  [ 9C551A9121639A9779862CB8A6CABF03 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
15:05:31.0190 1668  LPCFilter - ok
15:05:31.0237 1668  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:05:31.0299 1668  LSI_FC - ok
15:05:31.0330 1668  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:05:31.0377 1668  LSI_SAS - ok
15:05:31.0408 1668  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:05:31.0455 1668  LSI_SAS2 - ok
15:05:31.0471 1668  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:05:31.0517 1668  LSI_SCSI - ok
15:05:31.0564 1668  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:05:31.0705 1668  luafv - ok
15:05:31.0814 1668  [ CEC4D9C0A64993F4F82FD77A84B21944 ] McAfeeEngineService C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
15:05:31.0845 1668  McAfeeEngineService - ok
15:05:31.0892 1668  [ 1B963D79740B187795407CD03E2F7B4D ] McAfeeFramework C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
15:05:31.0939 1668  McAfeeFramework - ok
15:05:31.0985 1668  [ 911A6416D429EE8A8804D44F2E181A31 ] McShield        C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
15:05:32.0032 1668  McShield - ok
15:05:32.0079 1668  [ 7F743F853A32AC25CB8FAD959A2F087E ] McTaskManager   C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
15:05:32.0126 1668  McTaskManager - ok
15:05:32.0188 1668  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:05:32.0266 1668  Mcx2Svc - ok
15:05:32.0297 1668  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:05:32.0344 1668  megasas - ok
15:05:32.0391 1668  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:05:32.0453 1668  MegaSR - ok
15:05:32.0516 1668  [ 12AD015F8C2C109C6A74D25DA94607FE ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
15:05:32.0578 1668  mfeapfk - ok
15:05:32.0609 1668  [ DD17753AD5FA52F3BCD3B512934690C4 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
15:05:32.0656 1668  mfeavfk - ok
15:05:32.0719 1668  [ 3BA96B0584AD024F03EB9835D45619C2 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
15:05:32.0797 1668  mfehidk - ok
15:05:32.0859 1668  [ 158C24A8ED5F2CAB71A86FD775BC1727 ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
15:05:32.0906 1668  mferkdet - ok
15:05:32.0937 1668  [ 6CFFF53E82808268DD61AB4790A36426 ] mfetdik         C:\Windows\system32\drivers\mfetdik.sys
15:05:32.0984 1668  mfetdik - ok
15:05:33.0031 1668  [ BE9D3BF69F3958492B56DCE7EA7F5FA9 ] mfevtp          C:\Windows\system32\mfevtps.exe
15:05:33.0077 1668  mfevtp - ok
15:05:33.0109 1668  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:05:33.0265 1668  MMCSS - ok
15:05:33.0343 1668  [ 8F13C4E14652CA0874782E7A294DF801 ] mod7700         C:\Windows\system32\Drivers\dvb7700all.sys
15:05:33.0421 1668  mod7700 - ok
15:05:33.0467 1668  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:05:33.0608 1668  Modem - ok
15:05:33.0733 1668  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:05:33.0795 1668  monitor - ok
15:05:33.0857 1668  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:05:33.0904 1668  mouclass - ok
15:05:33.0951 1668  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:05:34.0013 1668  mouhid - ok
15:05:34.0076 1668  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:05:34.0123 1668  mountmgr - ok
15:05:34.0169 1668  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:05:34.0232 1668  mpio - ok
15:05:34.0294 1668  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:05:34.0435 1668  mpsdrv - ok
15:05:34.0497 1668  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:05:34.0575 1668  MRxDAV - ok
15:05:34.0622 1668  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:05:34.0700 1668  mrxsmb - ok
15:05:34.0747 1668  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:05:34.0825 1668  mrxsmb10 - ok
15:05:34.0856 1668  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:05:34.0903 1668  mrxsmb20 - ok
15:05:34.0949 1668  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:05:34.0996 1668  msahci - ok
15:05:35.0059 1668  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:05:35.0105 1668  msdsm - ok
15:05:35.0152 1668  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:05:35.0215 1668  MSDTC - ok
15:05:35.0293 1668  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:05:35.0433 1668  Msfs - ok
15:05:35.0511 1668  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:05:35.0667 1668  mshidkmdf - ok
15:05:35.0714 1668  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:05:35.0761 1668  msisadrv - ok
15:05:35.0807 1668  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:05:35.0963 1668  MSiSCSI - ok
15:05:35.0979 1668  msiserver - ok
15:05:36.0041 1668  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:05:36.0182 1668  MSKSSRV - ok
15:05:36.0213 1668  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:05:36.0369 1668  MSPCLOCK - ok
15:05:36.0385 1668  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:05:36.0525 1668  MSPQM - ok
15:05:36.0634 1668  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:05:36.0697 1668  MsRPC - ok
15:05:36.0759 1668  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:05:36.0806 1668  mssmbios - ok
15:05:36.0837 1668  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:05:36.0977 1668  MSTEE - ok
15:05:37.0024 1668  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:05:37.0071 1668  MTConfig - ok
15:05:37.0102 1668  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:05:37.0149 1668  Mup - ok
15:05:37.0227 1668  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:05:37.0383 1668  napagent - ok
15:05:37.0445 1668  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:05:37.0539 1668  NativeWifiP - ok
15:05:37.0664 1668  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:05:37.0835 1668  NDIS - ok
15:05:37.0882 1668  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:05:38.0023 1668  NdisCap - ok
15:05:38.0116 1668  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:05:38.0272 1668  NdisTapi - ok
15:05:38.0335 1668  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:05:38.0506 1668  Ndisuio - ok
15:05:38.0600 1668  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:05:38.0756 1668  NdisWan - ok
15:05:38.0818 1668  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:05:38.0959 1668  NDProxy - ok
15:05:39.0052 1668  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:05:39.0083 1668  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:05:39.0083 1668  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:05:39.0130 1668  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:05:39.0271 1668  NetBIOS - ok
15:05:39.0333 1668  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:05:39.0505 1668  NetBT - ok
15:05:39.0598 1668  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:05:39.0645 1668  Netlogon - ok
15:05:39.0692 1668  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:05:39.0863 1668  Netman - ok
15:05:39.0910 1668  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:05:40.0082 1668  netprofm - ok
15:05:40.0113 1668  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:05:40.0160 1668  NetTcpPortSharing - ok
15:05:40.0409 1668  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
15:05:40.0784 1668  netw5v64 - ok
15:05:40.0846 1668  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:05:40.0893 1668  nfrd960 - ok
15:05:40.0971 1668  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:05:41.0049 1668  NlaSvc - ok
15:05:41.0096 1668  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:05:41.0236 1668  Npfs - ok
15:05:41.0299 1668  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:05:41.0470 1668  nsi - ok
15:05:41.0501 1668  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:05:41.0642 1668  nsiproxy - ok
15:05:41.0782 1668  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:05:41.0938 1668  Ntfs - ok
15:05:41.0969 1668  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:05:42.0110 1668  Null - ok
15:05:42.0235 1668  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:05:42.0281 1668  nvraid - ok
15:05:42.0313 1668  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:05:42.0375 1668  nvstor - ok
15:05:42.0453 1668  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:05:42.0500 1668  nv_agp - ok
15:05:42.0593 1668  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:05:42.0656 1668  odserv - ok
15:05:42.0718 1668  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:05:42.0765 1668  ohci1394 - ok
15:05:42.0812 1668  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:05:42.0859 1668  ose - ok
15:05:42.0921 1668  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:05:42.0983 1668  p2pimsvc - ok
15:05:43.0030 1668  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:05:43.0108 1668  p2psvc - ok
15:05:43.0155 1668  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:05:43.0202 1668  Parport - ok
15:05:43.0264 1668  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:05:43.0311 1668  partmgr - ok
15:05:43.0420 1668  [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:05:43.0451 1668  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
15:05:43.0451 1668  PassThru Service - detected UnsignedFile.Multi.Generic (1)
15:05:43.0483 1668  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:05:43.0561 1668  PcaSvc - ok
15:05:43.0623 1668  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:05:43.0670 1668  pci - ok
15:05:43.0701 1668  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:05:43.0748 1668  pciide - ok
15:05:43.0810 1668  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:05:43.0857 1668  pcmcia - ok
15:05:43.0904 1668  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:05:43.0951 1668  pcw - ok
15:05:43.0982 1668  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:05:44.0169 1668  PEAUTH - ok
15:05:44.0278 1668  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:05:44.0403 1668  PeerDistSvc - ok
15:05:44.0543 1668  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:05:44.0668 1668  PerfHost - ok
15:05:44.0809 1668  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:05:45.0011 1668  pla - ok
15:05:45.0105 1668  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:05:45.0199 1668  PlugPlay - ok
15:05:45.0261 1668  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:05:45.0277 1668  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:05:45.0277 1668  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:05:45.0323 1668  [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm         C:\Windows\system32\DRIVERS\pnetmdm64.sys
15:05:45.0464 1668  pnetmdm - ok
15:05:45.0511 1668  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:05:45.0557 1668  PNRPAutoReg - ok
15:05:45.0589 1668  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:05:45.0651 1668  PNRPsvc - ok
15:05:45.0713 1668  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:05:45.0885 1668  PolicyAgent - ok
15:05:46.0010 1668  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:05:46.0166 1668  Power - ok
15:05:46.0228 1668  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:05:46.0384 1668  PptpMiniport - ok
15:05:46.0431 1668  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:05:46.0493 1668  Processor - ok
15:05:46.0571 1668  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:05:46.0618 1668  ProfSvc - ok
15:05:46.0634 1668  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:05:46.0681 1668  ProtectedStorage - ok
15:05:46.0743 1668  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:05:46.0899 1668  Psched - ok
15:05:47.0039 1668  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:05:47.0180 1668  ql2300 - ok
15:05:47.0289 1668  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:05:47.0351 1668  ql40xx - ok
15:05:47.0398 1668  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:05:47.0476 1668  QWAVE - ok
15:05:47.0507 1668  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:05:47.0570 1668  QWAVEdrv - ok
15:05:47.0648 1668  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
15:05:47.0695 1668  RapiMgr - ok
15:05:47.0726 1668  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:05:47.0866 1668  RasAcd - ok
15:05:47.0913 1668  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:05:48.0053 1668  RasAgileVpn - ok
15:05:48.0100 1668  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:05:48.0256 1668  RasAuto - ok
15:05:48.0319 1668  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:05:48.0459 1668  Rasl2tp - ok
15:05:48.0568 1668  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:05:48.0709 1668  RasMan - ok
15:05:48.0771 1668  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:05:48.0911 1668  RasPppoe - ok
15:05:48.0958 1668  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:05:49.0114 1668  RasSstp - ok
15:05:49.0192 1668  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:05:49.0364 1668  rdbss - ok
15:05:49.0395 1668  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:05:49.0473 1668  rdpbus - ok
15:05:49.0504 1668  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:05:49.0660 1668  RDPCDD - ok
15:05:49.0801 1668  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:05:49.0847 1668  RDPDR - ok
15:05:49.0894 1668  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:05:50.0050 1668  RDPENCDD - ok
15:05:50.0081 1668  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:05:50.0222 1668  RDPREFMP - ok
15:05:50.0300 1668  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:05:50.0362 1668  RDPWD - ok
15:05:50.0409 1668  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:05:50.0456 1668  rdyboost - ok
15:05:50.0518 1668  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:05:50.0674 1668  RemoteAccess - ok
15:05:50.0737 1668  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:05:50.0893 1668  RemoteRegistry - ok
15:05:51.0017 1668  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:05:51.0095 1668  RFCOMM - ok
15:05:51.0142 1668  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
15:05:51.0314 1668  ROOTMODEM - ok
15:05:51.0392 1668  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:05:51.0548 1668  RpcEptMapper - ok
15:05:51.0595 1668  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:05:51.0657 1668  RpcLocator - ok
15:05:51.0735 1668  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:05:51.0875 1668  RpcSs - ok
15:05:51.0969 1668  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:05:52.0125 1668  rspndr - ok
15:05:52.0203 1668  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:05:52.0281 1668  RTL8167 - ok
15:05:52.0328 1668  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:05:52.0390 1668  s3cap - ok
15:05:52.0453 1668  [ 35899168B47FA3385C6E92F1301BA7A9 ] S3XXx64         C:\Windows\system32\DRIVERS\S3XXx64.sys
15:05:52.0515 1668  S3XXx64 - ok
15:05:52.0546 1668  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:05:52.0593 1668  SamSs - ok
15:05:52.0655 1668  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:05:52.0702 1668  sbp2port - ok
15:05:52.0749 1668  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:05:52.0905 1668  SCardSvr - ok
15:05:53.0030 1668  [ 4DFE7ADB4188F01ACE51F9AA7C6A2924 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
15:05:53.0077 1668  SCDEmu - ok
15:05:53.0123 1668  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:05:53.0264 1668  scfilter - ok
15:05:53.0435 1668  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:05:53.0654 1668  Schedule - ok
15:05:53.0701 1668  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:05:53.0841 1668  SCPolicySvc - ok
15:05:53.0919 1668  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
15:05:53.0997 1668  sdbus - ok
15:05:54.0044 1668  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:05:54.0106 1668  SDRSVC - ok
15:05:54.0153 1668  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:05:54.0309 1668  secdrv - ok
15:05:54.0371 1668  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:05:54.0527 1668  seclogon - ok
15:05:54.0574 1668  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
15:05:54.0730 1668  SENS - ok
15:05:54.0761 1668  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:05:54.0839 1668  SensrSvc - ok
15:05:54.0871 1668  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:05:54.0933 1668  Serenum - ok
15:05:54.0964 1668  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:05:55.0027 1668  Serial - ok
15:05:55.0073 1668  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:05:55.0136 1668  sermouse - ok
15:05:55.0229 1668  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:05:55.0385 1668  SessionEnv - ok
15:05:55.0479 1668  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
15:05:55.0541 1668  sffdisk - ok
15:05:55.0557 1668  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:05:55.0619 1668  sffp_mmc - ok
15:05:55.0651 1668  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
15:05:55.0729 1668  sffp_sd - ok
15:05:55.0760 1668  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:05:55.0807 1668  sfloppy - ok
15:05:55.0869 1668  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:05:56.0041 1668  SharedAccess - ok
15:05:56.0103 1668  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:05:56.0259 1668  ShellHWDetection - ok
15:05:56.0321 1668  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:05:56.0368 1668  SiSRaid2 - ok
15:05:56.0399 1668  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:05:56.0446 1668  SiSRaid4 - ok
15:05:56.0509 1668  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:05:56.0540 1668  SkypeUpdate - ok
15:05:56.0618 1668  [ 323DDCD15DB2A7FED09DF1F835CAFCFB ] SMARTMouseFilterx64 C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys
15:05:56.0649 1668  SMARTMouseFilterx64 - ok
15:05:56.0680 1668  [ 6C691320C71CA8E8C38F52B2CE652C64 ] SMARTVHidMiniVistaAmd64 C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
15:05:56.0711 1668  SMARTVHidMiniVistaAmd64 - ok
15:05:56.0789 1668  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:05:56.0930 1668  Smb - ok
15:05:57.0008 1668  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:05:57.0070 1668  SNMPTRAP - ok
15:05:57.0101 1668  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:05:57.0148 1668  spldr - ok
15:05:57.0242 1668  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:05:57.0304 1668  Spooler - ok
15:05:57.0491 1668  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:05:57.0897 1668  sppsvc - ok
15:05:57.0944 1668  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:05:58.0100 1668  sppuinotify - ok
15:05:58.0193 1668  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:05:58.0287 1668  srv - ok
15:05:58.0349 1668  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:05:58.0427 1668  srv2 - ok
15:05:58.0474 1668  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:05:58.0552 1668  srvnet - ok
15:05:58.0615 1668  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:05:58.0771 1668  SSDPSRV - ok
15:05:58.0880 1668  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:05:59.0020 1668  SstpSvc - ok
15:05:59.0067 1668  [ 55D681EA95F6C3186B4F950C2EA3BAAE ] stdiscover      C:\Program Files (x86)\Sun\servicetag\stdiscoverer.exe
15:05:59.0098 1668  stdiscover ( UnsignedFile.Multi.Generic ) - warning
15:05:59.0098 1668  stdiscover - detected UnsignedFile.Multi.Generic (1)
15:05:59.0145 1668  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:05:59.0192 1668  stexstor - ok
15:05:59.0285 1668  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:05:59.0410 1668  stisvc - ok
15:05:59.0441 1668  [ 91C1AA884F2D1B4371D95463CEA8E7DC ] stlisten        C:\Program Files (x86)\Sun\servicetag\stlisten.exe
15:05:59.0473 1668  stlisten ( UnsignedFile.Multi.Generic ) - warning
15:05:59.0473 1668  stlisten - detected UnsignedFile.Multi.Generic (1)
15:05:59.0535 1668  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:05:59.0582 1668  storflt - ok
15:05:59.0613 1668  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
15:05:59.0675 1668  StorSvc - ok
15:05:59.0722 1668  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:05:59.0769 1668  storvsc - ok
15:05:59.0816 1668  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:05:59.0863 1668  swenum - ok
15:05:59.0925 1668  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:06:00.0097 1668  swprv - ok
15:06:00.0159 1668  [ C851305E2BCFCE8AAA53342F912DDD7F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:06:00.0221 1668  SynTP - ok
15:06:00.0331 1668  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:06:00.0502 1668  SysMain - ok
15:06:00.0549 1668  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:06:00.0627 1668  TabletInputService - ok
15:06:00.0689 1668  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:06:00.0845 1668  TapiSrv - ok
15:06:00.0892 1668  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:06:01.0033 1668  TBS - ok
15:06:01.0157 1668  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:06:01.0329 1668  Tcpip - ok
15:06:01.0438 1668  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:06:01.0579 1668  TCPIP6 - ok
15:06:01.0672 1668  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:06:01.0735 1668  tcpipreg - ok
15:06:01.0797 1668  [ 6A31406FD355CAAE4347AFF4DF4741B3 ] TcUsb           C:\Windows\system32\Drivers\tcusb.sys
15:06:01.0828 1668  TcUsb - ok
15:06:01.0875 1668  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:06:01.0922 1668  TDPIPE - ok
15:06:01.0969 1668  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:06:02.0015 1668  TDTCP - ok
15:06:02.0078 1668  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:06:02.0218 1668  tdx - ok
15:06:02.0281 1668  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:06:02.0327 1668  TermDD - ok
15:06:02.0374 1668  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:06:02.0561 1668  TermService - ok
15:06:02.0671 1668  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:06:02.0764 1668  Themes - ok
15:06:02.0795 1668  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:06:02.0936 1668  THREADORDER - ok
15:06:02.0998 1668  [ 7E673A9711C616D63C33247A51E4C3F7 ] tifm21          C:\Windows\system32\drivers\tifm21.sys
15:06:03.0076 1668  tifm21 - ok
15:06:03.0154 1668  [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:06:03.0232 1668  TosCoSrv - ok
15:06:03.0295 1668  [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
15:06:03.0341 1668  TOSHIBA Bluetooth Service - ok
15:06:03.0388 1668  [ 8021F63311797085949FA387F7C83583 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
15:06:03.0419 1668  tosporte - ok
15:06:03.0482 1668  [ 71BB669BFCADE1580FDCE010ABC76310 ] tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
15:06:03.0513 1668  tosrfbd - ok
15:06:03.0544 1668  [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
15:06:03.0575 1668  tosrfbnp - ok
15:06:03.0653 1668  [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
15:06:03.0685 1668  Tosrfcom - ok
15:06:03.0747 1668  [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
15:06:03.0778 1668  Tosrfhid - ok
15:06:03.0809 1668  [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
15:06:03.0841 1668  tosrfnds - ok
15:06:03.0872 1668  [ E1E045240C1184FA6628F3C7E7FF85D8 ] TosRfSnd        C:\Windows\system32\drivers\tosrfsnd.sys
15:06:03.0903 1668  TosRfSnd - ok
15:06:03.0965 1668  [ DA7AA562448E29CA895895920BFF8946 ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
15:06:04.0012 1668  Tosrfusb - ok
15:06:04.0059 1668  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:06:04.0215 1668  TrkWks - ok
15:06:04.0293 1668  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:06:04.0433 1668  TrustedInstaller - ok
15:06:04.0574 1668  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:06:04.0714 1668  tssecsrv - ok
15:06:04.0761 1668  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:06:04.0808 1668  TsUsbFlt - ok
15:06:04.0870 1668  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:06:05.0026 1668  tunnel - ok
15:06:05.0057 1668  [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:06:05.0104 1668  TVALZ - ok
15:06:05.0151 1668  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:06:05.0198 1668  uagp35 - ok
15:06:05.0260 1668  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:06:05.0401 1668  udfs - ok
15:06:05.0479 1668  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:06:05.0525 1668  UI0Detect - ok
15:06:05.0572 1668  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:06:05.0619 1668  uliagpkx - ok
15:06:05.0681 1668  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:06:05.0728 1668  umbus - ok
15:06:05.0775 1668  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:06:05.0837 1668  UmPass - ok
15:06:05.0900 1668  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
15:06:05.0978 1668  UmRdpService - ok
15:06:06.0056 1668  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:06:06.0227 1668  upnphost - ok
15:06:06.0274 1668  [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:06:06.0290 1668  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:06:06.0290 1668  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:06:06.0352 1668  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:06:06.0415 1668  usbccgp - ok
15:06:06.0477 1668  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:06:06.0539 1668  usbcir - ok
15:06:06.0586 1668  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:06:06.0649 1668  usbehci - ok
15:06:06.0711 1668  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:06:06.0773 1668  usbhub - ok
15:06:06.0805 1668  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:06:06.0867 1668  usbohci - ok
15:06:06.0914 1668  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:06:06.0976 1668  usbprint - ok
15:06:07.0039 1668  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:06:07.0117 1668  USBSTOR - ok
15:06:07.0179 1668  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:06:07.0226 1668  usbuhci - ok
15:06:07.0288 1668  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:06:07.0351 1668  usbvideo - ok
15:06:07.0397 1668  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:06:07.0538 1668  UxSms - ok
15:06:07.0569 1668  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:06:07.0616 1668  VaultSvc - ok
15:06:07.0678 1668  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:06:07.0756 1668  vdrvroot - ok
15:06:07.0865 1668  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:06:08.0053 1668  vds - ok
15:06:08.0115 1668  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:06:08.0162 1668  vga - ok
15:06:08.0193 1668  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:06:08.0349 1668  VgaSave - ok
15:06:08.0411 1668  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:06:08.0458 1668  vhdmp - ok
15:06:08.0505 1668  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:06:08.0552 1668  viaide - ok
15:06:08.0614 1668  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:06:08.0677 1668  vmbus - ok
15:06:08.0708 1668  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:06:08.0770 1668  VMBusHID - ok
15:06:08.0817 1668  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:06:08.0864 1668  volmgr - ok
15:06:08.0926 1668  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:06:09.0004 1668  volmgrx - ok
15:06:09.0082 1668  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:06:09.0145 1668  volsnap - ok
15:06:09.0176 1668  vpnva - ok
15:06:09.0223 1668  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:06:09.0269 1668  vsmraid - ok
15:06:09.0394 1668  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:06:09.0613 1668  VSS - ok
15:06:09.0644 1668  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:06:09.0706 1668  vwifibus - ok
15:06:09.0784 1668  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:06:09.0956 1668  W32Time - ok
15:06:10.0065 1668  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:06:10.0112 1668  WacomPen - ok
15:06:10.0174 1668  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:06:10.0330 1668  WANARP - ok
15:06:10.0330 1668  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:06:10.0471 1668  Wanarpv6 - ok
15:06:10.0627 1668  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:06:10.0751 1668  WatAdminSvc - ok
15:06:10.0907 1668  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:06:11.0048 1668  wbengine - ok
15:06:11.0110 1668  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:06:11.0204 1668  WbioSrvc - ok
15:06:11.0266 1668  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
15:06:11.0329 1668  WcesComm - ok
15:06:11.0391 1668  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:06:11.0500 1668  wcncsvc - ok
15:06:11.0531 1668  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:06:11.0609 1668  WcsPlugInService - ok
15:06:11.0641 1668  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:06:11.0687 1668  Wd - ok
15:06:11.0765 1668  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:06:11.0875 1668  Wdf01000 - ok
15:06:11.0906 1668  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:06:11.0999 1668  WdiServiceHost - ok
15:06:12.0031 1668  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:06:12.0093 1668  WdiSystemHost - ok
15:06:12.0171 1668  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:06:12.0265 1668  WebClient - ok
15:06:12.0296 1668  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:06:12.0483 1668  Wecsvc - ok
15:06:12.0499 1668  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:06:12.0670 1668  wercplsupport - ok
15:06:12.0779 1668  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:06:12.0935 1668  WerSvc - ok
15:06:13.0060 1668  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:06:13.0185 1668  WfpLwf - ok
15:06:13.0247 1668  [ 297B242A1A75BAF5BB24530B3C31EC5A ] whfltr2k        C:\Windows\system32\DRIVERS\whfltr2k.sys
15:06:13.0294 1668  whfltr2k - ok
15:06:13.0310 1668  [ 77CA2577518E78BE1930C6C4A23ECC0F ] whmice2k        C:\Windows\system32\DRIVERS\whmice2k.sys
15:06:13.0357 1668  whmice2k - ok
15:06:13.0372 1668  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:06:13.0419 1668  WIMMount - ok
15:06:13.0466 1668  WinDefend - ok
15:06:13.0497 1668  WinHttpAutoProxySvc - ok
15:06:13.0575 1668  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:06:13.0731 1668  Winmgmt - ok
15:06:13.0856 1668  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:06:14.0090 1668  WinRM - ok
15:06:14.0230 1668  [ FE88B288356E7B47B74B13372ADD906D ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
15:06:14.0293 1668  WINUSB - ok
15:06:14.0371 1668  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:06:14.0495 1668  Wlansvc - ok
15:06:14.0651 1668  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:06:14.0870 1668  wlidsvc - ok
15:06:14.0948 1668  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:06:15.0010 1668  WmiAcpi - ok
15:06:15.0073 1668  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:06:15.0135 1668  wmiApSrv - ok
15:06:15.0182 1668  WMPNetworkSvc - ok
15:06:15.0213 1668  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:06:15.0260 1668  WPCSvc - ok
15:06:15.0322 1668  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:06:15.0385 1668  WPDBusEnum - ok
15:06:15.0416 1668  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:06:15.0556 1668  ws2ifsl - ok
15:06:15.0681 1668  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
15:06:15.0775 1668  wscsvc - ok
15:06:15.0837 1668  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:06:15.0884 1668  WSDPrintDevice - ok
15:06:15.0899 1668  WSearch - ok
15:06:16.0055 1668  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:06:16.0289 1668  wuauserv - ok
15:06:16.0367 1668  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:06:16.0430 1668  WudfPf - ok
15:06:16.0508 1668  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:06:16.0570 1668  WUDFRd - ok
15:06:16.0633 1668  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:06:16.0695 1668  wudfsvc - ok
15:06:16.0742 1668  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:06:16.0820 1668  WwanSvc - ok
15:06:16.0882 1668  ================ Scan global ===============================
15:06:16.0929 1668  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:06:16.0976 1668  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:06:17.0007 1668  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:06:17.0038 1668  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:06:17.0085 1668  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:06:17.0101 1668  [Global] - ok
15:06:17.0101 1668  ================ Scan MBR ==================================
15:06:17.0132 1668  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:06:17.0132 1668  Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:06:17.0194 1668  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:06:17.0194 1668  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:06:17.0257 1668  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:06:17.0257 1668  \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:06:17.0272 1668  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:06:27.0490 1668  \Device\Harddisk1\DR1 - ok
15:06:27.0490 1668  ================ Scan VBR ==================================
15:06:27.0521 1668  [ FA06DF87A24AEA37DF6DC3C32F8710B2 ] \Device\Harddisk0\DR0\Partition1
15:06:27.0521 1668  \Device\Harddisk0\DR0\Partition1 - ok
15:06:27.0537 1668  [ FA055F95266754099EB8EAADFA3C5A9F ] \Device\Harddisk1\DR1\Partition1
15:06:27.0537 1668  \Device\Harddisk1\DR1\Partition1 - ok
15:06:27.0537 1668  ============================================================
15:06:27.0537 1668  Scan finished
15:06:27.0537 1668  ============================================================
15:06:27.0599 1352  Detected object count: 11
15:06:27.0599 1352  Actual detected object count: 11
15:07:29.0376 1352  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0376 1352  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:29.0391 1352  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0391 1352  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:29.0407 1352  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0407 1352  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:29.0422 1352  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0422 1352  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:29.0438 1352  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0438 1352  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:29.0454 1352  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0454 1352  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:29.0469 1352  stdiscover ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0469 1352  stdiscover ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:29.0485 1352  stlisten ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0485 1352  stlisten ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:29.0500 1352  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:29.0500 1352  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:31.0466 1352  \Device\Harddisk0\DR0\# - copied to quarantine
15:07:31.0466 1352  \Device\Harddisk0\DR0 - copied to quarantine
15:07:31.0560 1352  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
15:07:31.0560 1352  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
15:07:31.0575 1352  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:07:31.0591 1352  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:07:31.0591 1352  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
15:07:31.0606 1352  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:07:31.0606 1352  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
15:07:31.0606 1352  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:07:31.0606 1352  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:07:31.0622 1352  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
15:07:31.0622 1352  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
15:07:31.0622 1352  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
15:07:31.0700 1352  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
15:07:31.0700 1352  \Device\Harddisk0\DR0 - ok
15:07:31.0731 1352  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
15:07:31.0731 1352  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:07:31.0731 1352  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:07:38.0268 1800  Deinitialize success
 



#13 RKollas

RKollas
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 09 April 2013 - 02:10 AM

15:15:09.0680 3444  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:15:11.0724 3444  ============================================================
15:15:11.0724 3444  Current date / time: 2013/04/08 15:15:11.0724
15:15:11.0724 3444  SystemInfo:
15:15:11.0724 3444 
15:15:11.0724 3444  OS Version: 6.1.7601 ServicePack: 1.0
15:15:11.0724 3444  Product type: Workstation
15:15:11.0724 3444  ComputerName: ROBERT-LAPTOP
15:15:12.0020 3444  UserName: Robert
15:15:12.0020 3444  Windows directory: C:\Windows
15:15:12.0020 3444  System windows directory: C:\Windows
15:15:12.0020 3444  Running under WOW64
15:15:12.0020 3444  Processor architecture: Intel x64
15:15:12.0020 3444  Number of processors: 2
15:15:12.0020 3444  Page size: 0x1000
15:15:12.0020 3444  Boot type: Normal boot
15:15:12.0020 3444  ============================================================
15:15:22.0831 3444  BG loaded
15:15:27.0261 3444  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:15:27.0355 3444  Drive \Device\Harddisk1\DR1 - Size: 0x1DD400000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:15:27.0433 3444  ============================================================
15:15:27.0433 3444  \Device\Harddisk0\DR0:
15:15:27.0464 3444  MBR partitions:
15:15:27.0464 3444  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1CED7000
15:15:27.0464 3444  \Device\Harddisk1\DR1:
15:15:27.0464 3444  MBR partitions:
15:15:27.0464 3444  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEE8080
15:15:27.0464 3444  ============================================================
15:15:27.0901 3444  C: <-> \Device\Harddisk0\DR0\Partition1
15:15:27.0901 3444  ============================================================
15:15:27.0901 3444  Initialize success
15:15:27.0901 3444  ============================================================
15:16:00.0555 3344  ============================================================
15:16:00.0555 3344  Scan started
15:16:00.0555 3344  Mode: Manual; SigCheck; TDLFS;
15:16:00.0555 3344  ============================================================
15:16:01.0865 3344  ================ Scan system memory ========================
15:16:01.0865 3344  System memory - ok
15:16:01.0865 3344  ================ Scan services =============================
15:16:02.0115 3344  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:16:20.0384 3344  1394ohci - ok
15:16:21.0304 3344  82641948 - ok
15:16:22.0805 3344  [ 5E8EFEB338DEB1F485420B090FE6C85E ] ac.sharedstore  C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
15:16:25.0979 3344  ac.sharedstore - ok
15:16:26.0368 3344  [ 0803574AD22B3AA83A54966CD07B1B50 ] acautoupdate    C:\Program Files\ActivIdentity\ActivClient\acautoup.exe
15:16:30.0565 3344  acautoupdate - ok
15:16:34.0247 3344  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:16:39.0496 3344  ACPI - ok
15:16:41.0661 3344  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:16:54.0416 3344  AcpiPmi - ok
15:16:57.0603 3344  [ E5568164C070A4988BD79C896920B3C6 ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
15:17:02.0383 3344  acsock - ok
15:17:08.0639 3344  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:17:14.0202 3344  AdobeARMservice - ok
15:17:17.0978 3344  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:17:20.0883 3344  AdobeFlashPlayerUpdateSvc - ok
15:17:21.0442 3344  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:17:23.0404 3344  adp94xx - ok
15:17:23.0846 3344  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:17:25.0867 3344  adpahci - ok
15:17:26.0470 3344  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:17:29.0065 3344  adpu320 - ok
15:17:35.0236 3344  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:17:43.0286 3344  AeLookupSvc - ok
15:17:56.0058 3344  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:18:02.0527 3344  AFD - ok
15:18:29.0058 3344  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
15:18:33.0287 3344  AgereSoftModem - ok
15:18:57.0596 3344  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:19:01.0596 3344  agp440 - ok
15:19:02.0632 3344  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:19:20.0616 3344  ALG - ok
15:19:31.0198 3344  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:19:32.0017 3344  aliide - ok
15:20:01.0845 3344  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:20:02.0045 3344  amdide - ok
15:20:32.0812 3344  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:20:33.0117 3344  AmdK8 - ok
15:21:05.0238 3344  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:21:06.0003 3344  AmdPPM - ok
15:21:08.0102 3344  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:21:08.0424 3344  amdsata - ok
15:21:09.0674 3344  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:21:09.0843 3344  amdsbs - ok
15:21:11.0186 3344  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:21:11.0989 3344  amdxata - ok
15:21:12.0305 3344  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:21:13.0211 3344  AppID - ok
15:21:14.0813 3344  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:21:15.0253 3344  AppIDSvc - ok
15:21:15.0853 3344  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:21:16.0983 3344  Appinfo - ok
15:21:17.0476 3344  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:21:17.0848 3344  Apple Mobile Device - ok
15:21:18.0396 3344  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:21:19.0033 3344  AppMgmt - ok
15:21:19.0467 3344  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:21:19.0733 3344  arc - ok
15:21:20.0081 3344  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:21:20.0261 3344  arcsas - ok
15:21:20.0532 3344  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:21:21.0531 3344  AsyncMac - ok
15:21:21.0610 3344  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:21:21.0671 3344  atapi - ok
15:21:22.0033 3344  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:21:23.0022 3344  AudioEndpointBuilder - ok
15:21:24.0983 3344  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:21:25.0498 3344  AudioSrv - ok
15:21:25.0730 3344  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:21:26.0681 3344  AxInstSV - ok
15:21:26.0871 3344  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:21:27.0733 3344  b06bdrv - ok
15:21:28.0192 3344  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:21:28.0628 3344  b57nd60a - ok
15:21:28.0818 3344  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:21:29.0270 3344  BDESVC - ok
15:21:29.0383 3344  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:21:29.0771 3344  Beep - ok
15:21:30.0101 3344  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:21:30.0935 3344  BFE - ok
15:21:31.0086 3344  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
15:21:32.0188 3344  BITS - ok
15:21:32.0245 3344  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:21:32.0454 3344  blbdrive - ok
15:21:32.0599 3344  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:21:33.0026 3344  Bonjour Service - ok
15:21:33.0297 3344  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:21:33.0751 3344  bowser - ok
15:21:33.0897 3344  [ FD3978D71D82A4C951C67599FC5E6A35 ] BRCMDECO        C:\Windows\system32\DRIVERS\BRCMHD64.sys
15:21:34.0350 3344  BRCMDECO - ok
15:21:34.0482 3344  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:21:34.0697 3344  BrFiltLo - ok
15:21:34.0740 3344  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:21:34.0841 3344  BrFiltUp - ok
15:21:34.0938 3344  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:21:35.0158 3344  BridgeMP - ok
15:21:35.0310 3344  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:21:35.0622 3344  Browser - ok
15:21:35.0719 3344  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:21:35.0869 3344  Brserid - ok
15:21:35.0971 3344  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:21:36.0110 3344  BrSerWdm - ok
15:21:36.0172 3344  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:21:36.0334 3344  BrUsbMdm - ok
15:21:36.0427 3344  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:21:36.0549 3344  BrUsbSer - ok
15:21:36.0635 3344  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:21:36.0865 3344  BthEnum - ok
15:21:36.0925 3344  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:21:37.0094 3344  BTHMODEM - ok
15:21:37.0266 3344  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:21:37.0380 3344  BthPan - ok
15:21:37.0507 3344  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:21:37.0905 3344  BTHPORT - ok
15:21:37.0984 3344  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:21:38.0178 3344  bthserv - ok
15:21:38.0244 3344  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:21:38.0571 3344  BTHUSB - ok
15:21:38.0695 3344  catchme - ok
15:21:38.0747 3344  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:21:38.0957 3344  cdfs - ok
15:21:39.0052 3344  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:21:39.0392 3344  cdrom - ok
15:21:39.0510 3344  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:21:39.0938 3344  CertPropSvc - ok
15:21:40.0185 3344  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:21:40.0312 3344  circlass - ok
15:21:40.0424 3344  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:21:40.0540 3344  CLFS - ok
15:21:40.0753 3344  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:21:40.0819 3344  clr_optimization_v2.0.50727_32 - ok
15:21:40.0952 3344  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:21:41.0030 3344  clr_optimization_v2.0.50727_64 - ok
15:21:41.0391 3344  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:21:41.0721 3344  clr_optimization_v4.0.30319_32 - ok
15:21:41.0924 3344  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:21:41.0972 3344  clr_optimization_v4.0.30319_64 - ok
15:21:42.0053 3344  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:21:42.0140 3344  CmBatt - ok
15:21:42.0204 3344  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:21:42.0282 3344  cmdide - ok
15:21:42.0380 3344  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:21:42.0704 3344  CNG - ok
15:21:42.0793 3344  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:21:42.0865 3344  Compbatt - ok
15:21:42.0939 3344  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:21:43.0307 3344  CompositeBus - ok
15:21:43.0351 3344  COMSysApp - ok
15:21:43.0399 3344  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:21:43.0473 3344  crcdisk - ok
15:21:43.0559 3344  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:21:43.0900 3344  CryptSvc - ok
15:21:44.0058 3344  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
15:21:44.0472 3344  CSC - ok
15:21:44.0612 3344  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
15:21:44.0729 3344  CscService - ok
15:21:44.0862 3344  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:21:45.0053 3344  DcomLaunch - ok
15:21:45.0128 3344  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:21:45.0385 3344  defragsvc - ok
15:21:45.0465 3344  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:21:45.0915 3344  DfsC - ok
15:21:46.0137 3344  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:21:46.0469 3344  Dhcp - ok
15:21:46.0532 3344  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:21:46.0723 3344  discache - ok
15:21:46.0841 3344  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:21:46.0913 3344  Disk - ok
15:21:47.0056 3344  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:21:47.0316 3344  Dnscache - ok
15:21:47.0406 3344  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:21:47.0794 3344  dot3svc - ok
15:21:47.0895 3344  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:21:48.0226 3344  DPS - ok
15:21:48.0280 3344  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:21:48.0385 3344  drmkaud - ok
15:21:48.0708 3344  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:21:49.0075 3344  DXGKrnl - ok
15:21:49.0206 3344  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:21:49.0411 3344  EapHost - ok
15:21:50.0206 3344  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:21:50.0869 3344  ebdrv - ok
15:21:50.0946 3344  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:21:51.0364 3344  EFS - ok
15:21:52.0026 3344  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:21:52.0524 3344  ehRecvr - ok
15:21:52.0621 3344  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:21:52.0749 3344  ehSched - ok
15:21:53.0004 3344  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:21:53.0164 3344  elxstor - ok
15:21:53.0247 3344  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:21:53.0336 3344  ErrDev - ok
15:21:53.0592 3344  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:21:53.0779 3344  EventSystem - ok
15:21:53.0895 3344  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:21:54.0083 3344  exfat - ok
15:21:54.0136 3344  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:21:54.0309 3344  fastfat - ok
15:21:54.0513 3344  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:21:54.0847 3344  Fax - ok
15:21:54.0932 3344  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:21:55.0026 3344  fdc - ok
15:21:55.0122 3344  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:21:55.0288 3344  fdPHost - ok
15:21:55.0370 3344  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:21:55.0539 3344  FDResPub - ok
15:21:55.0578 3344  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:21:55.0648 3344  FileInfo - ok
15:21:55.0694 3344  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:21:55.0888 3344  Filetrace - ok
15:21:56.0128 3344  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:21:56.0641 3344  FLEXnet Licensing Service - ok
15:21:56.0691 3344  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:21:56.0808 3344  flpydisk - ok
15:21:56.0887 3344  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:21:57.0143 3344  FltMgr - ok
15:21:57.0512 3344  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:21:58.0027 3344  FontCache - ok
15:21:58.0163 3344  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:21:58.0508 3344  FontCache3.0.0.0 - ok
15:21:58.0636 3344  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:21:58.0718 3344  FsDepends - ok
15:21:58.0774 3344  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:21:59.0087 3344  Fs_Rec - ok
15:21:59.0198 3344  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:21:59.0514 3344  fvevol - ok
15:21:59.0591 3344  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:21:59.0674 3344  gagp30kx - ok
15:21:59.0820 3344  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:22:00.0105 3344  GEARAspiWDM - ok
15:22:00.0345 3344  [ 78DF6B481A14C0C6532BCC9E6BD3B259 ] GKUPRO2D        C:\Windows\system32\Drivers\GKUPRO2D.sys
15:22:00.0704 3344  GKUPRO2D - ok
15:22:00.0850 3344  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:22:01.0261 3344  gpsvc - ok
15:22:01.0533 3344  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:22:01.0577 3344  gupdate - ok
15:22:01.0615 3344  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:22:01.0655 3344  gupdatem - ok
15:22:01.0736 3344  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:22:01.0825 3344  hcw85cir - ok
15:22:01.0971 3344  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:22:02.0319 3344  HdAudAddService - ok
15:22:02.0424 3344  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:22:02.0519 3344  HDAudBus - ok
15:22:02.0596 3344  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:22:02.0708 3344  HidBatt - ok
15:22:02.0778 3344  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:22:02.0961 3344  HidBth - ok
15:22:03.0014 3344  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:22:03.0219 3344  HidIr - ok
15:22:03.0293 3344  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
15:22:03.0489 3344  hidserv - ok
15:22:03.0637 3344  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:22:03.0978 3344  HidUsb - ok
15:22:04.0029 3344  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:22:04.0413 3344  hkmsvc - ok
15:22:04.0571 3344  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:22:04.0896 3344  HomeGroupListener - ok
15:22:04.0995 3344  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:22:05.0079 3344  HomeGroupProvider - ok
15:22:05.0358 3344  [ 08457D8F8149757C70CEA59C71EC5D27 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:22:05.0396 3344  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:22:05.0396 3344  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:22:05.0453 3344  [ 75CC8C5146A3FB76221A7606628778D5 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:22:05.0492 3344  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
15:22:05.0492 3344  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
15:22:05.0541 3344  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:22:05.0900 3344  HpSAMD - ok
15:22:06.0168 3344  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:22:06.0319 3344  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
15:22:06.0320 3344  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
15:22:06.0531 3344  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:22:06.0941 3344  HTCAND64 - ok
15:22:07.0023 3344  [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
15:22:07.0325 3344  htcnprot - ok
15:22:07.0488 3344  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:22:07.0965 3344  HTTP - ok
15:22:08.0024 3344  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:22:08.0236 3344  hwpolicy - ok
15:22:08.0318 3344  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:22:08.0436 3344  i8042prt - ok
15:22:08.0562 3344  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:22:08.0887 3344  iaStorV - ok
15:22:09.0283 3344  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:22:09.0687 3344  idsvc - ok
15:22:11.0291 3344  [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:22:11.0827 3344  igfx - ok
15:22:11.0936 3344  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:22:12.0031 3344  iirsp - ok
15:22:12.0358 3344  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:22:12.0777 3344  IKEEXT - ok
15:22:12.0844 3344  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:22:12.0904 3344  intelide - ok
15:22:12.0947 3344  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:22:13.0032 3344  intelppm - ok
15:22:13.0103 3344  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:22:13.0288 3344  IPBusEnum - ok
15:22:13.0381 3344  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:22:13.0789 3344  IpFilterDriver - ok
15:22:13.0870 3344  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:22:14.0244 3344  IPMIDRV - ok
15:22:14.0292 3344  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:22:14.0486 3344  IPNAT - ok
15:22:14.0631 3344  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:22:14.0711 3344  iPod Service - ok
15:22:14.0772 3344  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:22:14.0876 3344  IRENUM - ok
15:22:14.0947 3344  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:22:15.0023 3344  isapnp - ok
15:22:15.0193 3344  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:22:15.0519 3344  iScsiPrt - ok
15:22:15.0614 3344  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:22:15.0697 3344  kbdclass - ok
15:22:15.0795 3344  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:22:16.0110 3344  kbdhid - ok
15:22:16.0136 3344  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:22:16.0193 3344  KeyIso - ok
15:22:16.0256 3344  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:22:16.0519 3344  KSecDD - ok
15:22:16.0603 3344  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:22:16.0931 3344  KSecPkg - ok
15:22:16.0982 3344  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:22:17.0157 3344  ksthunk - ok
15:22:17.0214 3344  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:22:17.0434 3344  KtmRm - ok
15:22:17.0543 3344  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:22:17.0867 3344  LanmanServer - ok
15:22:17.0943 3344  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:22:18.0287 3344  LanmanWorkstation - ok
15:22:18.0386 3344  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:22:18.0645 3344  lltdio - ok
15:22:18.0715 3344  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:22:18.0903 3344  lltdsvc - ok
15:22:18.0947 3344  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:22:19.0125 3344  lmhosts - ok
15:22:19.0163 3344  [ 9C551A9121639A9779862CB8A6CABF03 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
15:22:19.0470 3344  LPCFilter - ok
15:22:19.0526 3344  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:22:19.0633 3344  LSI_FC - ok
15:22:19.0674 3344  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:22:19.0741 3344  LSI_SAS - ok
15:22:19.0781 3344  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:22:19.0842 3344  LSI_SAS2 - ok
15:22:19.0880 3344  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:22:19.0951 3344  LSI_SCSI - ok
15:22:19.0978 3344  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:22:20.0194 3344  luafv - ok
15:22:20.0304 3344  [ CEC4D9C0A64993F4F82FD77A84B21944 ] McAfeeEngineService C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
15:22:20.0636 3344  McAfeeEngineService - ok
15:22:20.0712 3344  [ 1B963D79740B187795407CD03E2F7B4D ] McAfeeFramework C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
15:22:20.0749 3344  McAfeeFramework - ok
15:22:20.0817 3344  [ 911A6416D429EE8A8804D44F2E181A31 ] McShield        C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
15:22:21.0121 3344  McShield - ok
15:22:21.0176 3344  [ 7F743F853A32AC25CB8FAD959A2F087E ] McTaskManager   C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
15:22:21.0485 3344  McTaskManager - ok
15:22:21.0569 3344  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:22:21.0829 3344  Mcx2Svc - ok
15:22:21.0955 3344  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:22:22.0051 3344  megasas - ok
15:22:22.0131 3344  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:22:22.0221 3344  MegaSR - ok
15:22:22.0359 3344  [ 12AD015F8C2C109C6A74D25DA94607FE ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
15:22:22.0643 3344  mfeapfk - ok
15:22:22.0676 3344  [ DD17753AD5FA52F3BCD3B512934690C4 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
15:22:23.0020 3344  mfeavfk - ok
15:22:23.0094 3344  [ 3BA96B0584AD024F03EB9835D45619C2 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
15:22:23.0432 3344  mfehidk - ok
15:22:23.0508 3344  [ 158C24A8ED5F2CAB71A86FD775BC1727 ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
15:22:23.0812 3344  mferkdet - ok
15:22:23.0959 3344  [ 6CFFF53E82808268DD61AB4790A36426 ] mfetdik         C:\Windows\system32\drivers\mfetdik.sys
15:22:24.0278 3344  mfetdik - ok
15:22:24.0458 3344  [ BE9D3BF69F3958492B56DCE7EA7F5FA9 ] mfevtp          C:\Windows\system32\mfevtps.exe
15:22:24.0794 3344  mfevtp - ok
15:22:24.0848 3344  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:22:25.0051 3344  MMCSS - ok
15:22:25.0143 3344  [ 8F13C4E14652CA0874782E7A294DF801 ] mod7700         C:\Windows\system32\Drivers\dvb7700all.sys
15:22:25.0504 3344  mod7700 - ok
15:22:25.0567 3344  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:22:25.0754 3344  Modem - ok
15:22:25.0791 3344  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:22:25.0867 3344  monitor - ok
15:22:25.0929 3344  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:22:25.0993 3344  mouclass - ok
15:22:26.0045 3344  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:22:26.0146 3344  mouhid - ok
15:22:26.0213 3344  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:22:26.0504 3344  mountmgr - ok
15:22:26.0579 3344  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:22:26.0894 3344  mpio - ok
15:22:26.0962 3344  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:22:27.0144 3344  mpsdrv - ok
15:22:27.0226 3344  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:22:27.0580 3344  MRxDAV - ok
15:22:27.0667 3344  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:22:27.0976 3344  mrxsmb - ok
15:22:28.0082 3344  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:22:28.0422 3344  mrxsmb10 - ok
15:22:28.0493 3344  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:22:28.0787 3344  mrxsmb20 - ok
15:22:28.0905 3344  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:22:29.0228 3344  msahci - ok
15:22:29.0309 3344  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:22:29.0633 3344  msdsm - ok
15:22:29.0673 3344  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:22:29.0760 3344  MSDTC - ok
15:22:29.0823 3344  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:22:29.0989 3344  Msfs - ok
15:22:30.0037 3344  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:22:30.0281 3344  mshidkmdf - ok
15:22:30.0337 3344  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:22:30.0404 3344  msisadrv - ok
15:22:30.0487 3344  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:22:30.0690 3344  MSiSCSI - ok
15:22:30.0710 3344  msiserver - ok
15:22:30.0781 3344  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:22:31.0018 3344  MSKSSRV - ok
15:22:31.0079 3344  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:22:31.0299 3344  MSPCLOCK - ok
15:22:31.0410 3344  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:22:31.0605 3344  MSPQM - ok
15:22:31.0683 3344  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:22:31.0938 3344  MsRPC - ok
15:22:32.0047 3344  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:22:32.0103 3344  mssmbios - ok
15:22:32.0159 3344  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:22:32.0328 3344  MSTEE - ok
15:22:32.0383 3344  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:22:32.0474 3344  MTConfig - ok
15:22:32.0509 3344  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:22:32.0585 3344  Mup - ok
15:22:32.0721 3344  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:22:32.0896 3344  napagent - ok
15:22:32.0983 3344  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:22:33.0107 3344  NativeWifiP - ok
15:22:33.0210 3344  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:22:33.0318 3344  NDIS - ok
15:22:33.0362 3344  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:22:33.0553 3344  NdisCap - ok
15:22:33.0609 3344  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:22:33.0799 3344  NdisTapi - ok
15:22:33.0925 3344  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:22:34.0354 3344  Ndisuio - ok
15:22:34.0440 3344  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:22:34.0815 3344  NdisWan - ok
15:22:34.0874 3344  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:22:35.0309 3344  NDProxy - ok
15:22:35.0400 3344  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:22:35.0601 3344  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:22:35.0601 3344  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:22:35.0638 3344  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:22:35.0820 3344  NetBIOS - ok
15:22:35.0931 3344  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:22:36.0350 3344  NetBT - ok
15:22:36.0382 3344  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:22:36.0435 3344  Netlogon - ok
15:22:36.0533 3344  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:22:36.0719 3344  Netman - ok
15:22:36.0812 3344  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:22:37.0001 3344  netprofm - ok
15:22:37.0114 3344  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:22:37.0216 3344  NetTcpPortSharing - ok
15:22:37.0647 3344  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
15:22:38.0109 3344  netw5v64 - ok
15:22:38.0191 3344  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:22:38.0256 3344  nfrd960 - ok
15:22:38.0407 3344  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:22:38.0683 3344  NlaSvc - ok
15:22:38.0709 3344  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:22:38.0869 3344  Npfs - ok
15:22:38.0929 3344  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:22:39.0111 3344  nsi - ok
15:22:39.0161 3344  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:22:39.0347 3344  nsiproxy - ok
15:22:39.0545 3344  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:22:39.0889 3344  Ntfs - ok
15:22:39.0937 3344  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:22:40.0107 3344  Null - ok
15:22:40.0167 3344  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:22:40.0458 3344  nvraid - ok
15:22:40.0519 3344  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:22:40.0884 3344  nvstor - ok
15:22:40.0946 3344  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:22:41.0097 3344  nv_agp - ok
15:22:41.0750 3344  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:22:42.0093 3344  odserv - ok
15:22:42.0243 3344  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:22:42.0368 3344  ohci1394 - ok
15:22:42.0676 3344  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:22:43.0058 3344  ose - ok
15:22:43.0516 3344  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:22:43.0594 3344  p2pimsvc - ok
15:22:43.0635 3344  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:22:43.0740 3344  p2psvc - ok
15:22:43.0780 3344  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:22:43.0853 3344  Parport - ok
15:22:43.0906 3344  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:22:44.0186 3344  partmgr - ok
15:22:44.0315 3344  [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:22:44.0602 3344  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
15:22:44.0602 3344  PassThru Service - detected UnsignedFile.Multi.Generic (1)
15:22:44.0651 3344  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:22:44.0763 3344  PcaSvc - ok
15:22:44.0830 3344  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:22:45.0153 3344  pci - ok
15:22:45.0206 3344  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:22:45.0276 3344  pciide - ok
15:22:45.0327 3344  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:22:45.0413 3344  pcmcia - ok
15:22:45.0488 3344  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:22:45.0655 3344  pcw - ok
15:22:45.0713 3344  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:22:46.0001 3344  PEAUTH - ok
15:22:46.0155 3344  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:22:46.0313 3344  PeerDistSvc - ok
15:22:46.0613 3344  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:22:46.0723 3344  PerfHost - ok
15:22:46.0938 3344  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:22:47.0350 3344  pla - ok
15:22:47.0455 3344  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:22:47.0742 3344  PlugPlay - ok
15:22:47.0860 3344  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:22:48.0072 3344  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:22:48.0072 3344  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:22:48.0144 3344  [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm         C:\Windows\system32\DRIVERS\pnetmdm64.sys
15:22:48.0470 3344  pnetmdm - ok
15:22:48.0526 3344  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:22:48.0617 3344  PNRPAutoReg - ok
15:22:48.0690 3344  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:22:48.0784 3344  PNRPsvc - ok
15:22:48.0893 3344  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:22:49.0318 3344  PolicyAgent - ok
15:22:49.0411 3344  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:22:49.0637 3344  Power - ok
15:22:49.0709 3344  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:22:50.0159 3344  PptpMiniport - ok
15:22:50.0219 3344  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:22:50.0314 3344  Processor - ok
15:22:50.0397 3344  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:22:50.0721 3344  ProfSvc - ok
15:22:50.0773 3344  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:22:50.0879 3344  ProtectedStorage - ok
15:22:50.0949 3344  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:22:51.0121 3344  Psched - ok
15:22:51.0493 3344  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:22:51.0772 3344  ql2300 - ok
15:22:51.0841 3344  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:22:51.0936 3344  ql40xx - ok
15:22:52.0018 3344  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:22:52.0143 3344  QWAVE - ok
15:22:52.0178 3344  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:22:52.0286 3344  QWAVEdrv - ok
15:22:52.0378 3344  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
15:22:52.0620 3344  RapiMgr - ok
15:22:52.0677 3344  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:22:52.0892 3344  RasAcd - ok
15:22:52.0990 3344  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:22:53.0206 3344  RasAgileVpn - ok
15:22:53.0270 3344  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:22:53.0505 3344  RasAuto - ok
15:22:53.0591 3344  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:22:54.0034 3344  Rasl2tp - ok
15:22:54.0140 3344  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:22:54.0367 3344  RasMan - ok
15:22:54.0445 3344  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:22:54.0676 3344  RasPppoe - ok
15:22:54.0737 3344  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:22:54.0933 3344  RasSstp - ok
15:22:54.0987 3344  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:22:55.0419 3344  rdbss - ok
15:22:55.0500 3344  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:22:55.0626 3344  rdpbus - ok
15:22:55.0659 3344  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:22:55.0870 3344  RDPCDD - ok
15:22:55.0956 3344  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:22:56.0282 3344  RDPDR - ok
15:22:56.0329 3344  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:22:56.0521 3344  RDPENCDD - ok
15:22:56.0568 3344  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:22:56.0738 3344  RDPREFMP - ok
15:22:56.0832 3344  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:22:57.0209 3344  RDPWD - ok
15:22:57.0305 3344  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:22:57.0637 3344  rdyboost - ok
15:22:57.0710 3344  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:22:57.0934 3344  RemoteAccess - ok
15:22:58.0019 3344  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:22:58.0241 3344  RemoteRegistry - ok
15:22:58.0324 3344  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:22:58.0460 3344  RFCOMM - ok
15:22:58.0526 3344  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
15:22:58.0792 3344  ROOTMODEM - ok
15:22:58.0856 3344  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:22:59.0098 3344  RpcEptMapper - ok
15:22:59.0155 3344  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:22:59.0271 3344  RpcLocator - ok
15:22:59.0360 3344  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:22:59.0564 3344  RpcSs - ok
15:22:59.0617 3344  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:22:59.0841 3344  rspndr - ok
15:23:00.0088 3344  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:23:00.0465 3344  RTL8167 - ok
15:23:00.0534 3344  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:23:00.0894 3344  s3cap - ok
15:23:01.0053 3344  [ 35899168B47FA3385C6E92F1301BA7A9 ] S3XXx64         C:\Windows\system32\DRIVERS\S3XXx64.sys
15:23:01.0481 3344  S3XXx64 - ok
15:23:01.0550 3344  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:23:01.0608 3344  SamSs - ok
15:23:02.0804 3344  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:23:03.0313 3344  sbp2port - ok
15:23:03.0430 3344  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:23:03.0659 3344  SCardSvr - ok
15:23:03.0770 3344  [ 4DFE7ADB4188F01ACE51F9AA7C6A2924 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
15:23:04.0090 3344  SCDEmu - ok
15:23:04.0169 3344  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:23:04.0627 3344  scfilter - ok
15:23:04.0887 3344  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:23:05.0376 3344  Schedule - ok
15:23:05.0426 3344  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:23:05.0787 3344  SCPolicySvc - ok
15:23:05.0869 3344  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
15:23:06.0254 3344  sdbus - ok
15:23:06.0332 3344  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:23:06.0637 3344  SDRSVC - ok
15:23:06.0699 3344  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:23:06.0912 3344  secdrv - ok
15:23:06.0979 3344  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:23:07.0421 3344  seclogon - ok
15:23:07.0470 3344  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
15:23:07.0697 3344  SENS - ok
15:23:07.0743 3344  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:23:07.0874 3344  SensrSvc - ok
15:23:07.0949 3344  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:23:08.0084 3344  Serenum - ok
15:23:08.0130 3344  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:23:08.0226 3344  Serial - ok
15:23:08.0294 3344  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:23:08.0389 3344  sermouse - ok
15:23:08.0488 3344  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:23:08.0929 3344  SessionEnv - ok
15:23:09.0002 3344  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
15:23:09.0198 3344  sffdisk - ok
15:23:09.0251 3344  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:23:09.0349 3344  sffp_mmc - ok
15:23:09.0387 3344  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
15:23:09.0749 3344  sffp_sd - ok
15:23:09.0799 3344  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:23:09.0892 3344  sfloppy - ok
15:23:09.0975 3344  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:23:10.0251 3344  SharedAccess - ok
15:23:10.0466 3344  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:23:10.0672 3344  ShellHWDetection - ok
15:23:10.0716 3344  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:23:10.0802 3344  SiSRaid2 - ok
15:23:10.0844 3344  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:23:10.0921 3344  SiSRaid4 - ok
15:23:10.0997 3344  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:23:40.0836 3344  SkypeUpdate - ok
15:23:41.0189 3344  [ 323DDCD15DB2A7FED09DF1F835CAFCFB ] SMARTMouseFilterx64 C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys
15:23:41.0639 3344  SMARTMouseFilterx64 - ok
15:23:41.0842 3344  [ 6C691320C71CA8E8C38F52B2CE652C64 ] SMARTVHidMiniVistaAmd64 C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
15:23:42.0166 3344  SMARTVHidMiniVistaAmd64 - ok
15:23:42.0272 3344  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:23:42.0594 3344  Smb - ok
15:23:42.0909 3344  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:23:43.0077 3344  SNMPTRAP - ok
15:23:43.0126 3344  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:23:43.0199 3344  spldr - ok
15:23:43.0369 3344  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:23:43.0809 3344  Spooler - ok
15:23:44.0355 3344  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:23:44.0839 3344  sppsvc - ok
15:23:45.0231 3344  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:23:45.0691 3344  sppuinotify - ok
15:23:46.0048 3344  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:23:46.0637 3344  srv - ok
15:23:46.0934 3344  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:23:47.0318 3344  srv2 - ok
15:23:47.0383 3344  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:23:47.0774 3344  srvnet - ok
15:23:47.0855 3344  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:23:48.0075 3344  SSDPSRV - ok
15:23:48.0153 3344  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:23:48.0936 3344  SstpSvc - ok
15:23:48.0994 3344  [ 55D681EA95F6C3186B4F950C2EA3BAAE ] stdiscover      C:\Program Files (x86)\Sun\servicetag\stdiscoverer.exe
15:23:49.0357 3344  stdiscover ( UnsignedFile.Multi.Generic ) - warning
15:23:49.0357 3344  stdiscover - detected UnsignedFile.Multi.Generic (1)
15:23:49.0417 3344  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:23:49.0539 3344  stexstor - ok
15:23:49.0644 3344  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:23:49.0995 3344  stisvc - ok
15:23:50.0043 3344  [ 91C1AA884F2D1B4371D95463CEA8E7DC ] stlisten        C:\Program Files (x86)\Sun\servicetag\stlisten.exe
15:23:50.0378 3344  stlisten ( UnsignedFile.Multi.Generic ) - warning
15:23:50.0378 3344  stlisten - detected UnsignedFile.Multi.Generic (1)
15:23:50.0431 3344  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:23:50.0773 3344  storflt - ok
15:23:50.0829 3344  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
15:23:50.0930 3344  StorSvc - ok
15:23:50.0998 3344  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:23:51.0329 3344  storvsc - ok
15:23:51.0380 3344  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:23:51.0482 3344  swenum - ok
15:23:51.0640 3344  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:23:51.0926 3344  swprv - ok
15:23:51.0997 3344  [ C851305E2BCFCE8AAA53342F912DDD7F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:23:52.0347 3344  SynTP - ok
15:23:52.0505 3344  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:23:53.0198 3344  SysMain - ok
15:23:53.0288 3344  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:23:53.0630 3344  TabletInputService - ok
15:23:53.0700 3344  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:23:53.0894 3344  TapiSrv - ok
15:23:53.0964 3344  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:23:54.0160 3344  TBS - ok
15:23:54.0316 3344  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:23:54.0831 3344  Tcpip - ok
15:23:55.0013 3344  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:23:55.0194 3344  TCPIP6 - ok
15:23:55.0272 3344  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:23:55.0658 3344  tcpipreg - ok
15:23:55.0724 3344  [ 6A31406FD355CAAE4347AFF4DF4741B3 ] TcUsb           C:\Windows\system32\Drivers\tcusb.sys
15:23:56.0096 3344  TcUsb - ok
15:23:56.0159 3344  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:23:56.0289 3344  TDPIPE - ok
15:23:56.0344 3344  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:23:56.0718 3344  TDTCP - ok
15:23:56.0780 3344  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:23:57.0234 3344  tdx - ok
15:23:57.0297 3344  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:23:57.0588 3344  TermDD - ok
15:23:57.0703 3344  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:23:58.0157 3344  TermService - ok
15:23:58.0215 3344  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:23:58.0368 3344  Themes - ok
15:23:58.0398 3344  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:23:58.0612 3344  THREADORDER - ok
15:23:58.0665 3344  [ 7E673A9711C616D63C33247A51E4C3F7 ] tifm21          C:\Windows\system32\drivers\tifm21.sys
15:23:59.0015 3344  tifm21 - ok
15:23:59.0116 3344  [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:23:59.0456 3344  TosCoSrv - ok
15:23:59.0560 3344  [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
15:23:59.0608 3344  TOSHIBA Bluetooth Service - ok
15:23:59.0711 3344  [ 8021F63311797085949FA387F7C83583 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
15:24:00.0019 3344  tosporte - ok
15:24:00.0189 3344  [ 71BB669BFCADE1580FDCE010ABC76310 ] tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
15:24:00.0517 3344  tosrfbd - ok
15:24:00.0588 3344  [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
15:24:00.0885 3344  tosrfbnp - ok
15:24:00.0970 3344  [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
15:24:01.0280 3344  Tosrfcom - ok
15:24:01.0330 3344  [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
15:24:01.0687 3344  Tosrfhid - ok
15:24:01.0719 3344  [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
15:24:02.0024 3344  tosrfnds - ok
15:24:02.0068 3344  [ E1E045240C1184FA6628F3C7E7FF85D8 ] TosRfSnd        C:\Windows\system32\drivers\tosrfsnd.sys
15:24:02.0391 3344  TosRfSnd - ok
15:24:02.0486 3344  [ DA7AA562448E29CA895895920BFF8946 ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
15:24:02.0792 3344  Tosrfusb - ok
15:24:02.0884 3344  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:24:03.0113 3344  TrkWks - ok
15:24:03.0332 3344  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:24:03.0835 3344  TrustedInstaller - ok
15:24:03.0905 3344  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:04.0389 3344  tssecsrv - ok
15:24:04.0461 3344  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:24:04.0794 3344  TsUsbFlt - ok
15:24:04.0882 3344  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:24:05.0339 3344  tunnel - ok
15:24:05.0413 3344  [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:24:05.0739 3344  TVALZ - ok
15:24:05.0778 3344  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:24:05.0863 3344  uagp35 - ok
15:24:06.0030 3344  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:24:06.0482 3344  udfs - ok
15:24:06.0562 3344  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:24:06.0670 3344  UI0Detect - ok
15:24:06.0740 3344  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:24:06.0853 3344  uliagpkx - ok
15:24:06.0931 3344  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:24:07.0296 3344  umbus - ok
15:24:07.0377 3344  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:24:07.0478 3344  UmPass - ok
15:24:07.0566 3344  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
15:24:07.0852 3344  UmRdpService - ok
15:24:07.0955 3344  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:24:08.0222 3344  upnphost - ok
15:24:08.0304 3344  [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:24:08.0579 3344  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:24:08.0579 3344  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:24:08.0681 3344  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:09.0050 3344  usbccgp - ok
15:24:09.0104 3344  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:24:09.0216 3344  usbcir - ok
15:24:09.0304 3344  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:24:09.0659 3344  usbehci - ok
15:24:09.0729 3344  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:24:10.0060 3344  usbhub - ok
15:24:10.0121 3344  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:24:10.0443 3344  usbohci - ok
15:24:10.0502 3344  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:24:10.0598 3344  usbprint - ok
15:24:10.0663 3344  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:24:10.0982 3344  USBSTOR - ok
15:24:11.0038 3344  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:24:11.0344 3344  usbuhci - ok
15:24:11.0429 3344  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:24:11.0770 3344  usbvideo - ok
15:24:11.0834 3344  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:24:12.0072 3344  UxSms - ok
15:24:12.0109 3344  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:24:12.0190 3344  VaultSvc - ok
15:24:12.0242 3344  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:24:12.0346 3344  vdrvroot - ok
15:24:12.0476 3344  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:24:13.0022 3344  vds - ok
15:24:13.0096 3344  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:13.0193 3344  vga - ok
15:24:13.0230 3344  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:24:13.0475 3344  VgaSave - ok
15:24:13.0576 3344  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:24:13.0921 3344  vhdmp - ok
15:24:13.0968 3344  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:24:14.0058 3344  viaide - ok
15:24:14.0174 3344  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:24:14.0498 3344  vmbus - ok
15:24:14.0543 3344  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:24:14.0849 3344  VMBusHID - ok
15:24:14.0908 3344  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:24:15.0252 3344  volmgr - ok
15:24:15.0357 3344  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:24:15.0758 3344  volmgrx - ok
15:24:15.0901 3344  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:24:16.0242 3344  volsnap - ok
15:24:16.0289 3344  vpnva - ok
15:24:16.0356 3344  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:24:16.0455 3344  vsmraid - ok
15:24:16.0632 3344  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:24:17.0207 3344  VSS - ok
15:24:17.0267 3344  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:24:17.0367 3344  vwifibus - ok
15:24:17.0486 3344  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:24:17.0777 3344  W32Time - ok
15:24:17.0851 3344  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:24:17.0966 3344  WacomPen - ok
15:24:18.0038 3344  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:24:18.0480 3344  WANARP - ok
15:24:18.0538 3344  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:24:18.0719 3344  Wanarpv6 - ok
15:24:18.0957 3344  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:24:19.0388 3344  WatAdminSvc - ok
15:24:19.0617 3344  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:24:20.0070 3344  wbengine - ok
15:24:20.0221 3344  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:24:20.0372 3344  WbioSrvc - ok
15:24:20.0495 3344  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
15:24:20.0561 3344  WcesComm - ok
15:24:20.0697 3344  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:24:20.0834 3344  wcncsvc - ok
15:24:20.0913 3344  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:24:21.0016 3344  WcsPlugInService - ok
15:24:21.0060 3344  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:24:21.0137 3344  Wd - ok
15:24:21.0466 3344  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:24:21.0797 3344  Wdf01000 - ok
15:24:21.0865 3344  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:24:22.0008 3344  WdiServiceHost - ok
15:24:22.0027 3344  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:24:22.0122 3344  WdiSystemHost - ok
15:24:22.0253 3344  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:24:22.0586 3344  WebClient - ok
15:24:22.0696 3344  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:24:22.0928 3344  Wecsvc - ok
15:24:22.0959 3344  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:24:23.0193 3344  wercplsupport - ok
15:24:23.0253 3344  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:24:23.0439 3344  WerSvc - ok
15:24:23.0490 3344  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:24:23.0650 3344  WfpLwf - ok
15:24:23.0718 3344  [ 297B242A1A75BAF5BB24530B3C31EC5A ] whfltr2k        C:\Windows\system32\DRIVERS\whfltr2k.sys
15:24:24.0067 3344  whfltr2k - ok
15:24:24.0185 3344  [ 77CA2577518E78BE1930C6C4A23ECC0F ] whmice2k        C:\Windows\system32\DRIVERS\whmice2k.sys
15:24:24.0583 3344  whmice2k - ok
15:24:24.0676 3344  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:24:24.0816 3344  WIMMount - ok
15:24:24.0871 3344  WinDefend - ok
15:24:24.0907 3344  WinHttpAutoProxySvc - ok
15:24:25.0038 3344  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:24:25.0299 3344  Winmgmt - ok
15:24:25.0623 3344  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:24:26.0154 3344  WinRM - ok
15:24:26.0339 3344  [ FE88B288356E7B47B74B13372ADD906D ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
15:24:26.0679 3344  WINUSB - ok
15:24:27.0198 3344  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:24:27.0380 3344  Wlansvc - ok
15:24:27.0840 3344  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:24:28.0199 3344  wlidsvc - ok
15:24:28.0265 3344  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:24:28.0363 3344  WmiAcpi - ok
15:24:28.0460 3344  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:24:28.0569 3344  wmiApSrv - ok
15:24:28.0612 3344  WMPNetworkSvc - ok
15:24:28.0657 3344  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:24:28.0738 3344  WPCSvc - ok
15:24:28.0810 3344  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:24:29.0102 3344  WPDBusEnum - ok
15:24:29.0185 3344  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:24:29.0364 3344  ws2ifsl - ok
15:24:29.0454 3344  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
15:24:29.0561 3344  wscsvc - ok
15:24:29.0634 3344  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:24:29.0761 3344  WSDPrintDevice - ok
15:24:29.0779 3344  WSearch - ok
15:24:30.0166 3344  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:24:30.0365 3344  wuauserv - ok
15:24:30.0428 3344  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:24:30.0721 3344  WudfPf - ok
15:24:30.0810 3344  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:31.0081 3344  WUDFRd - ok
15:24:31.0158 3344  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:24:31.0438 3344  wudfsvc - ok
15:24:31.0513 3344  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:24:31.0621 3344  WwanSvc - ok



#14 RKollas

RKollas
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 09 April 2013 - 02:12 AM

15:24:31.0707 3344  ================ Scan global ===============================
15:24:31.0745 3344  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:24:31.0837 3344  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:24:32.0059 3344  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:24:32.0112 3344  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:24:32.0192 3344  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:24:32.0205 3344  [Global] - ok
15:24:32.0207 3344  ================ Scan MBR ==================================
15:24:32.0239 3344  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:24:34.0876 3344  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:24:34.0876 3344  \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:24:34.0903 3344  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:24:47.0512 3344  \Device\Harddisk1\DR1 - ok
15:24:47.0514 3344  ================ Scan VBR ==================================
15:24:47.0545 3344  [ FA06DF87A24AEA37DF6DC3C32F8710B2 ] \Device\Harddisk0\DR0\Partition1
15:24:47.0562 3344  \Device\Harddisk0\DR0\Partition1 - ok
15:24:47.0587 3344  [ FA055F95266754099EB8EAADFA3C5A9F ] \Device\Harddisk1\DR1\Partition1
15:24:47.0591 3344  \Device\Harddisk1\DR1\Partition1 - ok
15:24:47.0609 3344  ================ Scan active images ========================
15:24:47.0636 3344  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
15:24:47.0636 3344  C:\Windows\System32\drivers\crashdmp.sys - ok
15:24:47.0688 3344  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
15:24:47.0688 3344  C:\Windows\System32\drivers\Dumpata.sys - ok
15:24:47.0718 3344  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
15:24:47.0718 3344  C:\Windows\System32\drivers\msahci.sys - ok
15:24:47.0738 3344  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
15:24:47.0738 3344  C:\Windows\System32\drivers\dumpfve.sys - ok
15:24:47.0805 3344  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
15:24:47.0805 3344  C:\Windows\System32\drivers\cdrom.sys - ok
15:24:47.0846 3344  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
15:24:47.0846 3344  C:\Windows\System32\drivers\null.sys - ok
15:24:47.0870 3344  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
15:24:47.0871 3344  C:\Windows\System32\drivers\beep.sys - ok
15:24:47.0945 3344  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
15:24:47.0946 3344  C:\Windows\System32\drivers\vga.sys - ok
15:24:47.0989 3344  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
15:24:47.0989 3344  C:\Windows\System32\drivers\videoprt.sys - ok
15:24:48.0039 3344  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
15:24:48.0039 3344  C:\Windows\System32\drivers\watchdog.sys - ok
15:24:48.0057 3344  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
15:24:48.0057 3344  C:\Windows\System32\drivers\RDPCDD.sys - ok
15:24:48.0088 3344  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
15:24:48.0088 3344  C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:24:48.0114 3344  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
15:24:48.0114 3344  C:\Windows\System32\drivers\RDPREFMP.sys - ok
15:24:48.0145 3344  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
15:24:48.0145 3344  C:\Windows\System32\drivers\msfs.sys - ok
15:24:48.0172 3344  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
15:24:48.0172 3344  C:\Windows\System32\drivers\npfs.sys - ok
15:24:48.0199 3344  [ 6CFFF53E82808268DD61AB4790A36426 ] C:\Windows\System32\drivers\mfetdik.sys
15:24:48.0200 3344  C:\Windows\System32\drivers\mfetdik.sys - ok
15:24:48.0225 3344  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
15:24:48.0226 3344  C:\Windows\System32\drivers\tdi.sys - ok
15:24:48.0250 3344  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
15:24:48.0251 3344  C:\Windows\System32\drivers\tdx.sys - ok
15:24:48.0263 3344  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
15:24:48.0263 3344  C:\Windows\System32\drivers\netbt.sys - ok
15:24:48.0293 3344  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
15:24:48.0293 3344  C:\Windows\System32\drivers\afd.sys - ok
15:24:48.0316 3344  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
15:24:48.0316 3344  C:\Windows\System32\drivers\ws2ifsl.sys - ok
15:24:48.0340 3344  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
15:24:48.0340 3344  C:\Windows\System32\drivers\wfplwf.sys - ok
15:24:48.0364 3344  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
15:24:48.0364 3344  C:\Windows\System32\drivers\pacer.sys - ok
15:24:48.0387 3344  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
15:24:48.0387 3344  C:\Windows\System32\drivers\netbios.sys - ok
15:24:48.0412 3344  [ C523A9186C39D65CC9ADEBB2E1B93CCD ] C:\Windows\System32\drivers\tosrfcom.sys
15:24:48.0413 3344  C:\Windows\System32\drivers\tosrfcom.sys - ok
15:24:48.0440 3344  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
15:24:48.0440 3344  C:\Windows\System32\drivers\wanarp.sys - ok
15:24:48.0463 3344  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
15:24:48.0463 3344  C:\Windows\System32\drivers\termdd.sys - ok
15:24:48.0490 3344  [ 4DFE7ADB4188F01ACE51F9AA7C6A2924 ] C:\Windows\System32\drivers\scdemu.sys
15:24:48.0490 3344  C:\Windows\System32\drivers\scdemu.sys - ok
15:24:48.0518 3344  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
15:24:48.0518 3344  C:\Windows\System32\drivers\rdbss.sys - ok
15:24:48.0534 3344  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
15:24:48.0534 3344  C:\Windows\System32\drivers\nsiproxy.sys - ok
15:24:48.0558 3344  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
15:24:48.0559 3344  C:\Windows\System32\drivers\mssmbios.sys - ok
15:24:48.0582 3344  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
15:24:48.0582 3344  C:\Windows\System32\drivers\discache.sys - ok
15:24:48.0606 3344  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
15:24:48.0606 3344  C:\Windows\System32\drivers\csc.sys - ok
15:24:48.0632 3344  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
15:24:48.0632 3344  C:\Windows\System32\drivers\dfsc.sys - ok
15:24:48.0655 3344  [ FD3978D71D82A4C951C67599FC5E6A35 ] C:\Windows\System32\drivers\BRCMHD64.sys
15:24:48.0655 3344  C:\Windows\System32\drivers\BRCMHD64.sys - ok
15:24:48.0681 3344  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
15:24:48.0682 3344  C:\Windows\System32\drivers\blbdrive.sys - ok
15:24:48.0702 3344  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
15:24:48.0703 3344  C:\Windows\System32\drivers\tunnel.sys - ok
15:24:48.0728 3344  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
15:24:48.0728 3344  C:\Windows\System32\drivers\intelppm.sys - ok
15:24:48.0758 3344  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
15:24:48.0759 3344  C:\Windows\System32\ntdll.dll - ok
15:24:48.0777 3344  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
15:24:48.0778 3344  C:\Windows\System32\smss.exe - ok
15:24:48.0795 3344  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
15:24:48.0795 3344  C:\Windows\System32\autochk.exe - ok
15:24:48.0818 3344  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
15:24:48.0818 3344  C:\Windows\System32\user32.dll - ok
15:24:48.0844 3344  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
15:24:48.0844 3344  C:\Windows\System32\setupapi.dll - ok
15:24:48.0871 3344  [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] C:\Windows\System32\drivers\igdkmd64.sys
15:24:48.0871 3344  C:\Windows\System32\drivers\igdkmd64.sys - ok
15:24:48.0890 3344  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
15:24:48.0890 3344  C:\Windows\System32\kernel32.dll - ok
15:24:48.0922 3344  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
15:24:48.0923 3344  C:\Windows\System32\msvcrt.dll - ok
15:24:48.0945 3344  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
15:24:48.0946 3344  C:\Windows\System32\psapi.dll - ok
15:24:48.0970 3344  [ 87BEA2616EFDEC6A1CB3BFCFB09D816A ] C:\Windows\System32\urlmon.dll
15:24:48.0970 3344  C:\Windows\System32\urlmon.dll - ok
15:24:48.0992 3344  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
15:24:48.0993 3344  C:\Windows\System32\normaliz.dll - ok
15:24:49.0039 3344  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
15:24:49.0039 3344  C:\Windows\System32\advapi32.dll - ok
15:24:49.0070 3344  [ 435E9C764E1EF70058580996452BE6A2 ] C:\Windows\System32\wininet.dll
15:24:49.0070 3344  C:\Windows\System32\wininet.dll - ok
15:24:49.0106 3344  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
15:24:49.0107 3344  C:\Windows\System32\usp10.dll - ok
15:24:49.0138 3344  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
15:24:49.0138 3344  C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:24:49.0200 3344  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
15:24:49.0200 3344  C:\Windows\System32\gdi32.dll - ok
15:24:49.0224 3344  [ F431C3C86FCCC1C53814F043A6CAD825 ] C:\Windows\System32\iertutil.dll
15:24:49.0224 3344  C:\Windows\System32\iertutil.dll - ok
15:24:49.0247 3344  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
15:24:49.0247 3344  C:\Windows\System32\drivers\dxgmms1.sys - ok
15:24:49.0276 3344  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
15:24:49.0276 3344  C:\Windows\System32\drivers\usbport.sys - ok
15:24:49.0300 3344  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
15:24:49.0300 3344  C:\Windows\System32\drivers\usbuhci.sys - ok
15:24:49.0316 3344  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
15:24:49.0317 3344  C:\Windows\System32\difxapi.dll - ok
15:24:49.0340 3344  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
15:24:49.0340 3344  C:\Windows\System32\drivers\usbehci.sys - ok
15:24:49.0364 3344  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
15:24:49.0364 3344  C:\Windows\System32\drivers\hdaudbus.sys - ok
15:24:49.0385 3344  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
15:24:49.0385 3344  C:\Windows\System32\msctf.dll - ok
15:24:49.0409 3344  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
15:24:49.0409 3344  C:\Windows\System32\drivers\Rt64win7.sys - ok
15:24:49.0432 3344  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
15:24:49.0433 3344  C:\Windows\System32\clbcatq.dll - ok
15:24:49.0455 3344  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
15:24:49.0456 3344  C:\Windows\System32\sechost.dll - ok
15:24:49.0483 3344  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
15:24:49.0483 3344  C:\Windows\System32\nsi.dll - ok
15:24:49.0501 3344  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
15:24:49.0502 3344  C:\Windows\System32\imm32.dll - ok
15:24:49.0525 3344  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
15:24:49.0525 3344  C:\Windows\System32\rpcrt4.dll - ok
15:24:49.0549 3344  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
15:24:49.0549 3344  C:\Windows\System32\oleaut32.dll - ok
15:24:49.0565 3344  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
15:24:49.0565 3344  C:\Windows\System32\ole32.dll - ok
15:24:49.0600 3344  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
15:24:49.0600 3344  C:\Windows\System32\ws2_32.dll - ok
15:24:49.0632 3344  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
15:24:49.0632 3344  C:\Windows\System32\shell32.dll - ok
15:24:49.0659 3344  [ 64428DFDAF6E88366CB51F45A79C5F69 ] C:\Windows\System32\drivers\netw5v64.sys
15:24:49.0660 3344  C:\Windows\System32\drivers\netw5v64.sys - ok
15:24:49.0680 3344  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
15:24:49.0680 3344  C:\Windows\System32\drivers\ks.sys - ok
15:24:49.0704 3344  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
15:24:49.0704 3344  C:\Windows\System32\drivers\ksthunk.sys - ok
15:24:49.0729 3344  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
15:24:49.0730 3344  C:\Windows\System32\drivers\1394ohci.sys - ok
15:24:49.0754 3344  [ 7E673A9711C616D63C33247A51E4C3F7 ] C:\Windows\System32\drivers\tifm21.sys
15:24:49.0754 3344  C:\Windows\System32\drivers\tifm21.sys - ok
15:24:49.0774 3344  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] C:\Windows\System32\drivers\sdbus.sys
15:24:49.0775 3344  C:\Windows\System32\drivers\sdbus.sys - ok
15:24:49.0795 3344  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
15:24:49.0795 3344  C:\Windows\System32\drivers\CmBatt.sys - ok
15:24:49.0820 3344  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
15:24:49.0820 3344  C:\Windows\System32\drivers\i8042prt.sys - ok
15:24:49.0835 3344  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
15:24:49.0835 3344  C:\Windows\System32\drivers\kbdclass.sys - ok
15:24:49.0857 3344  [ C851305E2BCFCE8AAA53342F912DDD7F ] C:\Windows\System32\drivers\SynTP.sys
15:24:49.0857 3344  C:\Windows\System32\drivers\SynTP.sys - ok
15:24:49.0879 3344  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
15:24:49.0879 3344  C:\Windows\System32\drivers\usbd.sys - ok
15:24:49.0901 3344  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
15:24:49.0901 3344  C:\Windows\System32\shlwapi.dll - ok
15:24:49.0920 3344  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
15:24:49.0920 3344  C:\Windows\System32\drivers\mouclass.sys - ok
15:24:49.0950 3344  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
15:24:49.0951 3344  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
15:24:49.0976 3344  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
15:24:49.0976 3344  C:\Windows\System32\lpk.dll - ok
15:24:50.0005 3344  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
15:24:50.0005 3344  C:\Windows\System32\drivers\CompositeBus.sys - ok
15:24:50.0037 3344  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
15:24:50.0037 3344  C:\Windows\System32\imagehlp.dll - ok
15:24:50.0064 3344  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
15:24:50.0065 3344  C:\Windows\System32\comdlg32.dll - ok
15:24:50.0079 3344  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
15:24:50.0079 3344  C:\Windows\System32\drivers\hidclass.sys - ok
15:24:50.0103 3344  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
15:24:50.0103 3344  C:\Windows\System32\drivers\hidparse.sys - ok
15:24:50.0128 3344  [ 6C691320C71CA8E8C38F52B2CE652C64 ] C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys
15:24:50.0128 3344  C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys - ok
15:24:50.0155 3344  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
15:24:50.0155 3344  C:\Windows\System32\drivers\agilevpn.sys - ok
15:24:50.0179 3344  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
15:24:50.0180 3344  C:\Windows\System32\Wldap32.dll - ok
15:24:50.0206 3344  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
15:24:50.0207 3344  C:\Windows\System32\comctl32.dll - ok
15:24:50.0229 3344  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
15:24:50.0229 3344  C:\Windows\System32\drivers\rasl2tp.sys - ok
15:24:50.0256 3344  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
15:24:50.0256 3344  C:\Windows\System32\drivers\ndistapi.sys - ok
15:24:50.0288 3344  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
15:24:50.0288 3344  C:\Windows\System32\wintrust.dll - ok
15:24:50.0304 3344  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
15:24:50.0304 3344  C:\Windows\System32\devobj.dll - ok
15:24:50.0327 3344  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
15:24:50.0327 3344  C:\Windows\System32\drivers\ndiswan.sys - ok
15:24:50.0345 3344  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
15:24:50.0345 3344  C:\Windows\System32\KernelBase.dll - ok
15:24:50.0370 3344  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
15:24:50.0370 3344  C:\Windows\System32\cfgmgr32.dll - ok
15:24:50.0389 3344  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
15:24:50.0389 3344  C:\Windows\System32\drivers\raspppoe.sys - ok
15:24:50.0414 3344  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
15:24:50.0414 3344  C:\Windows\System32\crypt32.dll - ok
15:24:50.0439 3344  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
15:24:50.0439 3344  C:\Windows\System32\drivers\raspptp.sys - ok
15:24:50.0461 3344  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
15:24:50.0461 3344  C:\Windows\System32\drivers\rassstp.sys - ok
15:24:50.0485 3344  [ 06841F5CD8410B6BDC0B5A631B8F8787 ] C:\Windows\System32\drivers\pnetmdm64.sys
15:24:50.0485 3344  C:\Windows\System32\drivers\pnetmdm64.sys - ok
15:24:50.0516 3344  [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
15:24:50.0516 3344  C:\Windows\System32\drivers\modem.sys - ok
15:24:50.0534 3344  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
15:24:50.0534 3344  C:\Windows\System32\drivers\rdpbus.sys - ok
15:24:50.0558 3344  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
15:24:50.0559 3344  C:\Windows\System32\msasn1.dll - ok
15:24:50.0581 3344  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
15:24:50.0581 3344  C:\Windows\System32\drivers\swenum.sys - ok
15:24:50.0599 3344  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
15:24:50.0599 3344  C:\Windows\System32\drivers\umbus.sys - ok
15:24:50.0628 3344  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
15:24:50.0628 3344  C:\Windows\System32\drivers\usbhub.sys - ok
15:24:50.0655 3344  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
15:24:50.0655 3344  C:\Windows\SysWOW64\normaliz.dll - ok
15:24:50.0678 3344  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
15:24:50.0679 3344  C:\Windows\System32\drivers\mouhid.sys - ok
15:24:50.0705 3344  [ 323DDCD15DB2A7FED09DF1F835CAFCFB ] C:\Windows\System32\drivers\SMARTMouseFilterx64.sys
15:24:50.0705 3344  C:\Windows\System32\drivers\SMARTMouseFilterx64.sys - ok
15:24:50.0726 3344  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
15:24:50.0726 3344  C:\Windows\System32\drivers\ndproxy.sys - ok
15:24:50.0749 3344  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
15:24:50.0749 3344  C:\Windows\System32\drivers\drmk.sys - ok
15:24:50.0775 3344  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
15:24:50.0775 3344  C:\Windows\System32\drivers\portcls.sys - ok
15:24:50.0799 3344  [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
15:24:50.0800 3344  C:\Windows\System32\drivers\HdAudio.sys - ok
15:24:50.0820 3344  [ 98022774D9930ECBB292E70DB7601DF6 ] C:\Windows\System32\drivers\agrsm64.sys
15:24:50.0820 3344  C:\Windows\System32\drivers\agrsm64.sys - ok
15:24:50.0854 3344  [ 8021F63311797085949FA387F7C83583 ] C:\Windows\System32\drivers\tosporte.sys
15:24:50.0854 3344  C:\Windows\System32\drivers\tosporte.sys - ok
15:24:50.0873 3344  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
15:24:50.0873 3344  C:\Windows\System32\drivers\dxapi.sys - ok
15:24:50.0896 3344  [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
15:24:50.0896 3344  C:\Windows\System32\win32k.sys - ok
15:24:50.0925 3344  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
15:24:50.0925 3344  C:\Windows\System32\csrss.exe - ok
15:24:50.0951 3344  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
15:24:50.0951 3344  C:\Windows\System32\csrsrv.dll - ok
15:24:50.0976 3344  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
15:24:50.0976 3344  C:\Windows\System32\basesrv.dll - ok
15:24:50.0998 3344  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
15:24:50.0999 3344  C:\Windows\System32\winsrv.dll - ok
15:24:51.0028 3344  [ 6A31406FD355CAAE4347AFF4DF4741B3 ] C:\Windows\System32\drivers\tcusb.sys
15:24:51.0028 3344  C:\Windows\System32\drivers\tcusb.sys - ok
15:24:51.0052 3344  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
15:24:51.0052 3344  C:\Windows\System32\drivers\USBSTOR.SYS - ok
15:24:51.0080 3344  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
15:24:51.0080 3344  C:\Windows\System32\drivers\usbccgp.sys - ok
15:24:51.0098 3344  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
15:24:51.0098 3344  C:\Windows\System32\drivers\usbvideo.sys - ok
15:24:51.0112 3344  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
15:24:51.0113 3344  C:\Windows\System32\drivers\monitor.sys - ok
15:24:51.0135 3344  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
15:24:51.0135 3344  C:\Windows\System32\tsddd.dll - ok
15:24:51.0164 3344  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
15:24:51.0164 3344  C:\Windows\System32\sxssrv.dll - ok
15:24:51.0190 3344  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
15:24:51.0190 3344  C:\Windows\System32\wininit.exe - ok
15:24:51.0216 3344  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
15:24:51.0216 3344  C:\Windows\System32\profapi.dll - ok
15:24:51.0245 3344  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
15:24:51.0245 3344  C:\Windows\System32\cdd.dll - ok
15:24:51.0274 3344  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
15:24:51.0274 3344  C:\Windows\System32\RpcRtRemote.dll - ok
15:24:51.0298 3344  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
15:24:51.0299 3344  C:\Windows\System32\drivers\hidusb.sys - ok
15:24:51.0320 3344  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
15:24:51.0320 3344  C:\Windows\System32\KBDUS.DLL - ok
15:24:51.0341 3344  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
15:24:51.0341 3344  C:\Windows\System32\winlogon.exe - ok
15:24:51.0356 3344  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
15:24:51.0356 3344  C:\Windows\System32\winsta.dll - ok
15:24:51.0380 3344  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
15:24:51.0380 3344  C:\Windows\System32\WlS0WndH.dll - ok
15:24:51.0405 3344  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
15:24:51.0405 3344  C:\Windows\System32\sxs.dll - ok
15:24:51.0429 3344  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
15:24:51.0429 3344  C:\Windows\System32\cryptbase.dll - ok
15:24:51.0451 3344  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
15:24:51.0452 3344  C:\Windows\System32\apphelp.dll - ok
15:24:51.0474 3344  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
15:24:51.0474 3344  C:\Windows\System32\services.exe - ok
15:24:51.0504 3344  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
15:24:51.0504 3344  C:\Windows\System32\lsass.exe - ok
15:24:51.0520 3344  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
15:24:51.0520 3344  C:\Windows\System32\lsm.exe - ok
15:24:51.0543 3344  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
15:24:51.0543 3344  C:\Windows\System32\sspisrv.dll - ok
15:24:51.0568 3344  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
15:24:51.0568 3344  C:\Windows\System32\sspicli.dll - ok
15:24:51.0591 3344  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
15:24:51.0591 3344  C:\Windows\System32\lsasrv.dll - ok
15:24:51.0612 3344  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
15:24:51.0613 3344  C:\Windows\System32\scext.dll - ok
15:24:51.0633 3344  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
15:24:51.0633 3344  C:\Windows\System32\sysntfy.dll - ok
15:24:51.0655 3344  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
15:24:51.0656 3344  C:\Windows\System32\wmsgapi.dll - ok
15:24:51.0690 3344  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
15:24:51.0690 3344  C:\Windows\System32\secur32.dll - ok
15:24:51.0705 3344  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
15:24:51.0705 3344  C:\Windows\System32\scesrv.dll - ok
15:24:51.0728 3344  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
15:24:51.0728 3344  C:\Windows\System32\srvcli.dll - ok
15:24:51.0754 3344  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
15:24:51.0754 3344  C:\Windows\System32\samsrv.dll - ok
15:24:51.0786 3344  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
15:24:51.0786 3344  C:\Windows\System32\cryptdll.dll - ok
15:24:51.0804 3344  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
15:24:51.0804 3344  C:\Windows\System32\wevtapi.dll - ok
15:24:51.0826 3344  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
15:24:51.0827 3344  C:\Windows\System32\cngaudit.dll - ok
15:24:51.0850 3344  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
15:24:51.0850 3344  C:\Windows\System32\authz.dll - ok
15:24:51.0871 3344  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
15:24:51.0875 3344  C:\Windows\System32\ncrypt.dll - ok
15:24:51.0893 3344  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
15:24:51.0894 3344  C:\Windows\System32\bcrypt.dll - ok
15:24:51.0917 3344  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
15:24:51.0917 3344  C:\Windows\System32\msprivs.dll - ok
15:24:51.0945 3344  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
15:24:51.0945 3344  C:\Windows\System32\netjoin.dll - ok
15:24:51.0979 3344  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
15:24:51.0980 3344  C:\Windows\System32\negoexts.dll - ok
15:24:51.0997 3344  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
15:24:51.0997 3344  C:\Windows\System32\kerberos.dll - ok
15:24:52.0022 3344  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
15:24:52.0022 3344  C:\Windows\System32\cryptsp.dll - ok
15:24:52.0047 3344  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
15:24:52.0047 3344  C:\Windows\System32\mswsock.dll - ok
15:24:52.0075 3344  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
15:24:52.0075 3344  C:\Windows\System32\wship6.dll - ok
15:24:52.0094 3344  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
15:24:52.0095 3344  C:\Windows\System32\msv1_0.dll - ok
15:24:52.0116 3344  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
15:24:52.0116 3344  C:\Windows\System32\netlogon.dll - ok
15:24:52.0129 3344  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
15:24:52.0129 3344  C:\Windows\System32\dnsapi.dll - ok
15:24:52.0152 3344  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
15:24:52.0152 3344  C:\Windows\System32\logoncli.dll - ok
15:24:52.0176 3344  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
15:24:52.0176 3344  C:\Windows\System32\schannel.dll - ok
15:24:52.0201 3344  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
15:24:52.0201 3344  C:\Windows\System32\wdigest.dll - ok
15:24:52.0221 3344  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
15:24:52.0222 3344  C:\Windows\System32\rsaenh.dll - ok
15:24:52.0246 3344  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
15:24:52.0247 3344  C:\Windows\System32\TSpkg.dll - ok
15:24:52.0269 3344  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
15:24:52.0275 3344  C:\Windows\System32\pku2u.dll - ok
15:24:52.0305 3344  [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
15:24:52.0305 3344  C:\Windows\System32\LIVESSP.DLL - ok
15:24:52.0331 3344  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
15:24:52.0331 3344  C:\Windows\System32\atmfd.dll - ok
15:24:52.0360 3344  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
15:24:52.0360 3344  C:\Windows\System32\bcryptprimitives.dll - ok
15:24:52.0380 3344  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
15:24:52.0380 3344  C:\Windows\System32\efslsaext.dll - ok
15:24:52.0395 3344  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
15:24:52.0395 3344  C:\Windows\System32\credssp.dll - ok
15:24:52.0417 3344  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
15:24:52.0418 3344  C:\Windows\System32\scecli.dll - ok
15:24:52.0446 3344  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
15:24:52.0447 3344  C:\Windows\System32\ubpm.dll - ok
15:24:52.0477 3344  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
15:24:52.0477 3344  C:\Windows\System32\svchost.exe - ok
15:24:52.0500 3344  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
15:24:52.0500 3344  C:\Windows\System32\umpnpmgr.dll - ok
15:24:52.0522 3344  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
15:24:52.0522 3344  C:\Windows\System32\SPInf.dll - ok
15:24:52.0546 3344  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
15:24:52.0547 3344  C:\Windows\System32\devrtl.dll - ok
15:24:52.0572 3344  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
15:24:52.0572 3344  C:\Windows\System32\userenv.dll - ok
15:24:52.0596 3344  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
15:24:52.0596 3344  C:\Windows\System32\gpapi.dll - ok
15:24:52.0625 3344  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
15:24:52.0625 3344  C:\Windows\System32\umpo.dll - ok
15:24:52.0640 3344  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
15:24:52.0640 3344  C:\Windows\System32\pcwum.dll - ok
15:24:52.0676 3344  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
15:24:52.0676 3344  C:\Windows\System32\powrprof.dll - ok
15:24:52.0702 3344  [ 297B242A1A75BAF5BB24530B3C31EC5A ] C:\Windows\System32\drivers\whfltr2k.sys
15:24:52.0702 3344  C:\Windows\System32\drivers\whfltr2k.sys - ok
15:24:52.0729 3344  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
15:24:52.0729 3344  C:\Windows\System32\drivers\luafv.sys - ok
15:24:52.0755 3344  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
15:24:52.0755 3344  C:\Windows\System32\rpcss.dll - ok
15:24:52.0783 3344  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
15:24:52.0783 3344  C:\Windows\System32\RpcEpMap.dll - ok
15:24:52.0806 3344  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
15:24:52.0806 3344  C:\Windows\System32\WSHTCPIP.DLL - ok
15:24:52.0830 3344  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
15:24:52.0830 3344  C:\Windows\System32\wshqos.dll - ok
15:24:52.0856 3344  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
15:24:52.0857 3344  C:\Windows\System32\FirewallAPI.dll - ok
15:24:52.0877 3344  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
15:24:52.0878 3344  C:\Windows\System32\LogonUI.exe - ok
15:24:52.0891 3344  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
15:24:52.0892 3344  C:\Windows\System32\version.dll - ok
15:24:52.0917 3344  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
15:24:52.0917 3344  C:\Windows\System32\authui.dll - ok
15:24:52.0941 3344  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
15:24:52.0941 3344  C:\Windows\System32\wevtsvc.dll - ok
15:24:52.0962 3344  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
15:24:52.0962 3344  C:\Windows\System32\cryptui.dll - ok
15:24:53.0046 3344  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
15:24:53.0047 3344  C:\Windows\System32\audiosrv.dll - ok
15:24:53.0103 3344  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
15:24:53.0104 3344  C:\Windows\System32\mmcss.dll - ok
15:24:53.0197 3344  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
15:24:53.0197 3344  C:\Windows\System32\FntCache.dll - ok
15:24:53.0216 3344  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
15:24:53.0216 3344  C:\Windows\System32\wlansvc.dll - ok
15:24:53.0245 3344  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
15:24:53.0245 3344  C:\Windows\System32\avrt.dll - ok
15:24:53.0287 3344  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
15:24:53.0287 3344  C:\Windows\System32\MMDevAPI.dll - ok
15:24:53.0319 3344  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
15:24:53.0319 3344  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
15:24:53.0355 3344  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
15:24:53.0356 3344  C:\Windows\System32\propsys.dll - ok
15:24:53.0389 3344  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
15:24:53.0390 3344  C:\Windows\System32\shacct.dll - ok
15:24:53.0441 3344  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
15:24:53.0441 3344  C:\Windows\System32\adtschema.dll - ok
15:24:53.0473 3344  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
15:24:53.0474 3344  C:\Windows\System32\samlib.dll - ok
15:24:53.0510 3344  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
15:24:53.0510 3344  C:\Windows\System32\audiodg.exe - ok
15:24:53.0532 3344  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
15:24:53.0532 3344  C:\Windows\System32\uxtheme.dll - ok
15:24:53.0566 3344  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
15:24:53.0566 3344  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
15:24:53.0585 3344  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
15:24:53.0585 3344  C:\Windows\System32\drivers\fltMgr.sys - ok
15:24:53.0609 3344  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
15:24:53.0609 3344  C:\Windows\System32\ntmarta.dll - ok
15:24:53.0633 3344  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
15:24:53.0633 3344  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
15:24:53.0660 3344  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
15:24:53.0660 3344  C:\Windows\System32\PSHED.DLL - ok
15:24:53.0709 3344  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
15:24:53.0709 3344  C:\Windows\System32\cscsvc.dll - ok
15:24:53.0759 3344  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
15:24:53.0759 3344  C:\Windows\System32\gpsvc.dll - ok
15:24:53.0785 3344  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
15:24:53.0785 3344  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
15:24:53.0816 3344  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
15:24:53.0817 3344  C:\Windows\System32\nlaapi.dll - ok
15:24:53.0845 3344  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
15:24:53.0846 3344  C:\Windows\System32\PeerDist.dll - ok
15:24:53.0881 3344  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
15:24:53.0882 3344  C:\Windows\System32\themeservice.dll - ok
15:24:53.0908 3344  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
15:24:53.0908 3344  C:\Windows\System32\profsvc.dll - ok
15:24:53.0937 3344  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
15:24:53.0938 3344  C:\Windows\System32\taskschd.dll - ok
15:24:53.0956 3344  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
15:24:53.0957 3344  C:\Windows\System32\atl.dll - ok
15:24:53.0988 3344  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
15:24:53.0988 3344  C:\Windows\System32\es.dll - ok
15:24:54.0022 3344  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
15:24:54.0022 3344  C:\Windows\System32\dsrole.dll - ok
15:24:54.0045 3344  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
15:24:54.0045 3344  C:\Windows\System32\slc.dll - ok
15:24:54.0071 3344  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
15:24:54.0072 3344  C:\Windows\System32\dui70.dll - ok
15:24:54.0097 3344  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
15:24:54.0098 3344  C:\Windows\System32\comres.dll - ok
15:24:54.0119 3344  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
15:24:54.0120 3344  C:\Windows\System32\Sens.dll - ok
15:24:54.0144 3344  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
15:24:54.0144 3344  C:\Windows\System32\mstask.dll - ok
15:24:54.0169 3344  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
15:24:54.0169 3344  C:\Windows\System32\duser.dll - ok
15:24:54.0201 3344  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
15:24:54.0201 3344  C:\Windows\System32\wtsapi32.dll - ok
15:24:54.0230 3344  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
15:24:54.0230 3344  C:\Windows\System32\uxsms.dll - ok
15:24:54.0247 3344  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
15:24:54.0247 3344  C:\Windows\System32\SndVolSSO.dll - ok
15:24:54.0274 3344  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
15:24:54.0274 3344  C:\Windows\System32\drivers\lltdio.sys - ok
15:24:54.0304 3344  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
15:24:54.0304 3344  C:\Windows\System32\hid.dll - ok
15:24:54.0329 3344  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
15:24:54.0329 3344  C:\Windows\System32\winmm.dll - ok
15:24:54.0358 3344  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
15:24:54.0358 3344  C:\Windows\System32\drivers\nwifi.sys - ok
15:24:54.0394 3344  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
15:24:54.0394 3344  C:\Windows\System32\wdmaud.drv - ok
15:24:54.0410 3344  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
15:24:54.0411 3344  C:\Windows\System32\ksuser.dll - ok
15:24:54.0443 3344  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
15:24:54.0443 3344  C:\Windows\System32\dwmapi.dll - ok
15:24:54.0467 3344  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
15:24:54.0467 3344  C:\Windows\System32\drivers\ndisuio.sys - ok
15:24:54.0490 3344  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
15:24:54.0491 3344  C:\Windows\System32\xmllite.dll - ok
15:24:54.0506 3344  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
15:24:54.0507 3344  C:\Windows\System32\drivers\rspndr.sys - ok
15:24:54.0532 3344  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
15:24:54.0532 3344  C:\Windows\System32\lmhsvc.dll - ok
15:24:54.0555 3344  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
15:24:54.0555 3344  C:\Windows\System32\nsisvc.dll - ok
15:24:54.0586 3344  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
15:24:54.0586 3344  C:\Windows\System32\WindowsCodecs.dll - ok
15:24:54.0600 3344  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
15:24:54.0601 3344  C:\Windows\System32\IPHLPAPI.DLL - ok
15:24:54.0626 3344  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
15:24:54.0627 3344  C:\Windows\System32\keyiso.dll - ok
15:24:54.0648 3344  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
15:24:54.0648 3344  C:\Windows\System32\dnsrslvr.dll - ok
15:24:54.0670 3344  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
15:24:54.0670 3344  C:\Windows\System32\eapsvc.dll - ok
15:24:54.0693 3344  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
15:24:54.0694 3344  C:\Windows\System32\winnsi.dll - ok
15:24:54.0721 3344  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
15:24:54.0722 3344  C:\Windows\System32\eapphost.dll - ok
15:24:54.0766 3344  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
15:24:54.0767 3344  C:\Windows\System32\nrpsrv.dll - ok
15:24:54.0812 3344  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
15:24:54.0812 3344  C:\Windows\System32\FWPUCLNT.DLL - ok
15:24:54.0856 3344  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
15:24:54.0856 3344  C:\Windows\System32\dhcpcore.dll - ok
15:24:54.0962 3344  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
15:24:54.0963 3344  C:\Windows\System32\dhcpcore6.dll - ok
15:24:54.0990 3344  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
15:24:54.0990 3344  C:\Windows\System32\dnsext.dll - ok
15:24:55.0037 3344  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
15:24:55.0037 3344  C:\Windows\System32\dhcpcsvc.dll - ok
15:24:55.0060 3344  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
15:24:55.0060 3344  C:\Windows\System32\wlanmsm.dll - ok
15:24:55.0088 3344  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
15:24:55.0088 3344  C:\Windows\System32\dhcpcsvc6.dll - ok
15:24:55.0117 3344  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
15:24:55.0117 3344  C:\Windows\System32\umb.dll - ok
15:24:55.0143 3344  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
15:24:55.0143 3344  C:\Windows\System32\wlansec.dll - ok
15:24:55.0172 3344  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
15:24:55.0172 3344  C:\Windows\System32\AudioSes.dll - ok
15:24:55.0198 3344  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
15:24:55.0198 3344  C:\Windows\System32\onex.dll - ok
15:24:55.0223 3344  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
15:24:55.0224 3344  C:\Windows\System32\winbrand.dll - ok
15:24:55.0263 3344  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
15:24:55.0263 3344  C:\Windows\System32\eappprxy.dll - ok
15:24:55.0294 3344  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
15:24:55.0294 3344  C:\Windows\System32\msacm32.drv - ok
15:24:55.0310 3344  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
15:24:55.0310 3344  C:\Windows\System32\msacm32.dll - ok
15:24:55.0328 3344  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
15:24:55.0328 3344  C:\Windows\System32\eappcfg.dll - ok
15:24:55.0351 3344  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
15:24:55.0352 3344  C:\Windows\System32\midimap.dll - ok
15:24:55.0376 3344  [ C66291BE81AFDD2F701F4DCB54B5F168 ] C:\Program Files\Protector Suite QL\provider.dll
15:24:55.0376 3344  C:\Program Files\Protector Suite QL\provider.dll - ok
15:24:55.0401 3344  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
15:24:55.0401 3344  C:\Windows\System32\AudioEng.dll - ok
15:24:55.0429 3344  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
15:24:55.0430 3344  C:\Windows\System32\wlgpclnt.dll - ok
15:24:55.0453 3344  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
15:24:55.0453 3344  C:\Windows\System32\l2gpstore.dll - ok
15:24:55.0477 3344  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
15:24:55.0477 3344  C:\Windows\System32\wlanutil.dll - ok
15:24:55.0502 3344  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
15:24:55.0502 3344  C:\Windows\System32\AUDIOKSE.dll - ok
15:24:55.0529 3344  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
15:24:55.0530 3344  C:\Windows\System32\WinSCard.dll - ok
15:24:55.0557 3344  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
15:24:55.0558 3344  C:\Windows\System32\msxml6.dll - ok
15:24:55.0569 3344  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
15:24:55.0570 3344  C:\Windows\System32\WMALFXGFXDSP.dll - ok
15:24:55.0600 3344  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
15:24:55.0600 3344  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
15:24:55.0631 3344  [ 5778B0532A63B7728D508EFE8FD8C5BA ] C:\Program Files\Protector Suite QL\infql2.dll
15:24:55.0631 3344  C:\Program Files\Protector Suite QL\infql2.dll - ok
15:24:55.0652 3344  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
15:24:55.0653 3344  C:\Windows\System32\mfplat.dll - ok
15:24:55.0677 3344  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
15:24:55.0677 3344  C:\Windows\System32\VaultCredProvider.dll - ok
15:24:55.0700 3344  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:24:55.0700 3344  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:24:55.0725 3344  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
15:24:55.0726 3344  C:\Windows\System32\BioCredProv.dll - ok
15:24:55.0754 3344  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
15:24:55.0754 3344  C:\Windows\System32\winbio.dll - ok
15:24:55.0776 3344  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
15:24:55.0777 3344  C:\Windows\System32\credui.dll - ok
15:24:55.0800 3344  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
15:24:55.0801 3344  C:\Windows\System32\vaultcli.dll - ok
15:24:55.0825 3344  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
15:24:55.0825 3344  C:\Windows\System32\shsvcs.dll - ok
15:24:55.0906 3344  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
15:24:55.0906 3344  C:\Windows\System32\netapi32.dll - ok
15:24:55.0954 3344  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
15:24:55.0954 3344  C:\Windows\System32\netutils.dll - ok
15:24:55.0986 3344  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
15:24:55.0986 3344  C:\Windows\System32\wkscli.dll - ok
15:24:56.0046 3344  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
15:24:56.0046 3344  C:\Windows\System32\schedsvc.dll - ok
15:24:56.0089 3344  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
15:24:56.0089 3344  C:\Windows\System32\samcli.dll - ok
15:24:56.0110 3344  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
15:24:56.0110 3344  C:\Windows\System32\certCredProvider.dll - ok
15:24:56.0132 3344  [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
15:24:56.0132 3344  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
15:24:56.0155 3344  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
15:24:56.0156 3344  C:\Windows\System32\ktmw32.dll - ok
15:24:56.0179 3344  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
15:24:56.0179 3344  C:\Windows\System32\rasplap.dll - ok
15:24:56.0202 3344  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
15:24:56.0203 3344  C:\Windows\System32\rasapi32.dll - ok
15:24:56.0226 3344  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
15:24:56.0227 3344  C:\Windows\System32\taskcomp.dll - ok
15:24:56.0251 3344  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
15:24:56.0252 3344  C:\Windows\System32\rasman.dll - ok
15:24:56.0276 3344  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
15:24:56.0276 3344  C:\Windows\System32\rtutils.dll - ok
15:24:56.0303 3344  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
15:24:56.0303 3344  C:\Windows\System32\drivers\fastfat.sys - ok
15:24:56.0332 3344  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
15:24:56.0332 3344  C:\Windows\System32\UXInit.dll - ok
15:24:56.0354 3344  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
15:24:56.0354 3344  C:\Windows\System32\fveapi.dll - ok
15:24:56.0372 3344  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
15:24:56.0373 3344  C:\Windows\System32\netcfgx.dll - ok
15:24:56.0398 3344  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
15:24:56.0399 3344  C:\Windows\System32\tbs.dll - ok
15:24:56.0418 3344  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
15:24:56.0418 3344  C:\Windows\System32\fvecerts.dll - ok
15:24:56.0441 3344  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
15:24:56.0441 3344  C:\Windows\System32\drivers\http.sys - ok
15:24:56.0464 3344  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
15:24:56.0465 3344  C:\Windows\System32\wiarpc.dll - ok
15:24:56.0497 3344  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
15:24:56.0497 3344  C:\Windows\System32\spoolsv.exe - ok
15:24:56.0515 3344  [ 981DF8D91B089DAEC95910AEB0D99E1F ] C:\Program Files\Protector Suite QL\qlbase.dll
15:24:56.0516 3344  C:\Program Files\Protector Suite QL\qlbase.dll - ok
15:24:56.0544 3344  [ 5E8EFEB338DEB1F485420B090FE6C85E ] C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
15:24:56.0545 3344  C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe - ok
15:24:56.0568 3344  [ 6F55080AA133723F24744EF77883FDDB ] C:\Program Files\Common Files\ActivIdentity\aclog.dll
15:24:56.0568 3344  C:\Program Files\Common Files\ActivIdentity\aclog.dll - ok
15:24:56.0593 3344  [ C9754F4BCFAE62E81CE950C552877DDE ] C:\Program Files\Common Files\ActivIdentity\aclibeay.dll
15:24:56.0593 3344  C:\Program Files\Common Files\ActivIdentity\aclibeay.dll - ok
15:24:56.0620 3344  [ 5589E285ADC3DD6CA00B53B1E983E536 ] C:\Program Files\Protector Suite QL\upeksvr.exe
15:24:56.0620 3344  C:\Program Files\Protector Suite QL\upeksvr.exe - ok
15:24:56.0639 3344  [ 9B3B4E231FB6B098AF1E205B04613012 ] C:\Program Files\Protector Suite QL\homepass.dll
15:24:56.0639 3344  C:\Program Files\Protector Suite QL\homepass.dll - ok
15:24:56.0659 3344  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
15:24:56.0659 3344  C:\Windows\System32\wsock32.dll - ok
15:24:56.0684 3344  [ 0377ADDA523022B9C2B3CE250526C2E3 ] C:\Program Files\Common Files\ActivIdentity\accrypto.dll
15:24:56.0685 3344  C:\Program Files\Common Files\ActivIdentity\accrypto.dll - ok
15:24:56.0706 3344  [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
15:24:56.0706 3344  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
15:24:56.0729 3344  [ 6061114558D3D1CBE66F2EF2AF148966 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll
15:24:56.0729 3344  C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll - ok
15:24:56.0755 3344  [ B34D2731DF2FE9864F5C2198AE369462 ] C:\Program Files\Protector Suite QL\homefus2.dll
15:24:56.0755 3344  C:\Program Files\Protector Suite QL\homefus2.dll - ok
15:24:56.0779 3344  [ 442235AC4F20B195F932990CAE47408E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
15:24:56.0779 3344  C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
15:24:56.0809 3344  [ 4175B690EFFB3FA4AB4D3B92062109D7 ] C:\Program Files\Common Files\ActivIdentity\Resources\ac.sharedstorerc.dll
15:24:56.0810 3344  C:\Program Files\Common Files\ActivIdentity\Resources\ac.sharedstorerc.dll - ok
15:24:56.0833 3344  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
15:24:56.0834 3344  C:\Windows\System32\SCardSvr.dll - ok
15:24:56.0858 3344  [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
15:24:56.0858 3344  C:\Windows\System32\riched20.dll - ok
15:24:56.0893 3344  [ FCEB9FE1AEFAAE5B3B00346B733962FF ] C:\Program Files\ActivIdentity\ActivClient\acevents.exe
15:24:56.0894 3344  C:\Program Files\ActivIdentity\ActivClient\acevents.exe - ok
15:24:56.0961 3344  [ 6F55080AA133723F24744EF77883FDDB ] C:\Program Files\ActivIdentity\ActivClient\aclog.dll
15:24:56.0961 3344  C:\Program Files\ActivIdentity\ActivClient\aclog.dll - ok
15:24:57.0061 3344  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
15:24:57.0062 3344  C:\Windows\System32\BFE.DLL - ok
15:24:57.0092 3344  [ 4DA409483F127F564BDDB5EC82DE398D ] C:\Program Files\Protector Suite QL\bio.dll
15:24:57.0092 3344  C:\Program Files\Protector Suite QL\bio.dll - ok
15:24:57.0155 3344  [ CCCE49B584CDEF4FE66A7AFFACA9D725 ] C:\Program Files\ActivIdentity\ActivClient\asphat32.dll
15:24:57.0156 3344  C:\Program Files\ActivIdentity\ActivClient\asphat32.dll - ok
15:24:57.0199 3344  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
15:24:57.0199 3344  C:\Windows\System32\drivers\srvnet.sys - ok
15:24:57.0226 3344  [ E0D3E57D957651284FA4BBAA0C85E128 ] C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll
15:24:57.0226 3344  C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll - ok
15:24:57.0250 3344  [ 0377ADDA523022B9C2B3CE250526C2E3 ] C:\Program Files\ActivIdentity\ActivClient\accrypto.dll
15:24:57.0250 3344  C:\Program Files\ActivIdentity\ActivClient\accrypto.dll - ok
15:24:57.0281 3344  [ C9754F4BCFAE62E81CE950C552877DDE ] C:\Program Files\ActivIdentity\ActivClient\aclibeay.dll
15:24:57.0281 3344  C:\Program Files\ActivIdentity\ActivClient\aclibeay.dll - ok
15:24:57.0302 3344  [ 201C1CA15437180727E6B59126F9B5BB ] C:\Program Files\ActivIdentity\ActivClient\acerrmes.dll
15:24:57.0302 3344  C:\Program Files\ActivIdentity\ActivClient\acerrmes.dll - ok
15:24:57.0329 3344  [ 5C1B9E45D377F1E40ED02C555F3669AF ] C:\Program Files\ActivIdentity\ActivClient\acevtsub.dll
15:24:57.0329 3344  C:\Program Files\ActivIdentity\ActivClient\acevtsub.dll - ok
15:24:57.0381 3344  [ AD694269328867B22D674D31D76271BB ] C:\Program Files\ActivIdentity\ActivClient\aiwinext.dll
15:24:57.0381 3344  C:\Program Files\ActivIdentity\ActivClient\aiwinext.dll - ok
15:24:57.0400 3344  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
15:24:57.0400 3344  C:\Windows\System32\drivers\bowser.sys - ok
15:24:57.0429 3344  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
15:24:57.0429 3344  C:\Windows\System32\SensApi.dll - ok
15:24:57.0449 3344  [ C7E66FE1F7C5D72F72CD4F9FD932CD82 ] C:\Program Files\ActivIdentity\ActivClient\aspcom.dll
15:24:57.0450 3344  C:\Program Files\ActivIdentity\ActivClient\aspcom.dll - ok
15:24:57.0474 3344  [ 0E8B3C5F5A6EF5B5A7BEB505709739B4 ] C:\Windows\System32\SCardDlg.dll
15:24:57.0474 3344  C:\Windows\System32\SCardDlg.dll - ok
15:24:57.0493 3344  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
15:24:57.0493 3344  C:\Windows\System32\drivers\mrxsmb.sys - ok
15:24:57.0516 3344  [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
15:24:57.0517 3344  C:\Windows\System32\mfc42u.dll - ok
15:24:57.0542 3344  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
15:24:57.0542 3344  C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:24:57.0565 3344  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
15:24:57.0565 3344  C:\Windows\System32\msimg32.dll - ok
15:24:57.0589 3344  [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
15:24:57.0589 3344  C:\Windows\System32\odbc32.dll - ok
15:24:57.0652 3344  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
15:24:57.0653 3344  C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:24:57.0703 3344  [ B95F748C4F100DD0F6E8115CC0968670 ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll
15:24:57.0704 3344  C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll - ok
15:24:57.0748 3344  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
15:24:57.0748 3344  C:\Windows\System32\drivers\srv2.sys - ok
15:24:57.0788 3344  [ DEA276F70420CD23F034D35EFF6F4364 ] C:\Program Files\ActivIdentity\ActivClient\Resources\acerrmrc.dll
15:24:57.0788 3344  C:\Program Files\ActivIdentity\ActivClient\Resources\acerrmrc.dll - ok
15:24:57.0825 3344  [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
15:24:57.0825 3344  C:\Windows\System32\odbcint.dll - ok
15:24:57.0864 3344  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
15:24:57.0864 3344  C:\Windows\System32\wkssvc.dll - ok
15:24:57.0906 3344  [ 402E0CDF0491FA28970AB8A73B795AC8 ] C:\Program Files\ActivIdentity\ActivClient\Resources\asphatrc.dll
15:24:57.0906 3344  C:\Program Files\ActivIdentity\ActivClient\Resources\asphatrc.dll - ok
15:24:57.0940 3344  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
15:24:57.0940 3344  C:\Windows\System32\imageres.dll - ok
15:24:57.0963 3344  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
15:24:57.0964 3344  C:\Windows\System32\drivers\srv.sys - ok
15:24:57.0988 3344  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
15:24:57.0988 3344  C:\Windows\System32\srvsvc.dll - ok
15:24:58.0009 3344  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
15:24:58.0010 3344  C:\Windows\System32\browser.dll - ok
15:24:58.0040 3344  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
15:24:58.0041 3344  C:\Windows\System32\netmsg.dll - ok
15:24:58.0072 3344  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
15:24:58.0072 3344  C:\Windows\System32\sscore.dll - ok
15:24:58.0108 3344  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
15:24:58.0108 3344  C:\Windows\System32\clusapi.dll - ok
15:24:58.0162 3344  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
15:24:58.0162 3344  C:\Windows\System32\resutils.dll - ok
15:24:58.0220 3344  [ 0803574AD22B3AA83A54966CD07B1B50 ] C:\Program Files\ActivIdentity\ActivClient\acautoup.exe
15:24:58.0220 3344  C:\Program Files\ActivIdentity\ActivClient\acautoup.exe - ok
15:24:58.0252 3344  [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
15:24:58.0252 3344  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
15:24:58.0282 3344  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
15:24:58.0282 3344  C:\Program Files\Bonjour\mdnsNSP.dll - ok
15:24:58.0302 3344  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
15:24:58.0302 3344  C:\Windows\System32\rasadhlp.dll - ok
15:24:58.0328 3344  [ 09D2CD71164158E7FAC193AA026C433E ] C:\Program Files\ActivIdentity\ActivClient\Resources\acautrc.dll
15:24:58.0328 3344  C:\Program Files\ActivIdentity\ActivClient\Resources\acautrc.dll - ok
15:24:58.0351 3344  [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:24:58.0351 3344  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
15:24:58.0379 3344  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
15:24:58.0380 3344  C:\Windows\SysWOW64\ntdll.dll - ok
15:24:58.0402 3344  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
15:24:58.0402 3344  C:\Windows\System32\wow64.dll - ok
15:24:58.0434 3344  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
15:24:58.0435 3344  C:\Windows\System32\wow64win.dll - ok
15:24:58.0460 3344  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
15:24:58.0461 3344  C:\Windows\System32\wow64cpu.dll - ok
15:24:58.0488 3344  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
15:24:58.0488 3344  C:\Windows\SysWOW64\kernel32.dll - ok
15:24:58.0513 3344  [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
15:24:58.0514 3344  C:\Windows\SysWOW64\KernelBase.dll - ok
15:24:58.0531 3344  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
15:24:58.0531 3344  C:\Windows\SysWOW64\user32.dll - ok
15:24:58.0558 3344  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
15:24:58.0558 3344  C:\Windows\SysWOW64\gdi32.dll - ok
15:24:58.0583 3344  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
15:24:58.0583 3344  C:\Windows\SysWOW64\lpk.dll - ok
15:24:58.0613 3344  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
15:24:58.0614 3344  C:\Windows\SysWOW64\usp10.dll - ok
15:24:58.0644 3344  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
15:24:58.0644 3344  C:\Windows\SysWOW64\msvcrt.dll - ok
15:24:58.0670 3344  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
15:24:58.0670 3344  C:\Windows\SysWOW64\advapi32.dll - ok
15:24:58.0698 3344  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
15:24:58.0698 3344  C:\Windows\SysWOW64\sechost.dll - ok
15:24:58.0725 3344  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
15:24:58.0725 3344  C:\Windows\SysWOW64\rpcrt4.dll - ok
15:24:58.0751 3344  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
15:24:58.0752 3344  C:\Windows\SysWOW64\sspicli.dll - ok
15:24:58.0778 3344  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
15:24:58.0778 3344  C:\Windows\SysWOW64\cryptbase.dll - ok
15:24:58.0794 3344  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
15:24:58.0794 3344  C:\Windows\SysWOW64\shell32.dll - ok
15:24:58.0817 3344  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
15:24:58.0818 3344  C:\Windows\SysWOW64\shlwapi.dll - ok
15:24:58.0844 3344  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
15:24:58.0844 3344  C:\Windows\SysWOW64\ole32.dll - ok
15:24:58.0866 3344  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
15:24:58.0867 3344  C:\Windows\SysWOW64\oleaut32.dll - ok
15:24:58.0891 3344  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
15:24:58.0891 3344  C:\Windows\SysWOW64\crypt32.dll - ok
15:24:58.0915 3344  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
15:24:58.0915 3344  C:\Windows\SysWOW64\msasn1.dll - ok
15:24:58.0941 3344  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
15:24:58.0942 3344  C:\Windows\SysWOW64\wintrust.dll - ok
15:24:58.0969 3344  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
15:24:58.0969 3344  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
15:24:58.0995 3344  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
15:24:58.0996 3344  C:\Windows\SysWOW64\imm32.dll - ok
15:24:59.0022 3344  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
15:24:59.0022 3344  C:\Windows\SysWOW64\msctf.dll - ok
15:24:59.0059 3344  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:24:59.0059 3344  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
15:24:59.0079 3344  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
15:24:59.0079 3344  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
15:24:59.0112 3344  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:24:59.0112 3344  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:24:59.0133 3344  [ 605C6370240FC79CADBCD34960A741D2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
15:24:59.0134 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
15:24:59.0183 3344  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
15:24:59.0183 3344  C:\Windows\SysWOW64\version.dll - ok
15:24:59.0227 3344  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
15:24:59.0227 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
15:24:59.0268 3344  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
15:24:59.0269 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
15:24:59.0314 3344  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
15:24:59.0314 3344  C:\Windows\SysWOW64\ws2_32.dll - ok
15:24:59.0361 3344  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
15:24:59.0362 3344  C:\Windows\SysWOW64\nsi.dll - ok
15:24:59.0385 3344  [ 0EEE814627F4384291687671F76419F6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
15:24:59.0386 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
15:24:59.0415 3344  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
15:24:59.0415 3344  C:\Windows\SysWOW64\wsock32.dll - ok
15:24:59.0490 3344  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
15:24:59.0490 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
15:24:59.0536 3344  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
15:24:59.0536 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
15:24:59.0586 3344  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
15:24:59.0586 3344  C:\Windows\SysWOW64\winmm.dll - ok
15:24:59.0645 3344  [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
15:24:59.0645 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
15:24:59.0696 3344  [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
15:24:59.0696 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
15:24:59.0746 3344  [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
15:24:59.0747 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
15:24:59.0794 3344  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
15:24:59.0794 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
15:24:59.0822 3344  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
15:24:59.0822 3344  C:\Windows\SysWOW64\profapi.dll - ok
15:24:59.0855 3344  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
15:24:59.0855 3344  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
15:24:59.0875 3344  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
15:24:59.0875 3344  C:\Windows\SysWOW64\setupapi.dll - ok
15:24:59.0902 3344  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
15:24:59.0902 3344  C:\Windows\SysWOW64\cfgmgr32.dll - ok
15:24:59.0929 3344  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
15:24:59.0930 3344  C:\Windows\SysWOW64\devobj.dll - ok
15:24:59.0968 3344  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
15:24:59.0969 3344  C:\Windows\SysWOW64\userenv.dll - ok
15:24:59.0997 3344  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
15:24:59.0997 3344  C:\Windows\SysWOW64\wtsapi32.dll - ok
15:25:00.0054 3344  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
15:25:00.0055 3344  C:\Windows\SysWOW64\dnssd.dll - ok
15:25:00.0097 3344  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
15:25:00.0097 3344  C:\Windows\SysWOW64\ntmarta.dll - ok
15:25:00.0185 3344  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
15:25:00.0185 3344  C:\Windows\SysWOW64\Wldap32.dll - ok
15:25:00.0220 3344  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
15:25:00.0220 3344  C:\Windows\SysWOW64\mswsock.dll - ok
15:25:00.0313 3344  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
15:25:00.0313 3344  C:\Program Files\Bonjour\mDNSResponder.exe - ok
15:25:00.0382 3344  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
15:25:00.0386 3344  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
15:25:00.0392 3344  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
15:25:00.0392 3344  C:\Windows\System32\certprop.dll - ok
15:25:00.0483 3344  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
15:25:00.0483 3344  C:\Windows\System32\dps.dll - ok
15:25:00.0532 3344  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
15:25:00.0533 3344  C:\Windows\System32\FDResPub.dll - ok
15:25:00.0596 3344  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
15:25:00.0597 3344  C:\Windows\System32\efssvc.dll - ok
15:25:00.0624 3344  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
15:25:00.0629 3344  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
15:25:00.0651 3344  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
15:25:00.0651 3344  C:\Windows\System32\cryptsvc.dll - ok
15:25:00.0666 3344  [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
15:25:00.0666 3344  C:\Windows\System32\efscore.dll - ok
15:25:00.0693 3344  [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
15:25:00.0693 3344  C:\Windows\SysWOW64\svchost.exe - ok
15:25:00.0722 3344  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
15:25:00.0722 3344  C:\Windows\System32\WSDApi.dll - ok
15:25:00.0754 3344  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
15:25:00.0754 3344  C:\Windows\System32\IKEEXT.DLL - ok
15:25:00.0783 3344  [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
15:25:00.0783 3344  C:\Windows\System32\efsutil.dll - ok
15:25:00.0811 3344  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
15:25:00.0812 3344  C:\Windows\System32\cryptnet.dll - ok
15:25:00.0842 3344  [ CEC4D9C0A64993F4F82FD77A84B21944 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
15:25:00.0842 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe - ok
15:25:00.0874 3344  [ 75CC8C5146A3FB76221A7606628778D5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:25:00.0874 3344  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
15:25:00.0905 3344  [ FF5AB1E282BEF80D6FE35D9BE3FD6BF8 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mytilus3_worker.dll
15:25:00.0905 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mytilus3_worker.dll - ok
15:25:00.0934 3344  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
15:25:00.0935 3344  C:\Windows\System32\esent.dll - ok
15:25:00.0965 3344  [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\SysWOW64\wininet.dll
15:25:00.0966 3344  C:\Windows\SysWOW64\wininet.dll - ok
15:25:00.0998 3344  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
15:25:00.0998 3344  C:\Windows\System32\webservices.dll - ok
15:25:01.0044 3344  [ E14CF5255C46E1556E344CD720F34F25 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
15:25:01.0045 3344  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
15:25:01.0074 3344  [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
15:25:01.0074 3344  C:\Windows\System32\shfolder.dll - ok
15:25:01.0113 3344  [ C72D042A69C32A7658521B3BD5FEA4AF ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mytilus3_server.dll
15:25:01.0113 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mytilus3_server.dll - ok
15:25:01.0139 3344  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
15:25:01.0140 3344  C:\Windows\SysWOW64\winspool.drv - ok
15:25:01.0175 3344  [ CC9968E09D175AB679B7BD7AF3F0D656 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\lockdown.dll
15:25:01.0175 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\lockdown.dll - ok
15:25:01.0194 3344  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
15:25:01.0194 3344  C:\Windows\System32\vpnikeapi.dll - ok
15:25:01.0242 3344  [ F78278EC7A4D5B1AA4C39C5411A6076E ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\Res0900\McShield.DLL
15:25:01.0242 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\Res0900\McShield.DLL - ok
15:25:01.0273 3344  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
15:25:01.0273 3344  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
15:25:01.0314 3344  [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\SysWOW64\iertutil.dll
15:25:01.0315 3344  C:\Windows\SysWOW64\iertutil.dll - ok
15:25:01.0334 3344  [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\SysWOW64\urlmon.dll
15:25:01.0334 3344  C:\Windows\SysWOW64\urlmon.dll - ok
15:25:01.0366 3344  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
15:25:01.0366 3344  C:\Windows\System32\dllhost.exe - ok
15:25:01.0402 3344  [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
15:25:01.0402 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
15:25:01.0445 3344  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
15:25:01.0445 3344  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
15:25:01.0480 3344  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
15:25:01.0480 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
15:25:01.0515 3344  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
15:25:01.0516 3344  C:\Windows\System32\IDStore.dll - ok
15:25:01.0549 3344  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
15:25:01.0564 3344  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
15:25:01.0601 3344  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
15:25:01.0610 3344  C:\Windows\SysWOW64\winnsi.dll - ok
15:25:01.0637 3344  [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
15:25:01.0637 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
15:25:01.0674 3344  [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
15:25:01.0676 3344  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
15:25:01.0698 3344  [ 1B963D79740B187795407CD03E2F7B4D ] C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
15:25:01.0699 3344  C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe - ok
15:25:01.0716 3344  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
15:25:01.0716 3344  C:\Windows\SysWOW64\clbcatq.dll - ok
15:25:01.0743 3344  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
15:25:01.0743 3344  C:\Windows\System32\fundisc.dll - ok
15:25:01.0784 3344  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
15:25:01.0784 3344  C:\Windows\SysWOW64\winsta.dll - ok
15:25:01.0809 3344  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
15:25:01.0809 3344  C:\Windows\System32\vssapi.dll - ok
15:25:01.0849 3344  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
15:25:01.0849 3344  C:\Windows\System32\AtBroker.exe - ok
15:25:01.0872 3344  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
15:25:01.0872 3344  C:\Windows\System32\mpr.dll - ok
15:25:01.0904 3344  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
15:25:01.0904 3344  C:\Windows\System32\taskhost.exe - ok
15:25:01.0933 3344  [ 7D86BF7E930A483E67484BBC91FF7CD5 ] C:\Program Files (x86)\McAfee\Common Framework\nailog3.dll
15:25:01.0933 3344  C:\Program Files (x86)\McAfee\Common Framework\nailog3.dll - ok
15:25:01.0969 3344  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
15:25:01.0969 3344  C:\Windows\System32\userinit.exe - ok
15:25:01.0996 3344  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
15:25:01.0997 3344  C:\Windows\SysWOW64\msvcr71.dll - ok
15:25:02.0054 3344  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
15:25:02.0054 3344  C:\Windows\SysWOW64\cryptsp.dll - ok
15:25:02.0077 3344  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
15:25:02.0084 3344  C:\Windows\System32\dwm.exe - ok
15:25:02.0194 3344  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
15:25:02.0194 3344  C:\Windows\System32\MsCtfMonitor.dll - ok
15:25:02.0246 3344  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
15:25:02.0247 3344  C:\Windows\System32\msutb.dll - ok
15:25:02.0288 3344  [ ECDB189942E5F9FA05B4EF09D000534B ] C:\Program Files (x86)\McAfee\Common Framework\naxml3_71.dll
15:25:02.0288 3344  C:\Program Files (x86)\McAfee\Common Framework\naxml3_71.dll - ok
15:25:02.0353 3344  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
15:25:02.0353 3344  C:\Windows\System32\dwmredir.dll - ok
15:25:02.0385 3344  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
15:25:02.0385 3344  C:\Windows\SysWOW64\msvcp71.dll - ok
15:25:02.0442 3344  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
15:25:02.0442 3344  C:\Windows\System32\dwmcore.dll - ok
15:25:02.0479 3344  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
15:25:02.0479 3344  C:\Windows\System32\HotStartUserAgent.dll - ok
15:25:02.0512 3344  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
15:25:02.0512 3344  C:\Windows\SysWOW64\rsaenh.dll - ok
15:25:02.0556 3344  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
15:25:02.0556 3344  C:\Windows\System32\PlaySndSrv.dll - ok
15:25:02.0610 3344  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
15:25:02.0610 3344  C:\Windows\explorer.exe - ok
15:25:02.0641 3344  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
15:25:02.0641 3344  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
15:25:02.0664 3344  [ A1DF927F39BF907C2CC88290DC075579 ] C:\Program Files (x86)\McAfee\Common Framework\naCmnLib3_71.dll
15:25:02.0664 3344  C:\Program Files (x86)\McAfee\Common Framework\naCmnLib3_71.dll - ok
15:25:02.0689 3344  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
15:25:02.0690 3344  C:\Windows\System32\vsstrace.dll - ok
15:25:02.0717 3344  [ EC37B222A92A95948D2A1C71DC1544D9 ] C:\Program Files (x86)\McAfee\Common Framework\AppLib.dll
15:25:02.0717 3344  C:\Program Files (x86)\McAfee\Common Framework\AppLib.dll - ok
15:25:02.0768 3344  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
15:25:02.0768 3344  C:\Windows\System32\taskeng.exe - ok
15:25:02.0798 3344  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
15:25:02.0798 3344  C:\Windows\System32\localspl.dll - ok
15:25:02.0850 3344  [ 9D7EF8E7DD3BA8A73CA25E4658AE84B9 ] C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
15:25:02.0851 3344  C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll - ok
15:25:02.0921 3344  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
15:25:02.0921 3344  C:\Windows\System32\d3d10_1.dll - ok
15:25:03.0012 3344  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
15:25:03.0021 3344  C:\Windows\System32\spoolss.dll - ok
15:25:03.0056 3344  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
15:25:03.0072 3344  C:\Windows\System32\winspool.drv - ok
15:25:03.0119 3344  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
15:25:03.0119 3344  C:\Windows\System32\TSChannel.dll - ok
15:25:03.0155 3344  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
15:25:03.0156 3344  C:\Windows\System32\d3d10_1core.dll - ok
15:25:03.0469 3344  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
15:25:03.0469 3344  C:\Windows\System32\PrintIsolationProxy.dll - ok
15:25:03.0536 3344  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
15:25:03.0536 3344  C:\Windows\System32\dxgi.dll - ok
15:25:03.0570 3344  [ E6019253451DBB67740F7027AD9E1CB5 ] C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
15:25:03.0570 3344  C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe - ok
15:25:03.0605 3344  [ A479B62BFF87ECF07BCE8D98072BAF9D ] C:\Windows\System32\hpmpw081.dll
15:25:03.0605 3344  C:\Windows\System32\hpmpw081.dll - ok
15:25:03.0640 3344  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
15:25:03.0640 3344  C:\Windows\System32\ExplorerFrame.dll - ok
15:25:03.0677 3344  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:25:03.0678 3344  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
15:25:03.0713 3344  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
15:25:03.0713 3344  C:\Windows\System32\dbghelp.dll - ok
15:25:03.0792 3344  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
15:25:03.0792 3344  C:\Windows\System32\d3d11.dll - ok
15:25:03.0866 3344  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
15:25:03.0866 3344  C:\Windows\SysWOW64\uxtheme.dll - ok
15:25:03.0904 3344  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
15:25:03.0904 3344  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
15:25:03.0940 3344  [ 0F39E1B8D3828CB82F0202D30F5DCA8F ] C:\Windows\System32\hpmpm081.dll
15:25:03.0940 3344  C:\Windows\System32\hpmpm081.dll - ok
15:25:03.0976 3344  [ F2F107A7427C2FAB1E412B5890F1BD50 ] C:\Windows\System32\hppmopjl.dll
15:25:03.0976 3344  C:\Windows\System32\hppmopjl.dll - ok
15:25:04.0015 3344  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
15:25:04.0015 3344  C:\Windows\SysWOW64\netapi32.dll - ok
15:25:04.0051 3344  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
15:25:04.0051 3344  C:\Windows\System32\EhStorShell.dll - ok
15:25:04.0169 3344  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
15:25:04.0169 3344  C:\Windows\System32\FXSMON.dll - ok
15:25:04.0198 3344  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
15:25:04.0198 3344  C:\Windows\SysWOW64\netutils.dll - ok
15:25:04.0261 3344  [ B3D8A0D4BDE95FAA6CA2ABAA3A7C2C20 ] C:\Windows\System32\hpf3l082.dll
15:25:04.0261 3344  C:\Windows\System32\hpf3l082.dll - ok
15:25:04.0311 3344  [ 3F994A6CF62AA8ED7B82CBE8AD7BE810 ] C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll
15:25:04.0311 3344  C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
15:25:04.0392 3344  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
15:25:04.0392 3344  C:\Windows\SysWOW64\srvcli.dll - ok
15:25:04.0464 3344  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
15:25:04.0464 3344  C:\Windows\System32\cscui.dll - ok
15:25:04.0503 3344  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
15:25:04.0503 3344  C:\Windows\System32\tcpmon.dll - ok
15:25:04.0545 3344  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
15:25:04.0545 3344  C:\Windows\SysWOW64\wkscli.dll - ok
15:25:04.0586 3344  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
15:25:04.0586 3344  C:\Windows\System32\snmpapi.dll - ok
15:25:04.0629 3344  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
15:25:04.0629 3344  C:\Windows\System32\wsnmp32.dll - ok
15:25:04.0652 3344  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
15:25:04.0652 3344  C:\Windows\System32\cscdll.dll - ok
15:25:04.0696 3344  [ 6EA7F7754DF5F813EFBDC9140C77F21F ] C:\Windows\System32\igd10umd64.dll
15:25:04.0697 3344  C:\Windows\System32\igd10umd64.dll - ok
15:25:04.0733 3344  [ 5E3075E17D48A2F018C398FF890BDFCC ] C:\Program Files (x86)\McAfee\Common Framework\0409\AgentRes.Dll
15:25:04.0734 3344  C:\Program Files (x86)\McAfee\Common Framework\0409\AgentRes.Dll - ok
15:25:04.0775 3344  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
15:25:04.0775 3344  C:\Windows\System32\cscapi.dll - ok
15:25:04.0821 3344  [ EF73976903AB2674574C37D0ED62741F ] C:\Windows\System32\TBTMon.dll
15:25:04.0821 3344  C:\Windows\System32\TBTMon.dll - ok
15:25:04.0903 3344  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
15:25:04.0903 3344  C:\Windows\System32\ntshrui.dll - ok
15:25:04.0948 3344  [ 7F743F853A32AC25CB8FAD959A2F087E ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
15:25:04.0948 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe - ok
15:25:05.0018 3344  [ BC01DF232FD65E50A4FCDF349526AB27 ] C:\Windows\System32\tbtmon98Language.dll
15:25:05.0018 3344  C:\Windows\System32\tbtmon98Language.dll - ok
15:25:05.0094 3344  [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
15:25:05.0094 3344  C:\Windows\SysWOW64\msiltcfg.dll - ok
15:25:05.0148 3344  [ 657885DE843BF72A05BBB663813539AA ] C:\Program Files\Protector Suite QL\farchns.dll
15:25:05.0148 3344  C:\Program Files\Protector Suite QL\farchns.dll - ok
15:25:05.0198 3344  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
15:25:05.0198 3344  C:\Windows\SysWOW64\psapi.dll - ok
15:25:05.0228 3344  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
15:25:05.0229 3344  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
15:25:05.0279 3344  [ 1274AA4D87F32549574DBCEA0DE94ACC ] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtHcrpAPI.dll
15:25:05.0279 3344  C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtHcrpAPI.dll - ok
15:25:05.0327 3344  [ E0381F9D0075B72310F2A02DFDA809C0 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\lockdown.dll
15:25:05.0327 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\lockdown.dll - ok
15:25:05.0432 3344  [ 2B5239FA845511C2EAD1D5AC88DFBFB1 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\mytilus3_worker.dll
15:25:05.0432 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\mytilus3_worker.dll - ok
15:25:05.0490 3344  [ 9E251DD065E73C8473196F5894899634 ] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtAPI.dll
15:25:05.0490 3344  C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtAPI.dll - ok
15:25:05.0513 3344  [ 8BCA6F08DA0C53EC134F9B01D15CC169 ] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBdAPI.dll
15:25:05.0513 3344  C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBdAPI.dll - ok
15:25:05.0548 3344  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
15:25:05.0548 3344  C:\Windows\SysWOW64\shfolder.dll - ok
15:25:05.0628 3344  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
15:25:05.0629 3344  C:\Windows\SysWOW64\imagehlp.dll - ok
15:25:05.0690 3344  [ E521E56DB4B319744684569F21D2593E ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\shutil.dll
15:25:05.0690 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\shutil.dll - ok
15:25:05.0759 3344  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
15:25:05.0759 3344  C:\Windows\System32\usbmon.dll - ok
15:25:05.0780 3344  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
15:25:05.0780 3344  C:\Windows\System32\WSDMon.dll - ok
15:25:05.0812 3344  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
15:25:05.0812 3344  C:\Windows\SysWOW64\msi.dll - ok
15:25:05.0843 3344  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
15:25:05.0844 3344  C:\Windows\System32\fdPnp.dll - ok
15:25:05.0882 3344  [ 042C3A5F4956B5F79E9F581DC613A4FA ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\wmain.dll
15:25:05.0882 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\wmain.dll - ok
15:25:05.0916 3344  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
15:25:05.0916 3344  C:\Windows\SysWOW64\cscapi.dll - ok
15:25:05.0954 3344  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
15:25:05.0954 3344  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
15:25:05.0987 3344  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
15:25:05.0987 3344  C:\Windows\SysWOW64\comdlg32.dll - ok
15:25:06.0021 3344  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
15:25:06.0021 3344  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
15:25:06.0126 3344  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
15:25:06.0126 3344  C:\Windows\SysWOW64\dbghelp.dll - ok
15:25:06.0164 3344  [ 5C99F92B3C4CFCDF928258C2E838D000 ] C:\Windows\SysWOW64\lz32.dll
15:25:06.0164 3344  C:\Windows\SysWOW64\lz32.dll - ok
15:25:06.0201 3344  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
15:25:06.0201 3344  C:\Windows\System32\IconCodecService.dll - ok
15:25:06.0230 3344  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
15:25:06.0230 3344  C:\Windows\System32\uDWM.dll - ok
15:25:06.0260 3344  [ ACA4F6F3E49D90689BC0CBDD18B282E7 ] C:\Windows\System32\spool\prtprocs\x64\hpcpp107.dll
15:25:06.0261 3344  C:\Windows\System32\spool\prtprocs\x64\hpcpp107.dll - ok
15:25:06.0344 3344  [ F1F397872CB281824A15422453F50A64 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\condl.dll
15:25:06.0345 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\condl.dll - ok
15:25:06.0366 3344  [ E51C8294CE58089278222C32B6C97791 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp082.dll
15:25:06.0366 3344  C:\Windows\System32\spool\prtprocs\x64\hpfpp082.dll - ok
15:25:06.0392 3344  [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
15:25:06.0392 3344  C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
15:25:06.0431 3344  [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
15:25:06.0431 3344  C:\Windows\System32\win32spl.dll - ok
15:25:06.0468 3344  [ BE9D3BF69F3958492B56DCE7EA7F5FA9 ] C:\Windows\System32\mfevtps.exe
15:25:06.0468 3344  C:\Windows\System32\mfevtps.exe - ok
15:25:06.0521 3344  [ 9A6BDF3477C0AD97D20BDE0D71DAF6EB ] C:\Program Files (x86)\McAfee\Common Framework\Logging.dll
15:25:06.0521 3344  C:\Program Files (x86)\McAfee\Common Framework\Logging.dll - ok
15:25:06.0601 3344  [ F67B927B1095FCCFAFD68D1E1ADCFFBD ] C:\Program Files (x86)\McAfee\Common Framework\UserSpace.Dll
15:25:06.0601 3344  C:\Program Files (x86)\McAfee\Common Framework\UserSpace.Dll - ok
15:25:06.0638 3344  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
15:25:06.0638 3344  C:\Windows\System32\inetpp.dll - ok
15:25:06.0669 3344  [ 841E2FA780B91F091A29A872A15CB83C ] C:\Program Files (x86)\McAfee\Common Framework\SecureFrameworkFactory3.dll
15:25:06.0669 3344  C:\Program Files (x86)\McAfee\Common Framework\SecureFrameworkFactory3.dll - ok
15:25:06.0713 3344  [ A75415E932DA0FCAAEE7AAB64A68B62B ] C:\Program Files (x86)\McAfee\Common Framework\Management.dll
15:25:06.0713 3344  C:\Program Files (x86)\McAfee\Common Framework\Management.dll - ok
15:25:06.0754 3344  [ 13E913B6E7E8915D8AE37A8EA1208B67 ] C:\Program Files (x86)\McAfee\Common Framework\naPolicyManager.dll
15:25:06.0755 3344  C:\Program Files (x86)\McAfee\Common Framework\naPolicyManager.dll - ok
15:25:06.0788 3344  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
15:25:06.0789 3344  C:\Windows\SysWOW64\apphelp.dll - ok
15:25:06.0814 3344  [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\UniDrvUI.dll
15:25:06.0815 3344  C:\Windows\System32\spool\drivers\x64\3\UniDrvUI.dll - ok
15:25:06.0837 3344  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
15:25:06.0838 3344  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
15:25:06.0863 3344  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
15:25:06.0863 3344  C:\Windows\System32\nlasvc.dll - ok
15:25:06.0880 3344  [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
15:25:06.0880 3344  C:\Windows\System32\HPZinw12.dll - ok
15:25:06.0899 3344  [ 134579F748163BC51D126488A2962B04 ] C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
15:25:06.0899 3344  C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe - ok
15:25:06.0925 3344  [ 39B9DCD7040654C2E57D7396736C718E ] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:25:06.0925 3344  C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe - ok
15:25:06.0948 3344  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
15:25:06.0949 3344  C:\Windows\System32\ncsi.dll - ok
15:25:06.0970 3344  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
15:25:06.0970 3344  C:\Windows\System32\netprofm.dll - ok
15:25:06.0994 3344  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
15:25:06.0994 3344  C:\Windows\System32\winhttp.dll - ok
15:25:07.0023 3344  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
15:25:07.0043 3344  C:\Windows\System32\pcasvc.dll - ok
15:25:07.0058 3344  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
15:25:07.0059 3344  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
15:25:07.0080 3344  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
15:25:07.0081 3344  C:\Windows\System32\aepic.dll - ok
15:25:07.0107 3344  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
15:25:07.0107 3344  C:\Windows\System32\drivers\PEAuth.sys - ok
15:25:07.0136 3344  [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
15:25:07.0136 3344  C:\Windows\System32\tcpmib.dll - ok
15:25:07.0156 3344  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
15:25:07.0156 3344  C:\Windows\System32\webio.dll - ok
15:25:07.0202 3344  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
15:25:07.0202 3344  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
15:25:07.0223 3344  [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
15:25:07.0223 3344  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
15:25:07.0257 3344  [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
15:25:07.0258 3344  C:\Windows\System32\mgmtapi.dll - ok
15:25:07.0284 3344  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
15:25:07.0284 3344  C:\Windows\System32\sfc.dll - ok
15:25:07.0312 3344  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
15:25:07.0312 3344  C:\Windows\System32\sfc_os.dll - ok
15:25:07.0340 3344  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
15:25:07.0340 3344  C:\Windows\SysWOW64\mstask.dll - ok
15:25:07.0365 3344  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
15:25:07.0365 3344  C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
15:25:07.0389 3344  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
15:25:07.0389 3344  C:\Windows\System32\ssdpapi.dll - ok
15:25:07.0403 3344  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
15:25:07.0403 3344  C:\Windows\System32\HPZipm12.dll - ok
15:25:07.0430 3344  [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
15:25:07.0430 3344  C:\Windows\System32\PrintIsolationHost.exe - ok
15:25:07.0457 3344  [ 27DB3CEB88A1EF2BE1E193A05964973C ] C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll
15:25:07.0457 3344  C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll - ok
15:25:07.0479 3344  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
15:25:07.0479 3344  C:\Windows\System32\IPSECSVC.DLL - ok
15:25:07.0511 3344  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
15:25:07.0511 3344  C:\Windows\System32\drivers\secdrv.sys - ok
15:25:07.0538 3344  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
15:25:07.0538 3344  C:\Windows\SysWOW64\sxs.dll - ok
15:25:07.0558 3344  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
15:25:07.0558 3344  C:\Windows\System32\seclogon.dll - ok
15:25:07.0581 3344  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
15:25:07.0581 3344  C:\Windows\System32\aeevts.dll - ok
15:25:07.0608 3344  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
15:25:07.0608 3344  C:\Windows\System32\ipnathlp.dll - ok
15:25:07.0631 3344  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
15:25:07.0631 3344  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
15:25:07.0666 3344  [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
15:25:07.0667 3344  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
15:25:07.0688 3344  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
15:25:07.0688 3344  C:\Windows\SysWOW64\secur32.dll - ok
15:25:07.0716 3344  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
15:25:07.0716 3344  C:\Windows\System32\FwRemoteSvr.dll - ok
15:25:07.0736 3344  [ 55D681EA95F6C3186B4F950C2EA3BAAE ] C:\Program Files (x86)\Sun\servicetag\stdiscoverer.exe
15:25:07.0736 3344  C:\Program Files (x86)\Sun\servicetag\stdiscoverer.exe - ok
15:25:07.0779 3344  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
15:25:07.0780 3344  C:\Windows\System32\mprapi.dll - ok
15:25:07.0801 3344  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
15:25:07.0801 3344  C:\Windows\SysWOW64\dwmapi.dll - ok
15:25:07.0830 3344  [ 06E30C9FC68ED62A5C11B989E51679DE ] C:\Program Files (x86)\McAfee\Common Framework\UpdateSubSys.Dll
15:25:07.0830 3344  C:\Program Files (x86)\McAfee\Common Framework\UpdateSubSys.Dll - ok
15:25:07.0858 3344  [ B580BDF5D5C463D1182C1E72B4C7A744 ] C:\Program Files (x86)\Sun\servicetag\libsthelper.dll
15:25:07.0858 3344  C:\Program Files (x86)\Sun\servicetag\libsthelper.dll - ok
15:25:07.0880 3344  [ F77ADF735A6AB15B083840F5B6D74B00 ] C:\Program Files (x86)\McAfee\Common Framework\updater.Dll
15:25:07.0880 3344  C:\Program Files (x86)\McAfee\Common Framework\updater.Dll - ok
15:25:07.0901 3344  [ 6797CEB7D07B09A0D79612657BCC6CCA ] C:\Windows\System32\spool\drivers\x64\3\HPZUIWN7.DLL
15:25:07.0901 3344  C:\Windows\System32\spool\drivers\x64\3\HPZUIWN7.DLL - ok
15:25:07.0923 3344  [ 3E16F63C12B405B572EFB3045BA67F40 ] C:\Windows\System32\spool\drivers\x64\3\hpfui082.dll
15:25:07.0923 3344  C:\Windows\System32\spool\drivers\x64\3\hpfui082.dll - ok
15:25:07.0957 3344  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
15:25:07.0957 3344  C:\Windows\System32\wiaservc.dll - ok
15:25:08.0014 3344  [ 91C1AA884F2D1B4371D95463CEA8E7DC ] C:\Program Files (x86)\Sun\servicetag\stlisten.exe
15:25:08.0015 3344  C:\Program Files (x86)\Sun\servicetag\stlisten.exe - ok
15:25:08.0061 3344  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
15:25:08.0061 3344  C:\Windows\System32\netshell.dll - ok
15:25:08.0091 3344  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
15:25:08.0091 3344  C:\Windows\SysWOW64\wship6.dll - ok
15:25:08.0119 3344  [ C1232035BB304A4AEDE089BB4B83409D ] C:\Program Files (x86)\McAfee\Common Framework\ipcchannel.dll
15:25:08.0120 3344  C:\Program Files (x86)\McAfee\Common Framework\ipcchannel.dll - ok
15:25:08.0194 3344  [ CD63EB2645EF6DC6D912B1E6F9750A8D ] C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll
15:25:08.0195 3344  C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll - ok
15:25:08.0232 3344  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
15:25:08.0232 3344  C:\Windows\System32\sysmain.dll - ok
15:25:08.0288 3344  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
15:25:08.0289 3344  C:\Windows\System32\drivers\tcpipreg.sys - ok
15:25:08.0340 3344  [ 234BBFAC0545E978049B4CCD0E2405C2 ] C:\Program Files (x86)\McAfee\Common Framework\mfeCmnLib71.dll
15:25:08.0340 3344  C:\Program Files (x86)\McAfee\Common Framework\mfeCmnLib71.dll - ok
15:25:08.0396 3344  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
15:25:08.0396 3344  C:\Windows\System32\wiatrace.dll - ok
15:25:08.0426 3344  [ 06C61275ADC64F1E36240A2287998A5E ] C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:25:08.0427 3344  C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe - ok
15:25:08.0454 3344  [ C97434C851C4821BD92D2831FDF1ECBE ] C:\Windows\SysWOW64\mshtml.dll
15:25:08.0454 3344  C:\Windows\SysWOW64\mshtml.dll - ok
15:25:08.0497 3344  [ 12FD48F2191A9194ED501E93FD7D276B ] C:\Program Files (x86)\McAfee\Common Framework\Scheduler.dll
15:25:08.0497 3344  C:\Program Files (x86)\McAfee\Common Framework\Scheduler.dll - ok
15:25:08.0528 3344  [ 36A778E921E37FAFBB86A310CC23970C ] C:\Windows\System32\spool\drivers\x64\3\hpfst082.dll
15:25:08.0528 3344  C:\Windows\System32\spool\drivers\x64\3\hpfst082.dll - ok
15:25:08.0551 3344  [ 21F258D3977C5CD0B73222E9D35EBE53 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\vsplugin.dll
15:25:08.0551 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\vsplugin.dll - ok
15:25:08.0588 3344  [ 8AF6CFD797041E12BDB90938766B6329 ] C:\Program Files\Toshiba\Power Saver\TPwrReg.dll
15:25:08.0588 3344  C:\Program Files\Toshiba\Power Saver\TPwrReg.dll - ok
15:25:08.0618 3344  [ 1F60F2240DEDAAB7BF5AA0E83ADA1E84 ] C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll
15:25:08.0619 3344  C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll - ok
15:25:08.0652 3344  [ 5239ABED9DB03D8E9708A65B63B605F0 ] C:\Program Files (x86)\McAfee\Common Framework\TCSubSys.dll
15:25:08.0652 3344  C:\Program Files (x86)\McAfee\Common Framework\TCSubSys.dll - ok
15:25:08.0674 3344  [ 3BECFAA73C00CA42CB8FC85A21F45141 ] C:\Program Files (x86)\McAfee\Common Framework\CMALib.dll
15:25:08.0675 3344  C:\Program Files (x86)\McAfee\Common Framework\CMALib.dll - ok
15:25:08.0701 3344  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
15:25:08.0701 3344  C:\Windows\System32\trkwks.dll - ok
15:25:08.0717 3344  [ CDA59C183B3DB8CF35380836ADD74AAD ] C:\Windows\System32\compstui.dll
15:25:08.0717 3344  C:\Windows\System32\compstui.dll - ok
15:25:08.0749 3344  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
15:25:08.0749 3344  C:\Windows\System32\wbem\WMIsvc.dll - ok
15:25:08.0769 3344  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:25:08.0769 3344  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
15:25:08.0793 3344  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
15:25:08.0794 3344  C:\Windows\System32\wbemcomn.dll - ok
15:25:08.0818 3344  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
15:25:08.0818 3344  C:\Windows\System32\hnetcfg.dll - ok
15:25:08.0842 3344  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
15:25:08.0842 3344  C:\Windows\System32\wbem\wbemprox.dll - ok
15:25:08.0860 3344  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
15:25:08.0861 3344  C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:25:08.0885 3344  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
15:25:08.0886 3344  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
15:25:08.0910 3344  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
15:25:08.0911 3344  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
15:25:08.0938 3344  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
15:25:08.0939 3344  C:\Windows\System32\wbem\wbemcore.dll - ok
15:25:08.0975 3344  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
15:25:08.0975 3344  C:\Windows\System32\wer.dll - ok
15:25:08.0993 3344  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
15:25:08.0993 3344  C:\Windows\System32\wbem\fastprox.dll - ok
15:25:09.0020 3344  [ 911A6416D429EE8A8804D44F2E181A31 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
15:25:09.0020 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe - ok
15:25:09.0045 3344  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
15:25:09.0045 3344  C:\Windows\System32\ntdsapi.dll - ok
15:25:09.0072 3344  [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
15:25:09.0072 3344  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
15:25:09.0104 3344  [ 295657F93F6B19DEEA804048E1CB4FF9 ] C:\Windows\System32\lz32.dll
15:25:09.0104 3344  C:\Windows\System32\lz32.dll - ok
15:25:09.0118 3344  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
15:25:09.0118 3344  C:\Windows\System32\wbem\esscli.dll - ok
15:25:09.0143 3344  [ 13D22DFBC35AE15153A9A931B939F530 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mytilus3.dll
15:25:09.0144 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mytilus3.dll - ok
15:25:09.0169 3344  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
15:25:09.0169 3344  C:\Windows\System32\msxml3.dll - ok
15:25:09.0198 3344  [ C332BD39203DB3C3B415166B05526486 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\FTL.Dll
15:25:09.0198 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\FTL.Dll - ok
15:25:09.0230 3344  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
15:25:09.0231 3344  C:\Windows\System32\wbem\wbemsvc.dll - ok
15:25:09.0247 3344  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
15:25:09.0247 3344  C:\Windows\System32\wbem\wmiutils.dll - ok
15:25:09.0271 3344  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
15:25:09.0272 3344  C:\Windows\System32\wbem\repdrvfs.dll - ok
15:25:09.0295 3344  [ 5139DE0FC35F5EE53570AEA288D8914C ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeann.exe
15:25:09.0295 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeann.exe - ok
15:25:09.0319 3344  [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
15:25:09.0320 3344  C:\Windows\System32\conhost.exe - ok
15:25:09.0349 3344  [ 9B2516545B2F882C2987877D08DDDEE5 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\midutil.dll
15:25:09.0349 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\midutil.dll - ok
15:25:09.0457 3344  [ F0D860A77F815F6384B463FCC1E55D5F ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\nailite.dll
15:25:09.0457 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\nailite.dll - ok
15:25:09.0501 3344  [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
15:25:09.0501 3344  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
15:25:09.0534 3344  [ 194FC371B89338C4E4238B41423FB901 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\naiann.dll
15:25:09.0534 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\naiann.dll - ok
15:25:09.0572 3344  [ 6114E72EDDB166F6C834BA96EA4985F1 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\VsEvntUI.DLL
15:25:09.0573 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\VsEvntUI.DLL - ok
15:25:09.0630 3344  [ E9C65BA560F2FF86994290F84A30D3BA ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\wscavexe.exe
15:25:09.0630 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\wscavexe.exe - ok
15:25:09.0662 3344  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:25:09.0662 3344  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:25:09.0731 3344  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
15:25:09.0731 3344  C:\Windows\System32\dssenh.dll - ok
15:25:09.0776 3344  [ 316D415CE568E758EE928DEE48ABEB80 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\NaEvent.Dll
15:25:09.0777 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\NaEvent.Dll - ok
15:25:09.0825 3344  [ 8CD0B49EF2052FEB06DB2A4943394D61 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\ShUtil.Dll
15:25:09.0825 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\ShUtil.Dll - ok
15:25:09.0876 3344  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
15:25:09.0876 3344  C:\Windows\SysWOW64\wscisvif.dll - ok
15:25:09.0910 3344  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
15:25:09.0910 3344  C:\Windows\SysWOW64\wscapi.dll - ok
15:25:10.0009 3344  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
15:25:10.0009 3344  C:\Windows\System32\msi.dll - ok
15:25:10.0135 3344  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
15:25:10.0136 3344  C:\Windows\System32\ncobjapi.dll - ok
15:25:10.0163 3344  [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
15:25:10.0163 3344  C:\Windows\SysWOW64\wscproxystub.dll - ok
15:25:10.0192 3344  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
15:25:10.0192 3344  C:\Windows\System32\wbem\wbemess.dll - ok
15:25:10.0215 3344  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
15:25:10.0215 3344  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
15:25:10.0274 3344  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
15:25:10.0274 3344  C:\Windows\SysWOW64\wbemcomn.dll - ok
15:25:10.0317 3344  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
15:25:10.0317 3344  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
15:25:10.0337 3344  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
15:25:10.0337 3344  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
15:25:10.0353 3344  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
15:25:10.0353 3344  C:\Windows\SysWOW64\ntdsapi.dll - ok
15:25:10.0385 3344  [ 44AFC81AC7D4EBF8A26AC4D70A93405A ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\wmain.dll
15:25:10.0385 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\wmain.dll - ok
15:25:10.0422 3344  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
15:25:10.0422 3344  C:\Windows\System32\msiltcfg.dll - ok
15:25:10.0466 3344  [ B77B6DB6DE497C6C8DEE2A7EFCAB5BE4 ] C:\Program Files (x86)\McAfee\Common Framework\GenEvtInf3_64.dll
15:25:10.0467 3344  C:\Program Files (x86)\McAfee\Common Framework\GenEvtInf3_64.dll - ok
15:25:10.0505 3344  [ B4E5C20F303A865AD8565EC600C853B3 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\EmCfgCpl.dll
15:25:10.0506 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\EmCfgCpl.dll - ok
15:25:10.0537 3344  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
15:25:10.0537 3344  C:\Windows\System32\wbem\NCProv.dll - ok
15:25:10.0566 3344  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
15:25:10.0567 3344  C:\Windows\System32\NapiNSP.dll - ok
15:25:10.0617 3344  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
15:25:10.0617 3344  C:\Windows\System32\pnrpnsp.dll - ok
15:25:10.0649 3344  [ 7472824A87F96C880BB4F158F74D0CFF ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\mcupdate.exe
15:25:10.0649 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\mcupdate.exe - ok
15:25:10.0688 3344  [ 49499F858DEF2642984BBACC7A457CF0 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\NCInstall.exe
15:25:10.0688 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\NCInstall.exe - ok
15:25:10.0714 3344  [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
15:25:10.0714 3344  C:\Windows\System32\wshbth.dll - ok
15:25:10.0765 3344  [ 94557A9AB490D23A3A4557111C543685 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\shcfg32.exe
15:25:10.0765 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\shcfg32.exe - ok
15:25:10.0800 3344  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
15:25:10.0801 3344  C:\Windows\System32\winrnr.dll - ok
15:25:10.0825 3344  [ 7D7E06D8A3E287087C172FBE4B3AE393 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\vsupdate.dll
15:25:10.0825 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\vsupdate.dll - ok
15:25:10.0855 3344  [ E9877E08814042718CD20EE484B26BC8 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\McAVDetect.DLL
15:25:10.0855 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\McAVDetect.DLL - ok
15:25:10.0886 3344  [ 62DCB43FC8751700F6F447C5EE1CA558 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\ScnCfg32.Exe
15:25:10.0886 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\ScnCfg32.Exe - ok
15:25:10.0913 3344  [ 5629E16C6C15A138F9E0FABF42E2AE78 ] C:\Windows\System32\netbios.dll
15:25:10.0914 3344  C:\Windows\System32\netbios.dll - ok
15:25:10.0939 3344  [ 4351ABC17C97BE34AD7083AF919CF53E ] C:\Program Files (x86)\Common Files\McAfee\Engine\x64\Mscan64a.dll
15:25:10.0939 3344  C:\Program Files (x86)\Common Files\McAfee\Engine\x64\Mscan64a.dll - ok
15:25:10.0977 3344  [ 90366DA5CE20DB903CE2EE2D70B6959A ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\restartvse.exe
15:25:10.0977 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\restartvse.exe - ok
15:25:11.0001 3344  [ 128B5B95A65F6A01DFDA0BFD499F3AFB ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\vsupdcpl.dll
15:25:11.0004 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\vsupdcpl.dll - ok
15:25:11.0028 3344  [ 138D7F114B73D99014D9BBBCC98CE52E ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\vsodscpl.dll
15:25:11.0029 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\vsodscpl.dll - ok
15:25:11.0060 3344  [ 605836AB5EDD80DD8B3B4C2109A8608E ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\naiann.dll
15:25:11.0061 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\naiann.dll - ok
15:25:11.0085 3344  [ EAF8BB5E6BF15483A87B2A2FC8FAD1BB ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.dll
15:25:11.0085 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.dll - ok
15:25:11.0108 3344  [ 7925129CD88FFCD3FDF577767EF93C95 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
15:25:11.0109 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe - ok
15:25:11.0133 3344  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
15:25:11.0134 3344  C:\Windows\SysWOW64\dnsapi.dll - ok
15:25:11.0156 3344  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
15:25:11.0156 3344  C:\Windows\SysWOW64\rasapi32.dll - ok
15:25:11.0180 3344  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
15:25:11.0180 3344  C:\Windows\SysWOW64\rasman.dll - ok
15:25:11.0209 3344  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
15:25:11.0209 3344  C:\Windows\SysWOW64\rtutils.dll - ok
15:25:11.0244 3344  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
15:25:11.0245 3344  C:\Windows\SysWOW64\SensApi.dll - ok
15:25:11.0276 3344  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
15:25:11.0276 3344  C:\Windows\SysWOW64\nlaapi.dll - ok
15:25:11.0319 3344  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
15:25:11.0320 3344  C:\Windows\SysWOW64\rasadhlp.dll - ok
15:25:11.0407 3344  [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
15:25:11.0408 3344  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
15:25:11.0531 3344  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
15:25:11.0531 3344  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
15:25:11.0562 3344  [ 1D8DAB5AE0D74262E2CE3764B3DD4F6D ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeavfa.dll
15:25:11.0562 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeavfa.dll - ok
15:25:11.0599 3344  [ BDEA959C3035063BA447CFE73D297F2B ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfehida.dll
15:25:11.0599 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfehida.dll - ok
15:25:11.0654 3344  [ DD17753AD5FA52F3BCD3B512934690C4 ] C:\Windows\System32\drivers\mfeavfk.sys
15:25:11.0655 3344  C:\Windows\System32\drivers\mfeavfk.sys - ok
15:25:11.0686 3344  [ 93E35A407636208DCCC71EA9D4DC30D0 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\mytilus3.dll
15:25:11.0686 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\mytilus3.dll - ok
15:25:11.0726 3344  [ 308FFFEBA0D372A7AB069FE008EA501C ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\Scan64.Exe
15:25:11.0726 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\Scan64.Exe - ok
15:25:11.0760 3344  [ ECA28D0AFAC56D04BFC7F867CBE4E887 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\vsodscpl.dll
15:25:11.0760 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\vsodscpl.dll - ok
15:25:11.0803 3344  [ FB89E3EFDBB5F7DC74DBD280177635C9 ] C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\FtCfg.DLL
15:25:11.0803 3344  C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\FtCfg.DLL - ok
15:25:11.0838 3344  [ 08457D8F8149757C70CEA59C71EC5D27 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:25:11.0838 3344  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
15:25:11.0864 3344  [ C56DE8185672B9F17F127EA282DD5E07 ] C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll
15:25:11.0864 3344  C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll - ok
15:25:11.0886 3344  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
15:25:11.0886 3344  C:\Windows\System32\wdi.dll - ok
15:25:11.0910 3344  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
15:25:11.0910 3344  C:\Windows\System32\FXSRESM.dll - ok
15:25:11.0933 3344  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
15:25:11.0933 3344  C:\Windows\System32\appinfo.dll - ok
15:25:11.0947 3344  [ F37882F128EFACEFE353E0BAE2766909 ] C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:25:11.0947 3344  C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - ok
15:25:11.0973 3344  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
15:25:11.0973 3344  C:\Windows\System32\perftrack.dll - ok
15:25:11.0997 3344  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
15:25:11.0997 3344  C:\Windows\System32\wpdbusenum.dll - ok
15:25:12.0024 3344  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
15:25:12.0024 3344  C:\Windows\System32\diagperf.dll - ok
15:25:12.0044 3344  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
15:25:12.0045 3344  C:\Windows\System32\Apphlpdm.dll - ok
15:25:12.0072 3344  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
15:25:12.0072 3344  C:\Windows\System32\pnpts.dll - ok
15:25:12.0101 3344  [ FF365358A01E77197C225521DD4B7F35 ] C:\Windows\System32\pots.dll
15:25:12.0101 3344  C:\Windows\System32\pots.dll - ok
15:25:12.0123 3344  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
15:25:12.0123 3344  C:\Windows\System32\PortableDeviceApi.dll - ok
15:25:12.0145 3344  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
15:25:12.0145 3344  C:\Windows\SysWOW64\winhttp.dll - ok
15:25:12.0169 3344  [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
15:25:12.0170 3344  C:\Windows\System32\tdh.dll - ok
15:25:12.0194 3344  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
15:25:12.0194 3344  C:\Windows\System32\npmproxy.dll - ok
15:25:12.0209 3344  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
15:25:12.0209 3344  C:\Windows\SysWOW64\webio.dll - ok
15:25:12.0234 3344  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
15:25:12.0234 3344  C:\Windows\System32\oleacc.dll - ok
15:25:12.0263 3344  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
15:25:12.0263 3344  C:\Windows\System32\radardt.dll - ok
15:25:12.0289 3344  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:25:12.0289 3344  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:25:12.0319 3344  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
15:25:12.0319 3344  C:\Windows\SysWOW64\credssp.dll - ok
15:25:12.0347 3344  [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
15:25:12.0347 3344  C:\Windows\System32\drivers\WUDFRd.sys - ok
15:25:12.0365 3344  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
15:25:12.0365 3344  C:\Windows\System32\runonce.exe - ok
15:25:12.0389 3344  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
15:25:12.0389 3344  C:\Windows\SysWOW64\msxml3.dll - ok
15:25:12.0419 3344  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
15:25:12.0419 3344  C:\Windows\System32\WUDFPlatform.dll - ok
15:25:12.0444 3344  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
15:25:12.0444 3344  C:\Windows\System32\drivers\WUDFPf.sys - ok
15:25:12.0468 3344  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
15:25:12.0468 3344  C:\Windows\System32\WUDFSvc.dll - ok
15:25:12.0486 3344  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
15:25:12.0486 3344  C:\Windows\SysWOW64\runonce.exe - ok
15:25:12.0510 3344  [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
15:25:12.0511 3344  C:\Windows\System32\WUDFHost.exe - ok
15:25:12.0540 3344  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
15:25:12.0541 3344  C:\Windows\SysWOW64\propsys.dll - ok
15:25:12.0561 3344  [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
15:25:12.0561 3344  C:\Windows\System32\WUDFx.dll - ok
15:25:12.0586 3344  [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
15:25:12.0587 3344  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
15:25:12.0615 3344  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
15:25:12.0615 3344  C:\Windows\SysWOW64\cmd.exe - ok
15:25:12.0634 3344  [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
15:25:12.0634 3344  C:\Windows\System32\WMVCORE.DLL - ok
15:25:12.0657 3344  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
15:25:12.0661 3344  C:\Windows\System32\aelupsvc.dll - ok
15:25:12.0683 3344  [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
15:25:12.0683 3344  C:\Windows\System32\WMASF.DLL - ok
15:25:12.0710 3344  [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
15:25:12.0710 3344  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
15:25:12.0730 3344  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
15:25:12.0730 3344  C:\Windows\System32\PortableDeviceTypes.dll - ok
15:25:12.0761 3344  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
15:25:12.0761 3344  C:\Windows\SysWOW64\winbrand.dll - ok
15:25:12.0785 3344  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
15:25:12.0785 3344  C:\Windows\System32\wdiasqmmodule.dll - ok
15:25:12.0810 3344  [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\SysWOW64\ieframe.dll
15:25:12.0810 3344  C:\Windows\SysWOW64\ieframe.dll - ok
15:25:12.0833 3344  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
15:25:12.0833 3344  C:\Windows\SysWOW64\oleacc.dll - ok
15:25:12.0861 3344  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
15:25:12.0861 3344  C:\Windows\SysWOW64\shdocvw.dll - ok
15:25:12.0879 3344  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Robert\AppData\Local\Temp\8AE80FB6-59A1-484A-AB74-FA10164D7CAA.exe
15:25:12.0879 3344  C:\Users\Robert\AppData\Local\Temp\8AE80FB6-59A1-484A-AB74-FA10164D7CAA.exe - ok
15:25:12.0906 3344  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
15:25:12.0906 3344  C:\Windows\SysWOW64\sfc.dll - ok
15:25:12.0929 3344  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
15:25:12.0929 3344  C:\Windows\SysWOW64\sfc_os.dll - ok
15:25:12.0958 3344  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
15:25:12.0959 3344  C:\Windows\SysWOW64\devrtl.dll - ok
15:25:12.0976 3344  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
15:25:12.0976 3344  C:\Windows\SysWOW64\mpr.dll - ok
15:25:13.0009 3344  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Robert\AppData\Local\Temp\A7F3C14B-F597-4BD9-9509-3BB217250C63.exe
15:25:13.0009 3344  C:\Users\Robert\AppData\Local\Temp\A7F3C14B-F597-4BD9-9509-3BB217250C63.exe - ok
15:25:13.0034 3344  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
15:25:13.0035 3344  C:\Windows\SysWOW64\riched20.dll - ok
15:25:13.0059 3344  [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
15:25:13.0059 3344  C:\Windows\System32\ie4uinit.exe - ok
15:25:13.0088 3344  [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
15:25:13.0088 3344  C:\Windows\System32\iedkcs32.dll - ok
15:25:13.0108 3344  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
15:25:13.0108 3344  C:\Windows\System32\timedate.cpl - ok
15:25:13.0131 3344  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
15:25:13.0132 3344  C:\Windows\System32\actxprxy.dll - ok
15:25:13.0154 3344  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
15:25:13.0155 3344  C:\Windows\System32\shdocvw.dll - ok
15:25:13.0178 3344  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
15:25:13.0178 3344  C:\Windows\System32\linkinfo.dll - ok
15:25:13.0201 3344  [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
15:25:13.0202 3344  C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - ok
15:25:13.0228 3344  [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
15:25:13.0228 3344  C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
15:25:13.0258 3344  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
15:25:13.0258 3344  C:\Windows\System32\msftedit.dll - ok
15:25:13.0282 3344  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
15:25:13.0282 3344  C:\Windows\System32\msls31.dll - ok
15:25:13.0305 3344  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
15:25:13.0306 3344  C:\Windows\System32\gameux.dll - ok
15:25:13.0340 3344  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
15:25:13.0341 3344  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
15:25:13.0360 3344  [ 1D78C61F709F5F8A486E29DBF0F114B4 ] C:\Program Files\Protector Suite QL\launcher.exe
15:25:13.0361 3344  C:\Program Files\Protector Suite QL\launcher.exe - ok
15:25:13.0386 3344  [ 35126DDDE8241C4C4A5F15F6CDDF4434 ] C:\Windows\System32\ieframe.dll
15:25:13.0386 3344  C:\Windows\System32\ieframe.dll - ok
15:25:13.0413 3344  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\91616887.sys
15:25:13.0414 3344  C:\Windows\System32\drivers\91616887.sys - ok
15:25:13.0440 3344  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
15:25:13.0441 3344  C:\Windows\System32\DeviceCenter.dll - ok
15:25:13.0469 3344  [ BDB8DDAF65CD3C25715F834F0B037AFD ] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
15:25:13.0470 3344  C:\Program Files\Toshiba\Power Saver\TPwrMain.exe - ok
15:25:13.0493 3344  [ A62882F40163F1262808E380DB5FED69 ] C:\Program Files\Toshiba\TBS\HSON.exe
15:25:13.0493 3344  C:\Program Files\Toshiba\TBS\HSON.exe - ok
15:25:13.0515 3344  [ 57022376DB30F44C9DF74F01F471F9B9 ] C:\Program Files\Protector Suite QL\psqltray.exe
15:25:13.0515 3344  C:\Program Files\Protector Suite QL\psqltray.exe - ok
15:25:13.0538 3344  [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
15:25:13.0538 3344  C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
15:25:13.0556 3344  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
15:25:13.0556 3344  C:\Windows\System32\stobject.dll - ok
15:25:13.0581 3344  [ 7577CACC4F6C07175062C03CD1B7B763 ] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
15:25:13.0582 3344  C:\Program Files\Toshiba\SmoothView\SmoothView.exe - ok
15:25:13.0608 3344  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
15:25:13.0608 3344  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
15:25:13.0635 3344  [ 38CED433A0ED1642B060289B499B7BCA ] C:\Program Files\Protector Suite QL\psqltray.dll
15:25:13.0635 3344  C:\Program Files\Protector Suite QL\psqltray.dll - ok
15:25:13.0657 3344  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
15:25:13.0657 3344  C:\Windows\System32\batmeter.dll - ok
15:25:13.0682 3344  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
15:25:13.0682 3344  C:\Windows\System32\networkexplorer.dll - ok
15:25:13.0704 3344  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
15:25:13.0704 3344  C:\Windows\SysWOW64\duser.dll - ok
15:25:13.0730 3344  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
15:25:13.0730 3344  C:\Windows\SysWOW64\dui70.dll - ok
15:25:13.0761 3344  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
15:25:13.0761 3344  C:\Windows\System32\thumbcache.dll - ok
15:25:13.0774 3344  [ EA169D84B21E90790778B300E7ED1B17 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
15:25:13.0774 3344  C:\Program Files\Toshiba\FlashCards\TCrdMain.exe - ok
15:25:13.0798 3344  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
15:25:13.0798 3344  C:\Windows\System32\UIAnimation.dll - ok
15:25:13.0830 3344  [ 30D8723EB642D4A5FFB72111359EC9A8 ] C:\Program Files\Toshiba\Power Saver\TtosFunc.dll
15:25:13.0830 3344  C:\Program Files\Toshiba\Power Saver\TtosFunc.dll - ok
15:25:13.0851 3344  [ E3E84CAF2019831398A3893E9FAB6EEB ] C:\Program Files\Toshiba\Power Saver\TCooling.dll
15:25:13.0852 3344  C:\Program Files\Toshiba\Power Saver\TCooling.dll - ok
15:25:13.0879 3344  [ 50F739538EF014B2E7EC59431749D838 ] C:\Windows\System32\mstsc.exe
15:25:13.0880 3344  C:\Windows\System32\mstsc.exe - ok
15:25:13.0897 3344  [ AE5A5F7057CBBAA7426294D57536F861 ] C:\Program Files\Toshiba\Power Saver\TOddPwr.dll
15:25:13.0898 3344  C:\Program Files\Toshiba\Power Saver\TOddPwr.dll - ok
15:25:13.0924 3344  [ BB82E7745AF24F2226A9701928792E2F ] C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll
15:25:13.0924 3344  C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll - ok
15:25:13.0948 3344  [ F7C244E2F9DA872BB4E5D19CD30BA5A5 ] C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll
15:25:13.0949 3344  C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll - ok
15:25:14.0005 3344  [ D49E5EB3CADD483178A0194ED7FE1F73 ] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
15:25:14.0006 3344  C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe - ok
15:25:14.0067 3344  [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
15:25:14.0067 3344  C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok
15:25:14.0086 3344  [ 9FFA27841506AB22E376DC63941C7650 ] C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll
15:25:14.0086 3344  C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll - ok
15:25:14.0119 3344  [ F314E79ED887790A5B7370269EAA2FE2 ] C:\Program Files\Protector Suite QL\applaun.dll
15:25:14.0119 3344  C:\Program Files\Protector Suite QL\applaun.dll - ok
15:25:14.0136 3344  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
15:25:14.0137 3344  C:\Windows\System32\prnfldr.dll - ok
15:25:14.0161 3344  [ 92FDB0658CA16974B4AE80E248A5B118 ] C:\Windows\System32\igfxtray.exe
15:25:14.0161 3344  C:\Windows\System32\igfxtray.exe - ok
15:25:14.0184 3344  [ 24800991BAC0E86F644F9D2C57C93908 ] C:\Program Files\Protector Suite QL\pwdbank.dll
15:25:14.0184 3344  C:\Program Files\Protector Suite QL\pwdbank.dll - ok
15:25:14.0211 3344  [ 2364C30D31B597A850409E1E940C33CB ] C:\Program Files\Toshiba\Power Saver\TSDPwr.dll
15:25:14.0211 3344  C:\Program Files\Toshiba\Power Saver\TSDPwr.dll - ok
15:25:14.0236 3344  [ 370F95F6C4E7F1DBC984216EC65A6A4D ] C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll
15:25:14.0237 3344  C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll - ok
15:25:14.0268 3344  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
15:25:14.0268 3344  C:\Windows\System32\fdProxy.dll - ok
15:25:14.0286 3344  [ 23A6AE66AA4BEF792649736385BB51BA ] C:\Windows\System32\hkcmd.exe
15:25:14.0286 3344  C:\Windows\System32\hkcmd.exe - ok
15:25:14.0309 3344  [ D6DDC49D977920C32A2EF1A5DDF15E02 ] C:\Windows\System32\hccutils.dll
15:25:14.0309 3344  C:\Windows\System32\hccutils.dll - ok
15:25:14.0332 3344  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
15:25:14.0333 3344  C:\Windows\System32\provsvc.dll - ok
15:25:14.0355 3344  [ F6FA1865978214FB7FCD80149BBF1C13 ] C:\Windows\System32\igfxpers.exe
15:25:14.0355 3344  C:\Windows\System32\igfxpers.exe - ok
15:25:14.0378 3344  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
15:25:14.0379 3344  C:\Windows\System32\DXP.dll - ok
15:25:14.0403 3344  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
15:25:14.0403 3344  C:\Windows\System32\Syncreg.dll - ok
15:25:14.0427 3344  [ C1964C65FCABDAFA5F1009139082BAB9 ] C:\Program Files\ActivIdentity\ActivClient\acevtbrdcst.dll
15:25:14.0427 3344  C:\Program Files\ActivIdentity\ActivClient\acevtbrdcst.dll - ok
15:25:14.0453 3344  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
15:25:14.0454 3344  C:\Windows\ehome\ehSSO.dll - ok
15:25:14.0474 3344  [ FCDB4831D6A25411760D78CA2F726726 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.dll
15:25:14.0487 3344  C:\Program Files\Toshiba\FlashCards\TCrdMain.dll - ok
15:25:14.0502 3344  [ BDA67EA9720686A7D108F4E009C014BB ] C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll
15:25:14.0502 3344  C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll - ok
15:25:14.0525 3344  [ 6C0587F59A3CF4C4D17295A0E3B62B15 ] C:\Windows\System32\igfxsrvc.exe
15:25:14.0526 3344  C:\Windows\System32\igfxsrvc.exe - ok
15:25:14.0540 3344  [ 233A10D4B3F6897899112E4EC60F1906 ] C:\Windows\WindowsMobile\wmdc.exe
15:25:14.0540 3344  C:\Windows\WindowsMobile\wmdc.exe - ok
15:25:14.0564 3344  [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
15:25:14.0564 3344  C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - ok
15:25:14.0590 3344  [ 487D7A217F24B2A8CA44E63A2A0439C1 ] C:\Program Files\Protector Suite QL\otp.dll
15:25:14.0591 3344  C:\Program Files\Protector Suite QL\otp.dll - ok
15:25:14.0618 3344  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
15:25:14.0619 3344  C:\Windows\System32\WPDShServiceObj.dll - ok
15:25:14.0645 3344  [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
15:25:14.0646 3344  C:\Windows\System32\cscobj.dll - ok
15:25:14.0665 3344  [ B2ACAFF0B872C6D347847D7572FF667C ] C:\Windows\System32\igfxsrvc.dll
15:25:14.0665 3344  C:\Windows\System32\igfxsrvc.dll - ok
15:25:14.0694 3344  [ 8402A407CB307B5E61CC7FF29F2EFC93 ] C:\Program Files\Toshiba\FlashCards\FnSticky.dll
15:25:14.0694 3344  C:\Program Files\Toshiba\FlashCards\FnSticky.dll - ok
15:25:14.0712 3344  [ C099831A69B9E3C8384FA0163AFEF24A ] C:\Program Files\Toshiba\FlashCards\BlackPng.dll
15:25:14.0712 3344  C:\Program Files\Toshiba\FlashCards\BlackPng.dll - ok
15:25:14.0736 3344  [ 86EF807358F8A15F5F914D98ADFFAF72 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:25:14.0736 3344  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
15:25:14.0773 3344  [ 6C457C8E7D16A708F7818877F570ADFC ] C:\Windows\System32\rapistub.dll
15:25:14.0773 3344  C:\Windows\System32\rapistub.dll - ok
15:25:14.0790 3344  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
15:25:14.0791 3344  C:\Windows\System32\SearchIndexer.exe - ok
15:25:14.0814 3344  [ E788B5D0224A9A1499428CBD08EB22B7 ] C:\Windows\System32\igfxdev.dll
15:25:14.0814 3344  C:\Windows\System32\igfxdev.dll - ok
15:25:14.0838 3344  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
15:25:14.0838 3344  C:\Windows\System32\srchadmin.dll - ok
15:25:14.0864 3344  [ 7807EF1FE0BD4D017C1A4C02585E89EB ] C:\Program Files\ActivIdentity\ActivClient\acunlock.dll
15:25:14.0864 3344  C:\Program Files\ActivIdentity\ActivClient\acunlock.dll - ok
15:25:14.0891 3344  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
15:25:14.0891 3344  C:\Windows\System32\FXSST.dll - ok
15:25:14.0925 3344  [ 2978388067E79B781BFF6DD2AB565376 ] C:\Windows\System32\rapi.dll
15:25:14.0925 3344  C:\Windows\System32\rapi.dll - ok
15:25:14.0952 3344  [ D22F981893F737F6A9055EA595F24393 ] C:\Windows\System32\SynCOM.dll
15:25:14.0952 3344  C:\Windows\System32\SynCOM.dll - ok
15:25:14.0974 3344  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
15:25:14.0975 3344  C:\Windows\System32\tquery.dll - ok
15:25:15.0002 3344  [ 56312836FE23FADC4F838656D7477A93 ] C:\Windows\System32\ceutil.dll
15:25:15.0002 3344  C:\Windows\System32\ceutil.dll - ok
15:25:15.0028 3344  [ 7C09882A4FCFEF07887BAED8612F3E7C ] C:\Windows\System32\igfxrenu.lrc
15:25:15.0028 3344  C:\Windows\System32\igfxrenu.lrc - ok
15:25:15.0051 3344  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
15:25:15.0051 3344  C:\Windows\System32\FXSAPI.dll - ok
15:25:15.0067 3344  [ 59F07FDB21DACF48B6A3F9EF6A1FA2DD ] C:\Program Files\ActivIdentity\ActivClient\aipingui.dll
15:25:15.0067 3344  C:\Program Files\ActivIdentity\ActivClient\aipingui.dll - ok
15:25:15.0096 3344  [ 09DE24A587D392160F75EC1A2215C6FE ] C:\Windows\System32\SynTPAPI.dll
15:25:15.0097 3344  C:\Windows\System32\SynTPAPI.dll - ok
15:25:15.0119 3344  [ C8D7195AB1521340005CB47BFA560BB1 ] C:\Windows\System32\igfxress.dll
15:25:15.0120 3344  C:\Windows\System32\igfxress.dll - ok
15:25:15.0147 3344  [ CAF904D359652A8EB7198F6DB74E5B58 ] C:\Program Files\ActivIdentity\ActivClient\aicext.dll
15:25:15.0147 3344  C:\Program Files\ActivIdentity\ActivClient\aicext.dll - ok
15:25:15.0169 3344  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
15:25:15.0169 3344  C:\Windows\System32\mssrch.dll - ok
15:25:15.0195 3344  [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
15:25:15.0200 3344  C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok
15:25:15.0220 3344  [ 6CB991E0323CE1901C0DD5857418E0F2 ] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
15:25:15.0220 3344  C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe - ok
15:25:15.0246 3344  [ 4B15F48F22BB5DCE3AF5A2B9A61D5CEB ] C:\Program Files\Toshiba\Power Saver\TFunctab.dll
15:25:15.0247 3344  C:\Program Files\Toshiba\Power Saver\TFunctab.dll - ok
15:25:15.0271 3344  [ A43AB21B6DD8ED9DF9680E4D50E8706A ] C:\Program Files\ActivIdentity\ActivClient\Resources\aipinguirc.dll
15:25:15.0271 3344  C:\Program Files\ActivIdentity\ActivClient\Resources\aipinguirc.dll - ok
15:25:15.0305 3344  [ C703D4106CEC1120D565B29B1FC45AD1 ] C:\Program Files\Synaptics\SynTP\SynToshiba.exe
15:25:15.0306 3344  C:\Program Files\Synaptics\SynTP\SynToshiba.exe - ok
15:25:15.0321 3344  [ F22D3DD0E450C891B913224EE84CCF4E ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
15:25:15.0321 3344  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
15:25:15.0345 3344  [ B65B117E3320964EDEA99750DA74A6C1 ] C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIrc.dll
15:25:15.0346 3344  C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIrc.dll - ok
15:25:15.0372 3344  [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
15:25:15.0372 3344  C:\Windows\System32\notepad.exe - ok
15:25:15.0395 3344  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
15:25:15.0395 3344  C:\Windows\System32\AltTab.dll - ok
15:25:15.0422 3344  [ 750141F0EBC0FA6C59F6629FD7C327DE ] C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIlrc.dll
15:25:15.0422 3344  C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIlrc.dll - ok
15:25:15.0450 3344  [ 971808AE01B750B408D9ED02465DC59F ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnESC.dll
15:25:15.0450 3344  C:\Program Files\Toshiba\FlashCards\Hotkey\FnESC.dll - ok
15:25:15.0469 3344  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
15:25:15.0470 3344  C:\Windows\System32\FXSSVC.exe - ok
15:25:15.0498 3344  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
15:25:15.0499 3344  C:\Windows\System32\pnidui.dll - ok
15:25:15.0516 3344  [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
15:25:15.0516 3344  C:\Windows\System32\consent.exe - ok
15:25:15.0550 3344  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
15:25:15.0550 3344  C:\Windows\System32\msidle.dll - ok
15:25:15.0568 3344  [ 3BE35A3DC31A5FF5C40427A01E0BAD11 ] C:\Program Files\ActivIdentity\ActivClient\Resources\acunlockrc.dll
15:25:15.0568 3344  C:\Program Files\ActivIdentity\ActivClient\Resources\acunlockrc.dll - ok
15:25:15.0585 3344  [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
15:25:15.0585 3344  C:\Program Files\Windows Sidebar\sidebar.exe - ok
15:25:15.0614 3344  [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
15:25:15.0614 3344  C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll - ok
15:25:15.0640 3344  [ 238EE2C8B6064137EAEB45DD0C5DB569 ] C:\Program Files (x86)\Yahoo!\Messenger\YImage.dll
15:25:15.0641 3344  C:\Program Files (x86)\Yahoo!\Messenger\YImage.dll - ok
15:25:15.0662 3344  [ 8898CD3DCA1621B7759ACEE7D7AAC7F4 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll
15:25:15.0662 3344  C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll - ok
15:25:15.0684 3344  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
15:25:15.0684 3344  C:\Windows\System32\QUTIL.DLL - ok
15:25:15.0709 3344  [ 88B0BCC23660D466879099F26CCB8CA5 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll
15:25:15.0709 3344  C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll - ok
15:25:15.0731 3344  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
15:25:15.0731 3344  C:\Windows\System32\mssprxy.dll - ok
15:25:15.0757 3344  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
15:25:15.0757 3344  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
15:25:15.0781 3344  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
15:25:15.0781 3344  C:\Windows\System32\en-US\tquery.dll.mui - ok
15:25:15.0804 3344  [ A55E7D0D873B2C97585B3B5926AC6ADE ] C:\Windows\WindowsMobile\rapimgr.dll
15:25:15.0804 3344  C:\Windows\WindowsMobile\rapimgr.dll - ok
15:25:15.0830 3344  [ 910F1038E95F9CE16D1AF1E0940ECB89 ] C:\Program Files (x86)\Pinnacle\Shared Files\Programs\Remote\remoterm.exe
15:25:15.0830 3344  C:\Program Files (x86)\Pinnacle\Shared Files\Programs\Remote\remoterm.exe - ok
15:25:15.0851 3344  [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
15:25:15.0851 3344  C:\Windows\System32\msvcp60.dll - ok
15:25:15.0870 3344  [ 8881B5BF5C20A53CFAF2DA153A147ABD ] C:\Program Files (x86)\Yahoo!\Messenger\ylog.dll
15:25:15.0870 3344  C:\Program Files (x86)\Yahoo!\Messenger\ylog.dll - ok
15:25:15.0896 3344  [ 1B86E9B7534CFCB9B97E166E752415DC ] C:\Program Files\Toshiba\Power Saver\TFunc2.dll
15:25:15.0896 3344  C:\Program Files\Toshiba\Power Saver\TFunc2.dll - ok
15:25:15.0922 3344  [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
15:25:15.0922 3344  C:\Windows\System32\SearchFolder.dll - ok
15:25:15.0948 3344  [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
15:25:15.0948 3344  C:\Windows\SysWOW64\hid.dll - ok
15:25:15.0967 3344  [ E6BC081DDE7391AD0A044C0796A86D08 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll
15:25:15.0967 3344  C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll - ok
15:25:15.0994 3344  [ EDE3D67AE2951D330AA6A4EB7FEF7739 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll
15:25:15.0994 3344  C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll - ok
15:25:16.0018 3344  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
15:25:16.0018 3344  C:\Windows\System32\bthprops.cpl - ok
15:25:16.0043 3344  [ 075C67558429F755B1B8DB68D01FC3EB ] C:\Program Files (x86)\Yahoo!\Messenger\YCPFoundation.dll
15:25:16.0043 3344  C:\Program Files (x86)\Yahoo!\Messenger\YCPFoundation.dll - ok
15:25:16.0066 3344  [ EA076ABA7CE2E6A6960D7352A919099C ] C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe
15:25:16.0066 3344  C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe - ok
15:25:16.0090 3344  [ A9E5287A31174AD561C19ED017C0320A ] C:\Program Files\Toshiba\FlashCards\Hotkey\fnf5.dll
15:25:16.0090 3344  C:\Program Files\Toshiba\FlashCards\Hotkey\fnf5.dll - ok
15:25:16.0095 3344  ============================================================
15:25:16.0095 3344  Scan finished
15:25:16.0095 3344  ============================================================
15:25:16.0159 2604  Detected object count: 10
15:25:16.0159 2604  Actual detected object count: 10
15:25:37.0871 2604  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0871 2604  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0878 2604  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0879 2604  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0880 2604  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0880 2604  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0886 2604  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0886 2604  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0893 2604  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0893 2604  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0900 2604  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0900 2604  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0908 2604  stdiscover ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0908 2604  stdiscover ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0913 2604  stlisten ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0913 2604  stlisten ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0919 2604  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:25:37.0926 2604  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:25:37.0928 2604  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:25:37.0928 2604  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:25:41.0922 3376  Deinitialize success



#15 RKollas

RKollas
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:42 AM

Posted 09 April 2013 - 02:46 AM

MBAR Log

 

Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org

Database version: v2013.04.08.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Robert :: ROBERT-LAPTOP [administrator]

4/8/2013 4:34:31 PM
mbar-log-2013-04-08 (16-34-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31332
Time elapsed: 1 hour(s), 5 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
c:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

 

So far the system is running in normal mode without a BSOD. Internet is working, Windows firewall is having errors, and Windows update appears to be functioning normal. After running the fixdamage tool, Windows Firewall is back to normal functioning.

 

Now that things are working more towards normal, the action center shows that I have the virtool:win32/BeeInject virus which was dated 2/27/2013 and hasn't shown from what I've seen on any of the other scans. For now, I'm disabling the wireless and awaiting further instructions.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users