Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zeroaccess AND a Rootkit? really? (Redux ... was instructed to move this here)


  • This topic is locked This topic is locked
54 replies to this topic

#1 Djimbe

Djimbe

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 11 April 2013 - 06:19 PM

So I thought I was just having issues hooking up with my router. furthur investigation trned up a Zeroaccess and then even FURTHER analysis leads to some form of disturbiong malware/adware on IE wich I never use... except Im hearing Wendy's commercials for Flatbread over and over again in like , some kind of Audio Cascade ... like the second one starts  after the first one gets to the second sentacne , then the third after it gets to the third, etc.... so I can hear 5-10 versions of wendy's flatbread commerciuals, and then what sounds like a daytime chat show giving me cooking tips...

 

Tried System Restore (no restore points exist for the history of my machine of course) Tried most of the usual suspects, (MBAM, etc) but they find nothing wrong, couldnt get anything to really get me back online, and the only way I can get Internet now is through PDANet on my cellphone tethered. Dunno why that works but it does,

 

HOWEVER... when I reboot there is a BRIEF window wherein I have a glimmer of IP4 connectivity. It never lasts 5 minutes.

 

And as I was attacking this as a Networking Issue I am going to put down the Mouse and Slowly Back Away until someone that knows what the HELL is going on in my haunted machine tells me what's up.

 

 

Oh yeah, Vitals...

 

AMD athlon 64bit windows 7 home premium SP1

 

Attached File  DDS.txt   31.17KB   2 downloads

Attached File  Attach.txt   11.16KB   0 downloads

 

Thanks in advance.

 

Jim

 

 

LINK TO OLD POST AS REQUESTED:

http://www.bleepingcomputer.com/forums/t/491396/zeroaccess-and-a-rootkit-really/


Edited by Djimbe, 11 April 2013 - 06:25 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:57 PM

Posted 11 April 2013 - 08:16 PM


Hello Djimbe

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-
  • Download Security Check by screen317 from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
-AdwCleaner-
  • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+
  • Gringo




I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 11 April 2013 - 09:11 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16470
Run by Djimbe2 at 19:04:12 on 2013-04-11
#Option Extended Search is enabled.
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2811.770 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Connectify\ConnectifyService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Windows\StartupMonitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Djimbe2\AppData\Local\Torch\Update\23.0.0.2585\TorchUpdate.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Users\Djimbe2\AppData\Local\Torch\Application\torch.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Deal Spy: {11111111-1111-1111-1111-110211621176} - C:\Program Files (x86)\Deal Spy\Deal 
 
Spy.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files 
 
(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-
 
4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE
 
\rndlbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files 
 
(x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: GetSavin 5.0: {6C09FC0C-026F-474F-B831-8FB2850DC0D0} - C:\Users\Djimbe2\AppData\Local
 
\getsavin\ie\getsavin_1363174801.dll
BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare 
 
Applications\MediaBar\Datamngr\IEBHO.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files 
 
(x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files 
 
(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files 
 
(x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program 
 
Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files 
 
(x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files 
 
(x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files 
 
(x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google 
 
Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google 
 
Toolbar\GoogleToolbar_32.dll
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe
 
\LightScribeControlPanel.exe -hidden
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [iCall Internet Phone] "C:\Program Files (x86)\iCall\iCall.exe" /startup
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min 
 
"C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun: [Run StartupMonitor] StartupMonitor.exe
StartupFolder: C:\Users\Djimbe2\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup
 
\BANSHE~1.LNK - C:\Program Files (x86)\Banshee Screamer Alarm\alarm.exe
StartupFolder: C:\Users\Djimbe2\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup
 
\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\Djimbe2\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup
 
\PDANET~1.LNK - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?
 
clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?
 
clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component
 
\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program 
 
Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program 
 
Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support 
 
Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\
 
\EvernoteIERes\AddNote.html
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program 
 
Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - 
 
hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - 
 
hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37
 
-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37
 
-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37
 
-windows-i586.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - 
 
hxxp://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{D9D76227-5D03-498F-9167-38AD84B9A2C9} : NameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{F3271CD0-A398-4A2C-B096-1D63DB01FB24} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F3271CD0-A398-4A2C-B096-1D63DB01FB24}\37162716D223432343 : DHCPNameServer = 
 
192.168.2.1
TCP: Interfaces\{F3271CD0-A398-4A2C-B096-1D63DB01FB24}\64F68764961363 : DHCPNameServer = 
 
192.168.43.1
TCP: Interfaces\{F3271CD0-A398-4A2C-B096-1D63DB01FB24}\C696E6B6379737 : DHCPNameServer = 
 
208.59.247.45 208.59.247.46
TCP: Interfaces\{FFFB0025-5DAF-426D-A26F-FD12827EC041} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{FFFB0025-5DAF-426D-A26F-FD12827EC041}\16474777966696 : DHCPNameServer = 
 
192.168.5.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{FFFB0025-5DAF-426D-A26F-FD12827EC041}\2656C6B696E6E2033636E2765756374737 : 
 
DHCPNameServer = 192.168.169.1
TCP: Interfaces\{FFFB0025-5DAF-426D-A26F-FD12827EC041}\34166656 : DHCPNameServer = 68.87.73.242 
 
68.87.71.226
TCP: Interfaces\{FFFB0025-5DAF-426D-A26F-FD12827EC041}\E65647374716E646949353 : DHCPNameServer = 
 
167.102.241.235 167.102.241.236
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live
 
\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files
 
\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome
 
\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --
 
system-level --multi-install --chrome
x64-BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files 
 
(x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program 
 
Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files 
 
(x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program 
 
Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google
 
\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-
 
1_6_0_25-windows-i586.cab
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy2.sys [2012-11-4 
 
31344]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012
 
-3-20 283200]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2012-11-16 15360]
R3 pnetmdm;PdaNet Modem;C:\Windows\System32\drivers\pnetmdm64.sys [2012-11-16 17920]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-10-7 38456]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys 
 
[2009-1-29 6144]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-27 48488]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2012-6-
 
11 22016]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2012-1-25 9728]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows
 
\System32\drivers\MijXfilt.sys [2013-4-2 117520]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys 
 
[2012-6-8 27136]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 
 
11776]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:
 
\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers
 
\rdpvideominiport.sys [2012-11-2 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010
 
-10-7 245792]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows
 
\System32\drivers\RTL8192cu.sys [2012-10-25 848384]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-2 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-12-14 51712]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows
 
\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 60 ================
.
2013-04-11 07:31:31 0 ----a-w- C:\Windows\SysWow64\shoBE4C.tmp
2013-04-10 10:29:57 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 10:25:49 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender
 
\Definition Updates\{DD35CB89-DC17-4176-BADD-4FC491DEA6D4}\mpengine.dll
2013-04-10 10:24:11 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 10:24:07 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 10:24:06 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 10:24:05 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 10:24:01 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 10:24:01 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 10:24:01 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-10 10:23:45 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-07 06:09:27 -------- d-----w- C:\ProgramData\Sophos
2013-04-07 06:08:15 73728 ----a-r- C:\Users\Djimbe2\AppData\Roaming\Microsoft
 
\Installer\{B829E117-D072-41EA-9606-
 
9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-04-07 06:08:15 73728 ----a-r- C:\Users\Djimbe2\AppData\Roaming\Microsoft
 
\Installer\{B829E117-D072-41EA-9606-
 
9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-04-07 06:08:15 73728 ----a-r- C:\Users\Djimbe2\AppData\Roaming\Microsoft
 
\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2013-04-07 06:08:09 -------- d-----w- C:\Program Files (x86)\Sophos
2013-04-05 10:16:18 163088 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest
 
\Sqm10143.bin
2013-04-02 23:18:38 328712 ----a-w- C:\Windows\System32\MijFrc.dll
2013-04-02 23:18:38 -------- d-----w- C:\Users\Djimbe2\AppData\Roaming
 
\MotioninJoy
2013-04-02 23:18:37 74960 ----a-w- C:\Windows\System32\drivers\xusb21.sys
2013-04-02 23:18:37 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2013-04-02 23:18:37 117520 ----a-w- C:\Windows\System32\drivers\MijXfilt.sys
2013-04-02 23:18:37 -------- d-----w- C:\Program Files\MotioninJoy
2013-04-01 17:50:42 0 ----a-w- C:\Windows\SysWow64\shoCFBC.tmp
2013-04-01 05:19:41 -------- d-----w- C:\ProgramData\HitmanPro
2013-04-01 03:39:41 -------- d-----w- C:\Windows\ERUNT
2013-04-01 03:35:59 0 ----a-w- C:\Windows\SysWow64\shoD2D8.tmp
2013-04-01 00:15:01 -------- d-----w- C:\Users\Djimbe2\AppData\Local\SKIDROW
2013-03-31 23:51:06 -------- d-----w- C:\Users\Djimbe2\AppData\Roaming
 
\Borderlands 2
2013-03-31 23:49:51 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-03-31 23:26:51 -------- d-----w- C:\Program Files (x86)\R.G. Mechanics
2013-03-28 15:42:21 -------- d-----w- C:\Users\Djimbe2\AppData\Roaming\Foxit 
 
Software
2013-03-20 11:00:43 -------- d-----w- C:\Program Files (x86)\Foxit Software
2013-03-19 06:07:49 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-14 07:18:09 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-03-14 07:18:09 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-03-13 15:02:50 -------- d-----w- C:\Program Files (x86)\Agent
2013-03-13 12:21:37 -------- d-----w- C:\Users\Djimbe2\AppData\Local\Deal Spy
2013-03-13 12:21:06 -------- d-----w- C:\Users\Djimbe2\AppData\Local
 
\Updater26276
2013-03-13 12:20:23 -------- d-----w- C:\Program Files (x86)\Deal Spy
2013-03-13 11:50:05 -------- d-----w- C:\Users\Djimbe2\AppData\Local\getsavin
2013-03-11 22:37:39 -------- d-----w- C:\ProgramData\Licenses
2013-03-11 22:36:58 129872 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2013-03-11 22:36:58 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2013-03-04 02:16:21 -------- d-----w- C:\Users\Djimbe2\AppData\Local\Torch
2013-03-01 11:26:42 -------- d-----w- C:\Windows\rescache
2013-02-27 08:01:59 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-02-15 22:04:52 208448 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins
 
\nppdf32.dll
2013-02-15 08:03:02 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft 
 
Shared\VGX\VGX.dll
2013-02-15 08:03:01 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared
 
\VGX\VGX.dll
2013-02-14 11:34:19 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-14 11:34:18 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-14 11:34:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-14 11:34:18 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-14 11:34:18 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-14 11:34:17 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-14 11:34:14 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-14 11:34:14 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
==================== Find6M  ====================
.
2013-03-12 05:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe
2013-02-27 06:52:37 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 06:52:37 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-08 14:44:12 15739760 ----a-w- C:\Windows
 
\SysWow64\FlashPlayerInstaller.exe
2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-29 00:25:43 1409 ----a-w- C:\Windows\SysWow64\tmp22714.FOT
2013-01-29 00:25:42 1409 ----a-w- C:\Windows\SysWow64\tmp45414.FOT
2013-01-29 00:25:41 1409 ----a-w- C:\Windows\SysWow64\tmpC9014.FOT
2013-01-29 00:25:41 1409 ----a-w- C:\Windows\SysWow64\tmp22214.FOT
2013-01-29 00:25:40 1409 ----a-w- C:\Windows\SysWow64\tmp0BD04.FOT
2013-01-29 00:25:39 1409 ----a-w- C:\Windows\SysWow64\tmp7A704.FOT
2013-01-29 00:25:39 1409 ----a-w- C:\Windows\SysWow64\tmp2DA04.FOT
2013-01-29 00:25:38 1409 ----a-w- C:\Windows\SysWow64\tmp21604.FOT
2013-01-29 00:25:38 1409 ----a-w- C:\Windows\SysWow64\tmp0F304.FOT
2013-01-29 00:25:37 1409 ----a-w- C:\Windows\SysWow64\tmpB2204.FOT
2013-01-29 00:25:37 1409 ----a-w- C:\Windows\SysWow64\tmpAFFF3.FOT
2013-01-29 00:25:36 1409 ----a-w- C:\Windows\SysWow64\tmpB4DF3.FOT
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-
 
shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-
 
normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-
 
advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-
 
advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-
 
l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-
 
l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-
 
shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-
 
version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32
 
-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-
 
shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-
 
normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-
 
advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-
 
advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-
 
l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-
 
l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-
 
shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-
 
version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32
 
-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-31 08:41:57 0 ----a-w- C:\Windows\SysWow64\sho2A6E.tmp
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
.
============= FINISH: 19:08:40.32 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 12/25/2010 10:12:57 PM
System Uptime: 4/11/2013 3:32:22 AM (16 hours ago)
.
Motherboard: Hewlett-Packard |  | 1444
Processor: AMD Athlon™ II P340 Dual-Core Processor | Socket S1G4 | 1584/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 281 GiB total, 4.871 GiB free.
D: is FIXED (NTFS) - 16 GiB total, 2.353 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOT\LEGACY_SBRE\0000
Manufacturer: 
Name: SBRE
PNP Device ID: ROOT\LEGACY_SBRE\0000
Service: SBRE
.
==== System Restore Points ===================
.
RP403: 4/11/2013 3:00:29 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
3herosoft AVI to DVD Burner
7-Zip 9.20 (x64 edition)
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Adobe Shockwave Player 11.5
Adobe Shockwave Player 12.0
Alarm Clock v1.0
AMD Accelerated Video Transcoding
AMD AVIVO64 Codecs
AMD Catalyst Install Manager
AMD USB Filter Driver
Anki
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
Banshee Screamer Alarm 2.57
Bejeweled 2 Deluxe
Bejeweled Twist
Bejeweled Twist™
Bejeweled® 3
Bing Rewards Client Installer
Blackhawk Striker 2
Bonjour
Borderlands 2
Build-a-lot 2
calibre
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CBR Reader
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CDisplayEx 1.8
Cheetah DVD Burner
Chuzzle Deluxe
CinemaNow Media Manager
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Connectify Hotspot
CyberLink DVD Suite
CyberLink MediaShow
CyberLink PowerDVD 9
CyberLink YouCam
D3DX10
DAEMON Tools Lite
Deal Spy
Diablo III
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
DVD Shrink 3.2
Energy Star Digital Logo
Escape Rosecliff Island
ESET Online Scanner v3
ESU for Microsoft Windows 7
Evernote v. 4.6.4
Facebook Messenger 2.1.4651.0
FATE
Final Drive Nitro
Forté Agent
Foxit Reader
GetSavin
Google Chrome
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Graboid Video 2.01
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.2.1.1
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Advisor
HP Customer Experience Enhancements
HP Documentation
HP Game Console
HP Games
HP MediaSmart CinemaNow 2.0
HP Photo Creations
HP Power Manager
HP Product Detection
HP Quick Launch
HP Setup
HP Software Framework
HP Support Assistant
HP Wireless Assistant
HyperCam 2
HyperCam Toolbar
iCall
ImgBurn
inSSIDer
iTunes
Java Auto Updater
Java™ 6 Update 25 (64-bit)
Java™ 6 Update 37
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
K-Lite Codec Pack 7.0.0 (Standard)
LabelPrint
LightScribe System Software
Malwarebytes Anti-Malware version 1.70.0.1100
MediaBar
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
MotioninJoy DS3 driver version 0.6.0004
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 5.9.0
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
Network Stumbler 0.4.0 (remove only)
NVIDIA PhysX
PdaNet for Android 3.50
Penguins!
PhotoNow!
PlanMaker Viewer
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver and Utility
RealUpgrade 1.1
Recovery Manager
RingtoneJunkiez Desktop
Roxio CinemaNow 2.0
RtVOsd
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Sophos Virus Removal Tool
Speccy
SpeedFan (remove only)
Spesoft Free CD Ripper Version 4.2
Spybot - Search & Destroy
SpywareBlaster 5.0
StartupMonitor
SUPERAntiSpyware
swMSM
Synaptics Pointing Device Driver
TextMaker Viewer
The Rosetta Stone
Torch
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Virtual Families
Virtual Villagers - The Secret City
VirtualDJ PRO Full
VLC media player 1.0.1
Wheel of Fortune 2
Wild Tangent - Fate
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Detect
Yahoo! Messenger
Yahoo! Software Update
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
4/9/2013 4:05:32 AM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
4/8/2013 9:23:29 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR4.
4/7/2013 5:19:07 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the 
 
SophosVirusRemovalTool service.
4/7/2013 5:15:25 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in 
 
order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
4/7/2013 5:15:18 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to 
 
connect.
4/7/2013 5:15:18 PM, Error: Service Control Manager [7000]  - The Windows Modules Installer service failed to start due to the following error:  The service did not 
 
respond to the start or control request in a timely fashion.
4/6/2013 5:24:56 AM, Error: Service Control Manager [7031]  - The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 
 
time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/5/2013 11:21:51 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Motorola 
 
Device Manager service.
4/11/2013 3:34:07 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM 
 
Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-
 
18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/11/2013 3:33:43 AM, Error: Microsoft-Windows-SharedAccess_NAT [30013]  - The DHCP allocator has disabled itself on IP address 192.168.206.1, since the IP address is 
 
outside the 192.168.173.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the 
 
scope to include the IP address, or change the IP address to fall within the scope.
4/11/2013 3:33:25 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  SBRE
.
==== End Of File ===========================


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:57 PM

Posted 11 April 2013 - 09:25 PM


Hello Djimbe


These are the programs I would like you to run next, if you have any problems with these just skip it and move on to the next one.


-AdwCleaner-
  • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+
  • Gringo





I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 11 April 2013 - 10:35 PM

 Results of screen317's Security Check version 0.99.62  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Deal Spy    
 SpywareBlaster 5.0    
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware version 1.70.0.1100  
 Java™ 6 Update 37  
 Java version out of Date! 
 Adobe Flash Player 11.6.602.171  
 Adobe Reader XI  
 Google Chrome 26.0.1410.43  
 Google Chrome 26.0.1410.64  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 5% 
````````````````````End of Log`````````````````````` 

ok, on it now.



#6 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 11 April 2013 - 10:52 PM

# AdwCleaner v2.200 - Logfile created 04/11/2013 at 23:42:22
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Djimbe2 - 1A
# Boot Mode : Normal
# Running from : C:\Users\Djimbe2\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
Folder Deleted : C:\Program Files (x86)\iMesh Applications\Mediabar
Folder Deleted : C:\Users\Djimbe2\AppData\Local\getsavin

***** [Registry] *****

Data Deleted : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll
Data Deleted : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211621176}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211621176}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244624476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211621176}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110211621176}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220222622276}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550255625576}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660266626676}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211621176}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211621176}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211621176}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255625576}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266626676}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E84CC2C1-B722-48FC-A39C-EDB8B525C777}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Djimbe2\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12655 octets] - [31/03/2013 23:30:53]
AdwCleaner[S1].txt - [12053 octets] - [31/03/2013 23:32:58]
AdwCleaner[S2].txt - [4010 octets] - [11/04/2013 23:42:22]

########## EOF - C:\AdwCleaner[S2].txt - [4070 octets] ##########



#7 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 11 April 2013 - 11:07 PM

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Djimbe2 [Admin rights]
Mode : Remove -- Date : 04/12/2013 00:03:49
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] StartupMonitor.exe -- C:\Windows\StartupMonitor.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM321HI SATA Disk Device +++++
--- User ---
[MBR] 5de6434a6584a46fae5b7dc4deb3eda4
[BSP] 980b7b7265bd426cc823d133dde6a339 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 288214 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 590671872 | Size: 16727 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_04122013_02d0003.txt >>
RKreport[1]_S_04122013_02d0002.txt ; RKreport[2]_D_04122013_02d0003.txt



#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:57 PM

Posted 11 April 2013 - 11:13 PM


Hello Djimbe

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had

  • How is the computer doing now?

  • Gringo




I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 11 April 2013 - 11:16 PM

dude, you're a beast!

on it.



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:57 PM

Posted 11 April 2013 - 11:27 PM

:)
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 12 April 2013 - 12:08 AM

ComboFix 13-04-11.01 - Djimbe2 04/12/2013   0:35.6.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2811.1662 [GMT -4:00]
Running from: c:\users\Djimbe2\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-03-12 to 2013-04-12  )))))))))))))))))))))))))))))))
.
.
2013-04-12 04:44 . 2013-04-12 04:44 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2013-04-12 04:44 . 2013-04-12 04:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-12 04:44 . 2013-04-12 04:44 -------- d-----w- c:\users\Djimbe\AppData\Local\temp
2013-04-12 04:44 . 2013-04-12 04:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-12 04:44 . 2013-04-12 04:44 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-04-12 03:28 . 2013-04-12 04:41 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD35CB89-DC17-4176-BADD-4FC491DEA6D4}\offreg.dll
2013-04-11 07:31 . 2013-04-11 07:31 0 ----a-w- c:\windows\SysWow64\shoBE4C.tmp
2013-04-10 10:29 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 10:25 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD35CB89-DC17-4176-BADD-4FC491DEA6D4}\mpengine.dll
2013-04-10 10:24 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 10:24 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 10:24 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 10:24 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 10:24 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 10:24 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-10 10:24 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 10:23 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-07 06:09 . 2013-04-07 06:09 -------- d-----w- c:\programdata\Sophos
2013-04-07 06:08 . 2013-04-07 06:08 73728 ----a-r- c:\users\Djimbe2\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-04-07 06:08 . 2013-04-07 06:08 73728 ----a-r- c:\users\Djimbe2\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-04-07 06:08 . 2013-04-07 06:08 73728 ----a-r- c:\users\Djimbe2\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2013-04-07 06:08 . 2013-04-07 06:08 -------- d-----w- c:\program files (x86)\Sophos
2013-04-05 10:16 . 2013-04-05 10:16 163088 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10143.bin
2013-04-02 23:18 . 2013-04-02 23:18 -------- d-----w- c:\users\Djimbe2\AppData\Roaming\MotioninJoy
2013-04-02 23:18 . 2010-05-03 20:12 328712 ----a-w- c:\windows\system32\MijFrc.dll
2013-04-02 23:18 . 2013-04-02 23:18 -------- d-----w- c:\program files\MotioninJoy
2013-04-02 23:18 . 2011-08-30 04:54 117520 ----a-w- c:\windows\system32\drivers\MijXfilt.sys
2013-04-02 23:18 . 2010-08-19 23:24 74960 ----a-w- c:\windows\system32\drivers\xusb21.sys
2013-04-02 23:18 . 2010-08-19 23:24 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-04-01 17:50 . 2013-04-01 17:50 0 ----a-w- c:\windows\SysWow64\shoCFBC.tmp
2013-04-01 05:19 . 2013-04-01 05:29 -------- d-----w- c:\programdata\HitmanPro
2013-04-01 03:39 . 2013-04-01 03:39 -------- d-----w- c:\windows\ERUNT
2013-04-01 03:35 . 2013-04-01 03:35 0 ----a-w- c:\windows\SysWow64\shoD2D8.tmp
2013-04-01 00:15 . 2013-04-01 00:15 -------- d-----w- c:\users\Djimbe2\AppData\Local\SKIDROW
2013-03-31 23:51 . 2013-03-31 23:51 -------- d-----w- c:\users\Djimbe2\AppData\Roaming\Borderlands 2
2013-03-31 23:49 . 2013-03-31 23:49 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-03-31 23:26 . 2013-03-31 23:26 -------- d-----w- c:\program files (x86)\R.G. Mechanics
2013-03-28 15:42 . 2013-03-28 15:42 -------- d-----w- c:\users\Djimbe2\AppData\Roaming\Foxit Software
2013-03-20 11:00 . 2013-03-20 11:00 -------- d-----w- c:\program files (x86)\Foxit Software
2013-03-19 06:07 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-14 07:18 . 2013-02-02 06:38 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-03-14 07:18 . 2013-02-02 03:23 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-03-14 07:18 . 2013-02-02 06:38 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-14 07:16 . 2013-02-02 07:31 17815040 ----a-w- c:\windows\system32\mshtml.dll
2013-03-14 07:16 . 2013-02-02 06:58 10925568 ----a-w- c:\windows\system32\ieframe.dll
2013-03-14 07:10 . 2013-03-14 07:10 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-14 07:10 . 2013-03-14 07:10 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-13 15:02 . 2013-03-13 15:03 -------- d-----w- c:\program files (x86)\Agent
2013-03-13 12:21 . 2013-03-13 12:21 -------- d-----w- c:\users\Djimbe2\AppData\Local\Deal Spy
2013-03-13 12:21 . 2013-03-13 12:21 -------- d-----w- c:\users\Djimbe2\AppData\Local\Updater26276
2013-03-13 12:20 . 2013-03-13 12:21 -------- d-----w- c:\program files (x86)\Deal Spy
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-11 07:03 . 2011-06-18 07:05 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-12 05:10 . 2011-02-25 03:11 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-27 06:52 . 2012-04-11 07:53 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 06:52 . 2011-06-11 19:39 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 05:45 . 2013-03-13 14:28 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 14:28 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 14:28 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 14:28 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 14:28 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 14:28 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-08 14:44 . 2013-02-08 14:44 15739760 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmp22714.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmp45414.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmpC9014.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmp22214.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmp0BD04.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmp7A704.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmp2DA04.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmp21604.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmp0F304.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmpB2204.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmpAFFF3.FOT
2013-01-29 00:25 . 2013-01-29 00:25 1409 ----a-w- c:\windows\SysWow64\tmpB4DF3.FOT
2013-01-13 21:17 . 2013-02-27 08:02 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 08:02 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 08:02 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:02 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:02 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:02 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:02 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:02 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:02 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:02 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:01 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 08:02 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 08:02 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 08:01 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 08:01 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 08:01 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 08:01 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 08:01 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 08:01 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 08:01 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 08:02 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 08:02 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 08:01 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 08:02 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 08:01 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 08:01 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 08:01 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 08:01 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 08:01 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 08:01 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 08:01 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 08:01 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 08:02 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 08:02 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 08:01 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 08:01 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 08:01 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 08:02 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 08:02 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 08:02 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 08:02 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 08:01 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 08:01 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-02-08 17:22 721840 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-02-10 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-22 39408]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2012-11-09 4013928]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-25 6595928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-17 98304]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-01-25 421160]
"iCall Internet Phone"="c:\program files (x86)\iCall\iCall.exe" [2008-12-18 1587576]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-10-10 296096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Run StartupMonitor"="StartupMonitor.exe" [2000-05-20 86016]
.
c:\users\Djimbe2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Banshee Screamer Alarm.lnk - c:\program files (x86)\Banshee Screamer Alarm\alarm.exe [2013-2-7 274432]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2013-3-19 1086816]
PdaNet Desktop.lnk - c:\program files (x86)\PdaNet for Android\PdaNetPC.exe [2012-11-16 484976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool]
@="Service"
.
R1 danxnwvg;danxnwvg;c:\windows\system32\drivers\danxnwvg.sys [x]
R1 gamaqgqk;gamaqgqk;c:\windows\system32\drivers\gamaqgqk.sys [x]
R1 jpjrpwpi;jpjrpwpi;c:\windows\system32\drivers\jpjrpwpi.sys [x]
R1 lstgprdh;lstgprdh;c:\windows\system32\drivers\lstgprdh.sys [x]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-29 6144]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2012-06-11 22016]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2012-01-25 9728]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-08-30 117520]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2012-06-08 27136]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2011-11-08 11776]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-05-07 245792]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys [2011-02-11 848384]
R3 SophosVirusRemovalTool;Sophos Virus Removal Tool;c:\program files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [2013-02-13 153080]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-12-14 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-28 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2012-11-05 31344]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-21 283200]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-20 203264]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2012-11-09 65536]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-10-23 120728]
S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-08-09 38608]
S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-20 315392]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 17:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 10:48 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-22 03:20]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-22 03:20]
.
2013-04-08 c:\windows\Tasks\HPCeeScheduleForDjimbe2.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-02-08 17:22 1057712 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: New Note - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D9D76227-5D03-498F-9167-38AD84B9A2C9}: NameServer = 8.8.8.8 8.8.4.4
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{6C09FC0C-026F-474F-B831-8FB2850DC0D0} - c:\users\Djimbe2\AppData\Local\getsavin\ie\getsavin_1363174801.dll
WebBrowser-{69D9C44C-B8A0-4D91-82A6-5D3D5800FB48} - (no file)
AddRemove-GetSavin - c:\users\Djimbe2\AppData\Local\getsavin\uninst.exe
AddRemove-HyperCam Toolbar - c:\program files (x86)\HyperCam Toolbar\UninstallToolbar.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-12  00:48:00
ComboFix-quarantined-files.txt  2013-04-12 04:47
ComboFix2.txt  2012-10-23 22:24
ComboFix3.txt  2012-07-02 12:27
ComboFix4.txt  2011-08-18 15:45
.
Pre-Run: 5,856,616,448 bytes free
Post-Run: 6,201,516,032 bytes free
.
- - End Of File - - A556940E894888F3C876D9E9AA283513

 



#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:57 PM

Posted 12 April 2013 - 12:31 AM



Hello Djimbe


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
  • and I will see if I want to see the whole report

    Malwarebytes Anti-Rootkit

    1.Download Malwarebytes Anti-Rootkit
    2.Unzip the contents to a folder in a convenient location.
    3.Open the folder where the contents were unzipped and run mbar.exe
    4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    6.Wait while the system shuts down and the cleanup process is performed.
    7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
    • •Internet access
      •Windows Update
      •Windows Firewall
    9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
    10.Verify that your system is now functioning normally.

    If you have any problems running either one come back and let me know

    please reply with the reports from TDSSKiller and MBAR

    Gringo







I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 12 April 2013 - 12:34 AM


okay, the blatant ads on IE appear to be removed from the Google page.


Web Connectivity:

I was able to access like 4 web pages without being Tethered to my smartphone. Then its like "OOOOH CAUGHT YOU ON DA WEBS!" and shut me down. I googles 2 things and then got most of Speedtest.net to load b4 it took me out. I tried to log onto my neighbors unlocked wifi and no luck there either.


My machine DID reboot running these scans, and this is consistent with its post-reboot behaviour.

 

 

HAve not done the above post yet...
 



#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:57 PM

Posted 12 April 2013 - 12:41 AM

we cross posted - see post 12
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 12 April 2013 - 01:30 AM

01:52:13.0772 3860  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:52:13.0881 3860  ============================================================
01:52:13.0881 3860  Current date / time: 2013/04/12 01:52:13.0881
01:52:13.0881 3860  SystemInfo:
01:52:13.0881 3860 
01:52:13.0881 3860  OS Version: 6.1.7601 ServicePack: 1.0
01:52:13.0881 3860  Product type: Workstation
01:52:13.0881 3860  ComputerName: 1A
01:52:13.0881 3860  UserName: Djimbe2
01:52:13.0881 3860  Windows directory: C:\Windows
01:52:13.0881 3860  System windows directory: C:\Windows
01:52:13.0881 3860  Running under WOW64
01:52:13.0881 3860  Processor architecture: Intel x64
01:52:13.0881 3860  Number of processors: 2
01:52:13.0881 3860  Page size: 0x1000
01:52:13.0881 3860  Boot type: Normal boot
01:52:13.0881 3860  ============================================================
01:52:17.0188 3860  BG loaded
01:52:18.0312 3860  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:52:18.0327 3860  Drive \Device\Harddisk1\DR1 - Size: 0x76E480000 (29.72 Gb), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:52:18.0327 3860  ============================================================
01:52:18.0327 3860  \Device\Harddisk0\DR0:
01:52:18.0374 3860  MBR partitions:
01:52:18.0374 3860  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
01:52:18.0374 3860  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x232EB000
01:52:18.0374 3860  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2334F000, BlocksNum 0x20AB800
01:52:18.0374 3860  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
01:52:18.0374 3860  \Device\Harddisk1\DR1:
01:52:18.0374 3860  MBR partitions:
01:52:18.0374 3860  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
01:52:18.0374 3860  ============================================================
01:52:18.0530 3860  C: <-> \Device\Harddisk0\DR0\Partition2
01:52:18.0702 3860  D: <-> \Device\Harddisk0\DR0\Partition3
01:52:18.0702 3860  ============================================================
01:52:18.0702 3860  Initialize success
01:52:18.0702 3860  ============================================================
02:12:57.0891 1832  ============================================================
02:12:57.0891 1832  Scan started
02:12:57.0891 1832  Mode: Manual; SigCheck; TDLFS;
02:12:57.0891 1832  ============================================================
02:12:58.0466 1832  ================ Scan system memory ========================
02:12:58.0466 1832  System memory - ok
02:12:58.0467 1832  ================ Scan services =============================
02:12:58.0580 1832  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
02:12:58.0630 1832  !SASCORE - ok
02:12:58.0798 1832  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
02:12:58.0888 1832  1394ohci - ok
02:12:58.0940 1832  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
02:12:58.0962 1832  ACPI - ok
02:12:59.0001 1832  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
02:12:59.0057 1832  AcpiPmi - ok
02:12:59.0184 1832  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:12:59.0200 1832  AdobeARMservice - ok
02:12:59.0251 1832  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
02:12:59.0274 1832  adp94xx - ok
02:12:59.0297 1832  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
02:12:59.0316 1832  adpahci - ok
02:12:59.0345 1832  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
02:12:59.0360 1832  adpu320 - ok
02:12:59.0399 1832  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
02:12:59.0523 1832  AeLookupSvc - ok
02:12:59.0585 1832  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
02:12:59.0595 1832  AERTFilters - ok
02:12:59.0642 1832  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
02:12:59.0717 1832  AFD - ok
02:12:59.0772 1832  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
02:12:59.0788 1832  agp440 - ok
02:12:59.0815 1832  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
02:12:59.0894 1832  ALG - ok
02:12:59.0917 1832  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
02:12:59.0932 1832  aliide - ok
02:12:59.0970 1832  [ 29C151492510640343B00B63996E4070 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
02:13:00.0037 1832  AMD External Events Utility - ok
02:13:00.0058 1832  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
02:13:00.0070 1832  amdide - ok
02:13:00.0092 1832  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
02:13:00.0136 1832  AmdK8 - ok
02:13:00.0348 1832  [ 2C9C4824664C61351FF1E0169262D026 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
02:13:00.0523 1832  amdkmdag - ok
02:13:00.0626 1832  [ EF7382689D3B17AC2983202E7A40AB45 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
02:13:00.0689 1832  amdkmdap - ok
02:13:00.0746 1832  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
02:13:00.0783 1832  AmdPPM - ok
02:13:00.0824 1832  [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
02:13:00.0852 1832  amdsata - ok
02:13:00.0895 1832  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
02:13:00.0910 1832  amdsbs - ok
02:13:00.0916 1832  [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
02:13:00.0928 1832  amdxata - ok
02:13:00.0985 1832  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
02:13:01.0125 1832  AppID - ok
02:13:01.0163 1832  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
02:13:01.0212 1832  AppIDSvc - ok
02:13:01.0278 1832  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
02:13:01.0341 1832  Appinfo - ok
02:13:01.0455 1832  [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:13:01.0468 1832  Apple Mobile Device - ok
02:13:01.0544 1832  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
02:13:01.0561 1832  arc - ok
02:13:01.0598 1832  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
02:13:01.0611 1832  arcsas - ok
02:13:01.0638 1832  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
02:13:01.0705 1832  AsyncMac - ok
02:13:01.0750 1832  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
02:13:01.0761 1832  atapi - ok
02:13:01.0857 1832  [ B4421D8CDADC441F76BA39532A3E3414 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
02:13:01.0950 1832  athr - ok
02:13:02.0023 1832  [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
02:13:02.0039 1832  AtiHdmiService - ok
02:13:02.0080 1832  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
02:13:02.0093 1832  AtiPcie - ok
02:13:02.0154 1832  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:13:02.0214 1832  AudioEndpointBuilder - ok
02:13:02.0226 1832  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
02:13:02.0268 1832  AudioSrv - ok
02:13:02.0326 1832  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
02:13:02.0400 1832  AxInstSV - ok
02:13:02.0464 1832  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
02:13:02.0515 1832  b06bdrv - ok
02:13:02.0547 1832  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
02:13:02.0586 1832  b57nd60a - ok
02:13:02.0633 1832  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
02:13:02.0689 1832  BDESVC - ok
02:13:02.0699 1832  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
02:13:02.0759 1832  Beep - ok
02:13:02.0830 1832  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
02:13:02.0902 1832  BFE - ok
02:13:02.0945 1832  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
02:13:03.0018 1832  BITS - ok
02:13:03.0046 1832  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
02:13:03.0075 1832  blbdrive - ok
02:13:03.0179 1832  [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
02:13:03.0196 1832  Bonjour Service - ok
02:13:03.0235 1832  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
02:13:03.0259 1832  bowser - ok
02:13:03.0286 1832  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:13:03.0319 1832  BrFiltLo - ok
02:13:03.0354 1832  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:13:03.0375 1832  BrFiltUp - ok
02:13:03.0421 1832  [ 5C2F352A4E961D72518261257AAE204B ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
02:13:03.0500 1832  Bridge - ok
02:13:03.0550 1832  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
02:13:03.0594 1832  BridgeMP - ok
02:13:03.0653 1832  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
02:13:03.0700 1832  Browser - ok
02:13:03.0734 1832  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
02:13:03.0785 1832  Brserid - ok
02:13:03.0811 1832  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
02:13:03.0847 1832  BrSerWdm - ok
02:13:03.0869 1832  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
02:13:03.0934 1832  BrUsbMdm - ok
02:13:03.0955 1832  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
02:13:03.0978 1832  BrUsbSer - ok
02:13:04.0033 1832  [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
02:13:04.0064 1832  BTCFilterService - ok
02:13:04.0093 1832  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
02:13:04.0130 1832  BTHMODEM - ok
02:13:04.0182 1832  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
02:13:04.0242 1832  bthserv - ok
02:13:04.0262 1832  catchme - ok
02:13:04.0283 1832  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
02:13:04.0338 1832  cdfs - ok
02:13:04.0392 1832  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
02:13:04.0419 1832  cdrom - ok
02:13:04.0468 1832  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
02:13:04.0529 1832  CertPropSvc - ok
02:13:04.0580 1832  [ 533328A3D9A9C286682525842547540C ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
02:13:04.0593 1832  CinemaNow Service - ok
02:13:04.0622 1832  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
02:13:04.0656 1832  circlass - ok
02:13:04.0703 1832  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
02:13:04.0721 1832  CLFS - ok
02:13:04.0788 1832  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:13:04.0802 1832  clr_optimization_v2.0.50727_32 - ok
02:13:04.0873 1832  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:13:04.0887 1832  clr_optimization_v2.0.50727_64 - ok
02:13:04.0961 1832  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:13:05.0002 1832  clr_optimization_v4.0.30319_32 - ok
02:13:05.0030 1832  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:13:05.0044 1832  clr_optimization_v4.0.30319_64 - ok
02:13:05.0075 1832  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
02:13:05.0104 1832  CmBatt - ok
02:13:05.0118 1832  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
02:13:05.0130 1832  cmdide - ok
02:13:05.0169 1832  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
02:13:05.0209 1832  CNG - ok
02:13:05.0281 1832  [ 040FF3B09F26926A3792E047DB0F47DD ] cnnctfy2        C:\Windows\system32\DRIVERS\cnnctfy2.sys
02:13:05.0297 1832  cnnctfy2 - ok
02:13:05.0329 1832  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
02:13:05.0345 1832  Compbatt - ok
02:13:05.0383 1832  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
02:13:05.0417 1832  CompositeBus - ok
02:13:05.0435 1832  COMSysApp - ok
02:13:05.0514 1832  [ 27A6C0D6DF4734852A9065624F3580D4 ] Connectify      C:\Program Files (x86)\Connectify\ConnectifyService.exe
02:13:05.0540 1832  Connectify ( UnsignedFile.Multi.Generic ) - warning
02:13:05.0540 1832  Connectify - detected UnsignedFile.Multi.Generic (1)
02:13:05.0582 1832  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
02:13:05.0597 1832  crcdisk - ok
02:13:05.0654 1832  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
02:13:05.0714 1832  CryptSvc - ok
02:13:05.0810 1832  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
02:13:05.0839 1832  cvhsvc - ok
02:13:05.0850 1832  danxnwvg - ok
02:13:05.0918 1832  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
02:13:05.0974 1832  DcomLaunch - ok
02:13:06.0007 1832  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
02:13:06.0064 1832  defragsvc - ok
02:13:06.0122 1832  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
02:13:06.0177 1832  DfsC - ok
02:13:06.0250 1832  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
02:13:06.0296 1832  Dhcp - ok
02:13:06.0322 1832  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
02:13:06.0379 1832  discache - ok
02:13:06.0442 1832  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
02:13:06.0454 1832  Disk - ok
02:13:06.0503 1832  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
02:13:06.0547 1832  Dnscache - ok
02:13:06.0595 1832  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
02:13:06.0658 1832  dot3svc - ok
02:13:06.0689 1832  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
02:13:06.0756 1832  DPS - ok
02:13:06.0796 1832  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
02:13:06.0829 1832  drmkaud - ok
02:13:06.0878 1832  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
02:13:06.0898 1832  dtsoftbus01 - ok
02:13:06.0953 1832  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
02:13:06.0984 1832  DXGKrnl - ok
02:13:07.0022 1832  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
02:13:07.0080 1832  EapHost - ok
02:13:07.0174 1832  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
02:13:07.0258 1832  ebdrv - ok
02:13:07.0298 1832  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
02:13:07.0350 1832  EFS - ok
02:13:07.0415 1832  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
02:13:07.0477 1832  ehRecvr - ok
02:13:07.0508 1832  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
02:13:07.0527 1832  ehSched - ok
02:13:07.0562 1832  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
02:13:07.0591 1832  elxstor - ok
02:13:07.0627 1832  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
02:13:07.0658 1832  ErrDev - ok
02:13:07.0714 1832  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
02:13:07.0787 1832  EventSystem - ok
02:13:07.0827 1832  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
02:13:07.0883 1832  exfat - ok
02:13:07.0903 1832  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
02:13:07.0958 1832  fastfat - ok
02:13:08.0014 1832  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
02:13:08.0069 1832  Fax - ok
02:13:08.0106 1832  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
02:13:08.0139 1832  fdc - ok
02:13:08.0176 1832  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
02:13:08.0241 1832  fdPHost - ok
02:13:08.0256 1832  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
02:13:08.0306 1832  FDResPub - ok
02:13:08.0323 1832  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
02:13:08.0336 1832  FileInfo - ok
02:13:08.0354 1832  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
02:13:08.0424 1832  Filetrace - ok
02:13:08.0453 1832  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
02:13:08.0467 1832  flpydisk - ok
02:13:08.0506 1832  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
02:13:08.0526 1832  FltMgr - ok
02:13:08.0583 1832  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
02:13:08.0627 1832  FontCache - ok
02:13:08.0689 1832  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:13:08.0701 1832  FontCache3.0.0.0 - ok
02:13:08.0731 1832  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
02:13:08.0743 1832  FsDepends - ok
02:13:08.0772 1832  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
02:13:08.0781 1832  fssfltr - ok
02:13:08.0877 1832  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
02:13:08.0920 1832  fsssvc - ok
02:13:08.0958 1832  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
02:13:08.0969 1832  Fs_Rec - ok
02:13:09.0014 1832  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
02:13:09.0045 1832  fvevol - ok
02:13:09.0086 1832  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
02:13:09.0099 1832  gagp30kx - ok
02:13:09.0108 1832  gamaqgqk - ok
02:13:09.0170 1832  [ 551D463E4CCEB5240234DA6718C93A44 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
02:13:09.0184 1832  GameConsoleService - ok
02:13:09.0229 1832  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:13:09.0240 1832  GEARAspiWDM - ok
02:13:09.0292 1832  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
02:13:09.0360 1832  gpsvc - ok
02:13:09.0571 1832  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:13:09.0584 1832  gupdate - ok
02:13:09.0746 1832  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:13:09.0759 1832  gupdatem - ok
02:13:09.0793 1832  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
02:13:09.0809 1832  gusvc - ok
02:13:09.0848 1832  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
02:13:09.0889 1832  hcw85cir - ok
02:13:09.0943 1832  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:13:09.0983 1832  HdAudAddService - ok
02:13:10.0026 1832  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
02:13:10.0064 1832  HDAudBus - ok
02:13:10.0097 1832  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
02:13:10.0114 1832  HidBatt - ok
02:13:10.0145 1832  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
02:13:10.0180 1832  HidBth - ok
02:13:10.0201 1832  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
02:13:10.0230 1832  HidIr - ok
02:13:10.0261 1832  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
02:13:10.0318 1832  hidserv - ok
02:13:10.0379 1832  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
02:13:10.0391 1832  HidUsb - ok
02:13:10.0427 1832  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
02:13:10.0475 1832  hkmsvc - ok
02:13:10.0516 1832  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:13:10.0573 1832  HomeGroupListener - ok
02:13:10.0613 1832  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:13:10.0647 1832  HomeGroupProvider - ok
02:13:10.0761 1832  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
02:13:10.0788 1832  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
02:13:10.0788 1832  HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
02:13:10.0851 1832  [ 3A09322A8AA8B0C79036686A0EBE7B4C ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
02:13:10.0864 1832  HP Wireless Assistant Service - ok
02:13:10.0930 1832  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
02:13:10.0956 1832  hpqwmiex - ok
02:13:11.0015 1832  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
02:13:11.0030 1832  HpSAMD - ok
02:13:11.0104 1832  [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
02:13:11.0114 1832  HPWMISVC - ok
02:13:11.0164 1832  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
02:13:11.0229 1832  HTTP - ok
02:13:11.0266 1832  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
02:13:11.0277 1832  hwpolicy - ok
02:13:11.0329 1832  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
02:13:11.0346 1832  i8042prt - ok
02:13:11.0378 1832  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
02:13:11.0397 1832  iaStorV - ok
02:13:11.0470 1832  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:13:11.0504 1832  idsvc - ok
02:13:11.0638 1832  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
02:13:11.0820 1832  igfx - ok
02:13:11.0864 1832  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
02:13:11.0880 1832  iirsp - ok
02:13:11.0942 1832  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
02:13:12.0006 1832  IKEEXT - ok
02:13:12.0087 1832  [ B88E24BD77A0CE2CFFEE2FACF1151BE0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
02:13:12.0139 1832  IntcAzAudAddService - ok
02:13:12.0187 1832  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
02:13:12.0198 1832  intelide - ok
02:13:12.0228 1832  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
02:13:12.0257 1832  intelppm - ok
02:13:12.0303 1832  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
02:13:12.0358 1832  IPBusEnum - ok
02:13:12.0397 1832  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:13:12.0458 1832  IpFilterDriver - ok
02:13:12.0528 1832  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
02:13:12.0589 1832  iphlpsvc - ok
02:13:12.0634 1832  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
02:13:12.0652 1832  IPMIDRV - ok
02:13:12.0689 1832  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
02:13:12.0746 1832  IPNAT - ok
02:13:12.0797 1832  [ 3D62FE4FEFE9C67DAFEC52B534DFA1FB ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
02:13:12.0822 1832  iPod Service - ok
02:13:12.0858 1832  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
02:13:12.0877 1832  IRENUM - ok
02:13:12.0914 1832  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
02:13:12.0926 1832  isapnp - ok
02:13:12.0944 1832  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
02:13:12.0963 1832  iScsiPrt - ok
02:13:12.0968 1832  jpjrpwpi - ok
02:13:12.0997 1832  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
02:13:13.0010 1832  kbdclass - ok
02:13:13.0061 1832  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
02:13:13.0094 1832  kbdhid - ok
02:13:13.0118 1832  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
02:13:13.0135 1832  KeyIso - ok
02:13:13.0184 1832  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
02:13:13.0197 1832  KSecDD - ok
02:13:13.0227 1832  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
02:13:13.0242 1832  KSecPkg - ok
02:13:13.0272 1832  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
02:13:13.0328 1832  ksthunk - ok
02:13:13.0369 1832  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
02:13:13.0441 1832  KtmRm - ok
02:13:13.0511 1832  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
02:13:13.0569 1832  LanmanServer - ok
02:13:13.0617 1832  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:13:13.0704 1832  LanmanWorkstation - ok
02:13:13.0766 1832  [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
02:13:13.0773 1832  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
02:13:13.0773 1832  LightScribeService - detected UnsignedFile.Multi.Generic (1)
02:13:13.0816 1832  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
02:13:13.0875 1832  lltdio - ok
02:13:13.0928 1832  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
02:13:13.0989 1832  lltdsvc - ok
02:13:14.0011 1832  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
02:13:14.0059 1832  lmhosts - ok
02:13:14.0090 1832  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
02:13:14.0103 1832  LSI_FC - ok
02:13:14.0118 1832  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
02:13:14.0131 1832  LSI_SAS - ok
02:13:14.0158 1832  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:13:14.0172 1832  LSI_SAS2 - ok
02:13:14.0186 1832  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:13:14.0200 1832  LSI_SCSI - ok
02:13:14.0205 1832  lstgprdh - ok
02:13:14.0225 1832  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
02:13:14.0263 1832  luafv - ok
02:13:14.0302 1832  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
02:13:14.0318 1832  Mcx2Svc - ok
02:13:14.0337 1832  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
02:13:14.0349 1832  megasas - ok
02:13:14.0369 1832  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
02:13:14.0386 1832  MegaSR - ok
02:13:14.0421 1832  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
02:13:14.0479 1832  MMCSS - ok
02:13:14.0501 1832  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
02:13:14.0558 1832  Modem - ok
02:13:14.0577 1832  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
02:13:14.0611 1832  monitor - ok
02:13:14.0653 1832  [ 43E754047C6DEE50666554D3C66D6279 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
02:13:14.0704 1832  motccgp - ok
02:13:14.0740 1832  [ 577399C75CF85AC68E7830EB150F45EF ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys
02:13:14.0784 1832  motccgpfl - ok
02:13:14.0852 1832  [ EB03D4164E7F10B601D280413655ADE4 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
02:13:14.0870 1832  MotioninJoyXFilter - ok
02:13:15.0021 1832  [ AC9D6E3629E4388A9EA9B4172493AAEE ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
02:13:15.0036 1832  Motorola Device Manager - ok
02:13:15.0056 1832  [ 19BC2161C3FCCED802F1BCD9B78C3466 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
02:13:15.0075 1832  MotoSwitchService - ok
02:13:15.0108 1832  [ C4F1495598C7E1FEF53BCFD84A5BD53E ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
02:13:15.0137 1832  Motousbnet - ok
02:13:15.0173 1832  [ D075B1D964A314D240F5498773EE89DF ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
02:13:15.0222 1832  motusbdevice - ok
02:13:15.0246 1832  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
02:13:15.0262 1832  mouclass - ok
02:13:15.0315 1832  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
02:13:15.0348 1832  mouhid - ok
02:13:15.0382 1832  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
02:13:15.0398 1832  mountmgr - ok
02:13:15.0438 1832  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
02:13:15.0452 1832  mpio - ok
02:13:15.0480 1832  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
02:13:15.0518 1832  mpsdrv - ok
02:13:15.0598 1832  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
02:13:15.0678 1832  MpsSvc - ok
02:13:15.0717 1832  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
02:13:15.0753 1832  MRxDAV - ok
02:13:15.0784 1832  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
02:13:15.0828 1832  mrxsmb - ok
02:13:15.0875 1832  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:13:15.0906 1832  mrxsmb10 - ok
02:13:15.0929 1832  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:13:15.0947 1832  mrxsmb20 - ok
02:13:15.0992 1832  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
02:13:16.0007 1832  msahci - ok
02:13:16.0030 1832  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
02:13:16.0049 1832  msdsm - ok
02:13:16.0070 1832  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
02:13:16.0102 1832  MSDTC - ok
02:13:16.0143 1832  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
02:13:16.0183 1832  Msfs - ok
02:13:16.0199 1832  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
02:13:16.0235 1832  mshidkmdf - ok
02:13:16.0253 1832  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
02:13:16.0265 1832  msisadrv - ok
02:13:16.0296 1832  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
02:13:16.0350 1832  MSiSCSI - ok
02:13:16.0355 1832  msiserver - ok
02:13:16.0387 1832  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
02:13:16.0445 1832  MSKSSRV - ok
02:13:16.0474 1832  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
02:13:16.0511 1832  MSPCLOCK - ok
02:13:16.0541 1832  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
02:13:16.0586 1832  MSPQM - ok
02:13:16.0630 1832  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
02:13:16.0654 1832  MsRPC - ok
02:13:16.0701 1832  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
02:13:16.0713 1832  mssmbios - ok
02:13:16.0728 1832  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
02:13:16.0779 1832  MSTEE - ok
02:13:16.0794 1832  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
02:13:16.0809 1832  MTConfig - ok
02:13:16.0824 1832  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
02:13:16.0836 1832  Mup - ok
02:13:16.0893 1832  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
02:13:16.0962 1832  napagent - ok
02:13:17.0019 1832  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
02:13:17.0059 1832  NativeWifiP - ok
02:13:17.0114 1832  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
02:13:17.0145 1832  NDIS - ok
02:13:17.0186 1832  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
02:13:17.0235 1832  NdisCap - ok
02:13:17.0268 1832  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
02:13:17.0306 1832  NdisTapi - ok
02:13:17.0359 1832  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
02:13:17.0418 1832  Ndisuio - ok
02:13:17.0454 1832  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
02:13:17.0511 1832  NdisWan - ok
02:13:17.0547 1832  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
02:13:17.0582 1832  NDProxy - ok
02:13:17.0622 1832  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
02:13:17.0674 1832  NetBIOS - ok
02:13:17.0715 1832  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
02:13:17.0759 1832  NetBT - ok
02:13:17.0779 1832  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
02:13:17.0791 1832  Netlogon - ok
02:13:17.0838 1832  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
02:13:17.0895 1832  Netman - ok
02:13:17.0920 1832  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
02:13:17.0979 1832  netprofm - ok
02:13:18.0016 1832  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:13:18.0030 1832  NetTcpPortSharing - ok
02:13:18.0166 1832  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
02:13:18.0324 1832  netw5v64 - ok
02:13:18.0358 1832  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
02:13:18.0371 1832  nfrd960 - ok
02:13:18.0417 1832  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
02:13:18.0445 1832  NlaSvc - ok
02:13:18.0478 1832  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
02:13:18.0515 1832  Npfs - ok
02:13:18.0537 1832  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
02:13:18.0593 1832  nsi - ok
02:13:18.0618 1832  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
02:13:18.0665 1832  nsiproxy - ok
02:13:18.0729 1832  [ B8965FB53551B5455630A4B804D0791F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
02:13:18.0774 1832  Ntfs - ok
02:13:18.0804 1832  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
02:13:18.0840 1832  Null - ok
02:13:18.0892 1832  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
02:13:18.0910 1832  nvraid - ok
02:13:18.0930 1832  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
02:13:18.0945 1832  nvstor - ok
02:13:18.0982 1832  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
02:13:18.0995 1832  nv_agp - ok
02:13:19.0040 1832  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
02:13:19.0058 1832  ohci1394 - ok
02:13:19.0093 1832  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:13:19.0122 1832  ose - ok
02:13:19.0342 1832  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
02:13:19.0541 1832  osppsvc - ok
02:13:19.0579 1832  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
02:13:19.0627 1832  p2pimsvc - ok
02:13:19.0651 1832  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
02:13:19.0687 1832  p2psvc - ok
02:13:19.0721 1832  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
02:13:19.0747 1832  Parport - ok
02:13:19.0781 1832  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
02:13:19.0797 1832  partmgr - ok
02:13:19.0818 1832  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
02:13:19.0850 1832  PcaSvc - ok
02:13:19.0876 1832  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
02:13:19.0892 1832  pci - ok
02:13:19.0930 1832  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
02:13:19.0946 1832  pciide - ok
02:13:19.0978 1832  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
02:13:19.0998 1832  pcmcia - ok
02:13:20.0027 1832  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
02:13:20.0043 1832  pcw - ok
02:13:20.0080 1832  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
02:13:20.0141 1832  PEAUTH - ok
02:13:20.0213 1832  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
02:13:20.0249 1832  PerfHost - ok
02:13:20.0321 1832  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
02:13:20.0397 1832  pla - ok
02:13:20.0456 1832  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
02:13:20.0511 1832  PlugPlay - ok
02:13:20.0561 1832  [ A010F13D27C1033A8BE09D5FA9BF348B ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
02:13:20.0610 1832  pneteth - ok
02:13:20.0660 1832  [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm         C:\Windows\system32\DRIVERS\pnetmdm64.sys
02:13:20.0687 1832  pnetmdm - ok
02:13:20.0701 1832  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
02:13:20.0733 1832  PNRPAutoReg - ok
02:13:20.0761 1832  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
02:13:20.0778 1832  PNRPsvc - ok
02:13:20.0819 1832  [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
02:13:20.0829 1832  Point64 - ok
02:13:20.0884 1832  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
02:13:20.0958 1832  PolicyAgent - ok
02:13:20.0985 1832  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
02:13:21.0035 1832  Power - ok
02:13:21.0092 1832  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
02:13:21.0138 1832  PptpMiniport - ok
02:13:21.0167 1832  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
02:13:21.0192 1832  Processor - ok
02:13:21.0236 1832  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
02:13:21.0281 1832  ProfSvc - ok
02:13:21.0290 1832  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:13:21.0302 1832  ProtectedStorage - ok
02:13:21.0352 1832  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
02:13:21.0413 1832  Psched - ok
02:13:21.0504 1832  [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
02:13:21.0511 1832  PST Service ( UnsignedFile.Multi.Generic ) - warning
02:13:21.0511 1832  PST Service - detected UnsignedFile.Multi.Generic (1)
02:13:21.0559 1832  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
02:13:21.0606 1832  ql2300 - ok
02:13:21.0622 1832  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
02:13:21.0639 1832  ql40xx - ok
02:13:21.0672 1832  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
02:13:21.0715 1832  QWAVE - ok
02:13:21.0738 1832  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
02:13:21.0769 1832  QWAVEdrv - ok
02:13:21.0790 1832  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
02:13:21.0841 1832  RasAcd - ok
02:13:21.0875 1832  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
02:13:21.0912 1832  RasAgileVpn - ok
02:13:21.0923 1832  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
02:13:21.0982 1832  RasAuto - ok
02:13:22.0014 1832  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
02:13:22.0062 1832  Rasl2tp - ok
02:13:22.0118 1832  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
02:13:22.0169 1832  RasMan - ok
02:13:22.0196 1832  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
02:13:22.0250 1832  RasPppoe - ok
02:13:22.0286 1832  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
02:13:22.0335 1832  RasSstp - ok
02:13:22.0378 1832  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
02:13:22.0427 1832  rdbss - ok
02:13:22.0451 1832  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
02:13:22.0485 1832  rdpbus - ok
02:13:22.0513 1832  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
02:13:22.0568 1832  RDPCDD - ok
02:13:22.0604 1832  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
02:13:22.0658 1832  RDPENCDD - ok
02:13:22.0685 1832  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
02:13:22.0725 1832  RDPREFMP - ok
02:13:22.0776 1832  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
02:13:22.0823 1832  RdpVideoMiniport - ok
02:13:22.0869 1832  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
02:13:22.0901 1832  RDPWD - ok
02:13:22.0943 1832  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
02:13:22.0963 1832  rdyboost - ok
02:13:23.0061 1832  [ 1B89CF5B5C12F5DA383DFFFD4F3D6667 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
02:13:23.0073 1832  RealNetworks Downloader Resolver Service - ok
02:13:23.0167 1832  [ EA569D48B2E755AF6D96F03F3335D98A ] Realtek11nCU    C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
02:13:23.0172 1832  Realtek11nCU ( UnsignedFile.Multi.Generic ) - warning
02:13:23.0172 1832  Realtek11nCU - detected UnsignedFile.Multi.Generic (1)
02:13:23.0222 1832  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
02:13:23.0288 1832  RemoteAccess - ok
02:13:23.0323 1832  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
02:13:23.0369 1832  RemoteRegistry - ok
02:13:23.0424 1832  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
02:13:23.0467 1832  ROOTMODEM - ok
02:13:23.0483 1832  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
02:13:23.0525 1832  RpcEptMapper - ok
02:13:23.0540 1832  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
02:13:23.0568 1832  RpcLocator - ok
02:13:23.0610 1832  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
02:13:23.0652 1832  RpcSs - ok
02:13:23.0679 1832  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
02:13:23.0735 1832  rspndr - ok
02:13:23.0779 1832  [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
02:13:23.0799 1832  RSUSBSTOR - ok
02:13:23.0851 1832  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
02:13:23.0875 1832  RTL8167 - ok
02:13:23.0932 1832  [ 665BA29357882A8C5980B15B3A0123A4 ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
02:13:23.0974 1832  RTL8192cu - ok
02:13:24.0035 1832  [ 5FFF3E71B4724BB10918FD6DD7413D99 ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
02:13:24.0057 1832  RtVOsdService ( UnsignedFile.Multi.Generic ) - warning
02:13:24.0057 1832  RtVOsdService - detected UnsignedFile.Multi.Generic (1)
02:13:24.0073 1832  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
02:13:24.0089 1832  SamSs - ok
02:13:24.0162 1832  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
02:13:24.0175 1832  SASDIFSV - ok
02:13:24.0207 1832  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
02:13:24.0219 1832  SASKUTIL - ok
02:13:24.0260 1832  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
02:13:24.0277 1832  sbp2port - ok
02:13:24.0287 1832  SBRE - ok
02:13:24.0333 1832  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
02:13:24.0374 1832  SCardSvr - ok
02:13:24.0407 1832  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
02:13:24.0453 1832  scfilter - ok
02:13:24.0511 1832  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
02:13:24.0581 1832  Schedule - ok
02:13:24.0612 1832  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
02:13:24.0653 1832  SCPolicySvc - ok
02:13:24.0699 1832  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
02:13:24.0735 1832  sdbus - ok
02:13:24.0774 1832  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
02:13:24.0825 1832  SDRSVC - ok
02:13:24.0864 1832  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
02:13:24.0927 1832  secdrv - ok
02:13:24.0971 1832  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
02:13:25.0022 1832  seclogon - ok
02:13:25.0061 1832  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
02:13:25.0129 1832  SENS - ok
02:13:25.0163 1832  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
02:13:25.0212 1832  SensrSvc - ok
02:13:25.0248 1832  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
02:13:25.0283 1832  Serenum - ok
02:13:25.0317 1832  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
02:13:25.0331 1832  Serial - ok
02:13:25.0386 1832  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
02:13:25.0414 1832  sermouse - ok
02:13:25.0478 1832  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
02:13:25.0551 1832  SessionEnv - ok
02:13:25.0585 1832  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
02:13:25.0600 1832  sffdisk - ok
02:13:25.0606 1832  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
02:13:25.0622 1832  sffp_mmc - ok
02:13:25.0629 1832  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
02:13:25.0657 1832  sffp_sd - ok
02:13:25.0703 1832  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
02:13:25.0717 1832  sfloppy - ok
02:13:25.0771 1832  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
02:13:25.0796 1832  Sftfs - ok
02:13:25.0860 1832  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
02:13:25.0884 1832  sftlist - ok
02:13:25.0924 1832  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
02:13:25.0939 1832  Sftplay - ok
02:13:25.0965 1832  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
02:13:25.0974 1832  Sftredir - ok
02:13:25.0994 1832  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
02:13:26.0003 1832  Sftvol - ok
02:13:26.0032 1832  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
02:13:26.0045 1832  sftvsa - ok
02:13:26.0129 1832  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
02:13:26.0204 1832  SharedAccess - ok
02:13:26.0245 1832  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:13:26.0306 1832  ShellHWDetection - ok
02:13:26.0345 1832  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:13:26.0357 1832  SiSRaid2 - ok
02:13:26.0383 1832  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
02:13:26.0396 1832  SiSRaid4 - ok
02:13:26.0428 1832  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
02:13:26.0467 1832  Smb - ok
02:13:26.0500 1832  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
02:13:26.0533 1832  SNMPTRAP - ok
02:13:26.0638 1832  [ C8DCA332B3B49E04B3AD215F9B95071E ] SophosVirusRemovalTool C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
02:13:26.0655 1832  SophosVirusRemovalTool - ok
02:13:26.0726 1832  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
02:13:26.0743 1832  speedfan - ok
02:13:26.0770 1832  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
02:13:26.0781 1832  spldr - ok
02:13:26.0836 1832  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
02:13:26.0875 1832  Spooler - ok
02:13:26.0979 1832  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
02:13:27.0070 1832  sppsvc - ok
02:13:27.0107 1832  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
02:13:27.0146 1832  sppuinotify - ok
02:13:27.0178 1832  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
02:13:27.0234 1832  srv - ok
02:13:27.0258 1832  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
02:13:27.0280 1832  srv2 - ok
02:13:27.0319 1832  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
02:13:27.0336 1832  SrvHsfHDA - ok
02:13:27.0383 1832  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
02:13:27.0441 1832  SrvHsfV92 - ok
02:13:27.0476 1832  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
02:13:27.0502 1832  SrvHsfWinac - ok
02:13:27.0533 1832  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
02:13:27.0558 1832  srvnet - ok
02:13:27.0715 1832  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
02:13:27.0774 1832  SSDPSRV - ok
02:13:27.0798 1832  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
02:13:27.0837 1832  SstpSvc - ok
02:13:27.0859 1832  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
02:13:27.0871 1832  stexstor - ok
02:13:27.0939 1832  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
02:13:27.0987 1832  stisvc - ok
02:13:28.0032 1832  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
02:13:28.0045 1832  swenum - ok
02:13:28.0064 1832  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
02:13:28.0121 1832  swprv - ok
02:13:28.0181 1832  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
02:13:28.0203 1832  SynTP - ok
02:13:28.0258 1832  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
02:13:28.0319 1832  SysMain - ok
02:13:28.0358 1832  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:13:28.0392 1832  TabletInputService - ok
02:13:28.0433 1832  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
02:13:28.0485 1832  TapiSrv - ok
02:13:28.0519 1832  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
02:13:28.0559 1832  TBS - ok
02:13:28.0638 1832  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
02:13:28.0690 1832  Tcpip - ok
02:13:28.0726 1832  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
02:13:28.0770 1832  TCPIP6 - ok
02:13:28.0810 1832  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
02:13:28.0825 1832  tcpipreg - ok
02:13:28.0864 1832  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
02:13:28.0907 1832  TDPIPE - ok
02:13:28.0936 1832  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
02:13:28.0969 1832  TDTCP - ok
02:13:29.0007 1832  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
02:13:29.0046 1832  tdx - ok
02:13:29.0084 1832  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
02:13:29.0096 1832  TermDD - ok
02:13:29.0148 1832  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
02:13:29.0200 1832  TermService - ok
02:13:29.0226 1832  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
02:13:29.0262 1832  Themes - ok
02:13:29.0296 1832  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
02:13:29.0335 1832  THREADORDER - ok
02:13:29.0351 1832  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
02:13:29.0406 1832  TrkWks - ok
02:13:29.0478 1832  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:13:29.0521 1832  TrustedInstaller - ok
02:13:29.0566 1832  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
02:13:29.0629 1832  tssecsrv - ok
02:13:29.0689 1832  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
02:13:29.0744 1832  TsUsbFlt - ok
02:13:29.0792 1832  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
02:13:29.0838 1832  tunnel - ok
02:13:29.0866 1832  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
02:13:29.0879 1832  uagp35 - ok
02:13:29.0921 1832  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
02:13:29.0968 1832  udfs - ok
02:13:30.0003 1832  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
02:13:30.0029 1832  UI0Detect - ok
02:13:30.0053 1832  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
02:13:30.0067 1832  uliagpkx - ok
02:13:30.0122 1832  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
02:13:30.0151 1832  umbus - ok
02:13:30.0188 1832  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
02:13:30.0250 1832  UmPass - ok
02:13:30.0279 1832  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
02:13:30.0346 1832  upnphost - ok
02:13:30.0406 1832  [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
02:13:30.0433 1832  USBAAPL64 - ok
02:13:30.0469 1832  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
02:13:30.0495 1832  usbccgp - ok
02:13:30.0528 1832  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
02:13:30.0550 1832  usbcir - ok
02:13:30.0588 1832  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
02:13:30.0603 1832  usbehci - ok
02:13:30.0649 1832  [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
02:13:30.0659 1832  usbfilter - ok
02:13:30.0679 1832  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
02:13:30.0695 1832  usbhub - ok
02:13:30.0729 1832  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
02:13:30.0743 1832  usbohci - ok
02:13:30.0770 1832  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
02:13:30.0803 1832  usbprint - ok
02:13:30.0824 1832  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:13:30.0867 1832  USBSTOR - ok
02:13:30.0886 1832  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
02:13:30.0912 1832  usbuhci - ok
02:13:30.0965 1832  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
02:13:31.0003 1832  usbvideo - ok
02:13:31.0042 1832  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
02:13:31.0107 1832  UxSms - ok
02:13:31.0131 1832  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
02:13:31.0143 1832  VaultSvc - ok
02:13:31.0199 1832  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
02:13:31.0215 1832  vdrvroot - ok
02:13:31.0266 1832  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
02:13:31.0319 1832  vds - ok
02:13:31.0347 1832  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
02:13:31.0362 1832  vga - ok
02:13:31.0383 1832  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
02:13:31.0434 1832  VgaSave - ok
02:13:31.0460 1832  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
02:13:31.0475 1832  vhdmp - ok
02:13:31.0494 1832  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
02:13:31.0505 1832  viaide - ok
02:13:31.0528 1832  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
02:13:31.0540 1832  volmgr - ok
02:13:31.0587 1832  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
02:13:31.0604 1832  volmgrx - ok
02:13:31.0623 1832  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
02:13:31.0640 1832  volsnap - ok
02:13:31.0664 1832  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
02:13:31.0678 1832  vsmraid - ok
02:13:31.0740 1832  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
02:13:31.0804 1832  VSS - ok
02:13:31.0819 1832  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
02:13:31.0844 1832  vwifibus - ok
02:13:31.0878 1832  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
02:13:31.0914 1832  vwififlt - ok
02:13:31.0949 1832  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
02:13:31.0966 1832  vwifimp - ok
02:13:31.0989 1832  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
02:13:32.0033 1832  W32Time - ok
02:13:32.0067 1832  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
02:13:32.0094 1832  WacomPen - ok
02:13:32.0145 1832  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
02:13:32.0180 1832  WANARP - ok
02:13:32.0189 1832  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
02:13:32.0224 1832  Wanarpv6 - ok
02:13:32.0296 1832  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
02:13:32.0339 1832  WatAdminSvc - ok
02:13:32.0396 1832  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
02:13:32.0449 1832  wbengine - ok
02:13:32.0491 1832  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
02:13:32.0513 1832  WbioSrvc - ok
02:13:32.0552 1832  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
02:13:32.0590 1832  wcncsvc - ok
02:13:32.0606 1832  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:13:32.0622 1832  WcsPlugInService - ok
02:13:32.0653 1832  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
02:13:32.0666 1832  Wd - ok
02:13:32.0718 1832  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
02:13:32.0739 1832  WDC_SAM - ok
02:13:32.0787 1832  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
02:13:32.0826 1832  Wdf01000 - ok
02:13:32.0844 1832  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
02:13:32.0936 1832  WdiServiceHost - ok
02:13:32.0941 1832  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
02:13:32.0964 1832  WdiSystemHost - ok
02:13:33.0007 1832  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
02:13:33.0049 1832  WebClient - ok
02:13:33.0086 1832  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
02:13:33.0149 1832  Wecsvc - ok
02:13:33.0176 1832  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
02:13:33.0216 1832  wercplsupport - ok
02:13:33.0240 1832  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
02:13:33.0281 1832  WerSvc - ok
02:13:33.0312 1832  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
02:13:33.0354 1832  WfpLwf - ok
02:13:33.0368 1832  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
02:13:33.0379 1832  WIMMount - ok
02:13:33.0399 1832  WinDefend - ok
02:13:33.0407 1832  WinHttpAutoProxySvc - ok
02:13:33.0457 1832  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
02:13:33.0512 1832  Winmgmt - ok
02:13:33.0584 1832  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
02:13:33.0680 1832  WinRM - ok
02:13:33.0753 1832  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
02:13:33.0787 1832  WinUsb - ok
02:13:33.0841 1832  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
02:13:33.0883 1832  Wlansvc - ok
02:13:33.0958 1832  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:13:33.0971 1832  wlcrasvc - ok
02:13:34.0106 1832  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:13:34.0169 1832  wlidsvc - ok
02:13:34.0224 1832  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
02:13:34.0248 1832  WmiAcpi - ok
02:13:34.0282 1832  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
02:13:34.0314 1832  wmiApSrv - ok
02:13:34.0365 1832  WMPNetworkSvc - ok
02:13:34.0387 1832  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
02:13:34.0405 1832  WPCSvc - ok
02:13:34.0443 1832  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
02:13:34.0461 1832  WPDBusEnum - ok
02:13:34.0487 1832  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
02:13:34.0537 1832  ws2ifsl - ok
02:13:34.0577 1832  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
02:13:34.0612 1832  wscsvc - ok
02:13:34.0641 1832  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
02:13:34.0677 1832  WSDPrintDevice - ok
02:13:34.0682 1832  WSearch - ok
02:13:34.0760 1832  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
02:13:34.0817 1832  wuauserv - ok
02:13:34.0860 1832  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
02:13:34.0900 1832  WudfPf - ok
02:13:34.0912 1832  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
02:13:34.0926 1832  WUDFRd - ok
02:13:34.0965 1832  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
02:13:34.0991 1832  wudfsvc - ok
02:13:35.0020 1832  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
02:13:35.0043 1832  WwanSvc - ok
02:13:35.0104 1832  [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
02:13:35.0115 1832  xusb21 - ok
02:13:35.0199 1832  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
02:13:35.0241 1832  YahooAUService - ok
02:13:35.0274 1832  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
02:13:35.0295 1832  yukonw7 - ok
02:13:35.0382 1832  ================ Scan global ===============================
02:13:35.0401 1832  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
02:13:35.0448 1832  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
02:13:35.0457 1832  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
02:13:35.0484 1832  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
02:13:35.0510 1832  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
02:13:35.0515 1832  [Global] - ok
02:13:35.0516 1832  ================ Scan MBR ==================================
02:13:35.0527 1832  [ 4F9F08F89DA942D1783FF7D53BFF4649 ] \Device\Harddisk0\DR0
02:13:35.0748 1832  \Device\Harddisk0\DR0 - ok
02:13:35.0757 1832  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
02:13:35.0929 1832  \Device\Harddisk1\DR1 - ok
02:13:35.0929 1832  ================ Scan VBR ==================================
02:13:35.0934 1832  [ C8FC8F64DCFA90E3AAC5AE67571E5E9F ] \Device\Harddisk0\DR0\Partition1
02:13:35.0936 1832  \Device\Harddisk0\DR0\Partition1 - ok
02:13:35.0970 1832  [ 7E4EC71BBF90BB402D50A5A751DD372E ] \Device\Harddisk0\DR0\Partition2
02:13:35.0972 1832  \Device\Harddisk0\DR0\Partition2 - ok
02:13:36.0001 1832  [ 20C381B9CA6147C657CC52E85F40221B ] \Device\Harddisk0\DR0\Partition3
02:13:36.0003 1832  \Device\Harddisk0\DR0\Partition3 - ok
02:13:36.0022 1832  [ 62C527C37A548E74A61AC1A49422AAE5 ] \Device\Harddisk0\DR0\Partition4
02:13:36.0023 1832  \Device\Harddisk0\DR0\Partition4 - ok
02:13:36.0030 1832  [ F3702BB6F5E5716EF260583DB806926E ] \Device\Harddisk1\DR1\Partition1
02:13:36.0032 1832  \Device\Harddisk1\DR1\Partition1 - ok
02:13:36.0036 1832  ================ Scan active images ========================
02:13:36.0040 1832  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
02:13:36.0040 1832  C:\Windows\System32\drivers\crashdmp.sys - ok
02:13:36.0050 1832  [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
02:13:36.0050 1832  C:\Windows\System32\drivers\Diskdump.sys - ok
02:13:36.0059 1832  [ 53D8D46D51D390ABDB54ECA623165CB7 ] C:\Windows\System32\drivers\amdsata.sys
02:13:36.0059 1832  C:\Windows\System32\drivers\amdsata.sys - ok
02:13:36.0068 1832  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
02:13:36.0068 1832  C:\Windows\System32\drivers\dumpfve.sys - ok
02:13:36.0076 1832  [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys
02:13:36.0076 1832  C:\Windows\System32\drivers\dtsoftbus01.sys - ok
02:13:36.0083 1832  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
02:13:36.0083 1832  C:\Windows\System32\drivers\beep.sys - ok
02:13:36.0090 1832  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
02:13:36.0090 1832  C:\Windows\System32\drivers\cdrom.sys - ok
02:13:36.0097 1832  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
02:13:36.0097 1832  C:\Windows\System32\drivers\null.sys - ok
02:13:36.0104 1832  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
02:13:36.0104 1832  C:\Windows\System32\drivers\RDPCDD.sys - ok
02:13:36.0112 1832  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
02:13:36.0112 1832  C:\Windows\System32\drivers\RDPENCDD.sys - ok
02:13:36.0119 1832  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
02:13:36.0119 1832  C:\Windows\System32\drivers\vga.sys - ok
02:13:36.0126 1832  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
02:13:36.0126 1832  C:\Windows\System32\drivers\videoprt.sys - ok
02:13:36.0133 1832  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
02:13:36.0133 1832  C:\Windows\System32\drivers\watchdog.sys - ok
02:13:36.0140 1832  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
02:13:36.0140 1832  C:\Windows\System32\drivers\msfs.sys - ok
02:13:36.0147 1832  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
02:13:36.0147 1832  C:\Windows\System32\drivers\RDPREFMP.sys - ok
02:13:36.0154 1832  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
02:13:36.0154 1832  C:\Windows\System32\drivers\npfs.sys - ok
02:13:36.0161 1832  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
02:13:36.0161 1832  C:\Windows\System32\drivers\tdi.sys - ok
02:13:36.0168 1832  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
02:13:36.0168 1832  C:\Windows\System32\drivers\tdx.sys - ok
02:13:36.0175 1832  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
02:13:36.0175 1832  C:\Windows\System32\drivers\afd.sys - ok
02:13:36.0182 1832  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
02:13:36.0182 1832  C:\Windows\System32\drivers\netbt.sys - ok
02:13:36.0189 1832  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
02:13:36.0189 1832  C:\Windows\System32\drivers\wfplwf.sys - ok
02:13:36.0196 1832  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
02:13:36.0196 1832  C:\Windows\System32\drivers\ws2ifsl.sys - ok
02:13:36.0204 1832  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
02:13:36.0204 1832  C:\Windows\System32\drivers\pacer.sys - ok
02:13:36.0211 1832  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
02:13:36.0211 1832  C:\Windows\System32\drivers\vwififlt.sys - ok
02:13:36.0218 1832  [ 040FF3B09F26926A3792E047DB0F47DD ] C:\Windows\System32\drivers\cnnctfy2.sys
02:13:36.0218 1832  C:\Windows\System32\drivers\cnnctfy2.sys - ok
02:13:36.0226 1832  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
02:13:36.0226 1832  C:\Windows\System32\drivers\netbios.sys - ok
02:13:36.0234 1832  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
02:13:36.0234 1832  C:\Windows\System32\drivers\wanarp.sys - ok
02:13:36.0241 1832  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
02:13:36.0241 1832  C:\Windows\System32\drivers\termdd.sys - ok
02:13:36.0248 1832  [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
02:13:36.0248 1832  C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
02:13:36.0255 1832  [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
02:13:36.0256 1832  C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
02:13:36.0264 1832  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
02:13:36.0264 1832  C:\Windows\System32\drivers\rdbss.sys - ok
02:13:36.0270 1832  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
02:13:36.0270 1832  C:\Windows\System32\drivers\blbdrive.sys - ok
02:13:36.0277 1832  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
02:13:36.0277 1832  C:\Windows\System32\drivers\dfsc.sys - ok
02:13:36.0284 1832  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
02:13:36.0284 1832  C:\Windows\System32\drivers\discache.sys - ok
02:13:36.0288 1832  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
02:13:36.0288 1832  C:\Windows\System32\drivers\mssmbios.sys - ok
02:13:36.0297 1832  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
02:13:36.0297 1832  C:\Windows\System32\drivers\nsiproxy.sys - ok
02:13:36.0303 1832  [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
02:13:36.0303 1832  C:\Windows\System32\drivers\amdppm.sys - ok
02:13:36.0309 1832  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
02:13:36.0310 1832  C:\Windows\System32\drivers\tunnel.sys - ok
02:13:36.0318 1832  [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
02:13:36.0318 1832  C:\Windows\System32\smss.exe - ok
02:13:36.0325 1832  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
02:13:36.0325 1832  C:\Windows\System32\ntdll.dll - ok
02:13:36.0331 1832  [ EF7382689D3B17AC2983202E7A40AB45 ] C:\Windows\System32\drivers\atikmpag.sys
02:13:36.0332 1832  C:\Windows\System32\drivers\atikmpag.sys - ok
02:13:36.0339 1832  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
02:13:36.0339 1832  C:\Windows\System32\autochk.exe - ok
02:13:36.0347 1832  [ 2C9C4824664C61351FF1E0169262D026 ] C:\Windows\System32\drivers\atikmdag.sys
02:13:36.0347 1832  C:\Windows\System32\drivers\atikmdag.sys - ok
02:13:36.0353 1832  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
02:13:36.0353 1832  C:\Windows\System32\drivers\fastfat.sys - ok
02:13:36.0360 1832  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
02:13:36.0360 1832  C:\Windows\System32\drivers\dxgkrnl.sys - ok
02:13:36.0368 1832  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
02:13:36.0368 1832  C:\Windows\System32\drivers\dxgmms1.sys - ok
02:13:36.0376 1832  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
02:13:36.0376 1832  C:\Windows\System32\drivers\hdaudbus.sys - ok
02:13:36.0383 1832  [ B4421D8CDADC441F76BA39532A3E3414 ] C:\Windows\System32\drivers\athrx.sys
02:13:36.0383 1832  C:\Windows\System32\drivers\athrx.sys - ok
02:13:36.0390 1832  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
02:13:36.0390 1832  C:\Windows\System32\drivers\vwifibus.sys - ok
02:13:36.0398 1832  [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
02:13:36.0398 1832  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
02:13:36.0404 1832  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
02:13:36.0404 1832  C:\Windows\System32\drivers\Rt64win7.sys - ok
02:13:36.0411 1832  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
02:13:36.0411 1832  C:\Windows\System32\advapi32.dll - ok
02:13:36.0419 1832  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
02:13:36.0419 1832  C:\Windows\System32\imm32.dll - ok
02:13:36.0427 1832  [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
02:13:36.0427 1832  C:\Windows\System32\drivers\usbohci.sys - ok
02:13:36.0434 1832  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
02:13:36.0434 1832  C:\Windows\System32\drivers\usbport.sys - ok
02:13:36.0441 1832  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
02:13:36.0441 1832  C:\Windows\System32\drivers\usbehci.sys - ok
02:13:36.0448 1832  [ 2C780746DC44A28FE67004DC58173F05 ] C:\Windows\System32\drivers\usbfilter.sys
02:13:36.0448 1832  C:\Windows\System32\drivers\usbfilter.sys - ok
02:13:36.0455 1832  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
02:13:36.0455 1832  C:\Windows\System32\drivers\i8042prt.sys - ok
02:13:36.0462 1832  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
02:13:36.0462 1832  C:\Windows\System32\drivers\kbdclass.sys - ok
02:13:36.0469 1832  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
02:13:36.0469 1832  C:\Windows\System32\drivers\usbd.sys - ok
02:13:36.0476 1832  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] C:\Windows\System32\drivers\SynTP.sys
02:13:36.0476 1832  C:\Windows\System32\drivers\SynTP.sys - ok
02:13:36.0483 1832  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
02:13:36.0483 1832  C:\Windows\System32\drivers\CmBatt.sys - ok
02:13:36.0490 1832  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
02:13:36.0490 1832  C:\Windows\System32\drivers\mouclass.sys - ok
02:13:36.0499 1832  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
02:13:36.0499 1832  C:\Windows\System32\drivers\wmiacpi.sys - ok
02:13:36.0506 1832  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
02:13:36.0506 1832  C:\Windows\System32\drivers\agilevpn.sys - ok
02:13:36.0513 1832  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
02:13:36.0514 1832  C:\Windows\System32\drivers\CompositeBus.sys - ok
02:13:36.0521 1832  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
02:13:36.0521 1832  C:\Windows\System32\drivers\ndistapi.sys - ok
02:13:36.0527 1832  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
02:13:36.0527 1832  C:\Windows\System32\drivers\rasl2tp.sys - ok
02:13:36.0534 1832  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
02:13:36.0534 1832  C:\Windows\System32\drivers\ndiswan.sys - ok
02:13:36.0538 1832  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
02:13:36.0538 1832  C:\Windows\System32\drivers\raspppoe.sys - ok
02:13:36.0545 1832  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
02:13:36.0545 1832  C:\Windows\System32\drivers\raspptp.sys - ok
02:13:36.0554 1832  [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
02:13:36.0554 1832  C:\Windows\System32\drivers\modem.sys - ok
02:13:36.0560 1832  [ A010F13D27C1033A8BE09D5FA9BF348B ] C:\Windows\System32\drivers\pneteth.sys
02:13:36.0560 1832  C:\Windows\System32\drivers\pneteth.sys - ok
02:13:36.0567 1832  [ 06841F5CD8410B6BDC0B5A631B8F8787 ] C:\Windows\System32\drivers\pnetmdm64.sys
02:13:36.0567 1832  C:\Windows\System32\drivers\pnetmdm64.sys - ok
02:13:36.0574 1832  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
02:13:36.0574 1832  C:\Windows\System32\drivers\rassstp.sys - ok
02:13:36.0581 1832  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
02:13:36.0581 1832  C:\Windows\System32\drivers\ks.sys - ok
02:13:36.0588 1832  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
02:13:36.0588 1832  C:\Windows\System32\drivers\swenum.sys - ok
02:13:36.0595 1832  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
02:13:36.0595 1832  C:\Windows\System32\drivers\umbus.sys - ok
02:13:36.0601 1832  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
02:13:36.0602 1832  C:\Windows\System32\psapi.dll - ok
02:13:36.0608 1832  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
02:13:36.0608 1832  C:\Windows\System32\clbcatq.dll - ok
02:13:36.0614 1832  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
02:13:36.0614 1832  C:\Windows\System32\shlwapi.dll - ok
02:13:36.0621 1832  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
02:13:36.0621 1832  C:\Windows\System32\shell32.dll - ok
02:13:36.0627 1832  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
02:13:36.0627 1832  C:\Windows\System32\setupapi.dll - ok
02:13:36.0634 1832  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
02:13:36.0634 1832  C:\Windows\System32\drivers\usbhub.sys - ok
02:13:36.0641 1832  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
02:13:36.0641 1832  C:\Windows\System32\drivers\ndproxy.sys - ok
02:13:36.0648 1832  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
02:13:36.0648 1832  C:\Windows\System32\drivers\drmk.sys - ok
02:13:36.0655 1832  [ 2D648572BA9A610952FCAFBA1E119C2D ] C:\Windows\System32\drivers\AtiHdmi.sys
02:13:36.0655 1832  C:\Windows\System32\drivers\AtiHdmi.sys - ok
02:13:36.0661 1832  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
02:13:36.0661 1832  C:\Windows\System32\drivers\ksthunk.sys - ok
02:13:36.0668 1832  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
02:13:36.0668 1832  C:\Windows\System32\drivers\portcls.sys - ok
02:13:36.0675 1832  [ B88E24BD77A0CE2CFFEE2FACF1151BE0 ] C:\Windows\System32\drivers\RTKVHD64.sys
02:13:36.0675 1832  C:\Windows\System32\drivers\RTKVHD64.sys - ok
02:13:36.0681 1832  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
02:13:36.0681 1832  C:\Windows\System32\msvcrt.dll - ok
02:13:36.0688 1832  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
02:13:36.0688 1832  C:\Windows\System32\rpcrt4.dll - ok
02:13:36.0695 1832  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
02:13:36.0695 1832  C:\Windows\System32\Wldap32.dll - ok
02:13:36.0701 1832  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
02:13:36.0701 1832  C:\Windows\System32\comdlg32.dll - ok
02:13:36.0708 1832  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
02:13:36.0708 1832  C:\Windows\System32\sechost.dll - ok
02:13:36.0714 1832  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
02:13:36.0714 1832  C:\Windows\System32\user32.dll - ok
02:13:36.0721 1832  [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
02:13:36.0721 1832  C:\Windows\System32\urlmon.dll - ok
02:13:36.0727 1832  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
02:13:36.0728 1832  C:\Windows\System32\ws2_32.dll - ok
02:13:36.0734 1832  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
02:13:36.0734 1832  C:\Windows\System32\kernel32.dll - ok
02:13:36.0741 1832  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
02:13:36.0741 1832  C:\Windows\System32\drivers\usbccgp.sys - ok
02:13:36.0748 1832  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
02:13:36.0748 1832  C:\Windows\System32\drivers\USBSTOR.SYS - ok
02:13:36.0755 1832  [ FE88B288356E7B47B74B13372ADD906D ] C:\Windows\System32\drivers\winusb.sys
02:13:36.0755 1832  C:\Windows\System32\drivers\winusb.sys - ok
02:13:36.0763 1832  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
02:13:36.0763 1832  C:\Windows\System32\drivers\hidparse.sys - ok
02:13:36.0769 1832  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
02:13:36.0769 1832  C:\Windows\System32\drivers\hidclass.sys - ok
02:13:36.0775 1832  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
02:13:36.0775 1832  C:\Windows\System32\drivers\hidusb.sys - ok
02:13:36.0782 1832  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
02:13:36.0782 1832  C:\Windows\System32\drivers\usbvideo.sys - ok
02:13:36.0789 1832  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
02:13:36.0789 1832  C:\Windows\System32\drivers\mouhid.sys - ok
02:13:36.0793 1832  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
02:13:36.0793 1832  C:\Windows\System32\drivers\kbdhid.sys - ok
02:13:36.0799 1832  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
02:13:36.0799 1832  C:\Windows\System32\msctf.dll - ok
02:13:36.0806 1832  [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
02:13:36.0806 1832  C:\Windows\System32\wininet.dll - ok
02:13:36.0812 1832  [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
02:13:36.0813 1832  C:\Windows\System32\iertutil.dll - ok
02:13:36.0819 1832  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
02:13:36.0819 1832  C:\Windows\System32\normaliz.dll - ok
02:13:36.0826 1832  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
02:13:36.0826 1832  C:\Windows\System32\gdi32.dll - ok
02:13:36.0832 1832  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
02:13:36.0833 1832  C:\Windows\System32\imagehlp.dll - ok
02:13:36.0839 1832  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
02:13:36.0839 1832  C:\Windows\System32\difxapi.dll - ok
02:13:36.0846 1832  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
02:13:36.0846 1832  C:\Windows\System32\lpk.dll - ok
02:13:36.0852 1832  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
02:13:36.0853 1832  C:\Windows\System32\ole32.dll - ok
02:13:36.0859 1832  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
02:13:36.0859 1832  C:\Windows\System32\oleaut32.dll - ok
02:13:36.0865 1832  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
02:13:36.0865 1832  C:\Windows\System32\nsi.dll - ok
02:13:36.0872 1832  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
02:13:36.0872 1832  C:\Windows\System32\usp10.dll - ok
02:13:36.0879 1832  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
02:13:36.0879 1832  C:\Windows\System32\cfgmgr32.dll - ok
02:13:36.0886 1832  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
02:13:36.0886 1832  C:\Windows\System32\devobj.dll - ok
02:13:36.0892 1832  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
02:13:36.0892 1832  C:\Windows\System32\wintrust.dll - ok
02:13:36.0898 1832  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
02:13:36.0898 1832  C:\Windows\System32\crypt32.dll - ok
02:13:36.0907 1832  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
02:13:36.0907 1832  C:\Windows\System32\KernelBase.dll - ok
02:13:36.0913 1832  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
02:13:36.0913 1832  C:\Windows\System32\comctl32.dll - ok
02:13:36.0920 1832  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
02:13:36.0920 1832  C:\Windows\System32\msasn1.dll - ok
02:13:36.0927 1832  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
02:13:36.0927 1832  C:\Windows\SysWOW64\normaliz.dll - ok
02:13:36.0933 1832  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
02:13:36.0933 1832  C:\Windows\System32\drivers\dxapi.sys - ok
02:13:36.0940 1832  [ 86F96630D28523F1C402C783F046DEF1 ] C:\Windows\System32\win32k.sys
02:13:36.0940 1832  C:\Windows\System32\win32k.sys - ok
02:13:36.0947 1832  [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
02:13:36.0947 1832  C:\Windows\System32\csrsrv.dll - ok
02:13:36.0953 1832  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
02:13:36.0953 1832  C:\Windows\System32\csrss.exe - ok
02:13:36.0960 1832  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
02:13:36.0960 1832  C:\Windows\System32\basesrv.dll - ok
02:13:36.0966 1832  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
02:13:36.0966 1832  C:\Windows\System32\winsrv.dll - ok
02:13:36.0973 1832  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
02:13:36.0973 1832  C:\Windows\System32\drivers\monitor.sys - ok
02:13:36.0979 1832  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
02:13:36.0979 1832  C:\Windows\System32\sxssrv.dll - ok
02:13:36.0986 1832  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
02:13:36.0986 1832  C:\Windows\System32\tsddd.dll - ok
02:13:36.0993 1832  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
02:13:36.0993 1832  C:\Windows\System32\profapi.dll - ok
02:13:36.0999 1832  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
02:13:36.0999 1832  C:\Windows\System32\wininit.exe - ok
02:13:37.0007 1832  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
02:13:37.0007 1832  C:\Windows\System32\cdd.dll - ok
02:13:37.0013 1832  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
02:13:37.0013 1832  C:\Windows\System32\KBDUS.DLL - ok
02:13:37.0020 1832  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
02:13:37.0020 1832  C:\Windows\System32\RpcRtRemote.dll - ok
02:13:37.0028 1832  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
02:13:37.0028 1832  C:\Windows\System32\WlS0WndH.dll - ok
02:13:37.0034 1832  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
02:13:37.0034 1832  C:\Windows\System32\sxs.dll - ok
02:13:37.0041 1832  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
02:13:37.0042 1832  C:\Windows\System32\cryptbase.dll - ok
02:13:37.0045 1832  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
02:13:37.0045 1832  C:\Windows\System32\apphelp.dll - ok
02:13:37.0053 1832  [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
02:13:37.0053 1832  C:\Windows\System32\lsasrv.dll - ok
02:13:37.0061 1832  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
02:13:37.0061 1832  C:\Windows\System32\lsass.exe - ok
02:13:37.0067 1832  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
02:13:37.0067 1832  C:\Windows\System32\lsm.exe - ok
02:13:37.0074 1832  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
02:13:37.0074 1832  C:\Windows\System32\services.exe - ok
02:13:37.0081 1832  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
02:13:37.0081 1832  C:\Windows\System32\sspisrv.dll - ok
02:13:37.0087 1832  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
02:13:37.0087 1832  C:\Windows\System32\sspicli.dll - ok
02:13:37.0094 1832  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
02:13:37.0094 1832  C:\Windows\System32\sysntfy.dll - ok
02:13:37.0101 1832  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
02:13:37.0101 1832  C:\Windows\System32\wmsgapi.dll - ok
02:13:37.0108 1832  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
02:13:37.0108 1832  C:\Windows\System32\scesrv.dll - ok
02:13:37.0114 1832  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
02:13:37.0114 1832  C:\Windows\System32\scext.dll - ok
02:13:37.0121 1832  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
02:13:37.0121 1832  C:\Windows\System32\secur32.dll - ok
02:13:37.0127 1832  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
02:13:37.0127 1832  C:\Windows\System32\samsrv.dll - ok
02:13:37.0134 1832  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
02:13:37.0134 1832  C:\Windows\System32\srvcli.dll - ok
02:13:37.0141 1832  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
02:13:37.0141 1832  C:\Windows\System32\cryptdll.dll - ok
02:13:37.0148 1832  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
02:13:37.0148 1832  C:\Windows\System32\wevtapi.dll - ok
02:13:37.0154 1832  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
02:13:37.0154 1832  C:\Windows\System32\authz.dll - ok
02:13:37.0162 1832  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
02:13:37.0162 1832  C:\Windows\System32\cngaudit.dll - ok
02:13:37.0168 1832  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
02:13:37.0168 1832  C:\Windows\System32\ncrypt.dll - ok
02:13:37.0177 1832  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
02:13:37.0177 1832  C:\Windows\System32\bcrypt.dll - ok
02:13:37.0182 1832  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
02:13:37.0182 1832  C:\Windows\System32\msprivs.dll - ok
02:13:37.0189 1832  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
02:13:37.0189 1832  C:\Windows\System32\netjoin.dll - ok
02:13:37.0195 1832  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
02:13:37.0195 1832  C:\Windows\System32\negoexts.dll - ok
02:13:37.0202 1832  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
02:13:37.0202 1832  C:\Windows\System32\atmfd.dll - ok
02:13:37.0209 1832  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
02:13:37.0209 1832  C:\Windows\System32\kerberos.dll - ok
02:13:37.0215 1832  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
02:13:37.0215 1832  C:\Windows\System32\version.dll - ok
02:13:37.0222 1832  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
02:13:37.0222 1832  C:\Windows\System32\cryptsp.dll - ok
02:13:37.0229 1832  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
02:13:37.0229 1832  C:\Windows\System32\mswsock.dll - ok
02:13:37.0235 1832  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
02:13:37.0235 1832  C:\Windows\System32\wship6.dll - ok
02:13:37.0242 1832  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
02:13:37.0242 1832  C:\Windows\System32\msv1_0.dll - ok
02:13:37.0248 1832  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
02:13:37.0248 1832  C:\Windows\System32\netlogon.dll - ok
02:13:37.0255 1832  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
02:13:37.0255 1832  C:\Windows\System32\dnsapi.dll - ok
02:13:37.0261 1832  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
02:13:37.0261 1832  C:\Windows\System32\logoncli.dll - ok
02:13:37.0268 1832  [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
02:13:37.0268 1832  C:\Windows\System32\schannel.dll - ok
02:13:37.0277 1832  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
02:13:37.0277 1832  C:\Windows\System32\wdigest.dll - ok
02:13:37.0283 1832  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
02:13:37.0283 1832  C:\Windows\System32\rsaenh.dll - ok
02:13:37.0290 1832  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
02:13:37.0290 1832  C:\Windows\System32\TSpkg.dll - ok
02:13:37.0294 1832  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
02:13:37.0294 1832  C:\Windows\System32\pku2u.dll - ok
02:13:37.0300 1832  [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
02:13:37.0300 1832  C:\Windows\System32\LIVESSP.DLL - ok
02:13:37.0307 1832  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
02:13:37.0307 1832  C:\Windows\System32\bcryptprimitives.dll - ok
02:13:37.0313 1832  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
02:13:37.0314 1832  C:\Windows\System32\credssp.dll - ok
02:13:37.0320 1832  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
02:13:37.0320 1832  C:\Windows\System32\efslsaext.dll - ok
02:13:37.0327 1832  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
02:13:37.0327 1832  C:\Windows\System32\scecli.dll - ok
02:13:37.0333 1832  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
02:13:37.0333 1832  C:\Windows\System32\ubpm.dll - ok
02:13:37.0339 1832  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
02:13:37.0340 1832  C:\Windows\System32\winsta.dll - ok
02:13:37.0346 1832  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
02:13:37.0346 1832  C:\Windows\System32\svchost.exe - ok
02:13:37.0353 1832  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
02:13:37.0353 1832  C:\Windows\System32\winlogon.exe - ok
02:13:37.0360 1832  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
02:13:37.0360 1832  C:\Windows\System32\umpnpmgr.dll - ok
02:13:37.0366 1832  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
02:13:37.0366 1832  C:\Windows\System32\SPInf.dll - ok
02:13:37.0373 1832  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
02:13:37.0373 1832  C:\Windows\System32\devrtl.dll - ok
02:13:37.0379 1832  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
02:13:37.0379 1832  C:\Windows\System32\userenv.dll - ok
02:13:37.0386 1832  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
02:13:37.0386 1832  C:\Windows\System32\gpapi.dll - ok
02:13:37.0394 1832  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
02:13:37.0394 1832  C:\Windows\System32\umpo.dll - ok
02:13:37.0401 1832  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
02:13:37.0401 1832  C:\Windows\System32\pcwum.dll - ok
02:13:37.0407 1832  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
02:13:37.0407 1832  C:\Windows\System32\powrprof.dll - ok
02:13:37.0414 1832  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
02:13:37.0414 1832  C:\Windows\System32\drivers\luafv.sys - ok
02:13:37.0421 1832  [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
02:13:37.0421 1832  C:\Windows\System32\drivers\Sftvollh.sys - ok
02:13:37.0429 1832  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
02:13:37.0429 1832  C:\Windows\System32\rpcss.dll - ok
02:13:37.0435 1832  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
02:13:37.0435 1832  C:\Windows\System32\RpcEpMap.dll - ok
02:13:37.0442 1832  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
02:13:37.0442 1832  C:\Windows\System32\wshqos.dll - ok
02:13:37.0449 1832  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
02:13:37.0449 1832  C:\Windows\System32\WSHTCPIP.DLL - ok
02:13:37.0456 1832  [ 29C151492510640343B00B63996E4070 ] C:\Windows\System32\atiesrxx.exe
02:13:37.0456 1832  C:\Windows\System32\atiesrxx.exe - ok
02:13:37.0462 1832  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
02:13:37.0462 1832  C:\Windows\System32\wtsapi32.dll - ok
02:13:37.0468 1832  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
02:13:37.0469 1832  C:\Windows\System32\FirewallAPI.dll - ok
02:13:37.0475 1832  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
02:13:37.0475 1832  C:\Windows\System32\LogonUI.exe - ok
02:13:37.0482 1832  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
02:13:37.0482 1832  C:\Windows\System32\authui.dll - ok
02:13:37.0488 1832  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
02:13:37.0488 1832  C:\Windows\System32\cryptui.dll - ok
02:13:37.0496 1832  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
02:13:37.0496 1832  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
02:13:37.0502 1832  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
02:13:37.0502 1832  C:\Windows\System32\wevtsvc.dll - ok
02:13:37.0509 1832  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
02:13:37.0509 1832  C:\Windows\System32\audiosrv.dll - ok
02:13:37.0517 1832  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
02:13:37.0517 1832  C:\Windows\System32\FntCache.dll - ok
02:13:37.0522 1832  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
02:13:37.0522 1832  C:\Windows\System32\avrt.dll - ok
02:13:37.0529 1832  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
02:13:37.0529 1832  C:\Windows\System32\mmcss.dll - ok
02:13:37.0535 1832  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
02:13:37.0535 1832  C:\Windows\System32\MMDevAPI.dll - ok
02:13:37.0542 1832  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
02:13:37.0542 1832  C:\Windows\System32\propsys.dll - ok
02:13:37.0546 1832  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
02:13:37.0546 1832  C:\Windows\System32\audiodg.exe - ok
02:13:37.0554 1832  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
02:13:37.0554 1832  C:\Windows\System32\ntmarta.dll - ok
02:13:37.0561 1832  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
02:13:37.0562 1832  C:\Windows\System32\gpsvc.dll - ok
02:13:37.0568 1832  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
02:13:37.0568 1832  C:\Windows\System32\profsvc.dll - ok
02:13:37.0574 1832  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
02:13:37.0574 1832  C:\Windows\System32\nlaapi.dll - ok
02:13:37.0581 1832  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
02:13:37.0581 1832  C:\Windows\System32\atl.dll - ok
02:13:37.0587 1832  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
02:13:37.0587 1832  C:\Windows\System32\dsrole.dll - ok
02:13:37.0594 1832  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
02:13:37.0594 1832  C:\Windows\System32\slc.dll - ok
02:13:37.0601 1832  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
02:13:37.0601 1832  C:\Windows\System32\themeservice.dll - ok
02:13:37.0607 1832  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
02:13:37.0607 1832  C:\Windows\System32\radardt.dll - ok
02:13:37.0615 1832  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
02:13:37.0615 1832  C:\Windows\System32\samlib.dll - ok
02:13:37.0621 1832  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
02:13:37.0621 1832  C:\Windows\System32\shacct.dll - ok
02:13:37.0629 1832  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
02:13:37.0629 1832  C:\Windows\System32\uxtheme.dll - ok
02:13:37.0636 1832  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
02:13:37.0636 1832  C:\Windows\System32\es.dll - ok
02:13:37.0642 1832  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
02:13:37.0642 1832  C:\Windows\System32\Sens.dll - ok
02:13:37.0649 1832  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
02:13:37.0649 1832  C:\Windows\System32\drivers\lltdio.sys - ok
02:13:37.0655 1832  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
02:13:37.0656 1832  C:\Windows\System32\uxsms.dll - ok
02:13:37.0662 1832  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
02:13:37.0662 1832  C:\Windows\System32\drivers\nwifi.sys - ok
02:13:37.0669 1832  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
02:13:37.0669 1832  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
02:13:37.0675 1832  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
02:13:37.0676 1832  C:\Windows\System32\drivers\ndisuio.sys - ok
02:13:37.0682 1832  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
02:13:37.0682 1832  C:\Windows\System32\drivers\rspndr.sys - ok
02:13:37.0689 1832  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
02:13:37.0689 1832  C:\Windows\System32\lmhsvc.dll - ok
02:13:37.0695 1832  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
02:13:37.0696 1832  C:\Windows\System32\nsisvc.dll - ok
02:13:37.0702 1832  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
02:13:37.0702 1832  C:\Windows\System32\IPHLPAPI.DLL - ok
02:13:37.0708 1832  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
02:13:37.0709 1832  C:\Windows\System32\winnsi.dll - ok
02:13:37.0716 1832  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
02:13:37.0716 1832  C:\Windows\System32\dnsrslvr.dll - ok
02:13:37.0722 1832  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
02:13:37.0722 1832  C:\Windows\System32\keyiso.dll - ok
02:13:37.0729 1832  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
02:13:37.0730 1832  C:\Windows\System32\nrpsrv.dll - ok
02:13:37.0736 1832  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
02:13:37.0736 1832  C:\Windows\System32\dhcpcore.dll - ok
02:13:37.0742 1832  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
02:13:37.0742 1832  C:\Windows\System32\dhcpcore6.dll - ok
02:13:37.0749 1832  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
02:13:37.0749 1832  C:\Windows\System32\eapsvc.dll - ok
02:13:37.0755 1832  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
02:13:37.0755 1832  C:\Windows\System32\FWPUCLNT.DLL - ok
02:13:37.0763 1832  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
02:13:37.0763 1832  C:\Windows\System32\dhcpcsvc.dll - ok
02:13:37.0770 1832  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
02:13:37.0770 1832  C:\Windows\System32\dnsext.dll - ok
02:13:37.0776 1832  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
02:13:37.0776 1832  C:\Windows\System32\dhcpcsvc6.dll - ok
02:13:37.0783 1832  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
02:13:37.0783 1832  C:\Windows\System32\eapphost.dll - ok
02:13:37.0790 1832  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
02:13:37.0790 1832  C:\Windows\System32\adtschema.dll - ok
02:13:37.0797 1832  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
02:13:37.0797 1832  C:\Windows\System32\nlasvc.dll - ok
02:13:37.0800 1832  [ EDF4DEC1041EEAF78A0B1E16C1BB4CC4 ] C:\Windows\System32\fthsvc.dll
02:13:37.0800 1832  C:\Windows\System32\fthsvc.dll - ok
02:13:37.0807 1832  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
02:13:37.0807 1832  C:\Windows\System32\dui70.dll - ok
02:13:37.0814 1832  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
02:13:37.0814 1832  C:\Windows\System32\duser.dll - ok
02:13:37.0820 1832  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
02:13:37.0820 1832  C:\Windows\System32\winmm.dll - ok
02:13:37.0826 1832  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
02:13:37.0826 1832  C:\Windows\System32\ksuser.dll - ok
02:13:37.0833 1832  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
02:13:37.0833 1832  C:\Windows\System32\wdmaud.drv - ok
02:13:37.0839 1832  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
02:13:37.0840 1832  C:\Windows\System32\SndVolSSO.dll - ok
02:13:37.0846 1832  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
02:13:37.0846 1832  C:\Windows\System32\hid.dll - ok
02:13:37.0852 1832  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
02:13:37.0853 1832  C:\Windows\System32\umb.dll - ok
02:13:37.0859 1832  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
02:13:37.0859 1832  C:\Windows\System32\wlansvc.dll - ok
02:13:37.0866 1832  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
02:13:37.0866 1832  C:\Windows\System32\wlanmsm.dll - ok
02:13:37.0872 1832  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
02:13:37.0872 1832  C:\Windows\System32\wlansec.dll - ok
02:13:37.0879 1832  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
02:13:37.0880 1832  C:\Windows\System32\eappprxy.dll - ok
02:13:37.0886 1832  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
02:13:37.0886 1832  C:\Windows\System32\onex.dll - ok
02:13:37.0893 1832  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
02:13:37.0893 1832  C:\Windows\System32\eappcfg.dll - ok
02:13:37.0899 1832  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
02:13:37.0899 1832  C:\Windows\System32\l2gpstore.dll - ok
02:13:37.0905 1832  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
02:13:37.0905 1832  C:\Windows\System32\wlanutil.dll - ok
02:13:37.0912 1832  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
02:13:37.0912 1832  C:\Windows\System32\wlgpclnt.dll - ok
02:13:37.0919 1832  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
02:13:37.0919 1832  C:\Windows\System32\WinSCard.dll - ok
02:13:37.0925 1832  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
02:13:37.0925 1832  C:\Windows\System32\comres.dll - ok
02:13:37.0932 1832  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
02:13:37.0932 1832  C:\Windows\System32\msxml6.dll - ok
02:13:37.0938 1832  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
02:13:37.0938 1832  C:\Windows\System32\dwmapi.dll - ok
02:13:37.0945 1832  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
02:13:37.0945 1832  C:\Windows\System32\xmllite.dll - ok
02:13:37.0952 1832  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
02:13:37.0952 1832  C:\Windows\System32\AudioSes.dll - ok
02:13:37.0958 1832  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
02:13:37.0958 1832  C:\Windows\System32\msacm32.dll - ok
02:13:37.0965 1832  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
02:13:37.0965 1832  C:\Windows\System32\msacm32.drv - ok
02:13:37.0972 1832  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
02:13:37.0972 1832  C:\Windows\System32\midimap.dll - ok
02:13:37.0979 1832  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
02:13:37.0979 1832  C:\Windows\System32\AudioEng.dll - ok
02:13:37.0985 1832  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
02:13:37.0985 1832  C:\Windows\System32\AUDIOKSE.dll - ok
02:13:37.0992 1832  [ C95EA36228E0174AC53DC57530549AAF ] C:\Windows\System32\RtkAPO64.dll
02:13:37.0992 1832  C:\Windows\System32\RtkAPO64.dll - ok
02:13:37.0999 1832  [ 973ADB6AD47AC047F900C0D760AB6BE2 ] C:\Windows\System32\AERTAR64.dll
02:13:37.0999 1832  C:\Windows\System32\AERTAR64.dll - ok
02:13:38.0005 1832  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
02:13:38.0005 1832  C:\Windows\System32\WMALFXGFXDSP.dll - ok
02:13:38.0012 1832  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
02:13:38.0012 1832  C:\Windows\System32\mfplat.dll - ok
02:13:38.0019 1832  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
02:13:38.0019 1832  C:\Windows\System32\netprofm.dll - ok
02:13:38.0025 1832  [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
02:13:38.0025 1832  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
02:13:38.0032 1832  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
02:13:38.0032 1832  C:\Windows\System32\MPSSVC.dll - ok
02:13:38.0039 1832  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
02:13:38.0039 1832  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
02:13:38.0046 1832  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
02:13:38.0046 1832  C:\Windows\System32\WUDFPlatform.dll - ok
02:13:38.0050 1832  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
02:13:38.0050 1832  C:\Windows\System32\drivers\fltMgr.sys - ok
02:13:38.0057 1832  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
02:13:38.0057 1832  C:\Windows\System32\PSHED.DLL - ok
02:13:38.0065 1832  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
02:13:38.0065 1832  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
02:13:38.0071 1832  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
02:13:38.0071 1832  C:\Windows\System32\shsvcs.dll - ok
02:13:38.0078 1832  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
02:13:38.0078 1832  C:\Windows\System32\WindowsCodecs.dll - ok
02:13:38.0084 1832  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
02:13:38.0084 1832  C:\Windows\System32\winbrand.dll - ok
02:13:38.0091 1832  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
02:13:38.0091 1832  C:\Windows\System32\VaultCredProvider.dll - ok
02:13:38.0098 1832  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
02:13:38.0098 1832  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
02:13:38.0105 1832  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
02:13:38.0105 1832  C:\Windows\System32\BioCredProv.dll - ok
02:13:38.0111 1832  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
02:13:38.0112 1832  C:\Windows\System32\credui.dll - ok
02:13:38.0118 1832  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
02:13:38.0118 1832  C:\Windows\System32\winbio.dll - ok
02:13:38.0124 1832  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
02:13:38.0124 1832  C:\Windows\System32\netapi32.dll - ok
02:13:38.0131 1832  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
02:13:38.0131 1832  C:\Windows\System32\vaultcli.dll - ok
02:13:38.0138 1832  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
02:13:38.0138 1832  C:\Windows\System32\netutils.dll - ok
02:13:38.0145 1832  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
02:13:38.0146 1832  C:\Windows\System32\wkscli.dll - ok
02:13:38.0151 1832  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
02:13:38.0151 1832  C:\Windows\System32\samcli.dll - ok
02:13:38.0157 1832  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
02:13:38.0157 1832  C:\Windows\System32\certCredProvider.dll - ok
02:13:38.0164 1832  [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
02:13:38.0165 1832  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
02:13:38.0171 1832  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
02:13:38.0171 1832  C:\Windows\System32\rasplap.dll - ok
02:13:38.0179 1832  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
02:13:38.0179 1832  C:\Windows\System32\rasapi32.dll - ok
02:13:38.0184 1832  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
02:13:38.0184 1832  C:\Windows\System32\rasman.dll - ok
02:13:38.0191 1832  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
02:13:38.0191 1832  C:\Windows\System32\rtutils.dll - ok
02:13:38.0197 1832  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
02:13:38.0197 1832  C:\Windows\System32\netcfgx.dll - ok
02:13:38.0204 1832  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
02:13:38.0204 1832  C:\Windows\System32\drivers\vwifimp.sys - ok
02:13:38.0211 1832  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
02:13:38.0211 1832  C:\Windows\System32\schedsvc.dll - ok
02:13:38.0218 1832  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
02:13:38.0218 1832  C:\Windows\System32\ktmw32.dll - ok
02:13:38.0224 1832  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
02:13:38.0224 1832  C:\Windows\System32\taskcomp.dll - ok
02:13:38.0232 1832  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
02:13:38.0232 1832  C:\Windows\System32\UXInit.dll - ok
02:13:38.0238 1832  [ D168FE972739F947FA223B92626AF353 ] C:\Windows\System32\atieclxx.exe
02:13:38.0238 1832  C:\Windows\System32\atieclxx.exe - ok
02:13:38.0244 1832  [ C9D778F3B3DBE72193C158185786783F ] C:\Windows\System32\atiadlxx.dll
02:13:38.0244 1832  C:\Windows\System32\atiadlxx.dll - ok
02:13:38.0251 1832  [ A94ECE09ED9A33D406966CED834ACA9F ] C:\Windows\System32\atimuixx.dll
02:13:38.0251 1832  C:\Windows\System32\atimuixx.dll - ok
02:13:38.0258 1832  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
02:13:38.0258 1832  C:\Windows\System32\drivers\http.sys - ok
02:13:38.0264 1832  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
02:13:38.0264 1832  C:\Windows\System32\spoolsv.exe - ok
02:13:38.0271 1832  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
02:13:38.0271 1832  C:\Windows\System32\imageres.dll - ok
02:13:38.0277 1832  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
02:13:38.0278 1832  C:\Windows\System32\drivers\srvnet.sys - ok
02:13:38.0285 1832  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
02:13:38.0285 1832  C:\Windows\System32\BFE.DLL - ok
02:13:38.0291 1832  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
02:13:38.0291 1832  C:\Windows\System32\drivers\bowser.sys - ok
02:13:38.0297 1832  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
02:13:38.0298 1832  C:\Windows\System32\drivers\mpsdrv.sys - ok
02:13:38.0302 1832  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
02:13:38.0302 1832  C:\Windows\System32\wfapigp.dll - ok
02:13:38.0308 1832  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
02:13:38.0308 1832  C:\Windows\System32\drivers\mrxsmb.sys - ok
02:13:38.0315 1832  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
02:13:38.0315 1832  C:\Windows\System32\mscms.dll - ok
02:13:38.0321 1832  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
02:13:38.0322 1832  C:\Windows\System32\drivers\mrxsmb10.sys - ok
02:13:38.0328 1832  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
02:13:38.0328 1832  C:\Windows\System32\drivers\mrxsmb20.sys - ok
02:13:38.0335 1832  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
02:13:38.0335 1832  C:\Windows\System32\pcasvc.dll - ok
02:13:38.0341 1832  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
02:13:38.0341 1832  C:\Windows\System32\snmptrap.exe - ok
02:13:38.0348 1832  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
02:13:38.0348 1832  C:\Windows\System32\fveapi.dll - ok
02:13:38.0355 1832  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
02:13:38.0355 1832  C:\Windows\System32\hnetcfg.dll - ok
02:13:38.0361 1832  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
02:13:38.0361 1832  C:\Windows\System32\fvecerts.dll - ok
02:13:38.0368 1832  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
02:13:38.0368 1832  C:\Windows\System32\tbs.dll - ok
02:13:38.0375 1832  [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
02:13:38.0375 1832  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
02:13:38.0381 1832  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
02:13:38.0382 1832  C:\Windows\System32\drivers\srv2.sys - ok
02:13:38.0388 1832  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
02:13:38.0388 1832  C:\Windows\System32\provsvc.dll - ok
02:13:38.0395 1832  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
02:13:38.0395 1832  C:\Windows\System32\sstpsvc.dll - ok
02:13:38.0402 1832  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
02:13:38.0402 1832  C:\Windows\System32\wkssvc.dll - ok
02:13:38.0408 1832  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
02:13:38.0408 1832  C:\Windows\System32\wiarpc.dll - ok
02:13:38.0415 1832  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
02:13:38.0415 1832  C:\Windows\System32\drivers\srv.sys - ok
02:13:38.0422 1832  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
02:13:38.0422 1832  C:\Windows\System32\srvsvc.dll - ok
02:13:38.0429 1832  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
02:13:38.0429 1832  C:\Windows\System32\browser.dll - ok
02:13:38.0438 1832  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
02:13:38.0438 1832  C:\Windows\System32\netmsg.dll - ok
02:13:38.0445 1832  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
02:13:38.0445 1832  C:\Windows\System32\sscore.dll - ok
02:13:38.0453 1832  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
02:13:38.0453 1832  C:\Windows\System32\clusapi.dll - ok
02:13:38.0459 1832  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
02:13:38.0459 1832  C:\Windows\System32\resutils.dll - ok
02:13:38.0466 1832  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
02:13:38.0466 1832  C:\Windows\System32\winspool.drv - ok
02:13:38.0473 1832  [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
02:13:38.0473 1832  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
02:13:38.0479 1832  [ C8A2FA2EE9241B8D66F9D7DE9AE34AEE ] C:\Program Files\Bonjour\mdnsNSP.dll
02:13:38.0480 1832  C:\Program Files\Bonjour\mdnsNSP.dll - ok
02:13:38.0486 1832  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
02:13:38.0486 1832  C:\Windows\System32\rasadhlp.dll - ok
02:13:38.0493 1832  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
02:13:38.0493 1832  C:\Windows\System32\localspl.dll - ok
02:13:38.0499 1832  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
02:13:38.0499 1832  C:\Windows\System32\spoolss.dll - ok
02:13:38.0506 1832  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
02:13:38.0506 1832  C:\Windows\System32\FXSMON.dll - ok
02:13:38.0513 1832  [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll
02:13:38.0513 1832  C:\Windows\System32\hpz3lw71.dll - ok
02:13:38.0520 1832  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
02:13:38.0520 1832  C:\Windows\System32\PrintIsolationProxy.dll - ok
02:13:38.0526 1832  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
02:13:38.0526 1832  C:\Windows\System32\snmpapi.dll - ok
02:13:38.0533 1832  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
02:13:38.0533 1832  C:\Windows\System32\tcpmon.dll - ok
02:13:38.0540 1832  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
02:13:38.0540 1832  C:\Windows\System32\usbmon.dll - ok
02:13:38.0546 1832  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
02:13:38.0546 1832  C:\Windows\System32\wsnmp32.dll - ok
02:13:38.0553 1832  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
02:13:38.0553 1832  C:\Windows\System32\WSDMon.dll - ok
02:13:38.0557 1832  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
02:13:38.0557 1832  C:\Windows\System32\WSDApi.dll - ok
02:13:38.0563 1832  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
02:13:38.0563 1832  C:\Windows\System32\webservices.dll - ok
02:13:38.0570 1832  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
02:13:38.0570 1832  C:\Windows\System32\fundisc.dll - ok
02:13:38.0576 1832  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
02:13:38.0576 1832  C:\Windows\System32\fdPnp.dll - ok
02:13:38.0583 1832  [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
02:13:38.0583 1832  C:\Windows\System32\wsdchngr.dll - ok
02:13:38.0590 1832  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
02:13:38.0590 1832  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
02:13:38.0596 1832  [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
02:13:38.0596 1832  C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
02:13:38.0603 1832  [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
02:13:38.0603 1832  C:\Windows\System32\win32spl.dll - ok
02:13:38.0610 1832  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
02:13:38.0610 1832  C:\Windows\System32\inetpp.dll - ok
02:13:38.0616 1832  [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
02:13:38.0616 1832  C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
02:13:38.0624 1832  [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:13:38.0624 1832  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
02:13:38.0630 1832  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
02:13:38.0630 1832  C:\Windows\SysWOW64\ntdll.dll - ok
02:13:38.0638 1832  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
02:13:38.0638 1832  C:\Windows\System32\wow64.dll - ok
02:13:38.0644 1832  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
02:13:38.0644 1832  C:\Windows\System32\wow64win.dll - ok
02:13:38.0651 1832  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
02:13:38.0651 1832  C:\Windows\System32\wow64cpu.dll - ok
02:13:38.0657 1832  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
02:13:38.0658 1832  C:\Windows\SysWOW64\kernel32.dll - ok
02:13:38.0664 1832  [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
02:13:38.0664 1832  C:\Windows\SysWOW64\KernelBase.dll - ok
02:13:38.0671 1832  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
02:13:38.0671 1832  C:\Windows\SysWOW64\user32.dll - ok
02:13:38.0677 1832  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
02:13:38.0677 1832  C:\Windows\SysWOW64\gdi32.dll - ok
02:13:38.0684 1832  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
02:13:38.0684 1832  C:\Windows\SysWOW64\lpk.dll - ok
02:13:38.0691 1832  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
02:13:38.0691 1832  C:\Windows\SysWOW64\usp10.dll - ok
02:13:38.0697 1832  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
02:13:38.0697 1832  C:\Windows\SysWOW64\msvcrt.dll - ok
02:13:38.0704 1832  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
02:13:38.0704 1832  C:\Windows\SysWOW64\advapi32.dll - ok
02:13:38.0710 1832  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
02:13:38.0710 1832  C:\Windows\SysWOW64\rpcrt4.dll - ok
02:13:38.0717 1832  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
02:13:38.0717 1832  C:\Windows\SysWOW64\sechost.dll - ok
02:13:38.0724 1832  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
02:13:38.0724 1832  C:\Windows\SysWOW64\cryptbase.dll - ok
02:13:38.0730 1832  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
02:13:38.0730 1832  C:\Windows\SysWOW64\shell32.dll - ok
02:13:38.0738 1832  [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
02:13:38.0738 1832  C:\Windows\SysWOW64\sspicli.dll - ok
02:13:38.0744 1832  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
02:13:38.0744 1832  C:\Windows\SysWOW64\shlwapi.dll - ok
02:13:38.0751 1832  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
02:13:38.0751 1832  C:\Windows\SysWOW64\ole32.dll - ok
02:13:38.0757 1832  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
02:13:38.0757 1832  C:\Windows\SysWOW64\oleaut32.dll - ok
02:13:38.0764 1832  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
02:13:38.0764 1832  C:\Windows\SysWOW64\crypt32.dll - ok
02:13:38.0772 1832  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
02:13:38.0772 1832  C:\Windows\SysWOW64\msasn1.dll - ok
02:13:38.0778 1832  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
02:13:38.0779 1832  C:\Windows\SysWOW64\wintrust.dll - ok
02:13:38.0785 1832  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
02:13:38.0785 1832  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
02:13:38.0792 1832  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
02:13:38.0792 1832  C:\Windows\SysWOW64\imm32.dll - ok
02:13:38.0799 1832  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
02:13:38.0799 1832  C:\Windows\SysWOW64\msctf.dll - ok
02:13:38.0806 1832  [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
02:13:38.0806 1832  C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
02:13:38.0810 1832  [ 5AA788D5A2C6737BB9C45933985BC1B8 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:13:38.0810 1832  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
02:13:38.0817 1832  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
02:13:38.0817 1832  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
02:13:38.0825 1832  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
02:13:38.0825 1832  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
02:13:38.0832 1832  [ DDDD1D04D5F4360371BC99C7C476F70D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
02:13:38.0832 1832  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
02:13:38.0839 1832  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
02:13:38.0839 1832  C:\Windows\System32\cscapi.dll - ok
02:13:38.0846 1832  [ 91607A5E321CF2B9043DDE0D6681A6C5 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
02:13:38.0846 1832  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
02:13:38.0853 1832  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
02:13:38.0853 1832  C:\Windows\SysWOW64\ws2_32.dll - ok
02:13:38.0859 1832  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
02:13:38.0859 1832  C:\Windows\SysWOW64\wsock32.dll - ok
02:13:38.0866 1832  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
02:13:38.0866 1832  C:\Windows\SysWOW64\nsi.dll - ok
02:13:38.0873 1832  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
02:13:38.0873 1832  C:\Windows\SysWOW64\setupapi.dll - ok
02:13:38.0879 1832  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
02:13:38.0879 1832  C:\Windows\SysWOW64\cfgmgr32.dll - ok
02:13:38.0886 1832  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
02:13:38.0886 1832  C:\Windows\SysWOW64\devobj.dll - ok
02:13:38.0893 1832  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
02:13:38.0893 1832  C:\Windows\SysWOW64\userenv.dll - ok
02:13:38.0899 1832  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
02:13:38.0899 1832  C:\Windows\SysWOW64\wtsapi32.dll - ok
02:13:38.0906 1832  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
02:13:38.0906 1832  C:\Windows\SysWOW64\profapi.dll - ok
02:13:38.0913 1832  [ 7CAAC9543318A1EE9056859F073A00DA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
02:13:38.0913 1832  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
02:13:38.0920 1832  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
02:13:38.0920 1832  C:\Windows\SysWOW64\version.dll - ok
02:13:38.0927 1832  [ 87305FEF54F6787331812DEEC2620B70 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
02:13:38.0927 1832  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
02:13:38.0935 1832  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
02:13:38.0935 1832  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
02:13:38.0941 1832  [ F64A630C746DCEFB640FE724F911D317 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
02:13:38.0942 1832  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
02:13:38.0948 1832  [ 3808DD8F3B80549C140D22147441B1FB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll
02:13:38.0949 1832  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll - ok
02:13:38.0956 1832  [ 12562870DA441564F4CF80CCBEA646FE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll
02:13:38.0956 1832  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll - ok
02:13:38.0963 1832  [ 6C74D73032BD60694CCF485A6DFCDBD3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll
02:13:38.0963 1832  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll - ok
02:13:38.0970 1832  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
02:13:38.0970 1832  C:\Windows\SysWOW64\ntmarta.dll - ok
02:13:38.0976 1832  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
02:13:38.0977 1832  C:\Windows\SysWOW64\Wldap32.dll - ok
02:13:38.0983 1832  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
02:13:38.0983 1832  C:\Windows\SysWOW64\mswsock.dll - ok
02:13:38.0990 1832  [ F832F1505AD8B83474BD9A5B1B985E01 ] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
02:13:38.0990 1832  C:\Program Files (x86)\Bonjour\mDNSResponder.exe - ok
02:13:38.0997 1832  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
02:13:38.0997 1832  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
02:13:39.0004 1832  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
02:13:39.0004 1832  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
02:13:39.0011 1832  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
02:13:39.0011 1832  C:\Windows\SysWOW64\netapi32.dll - ok
02:13:39.0017 1832  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
02:13:39.0017 1832  C:\Windows\SysWOW64\netutils.dll - ok
02:13:39.0025 1832  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
02:13:39.0025 1832  C:\Windows\SysWOW64\winnsi.dll - ok
02:13:39.0031 1832  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
02:13:39.0031 1832  C:\Windows\SysWOW64\powrprof.dll - ok
02:13:39.0038 1832  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
02:13:39.0038 1832  C:\Windows\SysWOW64\srvcli.dll - ok
02:13:39.0044 1832  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
02:13:39.0044 1832  C:\Windows\SysWOW64\wkscli.dll - ok
02:13:39.0051 1832  [ 533328A3D9A9C286682525842547540C ] C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
02:13:39.0051 1832  C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe - ok
02:13:39.0058 1832  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
02:13:39.0058 1832  C:\Windows\SysWOW64\cryptsp.dll - ok
02:13:39.0062 1832  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
02:13:39.0062 1832  C:\Windows\SysWOW64\rsaenh.dll - ok
02:13:39.0069 1832  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
02:13:39.0069 1832  C:\Windows\SysWOW64\psapi.dll - ok
02:13:39.0075 1832  [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
02:13:39.0075 1832  C:\Windows\SysWOW64\wininet.dll - ok
02:13:39.0081 1832  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
02:13:39.0081 1832  C:\Windows\SysWOW64\wship6.dll - ok
02:13:39.0088 1832  [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
02:13:39.0088 1832  C:\Windows\SysWOW64\iertutil.dll - ok
02:13:39.0095 1832  [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
02:13:39.0095 1832  C:\Windows\SysWOW64\urlmon.dll - ok
02:13:39.0101 1832  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
02:13:39.0101 1832  C:\Windows\SysWOW64\clbcatq.dll - ok
02:13:39.0108 1832  [ 27A6C0D6DF4734852A9065624F3580D4 ] C:\Program Files (x86)\Connectify\ConnectifyService.exe
02:13:39.0108 1832  C:\Program Files (x86)\Connectify\ConnectifyService.exe - ok
02:13:39.0115 1832  [ C18834F80073A5FC055D0ED3E5C78E6D ] C:\Program Files (x86)\Connectify\NativeLibrary.dll
02:13:39.0115 1832  C:\Program Files (x86)\Connectify\NativeLibrary.dll - ok
02:13:39.0122 1832  [ F630DD7564EBB7248A13B1CC774D9EA6 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
02:13:39.0122 1832  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
02:13:39.0129 1832  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
02:13:39.0129 1832  C:\Windows\System32\cryptsvc.dll - ok
02:13:39.0137 1832  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
02:13:39.0137 1832  C:\Windows\System32\dps.dll - ok
02:13:39.0143 1832  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
02:13:39.0143 1832  C:\Windows\System32\cryptnet.dll - ok
02:13:39.0149 1832  [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
02:13:39.0149 1832  C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
02:13:39.0154 1832  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
02:13:39.0154 1832  C:\Windows\SysWOW64\dnsapi.dll - ok
02:13:39.0162 1832  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
02:13:39.0162 1832  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
02:13:39.0168 1832  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
02:13:39.0168 1832  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
02:13:39.0175 1832  [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
02:13:39.0175 1832  C:\Windows\SysWOW64\wmp.dll - ok
02:13:39.0181 1832  [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
02:13:39.0181 1832  C:\Windows\System32\mgmtapi.dll - ok
02:13:39.0188 1832  [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
02:13:39.0188 1832  C:\Windows\System32\tcpmib.dll - ok
02:13:39.0195 1832  [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
02:13:39.0195 1832  C:\Windows\System32\PrintIsolationHost.exe - ok
02:13:39.0201 1832  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
02:13:39.0201 1832  C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
02:13:39.0209 1832  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
02:13:39.0209 1832  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
02:13:39.0216 1832  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
02:13:39.0216 1832  C:\Windows\SysWOW64\dwmapi.dll - ok
02:13:39.0222 1832  [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
02:13:39.0222 1832  C:\Windows\SysWOW64\wmploc.DLL - ok
02:13:39.0229 1832  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
02:13:39.0229 1832  C:\Windows\SysWOW64\MMDevAPI.dll - ok
02:13:39.0235 1832  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
02:13:39.0235 1832  C:\Windows\System32\vssapi.dll - ok
02:13:39.0242 1832  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
02:13:39.0243 1832  C:\Windows\System32\vsstrace.dll - ok
02:13:39.0249 1832  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
02:13:39.0249 1832  C:\Windows\SysWOW64\propsys.dll - ok
02:13:39.0255 1832  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
02:13:39.0255 1832  C:\Windows\SysWOW64\mfplat.dll - ok
02:13:39.0262 1832  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
02:13:39.0262 1832  C:\Windows\SysWOW64\AudioSes.dll - ok
02:13:39.0269 1832  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
02:13:39.0269 1832  C:\Windows\SysWOW64\avrt.dll - ok
02:13:39.0276 1832  [ B6D0EB60B3F01A0B5554894784651190 ] C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL
02:13:39.0276 1832  C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL - ok
02:13:39.0283 1832  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll
02:13:39.0283 1832  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll - ok
02:13:39.0290 1832  [ 7550D101BF49FDB1F92666A233EE36C4 ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
02:13:39.0290 1832  C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
02:13:39.0297 1832  [ 1B2AA330C30062CCF3AC6847D6652FCB ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
02:13:39.0297 1832  C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
02:13:39.0305 1832  [ 5973175F67CAC09A60EE4FDB11CC52E1 ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
02:13:39.0305 1832  C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
02:13:39.0311 1832  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
02:13:39.0311 1832  C:\Windows\System32\msimg32.dll - ok
02:13:39.0315 1832  [ AC9D6E3629E4388A9EA9B4172493AAEE ] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
02:13:39.0315 1832  C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe - ok
02:13:39.0322 1832  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
02:13:39.0322 1832  C:\Windows\System32\IKEEXT.DLL - ok
02:13:39.0329 1832  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
02:13:39.0329 1832  C:\Windows\System32\vpnikeapi.dll - ok
02:13:39.0336 1832  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
02:13:39.0336 1832  C:\Windows\SysWOW64\apphelp.dll - ok
02:13:39.0343 1832  [ E18418F0D4AC09111C8E684913B752FC ] C:\Program Files (x86)\Connectify\Connectifyd.exe
02:13:39.0343 1832  C:\Program Files (x86)\Connectify\Connectifyd.exe - ok
02:13:39.0350 1832  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
02:13:39.0350 1832  C:\Windows\SysWOW64\mscoree.dll - ok
02:13:39.0356 1832  [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
02:13:39.0356 1832  C:\Windows\System32\conhost.exe - ok
02:13:39.0363 1832  [ 92F8656D0167412A2379517C3F704FFB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
02:13:39.0363 1832  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
02:13:39.0370 1832  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
02:13:39.0370 1832  C:\Windows\System32\taskschd.dll - ok
02:13:39.0377 1832  [ 74FD5CAEECD78EE880AE015FDE96A147 ] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
02:13:39.0377 1832  C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll - ok
02:13:39.0384 1832  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
02:13:39.0384 1832  C:\Windows\SysWOW64\winmm.dll - ok
02:13:39.0391 1832  [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
02:13:39.0391 1832  C:\Windows\SysWOW64\mfc42.dll - ok
02:13:39.0397 1832  [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
02:13:39.0397 1832  C:\Windows\SysWOW64\odbc32.dll - ok
02:13:39.0404 1832  [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
02:13:39.0404 1832  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
02:13:39.0412 1832  [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
02:13:39.0412 1832  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
02:13:39.0419 1832  [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
02:13:39.0419 1832  C:\Windows\SysWOW64\odbcint.dll - ok
02:13:39.0427 1832  [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
02:13:39.0427 1832  C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
02:13:39.0433 1832  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
02:13:39.0433 1832  C:\Windows\System32\netman.dll - ok
02:13:39.0440 1832  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
02:13:39.0440 1832  C:\Windows\System32\aepic.dll - ok
02:13:39.0446 1832  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
02:13:39.0446 1832  C:\Windows\System32\sfc.dll - ok
02:13:39.0453 1832  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
02:13:39.0453 1832  C:\Windows\System32\sfc_os.dll - ok
02:13:39.0460 1832  [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
02:13:39.0461 1832  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
02:13:39.0467 1832  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
02:13:39.0467 1832  C:\Windows\System32\ncsi.dll - ok
02:13:39.0474 1832  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
02:13:39.0474 1832  C:\Windows\System32\drivers\PEAuth.sys - ok
02:13:39.0481 1832  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
02:13:39.0481 1832  C:\Windows\SysWOW64\winsta.dll - ok
02:13:39.0487 1832  [ EA735BF6DF13A857A83C99BF27A422AD ] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
02:13:39.0487 1832  C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe - ok
02:13:39.0495 1832  [ 1B89CF5B5C12F5DA383DFFFD4F3D6667 ] C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
02:13:39.0495 1832  C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
02:13:39.0502 1832  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
02:13:39.0502 1832  C:\Windows\System32\aeevts.dll - ok
02:13:39.0509 1832  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
02:13:39.0509 1832  C:\Windows\System32\winhttp.dll - ok
02:13:39.0515 1832  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
02:13:39.0515 1832  C:\Windows\System32\webio.dll - ok
02:13:39.0523 1832  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
02:13:39.0523 1832  C:\Windows\System32\ssdpapi.dll - ok
02:13:39.0529 1832  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
02:13:39.0529 1832  C:\Windows\System32\IPSECSVC.DLL - ok
02:13:39.0536 1832  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
02:13:39.0536 1832  C:\Windows\System32\FwRemoteSvr.dll - ok
02:13:39.0546 1832  [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
02:13:39.0546 1832  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
02:13:39.0553 1832  [ 7765680E25E329708CB034B180CF9FCD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
02:13:39.0553 1832  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
02:13:39.0561 1832  [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
02:13:39.0561 1832  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
02:13:39.0565 1832  [ 5869E1ECFFB7F0794B8F43FFF2818215 ] C:\Program Files (x86)\Connectify\log4net.dll
02:13:39.0565 1832  C:\Program Files (x86)\Connectify\log4net.dll - ok
02:13:39.0572 1832  [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
02:13:39.0572 1832  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
02:13:39.0579 1832  [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
02:13:39.0579 1832  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
02:13:39.0586 1832  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
02:13:39.0586 1832  C:\Windows\SysWOW64\msvcr100.dll - ok






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users