Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspect Deep-Rooted Virus


  • This topic is locked This topic is locked
43 replies to this topic

#1 CPU8U2

CPU8U2

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 30 May 2013 - 10:13 AM

I am using a Dell laptop 1750, running Win 7 Home Premium with IE8. I have a Pentium dual-core T4300 processor.  I use MSE security, the Windows firewall, and also have Trusteer Rapport installed for use on a specific financial site.

 

MSE is discovering and removing Trojans on a daily basis, but they always come back. I am suddenly getting a radio station playing through my computer, and I know it's not coming through exterior speakers or wires, as I'm not using any. The computer has also begun creeping, and whatever has infected my computer is using up nearly all the resources. In Task Manager CPU usage bounces up and down, and frequently reaches 100%.

 

Oh, and I'm also getting the FBI scam with my picture in the corner and a demand for $450; looks like I'm not alone on that one, judging from the various threads.

 

I ran ComboFix last night because it said the tool might resolve my issues the first time it's run without having to investigate further. And, in fact, it did... temporarily. My computer ran flawlessly last night; it was back up to typical speed, and the radio station no longer played.

 

Then I started the computer this morning, and the radio was back and my computer was sluggish again. I did copy the log file generated by ComboFix, and this is it:

ComboFix 13-05-30.01 - JJPopsonIV 05/29/2013  20:04:50.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3032.1018 [GMT -4:00]
Running from: c:\users\JJPopsonIV\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\programdata\Microsoft\Windows\DRM\5CB2.tmp
c:\programdata\Microsoft\Windows\DRM\5E99.tmp
c:\programdata\PCDr\6032\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3e0b29b2-9809-4050-abfc-ef8aff73ceab.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5f2ce3e8-3c56-40bb-86d6-a1a41867000b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7b6e388f-35d0-44f8-aa2c-20538273473f.dll
c:\programdata\PCDr\6032\AddOnDownloaded\97cd9b9c-9747-469a-acfa-cfbf8aed528a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bea3f575-677a-4c92-89ca-7be8480c11a9.dll
c:\users\JJPopsonIV\AppData\Roaming\Install.dat
c:\users\JJPopsonIV\AppData\Roaming\Microsoft\Windows\.data
c:\users\JJPopsonIV\AppData\Roaming\skype.dat
c:\users\JJPopsonIV\GoToAssistDownloadHelper.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_pcCMService
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-28 to 2013-05-30  )))))))))))))))))))))))))))))))
.
.
2013-05-30 00:20 . 2013-05-30 00:20	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-29 18:53 . 2013-05-29 18:53	--------	d-----w-	c:\users\JJPopsonIV\AppData\Local\Programs
2013-05-29 07:23 . 2013-05-29 07:20	964552	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{35948EF8-D963-4053-B771-008E12914EDC}\gapaengine.dll
2013-05-29 07:21 . 2013-05-13 03:37	9460464	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D28A63D8-E208-439B-B893-70506A2B297D}\mpengine.dll
2013-05-29 03:21 . 2013-05-13 03:37	9460464	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-28 21:47 . 2013-05-28 21:47	--------	d-sh--w-	C:\$$PendingFiles
2013-05-21 17:27 . 2013-05-29 04:16	--------	d-----w-	c:\program files\My Dell
2013-05-14 23:03 . 2013-04-10 05:51	1111040	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-05-14 21:18 . 2013-05-14 22:52	--------	d-----w-	C:\rei
2013-05-14 21:18 . 2013-05-14 21:18	--------	d-----w-	c:\program files\Reimage
2013-05-14 16:54 . 2013-05-14 16:54	--------	d-----w-	C:\WINSSLog
2013-05-14 15:13 . 2013-01-27 18:37	182248	----a-w-	c:\program files\Windows Defender\en-US\EppManifest.dll
2013-05-14 15:13 . 2013-01-27 15:35	8760	----a-w-	c:\program files\Windows Defender\en-US\setupres.dll
2013-05-14 15:13 . 2013-01-27 15:34	1094152	----a-w-	c:\program files\Windows Defender\en-US\amd64\setup.exe
2013-05-14 15:13 . 2013-01-20 19:58	241984	----a-w-	c:\program files\Windows Defender\en-US\amd64\sqmapi.dll
2013-05-14 15:05 . 2013-05-14 16:38	--------	d-----w-	C:\MATS
2013-05-14 14:44 . 2013-05-14 15:31	--------	d-----w-	c:\users\Guest
2013-05-11 10:37 . 2013-05-11 10:37	209472	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-08 17:07 . 2013-05-14 15:30	--------	d-----w-	c:\program files (x86)\Photo Viewer
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 21:22 . 2012-09-29 00:26	905296	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-05-15 15:32 . 2011-08-05 07:43	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 04:51 . 2010-01-19 17:17	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-14 23:40 . 2012-03-30 04:17	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 23:40 . 2011-08-14 22:07	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-02 15:29 . 2010-06-06 19:49	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-14 23:04	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-14 23:04	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-14 23:04	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-14 23:04	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-14 23:04	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 23:04	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-23 19:54	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 05:08 . 2013-05-14 23:03	981504	----a-w-	c:\windows\SysWow64\wininet.dll
2013-04-02 17:16 . 2013-01-15 19:02	236248	----a-w-	c:\windows\system32\drivers\RapportKE64.sys
2013-03-19 06:04 . 2013-04-10 18:07	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 18:07	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 18:07	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 18:07	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 18:07	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 18:07	112640	----a-w-	c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"cdloader"="c:\users\JJPopsonIV\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\JJPopsonIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 RapportKE64;RapportKE64;c:\windows\system32\Drivers\RapportKE64.sys [2013-04-02 236248]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 RapportCerberus_51755;RapportCerberus_51755;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_51755.sys [2013-04-22 586072]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-04-02 228600]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-04-02 357272]
S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-03 89600]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 pcCMService64;pcCMService64;c:\program files\Common Files\Motive\pcCMService.exe [2012-06-18 441344]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-04-02 1124184]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 23:40]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 02:21]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 02:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-26 487424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1276563885&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: $talisma_url$
Trusted Zone: internet
Trusted Zone: magicjack.com\data
Trusted Zone: magicjack.com\my
Trusted Zone: mcafee.com
Trusted Zone: talk4free.com
Trusted Zone: talk4free.com\reg
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\35C65656070294E6E6026202355796475637: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\46C696E6B6: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\A4A405F40535F4E49465D20534F5E4564777F627B6: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\D4F64756C60263: NameServer = 8.8.8.8,8.8.4.4
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\SysWOW64\UTSCSI.EXE
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Completion time: 2013-05-29  20:41:03 - machine was rebooted
ComboFix-quarantined-files.txt  2013-05-30 00:41
.
Pre-Run: 179,280,523,264 bytes free
Post-Run: 179,955,154,944 bytes free
.
- - End Of File - - 399BA35130B8B249DA0ABDD41693402F

Thanks in advance for any assistance anyone can provide. I do not want to format and re-install everything all over again; but I'm nearly to that point.


Edited by CPU8U2, 30 May 2013 - 10:19 AM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:18 AM

Posted 01 June 2013 - 09:26 PM


Hello CPU8U2,

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 CPU8U2

CPU8U2
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 02 June 2013 - 01:37 AM

Already the computer seemed to load and start up faster after the AdwCleaner. The log is:

 

# AdwCleaner v2.301 - Logfile created 06/02/2013 at 02:27:08
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : JJPopsonIV - JJPOPSONIV-PC
# Boot Mode : Normal
# Running from : C:\Users\JJPopsonIV\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\SearchPredict
Folder Deleted : C:\Program Files (x86)\Speedbit Video Downloader
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Speedbit
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\JJPopsonIV\AppData\Local\PackageAware
Folder Deleted : C:\Users\JJPopsonIV\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF7C3CF0-4B15-11D1-ABED-709549C10000}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF7C3CF0-4B15-11D1-ABED-709549C10000}
Key Deleted : HKCU\Software\SpeedBit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SpeedBit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [9621 octets] - [02/06/2013 02:27:08]

########## EOF - C:\AdwCleaner[S1].txt - [9681 octets] ##########



#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:18 AM

Posted 02 June 2013 - 01:44 AM

Did you run the second tool?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 CPU8U2

CPU8U2
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 02 June 2013 - 02:35 AM

Yes, I just ran it. It seems to have deleted programs I've actually used for years with no problems, and my computer actually seems like it's been set back in time.

 

When I opened my browser, it asked if I wanted to restore my last browsing session, and I clicked on yes because I thought it would take me back to this same thread.

 

Instead it sent me back to a time when I had 5 or 6 browsers open and I was doing some research; and I know that I haven't visited those sites to do that research for at least 6 months.

 

Anyway, before I ran the 2nd program the random mystery music had stopped playing through my computer, but after it ran, it's now back.

 

Here's the log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by JJPopsonIV on Sun 06/02/2013 at  2:46:38.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{0225273F-BD6C-4B9A-8540-9AA9510B5087}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{04215A91-36CE-4C00-ACEF-47BEEC9BAAB1}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{07301650-54D9-415C-BE0D-AC24E61DF95A}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{09467064-D671-4EFF-AD60-F12DC501DE75}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{0B8A85BE-CB0A-4ED4-8ED6-DD043C47B3B1}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{12EE9BB7-22BF-4768-A91D-9898D56D9983}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{1B3B94F2-C446-46F1-9305-6D4688C1DDE2}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{1BAD0A4F-D614-4E05-8CFD-CC4AA1D6C0A7}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{1EE3F467-175B-4797-881A-B716D5AA7A8E}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{1F68680A-5994-4207-8A29-CCA52899A938}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{2004DEE0-0298-4B53-8496-184A5BB95C0A}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{21FB3F13-7D96-4F3A-BBE9-095EF42B75DE}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{256D60D9-8B23-470B-A20E-B11CC7B1AA27}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{2804AB7E-E67C-4F6B-B70E-157FF8317944}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{29134271-BE81-4BB9-930E-8BC6ED94497A}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{29BCDBA0-CEB7-4204-8678-E31A795BF522}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{2CB8C4A9-B96D-4F27-A3AB-F00C14B8D224}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{2D57E5C2-8D36-404E-AB55-DEA0D6E92282}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{2E20A7D5-B8FE-4522-B7EB-85CE65A957B4}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{32414A2F-EFF3-4104-B686-907E980B0F16}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{37C37267-0974-4255-9C16-B38951DC50E8}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{3BB4A695-2DF4-4E23-A783-76C5AB8718F6}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{3CAAEFCE-4249-4C39-9FF8-7F8A30F0DC87}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{3F7A0BB6-451E-4C82-AF72-3A09E0F2FB6D}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{40E0EC45-8F1E-4502-88D6-AFFEB9B4E26F}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{41388536-95E1-47B0-8B72-B85E0F5BC965}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{42DEB784-18D6-4811-82FE-4E4D73D3C752}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{42E39B70-436C-41C5-A4C5-F0C10930DBBA}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{452073B2-A922-4D85-B799-F3378A51C39D}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{4B8FDD3A-53B6-4740-84EC-3B922600BC96}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{4D1901DA-3094-4342-8AB3-0DEDBF33A15C}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{4D711DC0-9E23-4B73-AEA3-721CF531E834}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{4F0644C8-CB9B-4AFD-94FC-45025C8234F3}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{4F4BD907-C129-4C47-AD23-103BE602DBAB}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{5141160C-49C4-407C-92A2-6380BD397947}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{54E0F2B0-8383-4F78-9DEC-2FADFF33840A}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{572AC381-D4D4-41D1-9E63-67F5A750E639}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{5998021D-EEC5-4F13-A1A3-79BB65CAE272}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{5A5215A8-2C0A-4248-878D-6E46C16526B1}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{5AFDE07F-F87E-4C06-9FF2-6C05C5A095F7}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{5EAA3469-3536-412C-AE36-ADC569548CE5}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{5F3AE5EC-D244-4702-95BA-C55DC8EC0415}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{602058EB-F80A-425D-812F-27E2A1D542C9}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{604E0ADF-84B9-47F4-A29C-D93C9F71ED4F}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{622C7D72-0B84-4C9B-99C1-1763B0B11A38}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{62C71307-C4BB-4F51-BDCD-0ACDD4E927D0}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{62E8D935-DA2F-44F2-9693-BD32881722A5}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{63AE76F2-8BB7-4CF1-93A9-3A4D68E8BEFE}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{69891E02-5F63-4844-A286-967AE2889872}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{69F7D233-6609-49B3-93B1-DDCEC736E8CA}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{6A27937E-2C9E-4FA7-9C8B-3CE3672B3834}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{6E6C7C5E-9A31-4999-873A-AA7C334BDC83}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{702368D7-A5DC-4300-9A14-F789C4695BCF}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{70AEE7C7-0EDD-46D5-92D1-C7BF96496A2E}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{77974DC4-EDAC-4A63-A1D9-B2085D71D5D0}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{77EE4959-BB63-43CC-82EA-2866E1204028}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{7D267119-4682-4D38-994A-2219FF2AADC2}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{815893C1-4AC1-4F4B-9738-D544602B2D3A}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{8600F0C4-FF31-4FE9-83BC-D13A5D75E5D5}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{86595179-5EFC-4C8C-98F9-4156CB3549D9}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{87CC7ECA-3843-4319-AA21-8743C11D44BB}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{8829F579-8875-4460-9CDF-6E68480D2CD1}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{8B013E2D-04A1-48AC-ACBB-62043AB905BF}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{907AF624-32DE-4F99-B042-67CD43641286}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{910A40BC-34A5-473B-8227-025C44596727}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{91D7CAAE-C5AE-4A77-9E54-187E7E80E4B9}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{93646648-B0DA-4150-BAEE-666B1A02EE00}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{969140BE-85A7-4D37-A9C3-0C74FB277436}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{990529E5-F35C-484E-B258-FE61EADFB6EC}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{9B81DE7E-74DA-4E87-8677-213BA63AA1AF}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{9D932F3B-FB65-4AC8-87E7-DDD1FBE1C04A}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{A086E37D-2CAB-45A9-90A9-ACE772D07530}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{A4234324-7327-47E4-A257-08CF1E1CF3B7}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{A4731760-E9D8-469D-BBFD-7B88C974B4ED}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{A4C24925-24CF-462C-9418-4F063F111966}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{A5FE99E1-85A2-492F-8EB9-3C17723A179E}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{A6F82ED1-A61B-4BCC-A207-1450B2AB6823}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{A7317E7B-59CD-4E6F-AAA4-1B24C89C4867}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{A78D7823-E6EC-4DFB-A736-420E94B37CED}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{B0EF7466-E9F8-4E8F-8139-B410778891C0}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{B6785BA9-A01F-40FB-AC1B-B79642A30157}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{BBEC9E15-05A0-42EB-9A43-9D9A250C0039}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{C6B41836-A9CE-47A1-8E40-9C4B4F197D44}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{C79260D9-CA2A-462E-8C0A-C69D089F187F}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{C7E6054B-7D9D-4765-86ED-4E935C9BCC95}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{C9225527-36BA-4AE6-A470-FAA6FB72EB30}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{CBBB35BF-EEEC-4CE7-8116-0372D5456645}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{CC76C27D-18DE-4684-93B7-4FD3610BF470}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{CF344423-494D-4A1C-AB8A-4C6E9334F359}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D0648116-5BF9-46B0-8C9F-3DF7591CB47D}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D155A1B3-5C2B-4147-B311-F278972F199B}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D1AE34FA-CABD-4317-8E4F-646DB23220FD}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D353B500-E11E-429F-AC8C-2CCA61877FF4}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D4450230-712E-4210-BD86-730CC02B0D53}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D4811B71-147F-4657-B9C9-8834F3C2043C}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D71C5EBF-6889-4FE7-9205-401EC4496506}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D7E33462-8C4A-4B0B-852E-E1B661D629F1}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{D83BA4B5-26D3-407E-A070-6F4E9B8DC1ED}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{DA87C886-2B0D-4099-84DF-53527F3E7AB6}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{DB905B27-42A1-41C7-85A5-5D34EFA72786}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{DE7C52EB-954F-4107-BE7A-031AC40AAE89}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{E0008F97-72FF-43F2-9B03-9460403A94D1}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{E0391D64-D481-4BC0-B4DF-AE93124704F1}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{E118F816-6A88-42BA-91CF-B74FA8BF7A92}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{E18A0A07-FAAA-4D04-9964-A817A70742CC}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{E47E0E05-DAA7-42E2-B8E9-D54C9014A9C9}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{E7B8051D-01EA-4B44-A51A-8B476FA04E62}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{EBF32DB2-8F84-4A11-B133-F83F897C09C9}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{ED22AFC2-CDAC-4C9A-AE87-335666F4DE6D}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{EECA612A-DD65-410F-A14D-F6A167812D6B}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{F0542120-4A75-4CFA-82B5-689F7704A60D}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{F233D263-208E-471C-BECB-97A6B96420BC}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{F2515770-D338-4302-A9EC-FC30858E1980}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{F2E04C3F-0FC7-4FE7-A0B8-C95524404065}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{F424CDCB-0467-45B4-8108-78C1955923EB}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{F9A24295-D9F7-401A-B83A-BC32FFE7177A}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{FB2C1AB0-D271-42FC-874B-A75E95940D0A}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{FC37A8BF-5FDA-436B-816B-5F5BF610654B}
Successfully deleted: [Empty Folder] C:\Users\JJPopsonIV\appdata\local\{FD6233F9-C655-4C59-9067-72A235D0087C}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 06/02/2013 at  3:20:53.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:18 AM

Posted 02 June 2013 - 03:01 AM


Hello CPU8U2

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 CPU8U2

CPU8U2
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 02 June 2013 - 04:36 AM

Okay, I ran ComboFix. First I disabled all my security, but when I started ComboFix it ran for awhile and then a message popped up saying it detected MSE running, even though it wasn't.

 

It told me to turn it off before coming back and clicking on OK. So I went into control panel/programs and completely uninstalled MSE and all of its components from there.

 

I then went back and clicked on OK, but it came back with the same message that MSE was running/scanning. It also said it would continue anyway.

 

I had to restart the computer because when I tried to turn my firewall back on after ComboFix had finished, it gave me the error message mentioned above about illegal operation on registry key that has been marked for deletion.

 

The computer is back to loading and starting up very slowly, and the mystery radio station is still playing through the computer. 

 

Here is the ComboFix log:

 

ComboFix 13-06-02.02 - JJPopsonIV 06/02/2013   4:39.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3032.1419 [GMT -4:00]
Running from: c:\users\JJPopsonIV\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3e0b29b2-9809-4050-abfc-ef8aff73ceab.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5f2ce3e8-3c56-40bb-86d6-a1a41867000b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7b6e388f-35d0-44f8-aa2c-20538273473f.dll
c:\programdata\PCDr\6032\AddOnDownloaded\97cd9b9c-9747-469a-acfa-cfbf8aed528a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bea3f575-677a-4c92-89ca-7be8480c11a9.dll
c:\users\JJPopsonIV\AppData\Roaming\Microsoft\Windows\.data
c:\users\JJPopsonIV\AppData\Roaming\skype.dat
c:\users\JJPopsonIV\GoToAssistDownloadHelper.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_pcCMService
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-02 to 2013-06-02  )))))))))))))))))))))))))))))))
.
.
2013-06-02 08:52 . 2013-06-02 08:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-29 18:54 . 2013-06-01 17:22 -------- d-----w- c:\program files (x86)\ARO 2013
2013-05-29 18:53 . 2013-05-29 18:53 -------- d-----w- c:\users\JJPopsonIV\AppData\Local\Programs
2013-05-28 21:47 . 2013-05-28 21:47 -------- d-sh--w- C:\$$PendingFiles
2013-05-21 17:27 . 2013-05-29 04:16 -------- d-----w- c:\program files\My Dell
2013-05-14 23:03 . 2013-04-10 05:51 1111040 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-05-14 21:18 . 2013-05-14 22:52 -------- d-----w- C:\rei
2013-05-14 21:18 . 2013-05-14 21:18 -------- d-----w- c:\program files\Reimage
2013-05-14 16:54 . 2013-05-14 16:54 -------- d-----w- C:\WINSSLog
2013-05-14 15:05 . 2013-05-14 16:38 -------- d-----w- C:\MATS
2013-05-14 14:44 . 2013-05-14 15:31 -------- d-----w- c:\users\Guest
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-08 17:07 . 2013-05-14 15:30 -------- d-----w- c:\program files (x86)\Photo Viewer
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-02 08:42 . 2013-06-02 08:42 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C3E70F95-57CA-41A4-BE71-625DCBC203F8}\offreg.dll
2013-05-15 15:32 . 2011-08-05 07:43 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 04:51 . 2010-01-19 17:17 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-14 23:40 . 2012-03-30 04:17 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 23:40 . 2011-08-14 22:07 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-02 15:29 . 2010-06-06 19:49 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-14 23:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-14 23:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-14 23:04 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-14 23:04 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-14 23:04 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 23:04 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-23 19:54 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-02 17:16 . 2013-01-15 19:02 236248 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2013-03-19 06:04 . 2013-04-10 18:07 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 18:07 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 18:07 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 18:07 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 18:07 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 18:07 112640 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"cdloader"="c:\users\JJPopsonIV\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592]
"AROReminder"="c:\program files (x86)\ARO 2013\ARO.exe" [2013-05-22 3157336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [BU]
"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\JJPopsonIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 RapportKE64;RapportKE64;c:\windows\system32\Drivers\RapportKE64.sys [2013-04-02 236248]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 RapportCerberus_51755;RapportCerberus_51755;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_51755.sys [2013-04-22 586072]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-04-02 228600]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-04-02 357272]
S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-03 89600]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 pcCMService64;pcCMService64;c:\program files\Common Files\Motive\pcCMService.exe [2012-06-18 441344]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-04-02 1124184]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 23:40]
.
2013-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 02:21]
.
2013-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 02:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-26 487424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1276563885&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: $talisma_url$
Trusted Zone: internet
Trusted Zone: magicjack.com\data
Trusted Zone: magicjack.com\my
Trusted Zone: mcafee.com
Trusted Zone: talk4free.com
Trusted Zone: talk4free.com\reg
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\35C65656070294E6E6026202355796475637: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\46C696E6B6: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\A4A405F40535F4E49465D20534F5E4564777F627B6: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\D4F64756C60263: NameServer = 8.8.8.8,8.8.4.4
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\SysWOW64\UTSCSI.EXE
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Completion time: 2013-06-02  05:14:18 - machine was rebooted
ComboFix-quarantined-files.txt  2013-06-02 09:14
ComboFix2.txt  2013-05-30 00:41
.
Pre-Run: 181,921,533,952 bytes free
Post-Run: 180,939,714,560 bytes free
.
- - End Of File - - B843C69441DC62D1040F3ADD900D8AEF
 


Edited by CPU8U2, 02 June 2013 - 04:38 AM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:18 AM

Posted 02 June 2013 - 12:25 PM


Hello CPU8U2

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 CPU8U2

CPU8U2
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 02 June 2013 - 02:52 PM

Okay, my computer loaded and booted instantly after running the TDSSKiller application; it found 1 threat worthy of curing. Here is the log:

 

15:17:03.0164 3440  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:17:05.0192 3440  ============================================================
15:17:05.0192 3440  Current date / time: 2013/06/02 15:17:05.0192
15:17:05.0192 3440  SystemInfo:
15:17:05.0192 3440 
15:17:05.0192 3440  OS Version: 6.1.7601 ServicePack: 1.0
15:17:05.0192 3440  Product type: Workstation
15:17:05.0192 3440  ComputerName: JJPOPSONIV-PC
15:17:05.0192 3440  UserName: JJPopsonIV
15:17:05.0192 3440  Windows directory: C:\Windows
15:17:05.0192 3440  System windows directory: C:\Windows
15:17:05.0192 3440  Running under WOW64
15:17:05.0192 3440  Processor architecture: Intel x64
15:17:05.0192 3440  Number of processors: 2
15:17:05.0192 3440  Page size: 0x1000
15:17:05.0192 3440  Boot type: Normal boot
15:17:05.0192 3440  ============================================================
15:17:13.0070 3440  BG loaded
15:17:16.0268 3440  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:17:16.0283 3440  ============================================================
15:17:16.0283 3440  \Device\Harddisk0\DR0:
15:17:16.0283 3440  MBR partitions:
15:17:16.0283 3440  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
15:17:16.0283 3440  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
15:17:16.0283 3440  ============================================================
15:17:16.0330 3440  C: <-> \Device\Harddisk0\DR0\Partition2
15:17:16.0330 3440  ============================================================
15:17:16.0330 3440  Initialize success
15:17:16.0330 3440  ============================================================
15:27:43.0744 8200  ============================================================
15:27:43.0824 8200  Scan started
15:27:43.0824 8200  Mode: Manual; SigCheck; TDLFS;
15:27:43.0824 8200  ============================================================
15:28:09.0644 8200  ================ Scan system memory ========================
15:28:09.0644 8200  System memory - ok
15:28:09.0644 8200  ================ Scan services =============================
15:28:14.0215 8200  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:28:16.0992 8200  1394ohci - ok
15:28:22.0748 8200  [ 426E0E8127BAC7D5DDEE8251F104E053 ] AbsoluteNotifier C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
15:28:22.0889 8200  AbsoluteNotifier ( UnsignedFile.Multi.Generic ) - warning
15:28:22.0889 8200  AbsoluteNotifier - detected UnsignedFile.Multi.Generic (1)
15:28:23.0357 8200  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:28:23.0419 8200  ACPI - ok
15:28:23.0591 8200  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:28:25.0213 8200  AcpiPmi - ok
15:28:26.0742 8200  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:28:26.0773 8200  AdobeARMservice - ok
15:28:32.0764 8200  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:28:32.0795 8200  AdobeFlashPlayerUpdateSvc - ok
15:28:33.0013 8200  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:28:33.0044 8200  adp94xx - ok
15:28:33.0200 8200  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:28:33.0232 8200  adpahci - ok
15:28:33.0450 8200  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:28:33.0528 8200  adpu320 - ok
15:28:34.0667 8200  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:28:36.0149 8200  AeLookupSvc - ok
15:28:38.0052 8200  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
15:28:38.0879 8200  AESTFilters - ok
15:28:40.0735 8200  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:28:41.0110 8200  AFD - ok
15:28:42.0748 8200  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:28:42.0794 8200  agp440 - ok
15:28:43.0075 8200  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:28:44.0900 8200  ALG - ok
15:28:45.0322 8200  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:28:45.0368 8200  aliide - ok
15:28:46.0242 8200  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:28:46.0289 8200  amdide - ok
15:28:46.0819 8200  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:28:46.0944 8200  AmdK8 - ok
15:28:47.0209 8200  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:28:47.0381 8200  AmdPPM - ok
15:28:48.0052 8200  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:28:48.0083 8200  amdsata - ok
15:28:48.0660 8200  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:28:48.0707 8200  amdsbs - ok
15:28:48.0894 8200  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:28:49.0190 8200  amdxata - ok
15:28:50.0501 8200  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:28:57.0053 8200  AppID - ok
15:28:57.0256 8200  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:28:57.0848 8200  AppIDSvc - ok
15:28:59.0112 8200  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
15:28:59.0486 8200  Appinfo - ok
15:29:00.0282 8200  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:29:00.0313 8200  arc - ok
15:29:01.0124 8200  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:29:01.0171 8200  arcsas - ok
15:29:01.0748 8200  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:29:02.0170 8200  AsyncMac - ok
15:29:02.0482 8200  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:29:02.0528 8200  atapi - ok
15:29:03.0215 8200  [ 195786ED7A26E1913A4F9799FDBC2C71 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:29:04.0510 8200  athr - ok
15:29:05.0118 8200  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:29:06.0101 8200  AudioEndpointBuilder - ok
15:29:06.0444 8200  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:29:06.0569 8200  AudioSrv - ok
15:29:08.0378 8200  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:29:10.0656 8200  AxInstSV - ok
15:29:11.0202 8200  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:29:12.0528 8200  b06bdrv - ok
15:29:13.0105 8200  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:29:14.0260 8200  b57nd60a - ok
15:29:14.0462 8200  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:29:14.0946 8200  BDESVC - ok
15:29:15.0118 8200  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:29:15.0617 8200  Beep - ok
15:29:16.0927 8200  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:29:17.0208 8200  BFE - ok
15:29:18.0284 8200  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
15:29:18.0721 8200  BITS - ok
15:29:18.0971 8200  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:29:19.0579 8200  blbdrive - ok
15:29:21.0350 8200  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:29:21.0428 8200  Bonjour Service - ok
15:29:22.0165 8200  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:29:24.0101 8200  bowser - ok
15:29:25.0993 8200  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:29:26.0370 8200  BrFiltLo - ok
15:29:26.0436 8200  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:29:26.0505 8200  BrFiltUp - ok
15:29:27.0105 8200  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:29:27.0179 8200  BridgeMP - ok
15:29:27.0834 8200  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:29:28.0482 8200  Browser - ok
15:29:29.0359 8200  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
15:29:30.0870 8200  Brserid - ok
15:29:31.0284 8200  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:29:31.0431 8200  BrSerWdm - ok
15:29:32.0001 8200  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:29:32.0081 8200  BrUsbMdm - ok
15:29:32.0167 8200  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
15:29:32.0393 8200  BrUsbSer - ok
15:29:32.0442 8200  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:29:32.0590 8200  BTHMODEM - ok
15:29:33.0087 8200  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:29:33.0171 8200  bthserv - ok
15:29:34.0218 8200  catchme - ok
15:29:34.0289 8200  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:29:34.0449 8200  cdfs - ok
15:29:34.0896 8200  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:29:35.0811 8200  cdrom - ok
15:29:37.0792 8200  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:29:37.0995 8200  CertPropSvc - ok
15:29:38.0161 8200  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:29:38.0372 8200  circlass - ok
15:29:38.0861 8200  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:29:38.0953 8200  CLFS - ok
15:29:39.0184 8200  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:29:39.0452 8200  clr_optimization_v2.0.50727_32 - ok
15:29:40.0660 8200  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:29:41.0263 8200  clr_optimization_v2.0.50727_64 - ok
15:29:42.0313 8200  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:29:44.0793 8200  clr_optimization_v4.0.30319_32 - ok
15:29:45.0246 8200  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:29:45.0324 8200  clr_optimization_v4.0.30319_64 - ok
15:29:45.0729 8200  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:29:46.0026 8200  CmBatt - ok
15:29:46.0213 8200  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:29:46.0291 8200  cmdide - ok
15:29:47.0040 8200  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
15:29:48.0444 8200  CNG - ok
15:29:48.0880 8200  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:29:49.0036 8200  Compbatt - ok
15:29:49.0801 8200  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:29:50.0004 8200  CompositeBus - ok
15:29:50.0035 8200  COMSysApp - ok
15:29:50.0534 8200  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:29:50.0565 8200  crcdisk - ok
15:29:51.0330 8200  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:29:52.0484 8200  CryptSvc - ok
15:29:53.0030 8200  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:29:53.0358 8200  CtClsFlt - ok
15:29:54.0450 8200  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:29:54.0559 8200  DcomLaunch - ok
15:29:54.0730 8200  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:29:55.0214 8200  defragsvc - ok
15:29:55.0448 8200  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:29:56.0181 8200  DfsC - ok
15:29:56.0914 8200  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:29:58.0630 8200  Dhcp - ok
15:29:58.0958 8200  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:29:59.0582 8200  discache - ok
15:29:59.0972 8200  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:30:00.0003 8200  Disk - ok
15:30:00.0924 8200  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:30:01.0860 8200  Dnscache - ok
15:30:04.0449 8200  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
15:30:04.0668 8200  DockLoginService ( UnsignedFile.Multi.Generic ) - warning
15:30:04.0668 8200  DockLoginService - detected UnsignedFile.Multi.Generic (1)
15:30:04.0761 8200  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:30:06.0274 8200  dot3svc - ok
15:30:06.0352 8200  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:30:07.0647 8200  DPS - ok
15:30:08.0895 8200  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:30:14.0854 8200  drmkaud - ok
15:30:14.0979 8200  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:30:15.0385 8200  DXGKrnl - ok
15:30:16.0134 8200  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:30:18.0832 8200  EapHost - ok
15:30:20.0626 8200  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:30:24.0292 8200  ebdrv - ok
15:30:24.0386 8200  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:30:25.0572 8200  EFS - ok
15:30:26.0788 8200  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:30:28.0645 8200  ehRecvr - ok
15:30:28.0816 8200  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:30:28.0894 8200  ehSched - ok
15:30:29.0222 8200  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:30:29.0409 8200  elxstor - ok
15:30:29.0862 8200  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:30:29.0940 8200  ErrDev - ok
15:30:32.0638 8200  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:30:32.0794 8200  EventSystem - ok
15:30:33.0980 8200  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:30:34.0245 8200  exfat - ok
15:30:34.0370 8200  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:30:34.0651 8200  fastfat - ok
15:30:34.0822 8200  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:30:35.0103 8200  Fax - ok
15:30:35.0212 8200  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:30:35.0306 8200  fdc - ok
15:30:35.0821 8200  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:30:35.0883 8200  fdPHost - ok
15:30:35.0899 8200  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:30:35.0977 8200  FDResPub - ok
15:30:36.0055 8200  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:30:36.0086 8200  FileInfo - ok
15:30:36.0117 8200  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:30:36.0242 8200  Filetrace - ok
15:30:36.0304 8200  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:30:36.0382 8200  flpydisk - ok
15:30:36.0476 8200  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:30:36.0523 8200  FltMgr - ok
15:30:36.0975 8200  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:30:37.0194 8200  FontCache - ok
15:30:37.0334 8200  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:30:37.0927 8200  FontCache3.0.0.0 - ok
15:30:38.0052 8200  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:30:38.0067 8200  FsDepends - ok
15:30:38.0223 8200  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:30:38.0254 8200  Fs_Rec - ok
15:30:38.0629 8200  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:30:38.0660 8200  fvevol - ok
15:30:39.0081 8200  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:30:39.0128 8200  gagp30kx - ok
15:30:40.0064 8200  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:30:40.0095 8200  GEARAspiWDM - ok
15:30:40.0282 8200  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:30:40.0548 8200  gpsvc - ok
15:30:41.0078 8200  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:30:41.0109 8200  gupdate - ok
15:30:41.0468 8200  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:30:41.0499 8200  gupdatem - ok
15:30:41.0702 8200  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:30:41.0905 8200  hcw85cir - ok
15:30:42.0123 8200  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:30:42.0186 8200  HDAudBus - ok
15:30:42.0248 8200  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:30:42.0295 8200  HidBatt - ok
15:30:42.0342 8200  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:30:42.0435 8200  HidBth - ok
15:30:42.0482 8200  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:30:42.0544 8200  HidIr - ok
15:30:42.0638 8200  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
15:30:42.0716 8200  hidserv - ok
15:30:42.0825 8200  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:30:42.0841 8200  HidUsb - ok
15:30:42.0888 8200  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:30:42.0934 8200  hkmsvc - ok
15:30:43.0028 8200  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:30:43.0215 8200  HomeGroupListener - ok
15:30:43.0262 8200  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:30:43.0387 8200  HomeGroupProvider - ok
15:30:43.0699 8200  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:30:43.0730 8200  HpSAMD - ok
15:30:44.0791 8200  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:30:44.0916 8200  HTTP - ok
15:30:45.0040 8200  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:30:45.0072 8200  hwpolicy - ok
15:30:45.0118 8200  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:30:45.0150 8200  i8042prt - ok
15:30:45.0602 8200  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:30:46.0897 8200  IAANTMON - ok
15:30:48.0847 8200  [ 4F6FB2CDBDEEFC47E7D2066E78254580 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:30:48.0940 8200  iaStor - ok
15:30:49.0299 8200  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:30:49.0408 8200  iaStorV - ok
15:30:49.0845 8200  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:30:49.0954 8200  idsvc - ok
15:30:50.0500 8200  [ BABD5F9B2BCC82CE556A0BAF1AE208A7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:30:50.0968 8200  igfx - ok
15:30:51.0046 8200  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:30:51.0093 8200  iirsp - ok
15:30:51.0202 8200  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:30:51.0327 8200  IKEEXT - ok
15:30:51.0468 8200  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:30:51.0499 8200  intelide - ok
15:30:51.0592 8200  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:30:51.0780 8200  intelppm - ok
15:30:52.0045 8200  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:30:52.0138 8200  IPBusEnum - ok
15:30:52.0216 8200  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:30:52.0294 8200  IpFilterDriver - ok
15:30:52.0435 8200  [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc        C:\Windows\System32\iphlpsvc.dll
15:30:52.0560 8200  IpHlpSvc - ok
15:30:52.0638 8200  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:30:52.0700 8200  IPMIDRV - ok
15:30:52.0794 8200  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:30:52.0903 8200  IPNAT - ok
15:30:52.0996 8200  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:30:53.0293 8200  IRENUM - ok
15:30:53.0371 8200  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:30:53.0402 8200  isapnp - ok
15:30:53.0433 8200  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:30:53.0496 8200  iScsiPrt - ok
15:30:53.0636 8200  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:30:53.0667 8200  kbdclass - ok
15:30:53.0901 8200  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:30:53.0964 8200  kbdhid - ok
15:30:54.0244 8200  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:30:54.0276 8200  KeyIso - ok
15:30:54.0338 8200  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:30:54.0369 8200  KSecDD - ok
15:30:54.0463 8200  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:30:54.0510 8200  KSecPkg - ok
15:30:54.0712 8200  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:30:54.0806 8200  ksthunk - ok
15:30:55.0056 8200  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:30:55.0196 8200  KtmRm - ok
15:30:55.0336 8200  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:30:55.0414 8200  LanmanServer - ok
15:30:55.0477 8200  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:30:55.0555 8200  LanmanWorkstation - ok
15:30:55.0851 8200  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:30:55.0960 8200  lltdio - ok
15:30:56.0335 8200  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:30:56.0491 8200  lltdsvc - ok
15:30:56.0506 8200  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:30:56.0553 8200  lmhosts - ok
15:30:57.0177 8200  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:30:57.0208 8200  LSI_FC - ok
15:30:57.0240 8200  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:30:57.0271 8200  LSI_SAS - ok
15:30:57.0286 8200  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:30:57.0318 8200  LSI_SAS2 - ok
15:30:57.0349 8200  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:30:57.0380 8200  LSI_SCSI - ok
15:30:57.0427 8200  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:30:57.0520 8200  luafv - ok
15:30:57.0661 8200  McAfee SiteAdvisor Service - ok
15:30:57.0801 8200  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:30:57.0832 8200  Mcx2Svc - ok
15:30:57.0942 8200  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:30:57.0973 8200  megasas - ok
15:30:58.0363 8200  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:30:58.0394 8200  MegaSR - ok
15:30:58.0815 8200  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:30:58.0878 8200  MMCSS - ok
15:30:58.0940 8200  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:30:59.0034 8200  Modem - ok
15:30:59.0377 8200  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:30:59.0455 8200  monitor - ok
15:31:00.0032 8200  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
15:31:00.0063 8200  mouclass - ok
15:31:00.0828 8200  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:31:00.0859 8200  mouhid - ok
15:31:00.0937 8200  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:31:00.0952 8200  mountmgr - ok
15:31:01.0108 8200  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:31:01.0140 8200  mpio - ok
15:31:01.0186 8200  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:31:01.0249 8200  mpsdrv - ok
15:31:01.0873 8200  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:31:01.0982 8200  MpsSvc - ok
15:31:04.0447 8200  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
15:31:05.0710 8200  MREMP50 ( UnsignedFile.Multi.Generic ) - warning
15:31:05.0710 8200  MREMP50 - detected UnsignedFile.Multi.Generic (1)
15:31:09.0173 8200  [ C2758DF79C83A0D12A5599A040CA1818 ] MREMP50a64      C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
15:31:09.0236 8200  MREMP50a64 - ok
15:31:09.0610 8200  MREMPR5 - ok
15:31:09.0704 8200  MRENDIS5 - ok
15:31:10.0187 8200  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
15:31:10.0421 8200  MRESP50 ( UnsignedFile.Multi.Generic ) - warning
15:31:10.0421 8200  MRESP50 - detected UnsignedFile.Multi.Generic (1)
15:31:10.0843 8200  [ 38BD5B32E0722752BE8465D2A6DA43D9 ] MRESP50a64      C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
15:31:10.0889 8200  MRESP50a64 - ok
15:31:11.0155 8200  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:31:11.0264 8200  MRxDAV - ok
15:31:11.0607 8200  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:11.0779 8200  mrxsmb - ok
15:31:11.0825 8200  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:12.0028 8200  mrxsmb10 - ok
15:31:12.0091 8200  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:12.0184 8200  mrxsmb20 - ok
15:31:12.0293 8200  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:31:12.0309 8200  msahci - ok
15:31:12.0387 8200  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:31:12.0418 8200  msdsm - ok
15:31:12.0449 8200  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:31:12.0637 8200  MSDTC - ok
15:31:13.0183 8200  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:31:13.0276 8200  Msfs - ok
15:31:13.0869 8200  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:31:13.0931 8200  mshidkmdf - ok
15:31:13.0963 8200  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:31:13.0978 8200  msisadrv - ok
15:31:14.0228 8200  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:31:14.0384 8200  MSiSCSI - ok
15:31:14.0384 8200  msiserver - ok
15:31:14.0571 8200  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:31:14.0758 8200  MSKSSRV - ok
15:31:14.0899 8200  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:15.0008 8200  MSPCLOCK - ok
15:31:15.0179 8200  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:31:15.0257 8200  MSPQM - ok
15:31:15.0663 8200  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:31:15.0803 8200  MsRPC - ok
15:31:15.0913 8200  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:31:15.0928 8200  mssmbios - ok
15:31:16.0303 8200  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:31:16.0412 8200  MSTEE - ok
15:31:16.0661 8200  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:31:16.0802 8200  MTConfig - ok
15:31:16.0942 8200  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:31:16.0958 8200  Mup - ok
15:31:17.0161 8200  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:31:17.0597 8200  napagent - ok
15:31:18.0128 8200  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:31:18.0206 8200  NativeWifiP - ok
15:31:18.0814 8200  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:31:19.0001 8200  NDIS - ok
15:31:19.0126 8200  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:31:19.0220 8200  NdisCap - ok
15:31:19.0282 8200  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:19.0407 8200  NdisTapi - ok
15:31:19.0953 8200  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:20.0777 8200  Ndisuio - ok
15:31:21.0225 8200  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:21.0337 8200  NdisWan - ok
15:31:21.0547 8200  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:31:21.0866 8200  NDProxy - ok
15:31:22.0027 8200  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:31:22.0237 8200  NetBIOS - ok
15:31:22.0376 8200  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:31:22.0623 8200  NetBT - ok
15:31:22.0641 8200  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:31:22.0665 8200  Netlogon - ok
15:31:23.0138 8200  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:31:23.0432 8200  Netman - ok
15:31:24.0241 8200  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:31:24.0458 8200  netprofm - ok
15:31:24.0494 8200  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:31:24.0519 8200  NetTcpPortSharing - ok
15:31:24.0638 8200  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:31:24.0661 8200  nfrd960 - ok
15:31:24.0738 8200  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:31:24.0852 8200  NlaSvc - ok
15:31:25.0028 8200  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:31:25.0116 8200  Npfs - ok
15:31:25.0308 8200  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:31:25.0384 8200  nsi - ok
15:31:25.0555 8200  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:31:25.0795 8200  nsiproxy - ok
15:31:27.0029 8200  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:31:27.0395 8200  Ntfs - ok
15:31:27.0691 8200  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:31:27.0932 8200  Null - ok
15:31:28.0088 8200  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:31:28.0122 8200  nvraid - ok
15:31:28.0189 8200  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:31:28.0224 8200  nvstor - ok
15:31:28.0263 8200  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:31:28.0287 8200  nv_agp - ok
15:31:28.0322 8200  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:31:28.0351 8200  ohci1394 - ok
15:31:28.0631 8200  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:31:28.0857 8200  p2pimsvc - ok
15:31:29.0041 8200  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:31:29.0095 8200  p2psvc - ok
15:31:29.0131 8200  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:31:29.0339 8200  Parport - ok
15:31:29.0452 8200  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:31:29.0476 8200  partmgr - ok
15:31:29.0867 8200  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:31:30.0573 8200  PcaSvc - ok
15:31:30.0719 8200  [ 3BEA1D461531D1D26F5695BB9CA97A18 ] pcCMService64   C:\Program Files\Common Files\Motive\pcCMService.exe
15:31:31.0354 8200  pcCMService64 ( UnsignedFile.Multi.Generic ) - warning
15:31:31.0354 8200  pcCMService64 - detected UnsignedFile.Multi.Generic (1)
15:31:31.0414 8200  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:31:31.0496 8200  pci - ok
15:31:31.0591 8200  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:31:32.0359 8200  pciide - ok
15:31:32.0420 8200  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:31:32.0484 8200  pcmcia - ok
15:31:32.0540 8200  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:31:32.0562 8200  pcw - ok
15:31:33.0593 8200  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:31:34.0094 8200  PEAUTH - ok
15:31:41.0661 8200  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:31:41.0765 8200  PerfHost - ok
15:31:43.0729 8200  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:31:44.0497 8200  pla - ok
15:31:44.0576 8200  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:31:45.0569 8200  PlugPlay - ok
15:31:45.0822 8200  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:31:46.0645 8200  PNRPAutoReg - ok
15:31:47.0451 8200  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:31:47.0959 8200  PNRPsvc - ok
15:31:49.0487 8200  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:31:49.0801 8200  PolicyAgent - ok
15:31:50.0889 8200  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:31:51.0288 8200  Power - ok
15:31:51.0466 8200  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:31:51.0775 8200  PptpMiniport - ok
15:31:51.0907 8200  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:31:52.0076 8200  Processor - ok
15:31:52.0848 8200  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:31:54.0340 8200  ProfSvc - ok
15:31:54.0430 8200  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:31:54.0456 8200  ProtectedStorage - ok
15:31:54.0941 8200  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:31:55.0375 8200  Psched - ok
15:31:55.0749 8200  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:31:55.0792 8200  PxHlpa64 - ok
15:31:56.0074 8200  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:31:56.0152 8200  ql2300 - ok
15:31:56.0269 8200  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:31:56.0292 8200  ql40xx - ok
15:31:56.0373 8200  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:31:57.0102 8200  QWAVE - ok
15:31:57.0540 8200  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:31:58.0036 8200  QWAVEdrv - ok
15:32:01.0266 8200  [ DE004C5857A45EB59FBFDC57AAA17026 ] RapportCerberus_51755 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_51755.sys
15:32:01.0609 8200  RapportCerberus_51755 - ok
15:32:04.0645 8200  [ BB9E8EB0B28922057A849F6998C3F69C ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
15:32:05.0014 8200  RapportEI64 - ok
15:32:05.0081 8200  [ 0B629D5595CB4C1B38C6D3A654EDA75A ] RapportKE64     C:\Windows\system32\Drivers\RapportKE64.sys
15:32:05.0261 8200  RapportKE64 - ok
15:32:06.0165 8200  [ C4C4736DCE60276E9B0CB0FE3A848586 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
15:32:06.0339 8200  RapportMgmtService - ok
15:32:07.0045 8200  [ A7F657CC79E8C6FEB92D0B50CA30F97C ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
15:32:07.0103 8200  RapportPG64 - ok
15:32:07.0296 8200  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:32:08.0029 8200  RasAcd - ok
15:32:08.0090 8200  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:32:08.0263 8200  RasAgileVpn - ok
15:32:08.0428 8200  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:32:08.0667 8200  RasAuto - ok
15:32:08.0753 8200  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:32:08.0960 8200  Rasl2tp - ok
15:32:09.0456 8200  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:32:09.0667 8200  RasMan - ok
15:32:09.0808 8200  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:32:10.0015 8200  RasPppoe - ok
15:32:10.0183 8200  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:32:10.0292 8200  RasSstp - ok
15:32:10.0437 8200  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:32:10.0638 8200  rdbss - ok
15:32:10.0663 8200  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:32:11.0185 8200  rdpbus - ok
15:32:11.0225 8200  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:32:11.0434 8200  RDPCDD - ok
15:32:12.0040 8200  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:32:12.0503 8200  RDPENCDD - ok
15:32:13.0151 8200  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:32:13.0495 8200  RDPREFMP - ok
15:32:13.0886 8200  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:32:15.0196 8200  RdpVideoMiniport - ok
15:32:15.0573 8200  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:32:15.0806 8200  RDPWD - ok
15:32:16.0249 8200  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:32:16.0294 8200  rdyboost - ok
15:32:16.0366 8200  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:32:16.0591 8200  RemoteAccess - ok
15:32:16.0622 8200  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:32:17.0646 8200  RemoteRegistry - ok
15:32:17.0745 8200  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:32:18.0760 8200  RpcEptMapper - ok
15:32:18.0825 8200  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:32:18.0912 8200  RpcLocator - ok
15:32:19.0076 8200  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:32:19.0139 8200  RpcSs - ok
15:32:19.0218 8200  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:32:20.0146 8200  rspndr - ok
15:32:20.0401 8200  [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
15:32:20.0599 8200  RSUSBSTOR - ok
15:32:20.0617 8200  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:32:20.0642 8200  SamSs - ok
15:32:20.0673 8200  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:32:20.0697 8200  sbp2port - ok
15:32:20.0758 8200  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:32:20.0831 8200  SCardSvr - ok
15:32:20.0867 8200  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:32:21.0033 8200  scfilter - ok
15:32:21.0125 8200  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:32:21.0660 8200  Schedule - ok
15:32:21.0750 8200  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:32:22.0384 8200  SCPolicySvc - ok
15:32:22.0452 8200  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:32:22.0794 8200  SDRSVC - ok
15:32:22.0990 8200  [ 16A252022535B680046F6E34E136D378 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:32:23.0026 8200  SeaPort - ok
15:32:23.0217 8200  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:32:23.0300 8200  secdrv - ok
15:32:23.0410 8200  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:32:23.0488 8200  seclogon - ok
15:32:23.0629 8200  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
15:32:24.0158 8200  SENS - ok
15:32:24.0232 8200  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:32:24.0457 8200  SensrSvc - ok
15:32:24.0614 8200  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:32:24.0800 8200  Serenum - ok
15:32:24.0878 8200  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:32:25.0091 8200  Serial - ok
15:32:25.0156 8200  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:32:25.0222 8200  sermouse - ok
15:32:25.0323 8200  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:32:25.0533 8200  SessionEnv - ok
15:32:25.0572 8200  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:32:25.0767 8200  sffdisk - ok
15:32:25.0815 8200  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:32:25.0857 8200  sffp_mmc - ok
15:32:25.0886 8200  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:32:25.0968 8200  sffp_sd - ok
15:32:25.0997 8200  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:32:26.0025 8200  sfloppy - ok
15:32:26.0165 8200  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:32:26.0261 8200  SharedAccess - ok
15:32:26.0389 8200  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:32:26.0520 8200  ShellHWDetection - ok
15:32:26.0629 8200  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:32:26.0705 8200  SiSRaid2 - ok
15:32:26.0758 8200  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:32:26.0785 8200  SiSRaid4 - ok
15:32:34.0419 8200  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:32:35.0112 8200  Skype C2C Service - ok
15:32:35.0690 8200  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:32:35.0924 8200  SkypeUpdate - ok
15:32:35.0943 8200  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:32:36.0520 8200  Smb - ok
15:32:36.0588 8200  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:32:37.0773 8200  SNMPTRAP - ok
15:32:37.0831 8200  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:32:37.0853 8200  spldr - ok
15:32:37.0896 8200  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:32:37.0981 8200  Spooler - ok
15:32:38.0103 8200  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:32:38.0607 8200  sppsvc - ok
15:32:38.0642 8200  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:32:39.0735 8200  sppuinotify - ok
15:32:39.0805 8200  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:32:41.0220 8200  srv - ok
15:32:41.0287 8200  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:32:41.0840 8200  srv2 - ok
15:32:41.0878 8200  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:32:42.0628 8200  srvnet - ok
15:32:42.0697 8200  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:32:43.0160 8200  SSDPSRV - ok
15:32:43.0242 8200  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:32:43.0299 8200  SstpSvc - ok
15:32:58.0259 8200  [ 5697FB5DCF36ADA09C153378E88AE6AD ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
15:32:59.0304 8200  STacSV - ok
15:32:59.0511 8200  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:32:59.0540 8200  stexstor - ok
15:32:59.0996 8200  [ F3F6C17F70EBA268CDBE4F9704E3EAC5 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
15:33:00.0134 8200  STHDA - ok
15:33:00.0553 8200  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:33:00.0712 8200  stisvc - ok
15:33:00.0840 8200  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:33:00.0863 8200  swenum - ok
15:33:00.0959 8200  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:33:01.0945 8200  swprv - ok
15:33:01.0998 8200  [ 3178B56219E0E4FB5F95299E49B83B44 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:33:03.0681 8200  SynTP - ok
15:33:04.0286 8200  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:33:05.0060 8200  SysMain - ok
15:33:05.0101 8200  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:33:05.0154 8200  TabletInputService - ok
15:33:05.0200 8200  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:33:05.0286 8200  TapiSrv - ok
15:33:05.0394 8200  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:33:05.0461 8200  TBS - ok
15:33:05.0583 8200  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:33:05.0702 8200  Tcpip - ok
15:33:07.0382 8200  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:33:07.0465 8200  TCPIP6 - ok
15:33:07.0538 8200  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:33:07.0575 8200  tcpipreg - ok
15:33:07.0677 8200  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:33:07.0882 8200  TDPIPE - ok
15:33:07.0943 8200  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:33:08.0027 8200  TDTCP - ok
15:33:08.0122 8200  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:33:08.0247 8200  tdx - ok
15:33:08.0308 8200  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:33:08.0336 8200  TermDD - ok
15:33:08.0459 8200  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:33:09.0095 8200  TermService - ok
15:33:09.0392 8200  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:33:10.0835 8200  Themes - ok
15:33:10.0902 8200  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:33:11.0370 8200  THREADORDER - ok
15:33:11.0432 8200  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:33:12.0243 8200  TrkWks - ok
15:33:12.0307 8200  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:33:13.0101 8200  TrustedInstaller - ok
15:33:13.0211 8200  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:33:13.0329 8200  tssecsrv - ok
15:33:13.0380 8200  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:33:13.0439 8200  TsUsbFlt - ok
15:33:13.0511 8200  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:33:14.0016 8200  tunnel - ok
15:33:14.0052 8200  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:33:14.0075 8200  uagp35 - ok
15:33:14.0093 8200  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:33:15.0237 8200  udfs - ok
15:33:15.0780 8200  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:33:16.0446 8200  UI0Detect - ok
15:33:16.0510 8200  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:33:16.0534 8200  uliagpkx - ok
15:33:16.0654 8200  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:33:18.0500 8200  umbus - ok
15:33:18.0549 8200  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:33:19.0894 8200  UmPass - ok
15:33:19.0935 8200  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:33:20.0411 8200  upnphost - ok
15:33:20.0523 8200  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:33:21.0487 8200  usbaudio - ok
15:33:21.0813 8200  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:33:23.0438 8200  usbccgp - ok
15:33:23.0936 8200  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:33:24.0899 8200  usbcir - ok
15:33:24.0923 8200  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:33:24.0969 8200  usbehci - ok
15:33:26.0015 8200  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:33:26.0929 8200  usbhub - ok
15:33:26.0958 8200  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:33:27.0894 8200  usbohci - ok
15:33:27.0975 8200  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:33:29.0034 8200  usbprint - ok
15:33:29.0098 8200  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:33:29.0908 8200  usbscan - ok
15:33:29.0930 8200  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:33:31.0118 8200  USBSTOR - ok
15:33:31.0826 8200  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:33:32.0758 8200  usbuhci - ok
15:33:32.0830 8200  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:33:33.0852 8200  usbvideo - ok
15:33:33.0906 8200  UTSCSI - ok
15:33:34.0296 8200  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:33:36.0246 8200  UxSms - ok
15:33:36.0264 8200  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:33:36.0333 8200  VaultSvc - ok
15:33:36.0711 8200  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:33:36.0746 8200  vdrvroot - ok
15:33:36.0787 8200  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:33:37.0267 8200  vds - ok
15:33:37.0323 8200  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:33:37.0549 8200  vga - ok
15:33:37.0575 8200  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:33:38.0117 8200  VgaSave - ok
15:33:38.0224 8200  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:33:38.0285 8200  vhdmp - ok
15:33:38.0320 8200  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:33:38.0357 8200  viaide - ok
15:33:38.0371 8200  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:33:38.0395 8200  volmgr - ok
15:33:39.0144 8200  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:33:39.0193 8200  volmgrx - ok
15:33:39.0293 8200  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:33:39.0327 8200  volsnap - ok
15:33:39.0454 8200  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:33:39.0502 8200  vsmraid - ok
15:33:39.0591 8200  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:33:42.0879 8200  VSS - ok
15:33:42.0905 8200  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:33:43.0029 8200  vwifibus - ok
15:33:43.0068 8200  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:33:43.0284 8200  vwififlt - ok
15:33:43.0666 8200  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:33:44.0645 8200  vwifimp - ok
15:33:44.0743 8200  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:33:45.0497 8200  W32Time - ok
15:33:45.0542 8200  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:33:45.0826 8200  WacomPen - ok
15:33:46.0000 8200  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:33:47.0354 8200  WANARP - ok
15:33:47.0555 8200  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:33:48.0865 8200  Wanarpv6 - ok
15:33:48.0999 8200  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:33:49.0078 8200  WatAdminSvc - ok
15:33:53.0718 8200  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:33:55.0319 8200  wbengine - ok
15:33:56.0633 8200  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:33:56.0873 8200  WbioSrvc - ok
15:33:57.0144 8200  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:33:57.0282 8200  wcncsvc - ok
15:33:57.0324 8200  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:33:58.0461 8200  WcsPlugInService - ok
15:33:59.0346 8200  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:33:59.0613 8200  Wd - ok
15:34:01.0602 8200  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:34:01.0680 8200  Wdf01000 - ok
15:34:02.0218 8200  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:34:11.0836 8200  WdiServiceHost - ok
15:34:12.0392 8200  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:34:12.0710 8200  WdiSystemHost - ok
15:34:12.0738 8200  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:34:13.0258 8200  WebClient - ok
15:34:13.0292 8200  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:34:13.0972 8200  Wecsvc - ok
15:34:13.0995 8200  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:34:14.0971 8200  wercplsupport - ok
15:34:15.0029 8200  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:34:15.0141 8200  WerSvc - ok
15:34:15.0548 8200  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:34:15.0635 8200  WfpLwf - ok
15:34:15.0791 8200  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
15:34:15.0819 8200  WimFltr - ok
15:34:15.0865 8200  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:34:15.0887 8200  WIMMount - ok
15:34:15.0916 8200  WinDefend - ok
15:34:15.0935 8200  WinHttpAutoProxySvc - ok
15:34:16.0524 8200  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:34:16.0612 8200  Winmgmt - ok
15:34:17.0070 8200  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:34:17.0404 8200  WinRM - ok
15:34:18.0074 8200  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:34:18.0150 8200  Wlansvc - ok
15:34:19.0180 8200  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:34:19.0244 8200  wlcrasvc - ok
15:34:20.0114 8200  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:34:20.0235 8200  wlidsvc - ok
15:34:20.0299 8200  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:34:20.0471 8200  WmiAcpi - ok
15:34:20.0542 8200  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:34:20.0867 8200  wmiApSrv - ok
15:34:22.0017 8200  WMPNetworkSvc - ok
15:34:22.0175 8200  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:34:22.0271 8200  WPCSvc - ok
15:34:22.0322 8200  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:34:22.0812 8200  WPDBusEnum - ok
15:34:23.0111 8200  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:34:24.0209 8200  ws2ifsl - ok
15:34:24.0274 8200  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
15:34:24.0581 8200  wscsvc - ok
15:34:24.0595 8200  WSearch - ok
15:34:24.0715 8200  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:34:24.0846 8200  wuauserv - ok
15:34:25.0022 8200  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:34:25.0605 8200  WudfPf - ok
15:34:25.0690 8200  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:34:25.0837 8200  WUDFRd - ok
15:34:25.0947 8200  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:34:26.0022 8200  wudfsvc - ok
15:34:26.0187 8200  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:34:27.0155 8200  WwanSvc - ok
15:34:27.0438 8200  [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
15:34:27.0947 8200  yukonw7 - ok
15:34:27.0994 8200  ================ Scan global ===============================
15:34:28.0184 8200  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:34:28.0382 8200  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:34:28.0395 8200  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:34:28.0460 8200  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:34:28.0504 8200  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:34:28.0520 8200  [Global] - ok
15:34:28.0521 8200  ================ Scan MBR ==================================
15:34:28.0535 8200  [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0
15:34:28.0536 8200  Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:34:28.0606 8200  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
15:34:28.0606 8200  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
15:34:28.0788 8200  ================ Scan VBR ==================================
15:34:28.0789 8200  [ A5A47F88A08D4A60AB8861A5E6C4609C ] \Device\Harddisk0\DR0\Partition1
15:34:28.0792 8200  \Device\Harddisk0\DR0\Partition1 - ok
15:34:28.0823 8200  [ CFB0B668E765C8B2E401D1EB2E3EE2AE ] \Device\Harddisk0\DR0\Partition2
15:34:28.0825 8200  \Device\Harddisk0\DR0\Partition2 - ok
15:34:28.0826 8200  ================ Scan active images ========================
15:34:28.0826 8200  [ 3E588B60EC061686BA05D33574A344C6 ] C:\WINDOWS\System32\drivers\crashdmp.sys
15:34:28.0826 8200  C:\WINDOWS\System32\drivers\crashdmp.sys - ok
15:34:28.0827 8200  [ 814DB88F2641691575A455CF25354098 ] C:\WINDOWS\System32\drivers\dumpfve.sys
15:34:28.0827 8200  C:\WINDOWS\System32\drivers\dumpfve.sys - ok
15:34:28.0828 8200  [ 4F6FB2CDBDEEFC47E7D2066E78254580 ] C:\WINDOWS\System32\drivers\iaStor.sys
15:34:28.0828 8200  C:\WINDOWS\System32\drivers\iaStor.sys - ok
15:34:28.0829 8200  [ DE004C5857A45EB59FBFDC57AAA17026 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_51755.sys
15:34:28.0829 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_51755.sys - ok
15:34:28.0985 8200  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\WINDOWS\System32\drivers\cdrom.sys
15:34:28.0986 8200  C:\WINDOWS\System32\drivers\cdrom.sys - ok
15:34:28.0986 8200  [ A7F657CC79E8C6FEB92D0B50CA30F97C ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
15:34:28.0987 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys - ok
15:34:28.0987 8200  [ 16A47CE2DECC9B099349A5F840654746 ] C:\WINDOWS\System32\drivers\beep.sys
15:34:28.0987 8200  C:\WINDOWS\System32\drivers\beep.sys - ok
15:34:28.0988 8200  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\WINDOWS\System32\drivers\null.sys
15:34:28.0988 8200  C:\WINDOWS\System32\drivers\null.sys - ok
15:34:28.0989 8200  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\WINDOWS\System32\drivers\RDPCDD.sys
15:34:28.0989 8200  C:\WINDOWS\System32\drivers\RDPCDD.sys - ok
15:34:28.0990 8200  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\WINDOWS\System32\drivers\vga.sys
15:34:28.0990 8200  C:\WINDOWS\System32\drivers\vga.sys - ok
15:34:28.0991 8200  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\WINDOWS\System32\drivers\videoprt.sys
15:34:28.0991 8200  C:\WINDOWS\System32\drivers\videoprt.sys - ok
15:34:28.0992 8200  [ FC438D1430B28618E2D0C7C332A710AD ] C:\WINDOWS\System32\drivers\watchdog.sys
15:34:28.0992 8200  C:\WINDOWS\System32\drivers\watchdog.sys - ok
15:34:28.0993 8200  [ BB5971A4F00659529A5C44831AF22365 ] C:\WINDOWS\System32\drivers\RDPENCDD.sys
15:34:28.0993 8200  C:\WINDOWS\System32\drivers\RDPENCDD.sys - ok
15:34:28.0994 8200  [ 216F3FA57533D98E1F74DED70113177A ] C:\WINDOWS\System32\drivers\RDPREFMP.sys
15:34:28.0994 8200  C:\WINDOWS\System32\drivers\RDPREFMP.sys - ok
15:34:28.0995 8200  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\WINDOWS\System32\drivers\msfs.sys
15:34:28.0995 8200  C:\WINDOWS\System32\drivers\msfs.sys - ok
15:34:28.0996 8200  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\WINDOWS\System32\drivers\npfs.sys
15:34:28.0996 8200  C:\WINDOWS\System32\drivers\npfs.sys - ok
15:34:28.0997 8200  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\WINDOWS\System32\drivers\tdi.sys
15:34:28.0997 8200  C:\WINDOWS\System32\drivers\tdi.sys - ok
15:34:28.0999 8200  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\WINDOWS\System32\drivers\tdx.sys
15:34:28.0999 8200  C:\WINDOWS\System32\drivers\tdx.sys - ok
15:34:29.0000 8200  [ 09594D1089C523423B32A4229263F068 ] C:\WINDOWS\System32\drivers\netbt.sys
15:34:29.0000 8200  C:\WINDOWS\System32\drivers\netbt.sys - ok
15:34:29.0001 8200  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\WINDOWS\System32\drivers\afd.sys
15:34:29.0001 8200  C:\WINDOWS\System32\drivers\afd.sys - ok
15:34:29.0002 8200  [ 0557CF5A2556BD58E26384169D72438D ] C:\WINDOWS\System32\drivers\pacer.sys
15:34:29.0002 8200  C:\WINDOWS\System32\drivers\pacer.sys - ok
15:34:29.0003 8200  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\WINDOWS\System32\drivers\vwififlt.sys
15:34:29.0003 8200  C:\WINDOWS\System32\drivers\vwififlt.sys - ok
15:34:29.0004 8200  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\WINDOWS\System32\drivers\wfplwf.sys
15:34:29.0004 8200  C:\WINDOWS\System32\drivers\wfplwf.sys - ok
15:34:29.0004 8200  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:34:29.0004 8200  C:\WINDOWS\System32\drivers\ws2ifsl.sys - ok
15:34:29.0005 8200  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\WINDOWS\System32\drivers\netbios.sys
15:34:29.0005 8200  C:\WINDOWS\System32\drivers\netbios.sys - ok
15:34:29.0006 8200  [ 77F665941019A1594D887A74F301FA2F ] C:\WINDOWS\System32\drivers\rdbss.sys
15:34:29.0006 8200  C:\WINDOWS\System32\drivers\rdbss.sys - ok
15:34:29.0007 8200  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\WINDOWS\System32\drivers\termdd.sys
15:34:29.0007 8200  C:\WINDOWS\System32\drivers\termdd.sys - ok
15:34:29.0008 8200  [ 356AFD78A6ED4457169241AC3965230C ] C:\WINDOWS\System32\drivers\wanarp.sys
15:34:29.0008 8200  C:\WINDOWS\System32\drivers\wanarp.sys - ok
15:34:29.0009 8200  [ BB9E8EB0B28922057A849F6998C3F69C ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
15:34:29.0009 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys - ok
15:34:29.0010 8200  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\WINDOWS\System32\drivers\discache.sys
15:34:29.0010 8200  C:\WINDOWS\System32\drivers\discache.sys - ok
15:34:29.0011 8200  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\WINDOWS\System32\drivers\mssmbios.sys
15:34:29.0011 8200  C:\WINDOWS\System32\drivers\mssmbios.sys - ok
15:34:29.0012 8200  [ E7F5AE18AF4168178A642A9247C63001 ] C:\WINDOWS\System32\drivers\nsiproxy.sys
15:34:29.0012 8200  C:\WINDOWS\System32\drivers\nsiproxy.sys - ok
15:34:29.0012 8200  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\WINDOWS\System32\drivers\blbdrive.sys
15:34:29.0012 8200  C:\WINDOWS\System32\drivers\blbdrive.sys - ok
15:34:29.0013 8200  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\WINDOWS\System32\drivers\dfsc.sys
15:34:29.0014 8200  C:\WINDOWS\System32\drivers\dfsc.sys - ok
15:34:29.0014 8200  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\WINDOWS\System32\drivers\tunnel.sys
15:34:29.0015 8200  C:\WINDOWS\System32\drivers\tunnel.sys - ok
15:34:29.0015 8200  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\WINDOWS\System32\ntdll.dll
15:34:29.0015 8200  C:\WINDOWS\System32\ntdll.dll - ok
15:34:29.0016 8200  [ F0371DE302FFFF8F086661611BE60848 ] C:\WINDOWS\System32\smss.exe
15:34:29.0016 8200  C:\WINDOWS\System32\smss.exe - ok
15:34:29.0017 8200  [ BABD5F9B2BCC82CE556A0BAF1AE208A7 ] C:\WINDOWS\System32\drivers\igdkmd64.sys
15:34:29.0017 8200  C:\WINDOWS\System32\drivers\igdkmd64.sys - ok
15:34:29.0018 8200  [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:34:29.0018 8200  C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
15:34:29.0019 8200  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\WINDOWS\System32\drivers\dxgmms1.sys
15:34:29.0019 8200  C:\WINDOWS\System32\drivers\dxgmms1.sys - ok
15:34:29.0019 8200  [ C025055FE7B87701EB042095DF1A2D7B ] C:\WINDOWS\System32\drivers\usbehci.sys
15:34:29.0019 8200  C:\WINDOWS\System32\drivers\usbehci.sys - ok
15:34:29.0020 8200  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\WINDOWS\System32\drivers\usbport.sys
15:34:29.0020 8200  C:\WINDOWS\System32\drivers\usbport.sys - ok
15:34:29.0021 8200  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\WINDOWS\System32\drivers\usbuhci.sys
15:34:29.0021 8200  C:\WINDOWS\System32\drivers\usbuhci.sys - ok
15:34:29.0022 8200  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\WINDOWS\System32\drivers\hdaudbus.sys
15:34:29.0022 8200  C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
15:34:29.0023 8200  [ 195786ED7A26E1913A4F9799FDBC2C71 ] C:\WINDOWS\System32\drivers\athrx.sys
15:34:29.0023 8200  C:\WINDOWS\System32\drivers\athrx.sys - ok
15:34:29.0023 8200  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\WINDOWS\System32\autochk.exe
15:34:29.0023 8200  C:\WINDOWS\System32\autochk.exe - ok
15:34:29.0024 8200  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\WINDOWS\System32\drivers\vwifibus.sys
15:34:29.0024 8200  C:\WINDOWS\System32\drivers\vwifibus.sys - ok
15:34:29.0025 8200  [ 64F88AF327AA74E03658AE32B48CCB8B ] C:\WINDOWS\System32\drivers\yk62x64.sys
15:34:29.0025 8200  C:\WINDOWS\System32\drivers\yk62x64.sys - ok
15:34:29.0027 8200  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\WINDOWS\System32\drivers\i8042prt.sys
15:34:29.0027 8200  C:\WINDOWS\System32\drivers\i8042prt.sys - ok
15:34:29.0028 8200  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\WINDOWS\System32\drivers\usbd.sys
15:34:29.0028 8200  C:\WINDOWS\System32\drivers\usbd.sys - ok
15:34:29.0029 8200  [ 3178B56219E0E4FB5F95299E49B83B44 ] C:\WINDOWS\System32\drivers\SynTP.sys
15:34:29.0029 8200  C:\WINDOWS\System32\drivers\SynTP.sys - ok
15:34:29.0030 8200  [ 65C113214F7B05820F6D8A65B1485196 ] C:\WINDOWS\System32\kernel32.dll
15:34:29.0030 8200  C:\WINDOWS\System32\kernel32.dll - ok
15:34:29.0031 8200  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\WINDOWS\System32\drivers\kbdclass.sys
15:34:29.0031 8200  C:\WINDOWS\System32\drivers\kbdclass.sys - ok
15:34:29.0032 8200  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\WINDOWS\System32\drivers\mouclass.sys
15:34:29.0032 8200  C:\WINDOWS\System32\drivers\mouclass.sys - ok
15:34:29.0033 8200  [ 8E98D21EE06192492A5671A6144D092F ] C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
15:34:29.0033 8200  C:\WINDOWS\System32\drivers\GEARAspiWDM.sys - ok
15:34:29.0034 8200  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\WINDOWS\System32\drivers\CmBatt.sys
15:34:29.0034 8200  C:\WINDOWS\System32\drivers\CmBatt.sys - ok
15:34:29.0034 8200  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\WINDOWS\System32\drivers\CompositeBus.sys
15:34:29.0035 8200  C:\WINDOWS\System32\drivers\CompositeBus.sys - ok
15:34:29.0035 8200  [ ADA036632C664CAA754079041CF1F8C1 ] C:\WINDOWS\System32\drivers\intelppm.sys
15:34:29.0035 8200  C:\WINDOWS\System32\drivers\intelppm.sys - ok
15:34:29.0036 8200  [ F6FF8944478594D0E414D3F048F0D778 ] C:\WINDOWS\System32\drivers\wmiacpi.sys
15:34:29.0036 8200  C:\WINDOWS\System32\drivers\wmiacpi.sys - ok
15:34:29.0037 8200  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\WINDOWS\System32\drivers\agilevpn.sys
15:34:29.0037 8200  C:\WINDOWS\System32\drivers\agilevpn.sys - ok
15:34:29.0038 8200  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\WINDOWS\System32\drivers\ndistapi.sys
15:34:29.0038 8200  C:\WINDOWS\System32\drivers\ndistapi.sys - ok
15:34:29.0038 8200  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\WINDOWS\System32\drivers\rasl2tp.sys
15:34:29.0039 8200  C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
15:34:29.0039 8200  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\WINDOWS\System32\drivers\ndiswan.sys
15:34:29.0040 8200  C:\WINDOWS\System32\drivers\ndiswan.sys - ok
15:34:29.0041 8200  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\WINDOWS\System32\drivers\raspppoe.sys
15:34:29.0041 8200  C:\WINDOWS\System32\drivers\raspppoe.sys - ok
15:34:29.0041 8200  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\WINDOWS\System32\drivers\raspptp.sys
15:34:29.0042 8200  C:\WINDOWS\System32\drivers\raspptp.sys - ok
15:34:29.0042 8200  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\WINDOWS\System32\drivers\rassstp.sys
15:34:29.0042 8200  C:\WINDOWS\System32\drivers\rassstp.sys - ok
15:34:29.0043 8200  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\WINDOWS\System32\drivers\ks.sys
15:34:29.0044 8200  C:\WINDOWS\System32\drivers\ks.sys - ok
15:34:29.0044 8200  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\WINDOWS\System32\drivers\swenum.sys
15:34:29.0044 8200  C:\WINDOWS\System32\drivers\swenum.sys - ok
15:34:29.0046 8200  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\WINDOWS\System32\drivers\umbus.sys
15:34:29.0046 8200  C:\WINDOWS\System32\drivers\umbus.sys - ok
15:34:29.0047 8200  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\WINDOWS\System32\drivers\usbhub.sys
15:34:29.0047 8200  C:\WINDOWS\System32\drivers\usbhub.sys - ok
15:34:29.0047 8200  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\WINDOWS\System32\imagehlp.dll
15:34:29.0048 8200  C:\WINDOWS\System32\imagehlp.dll - ok
15:34:29.0048 8200  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\WINDOWS\System32\gdi32.dll
15:34:29.0049 8200  C:\WINDOWS\System32\gdi32.dll - ok
15:34:29.0049 8200  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\WINDOWS\System32\rpcrt4.dll
15:34:29.0049 8200  C:\WINDOWS\System32\rpcrt4.dll - ok
15:34:29.0050 8200  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\WINDOWS\System32\drivers\ndproxy.sys
15:34:29.0050 8200  C:\WINDOWS\System32\drivers\ndproxy.sys - ok
15:34:29.0051 8200  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\WINDOWS\System32\usp10.dll
15:34:29.0051 8200  C:\WINDOWS\System32\usp10.dll - ok
15:34:29.0052 8200  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\WINDOWS\System32\msvcrt.dll
15:34:29.0052 8200  C:\WINDOWS\System32\msvcrt.dll - ok
15:34:29.0053 8200  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\WINDOWS\System32\imm32.dll
15:34:29.0053 8200  C:\WINDOWS\System32\imm32.dll - ok
15:34:29.0054 8200  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\WINDOWS\System32\comdlg32.dll
15:34:29.0054 8200  C:\WINDOWS\System32\comdlg32.dll - ok
15:34:29.0055 8200  [ F7CE0C81C545364020ED8203CF0A633E ] C:\WINDOWS\System32\difxapi.dll
15:34:29.0055 8200  C:\WINDOWS\System32\difxapi.dll - ok
15:34:29.0056 8200  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\WINDOWS\System32\user32.dll
15:34:29.0056 8200  C:\WINDOWS\System32\user32.dll - ok
15:34:29.0057 8200  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\WINDOWS\System32\clbcatq.dll
15:34:29.0057 8200  C:\WINDOWS\System32\clbcatq.dll - ok
15:34:29.0058 8200  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\WINDOWS\System32\sechost.dll
15:34:29.0058 8200  C:\WINDOWS\System32\sechost.dll - ok
15:34:29.0059 8200  [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\WINDOWS\System32\shell32.dll
15:34:29.0059 8200  C:\WINDOWS\System32\shell32.dll - ok
15:34:29.0062 8200  [ 628A8940176C87C3D51E808365A3BA2D ] C:\WINDOWS\System32\wininet.dll
15:34:29.0062 8200  C:\WINDOWS\System32\wininet.dll - ok
15:34:29.0063 8200  [ C06B32165E23A72A898B7A89679AD754 ] C:\WINDOWS\System32\oleaut32.dll
15:34:29.0063 8200  C:\WINDOWS\System32\oleaut32.dll - ok
15:34:29.0063 8200  [ D202223587518B13D72D68937B7E3F70 ] C:\WINDOWS\System32\lpk.dll
15:34:29.0064 8200  C:\WINDOWS\System32\lpk.dll - ok
15:34:29.0064 8200  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\WINDOWS\System32\shlwapi.dll
15:34:29.0064 8200  C:\WINDOWS\System32\shlwapi.dll - ok
15:34:29.0065 8200  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\WINDOWS\System32\advapi32.dll
15:34:29.0065 8200  C:\WINDOWS\System32\advapi32.dll - ok
15:34:29.0066 8200  [ 2452EDA795646D7E1E6CAE4EAF38F9C7 ] C:\WINDOWS\System32\iertutil.dll
15:34:29.0066 8200  C:\WINDOWS\System32\iertutil.dll - ok
15:34:29.0067 8200  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\WINDOWS\System32\msctf.dll
15:34:29.0067 8200  C:\WINDOWS\System32\msctf.dll - ok
15:34:29.0068 8200  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\WINDOWS\System32\setupapi.dll
15:34:29.0068 8200  C:\WINDOWS\System32\setupapi.dll - ok
15:34:29.0069 8200  [ 7935DF9821C148B5105500BEE5472E1B ] C:\WINDOWS\System32\urlmon.dll
15:34:29.0069 8200  C:\WINDOWS\System32\urlmon.dll - ok
15:34:29.0070 8200  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\WINDOWS\System32\Wldap32.dll
15:34:29.0070 8200  C:\WINDOWS\System32\Wldap32.dll - ok
15:34:29.0070 8200  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\WINDOWS\System32\normaliz.dll
15:34:29.0070 8200  C:\WINDOWS\System32\normaliz.dll - ok
15:34:29.0071 8200  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\WINDOWS\System32\nsi.dll
15:34:29.0071 8200  C:\WINDOWS\System32\nsi.dll - ok
15:34:29.0072 8200  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\WINDOWS\System32\psapi.dll
15:34:29.0072 8200  C:\WINDOWS\System32\psapi.dll - ok
15:34:29.0073 8200  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\WINDOWS\System32\ws2_32.dll
15:34:29.0073 8200  C:\WINDOWS\System32\ws2_32.dll - ok
15:34:29.0074 8200  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\WINDOWS\System32\ole32.dll
15:34:29.0074 8200  C:\WINDOWS\System32\ole32.dll - ok
15:34:29.0075 8200  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\WINDOWS\System32\comctl32.dll
15:34:29.0075 8200  C:\WINDOWS\System32\comctl32.dll - ok
15:34:29.0076 8200  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\WINDOWS\System32\crypt32.dll
15:34:29.0076 8200  C:\WINDOWS\System32\crypt32.dll - ok
15:34:29.0077 8200  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\WINDOWS\System32\KernelBase.dll
15:34:29.0077 8200  C:\WINDOWS\System32\KernelBase.dll - ok
15:34:29.0078 8200  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\WINDOWS\System32\cfgmgr32.dll
15:34:29.0078 8200  C:\WINDOWS\System32\cfgmgr32.dll - ok
15:34:29.0079 8200  [ 06FEC9E8117103BB1141A560E98077DA ] C:\WINDOWS\System32\devobj.dll
15:34:29.0079 8200  C:\WINDOWS\System32\devobj.dll - ok
15:34:29.0080 8200  [ AA06902362B1422D7A7DA7061E07C624 ] C:\WINDOWS\System32\wintrust.dll
15:34:29.0080 8200  C:\WINDOWS\System32\wintrust.dll - ok
15:34:29.0081 8200  [ 884415BD4269C02EAF8E2613BF85500D ] C:\WINDOWS\System32\msasn1.dll
15:34:29.0081 8200  C:\WINDOWS\System32\msasn1.dll - ok
15:34:29.0083 8200  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\WINDOWS\System32\drivers\drmk.sys
15:34:29.0083 8200  C:\WINDOWS\System32\drivers\drmk.sys - ok
15:34:29.0084 8200  [ 32E11315B5126921FFD9074840EF13D3 ] C:\WINDOWS\System32\drivers\portcls.sys
15:34:29.0084 8200  C:\WINDOWS\System32\drivers\portcls.sys - ok
15:34:29.0085 8200  [ 6869281E78CB31A43E969F06B57347C4 ] C:\WINDOWS\System32\drivers\ksthunk.sys
15:34:29.0085 8200  C:\WINDOWS\System32\drivers\ksthunk.sys - ok
15:34:29.0086 8200  [ F3F6C17F70EBA268CDBE4F9704E3EAC5 ] C:\WINDOWS\System32\drivers\stwrt64.sys
15:34:29.0086 8200  C:\WINDOWS\System32\drivers\stwrt64.sys - ok
15:34:29.0087 8200  [ 9C278785347BCC991F8EA2999D90F58D ] C:\WINDOWS\SysWOW64\normaliz.dll
15:34:29.0087 8200  C:\WINDOWS\SysWOW64\normaliz.dll - ok
15:34:29.0088 8200  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\WINDOWS\System32\drivers\dxapi.sys
15:34:29.0088 8200  C:\WINDOWS\System32\drivers\dxapi.sys - ok
15:34:29.0089 8200  [ A11523523B31086DD760C0189C763359 ] C:\WINDOWS\System32\win32k.sys
15:34:29.0089 8200  C:\WINDOWS\System32\win32k.sys - ok
15:34:29.0090 8200  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\WINDOWS\System32\csrss.exe
15:34:29.0090 8200  C:\WINDOWS\System32\csrss.exe - ok
15:34:29.0091 8200  [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\WINDOWS\System32\csrsrv.dll
15:34:29.0091 8200  C:\WINDOWS\System32\csrsrv.dll - ok
15:34:29.0092 8200  [ BA0CD8C393E8C9F83354106093832C7B ] C:\WINDOWS\System32\basesrv.dll
15:34:29.0092 8200  C:\WINDOWS\System32\basesrv.dll - ok
15:34:29.0093 8200  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\System32\winsrv.dll
15:34:29.0093 8200  C:\WINDOWS\System32\winsrv.dll - ok
15:34:29.0094 8200  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\WINDOWS\System32\drivers\usbccgp.sys
15:34:29.0094 8200  C:\WINDOWS\System32\drivers\usbccgp.sys - ok
15:34:29.0095 8200  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\WINDOWS\System32\drivers\usbvideo.sys
15:34:29.0095 8200  C:\WINDOWS\System32\drivers\usbvideo.sys - ok
15:34:29.0096 8200  [ ED5CF92396A62F4C15110DCDB5E854D9 ] C:\WINDOWS\System32\drivers\CtClsFlt.sys
15:34:29.0096 8200  C:\WINDOWS\System32\drivers\CtClsFlt.sys - ok
15:34:29.0097 8200  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\WINDOWS\System32\drivers\monitor.sys
15:34:29.0098 8200  C:\WINDOWS\System32\drivers\monitor.sys - ok
15:34:29.0099 8200  [ 4A25DC970C58104602ED274DACAFD784 ] C:\WINDOWS\System32\drivers\RtsUStor.sys
15:34:29.0099 8200  C:\WINDOWS\System32\drivers\RtsUStor.sys - ok
15:34:29.0099 8200  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\WINDOWS\System32\drivers\hidparse.sys
15:34:29.0100 8200  C:\WINDOWS\System32\drivers\hidparse.sys - ok
15:34:29.0100 8200  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\WINDOWS\System32\drivers\hidclass.sys
15:34:29.0101 8200  C:\WINDOWS\System32\drivers\hidclass.sys - ok
15:34:29.0101 8200  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\WINDOWS\System32\drivers\hidusb.sys
15:34:29.0101 8200  C:\WINDOWS\System32\drivers\hidusb.sys - ok
15:34:29.0102 8200  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\WINDOWS\System32\drivers\mouhid.sys
15:34:29.0102 8200  C:\WINDOWS\System32\drivers\mouhid.sys - ok
15:34:29.0103 8200  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\WINDOWS\System32\tsddd.dll
15:34:29.0103 8200  C:\WINDOWS\System32\tsddd.dll - ok
15:34:29.0104 8200  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\WINDOWS\System32\sxssrv.dll
15:34:29.0104 8200  C:\WINDOWS\System32\sxssrv.dll - ok
15:34:29.0105 8200  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\WINDOWS\System32\wininit.exe
15:34:29.0105 8200  C:\WINDOWS\System32\wininit.exe - ok
15:34:29.0106 8200  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\WINDOWS\System32\profapi.dll
15:34:29.0106 8200  C:\WINDOWS\System32\profapi.dll - ok
15:34:29.0106 8200  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\WINDOWS\System32\RpcRtRemote.dll
15:34:29.0107 8200  C:\WINDOWS\System32\RpcRtRemote.dll - ok
15:34:29.0107 8200  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\WINDOWS\System32\KBDUS.DLL
15:34:29.0108 8200  C:\WINDOWS\System32\KBDUS.DLL - ok
15:34:29.0108 8200  [ 943F527DF79E6B400104341AA7023C75 ] C:\WINDOWS\System32\cdd.dll
15:34:29.0108 8200  C:\WINDOWS\System32\cdd.dll - ok
15:34:29.0109 8200  [ B26B1801356760841C3BC69F9F91537F ] C:\WINDOWS\System32\WlS0WndH.dll
15:34:29.0109 8200  C:\WINDOWS\System32\WlS0WndH.dll - ok
15:34:29.0110 8200  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\WINDOWS\System32\sxs.dll
15:34:29.0110 8200  C:\WINDOWS\System32\sxs.dll - ok
15:34:29.0111 8200  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\WINDOWS\System32\cryptbase.dll
15:34:29.0111 8200  C:\WINDOWS\System32\cryptbase.dll - ok
15:34:29.0112 8200  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\WINDOWS\System32\winlogon.exe
15:34:29.0112 8200  C:\WINDOWS\System32\winlogon.exe - ok
15:34:29.0112 8200  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\WINDOWS\System32\apphelp.dll
15:34:29.0113 8200  C:\WINDOWS\System32\apphelp.dll - ok
15:34:29.0114 8200  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\WINDOWS\System32\services.exe
15:34:29.0114 8200  C:\WINDOWS\System32\services.exe - ok
15:34:29.0114 8200  [ C118A82CD78818C29AB228366EBF81C3 ] C:\WINDOWS\System32\lsass.exe
15:34:29.0114 8200  C:\WINDOWS\System32\lsass.exe - ok
15:34:29.0115 8200  [ 9662EE182644511439F1C53745DC1C88 ] C:\WINDOWS\System32\lsm.exe
15:34:29.0115 8200  C:\WINDOWS\System32\lsm.exe - ok
15:34:29.0116 8200  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\WINDOWS\System32\winsta.dll
15:34:29.0116 8200  C:\WINDOWS\System32\winsta.dll - ok
15:34:29.0117 8200  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\WINDOWS\System32\sspicli.dll
15:34:29.0117 8200  C:\WINDOWS\System32\sspicli.dll - ok
15:34:29.0118 8200  [ 68083118797CAF30FB2EA3E71494D67E ] C:\WINDOWS\System32\sysntfy.dll
15:34:29.0118 8200  C:\WINDOWS\System32\sysntfy.dll - ok
15:34:29.0118 8200  [ DEE7267C5D232A3B816866872CE199E6 ] C:\WINDOWS\System32\wmsgapi.dll
15:34:29.0118 8200  C:\WINDOWS\System32\wmsgapi.dll - ok
15:34:29.0119 8200  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\WINDOWS\System32\sspisrv.dll
15:34:29.0119 8200  C:\WINDOWS\System32\sspisrv.dll - ok
15:34:29.0120 8200  [ 685527DA09EBFB681E98C515978BDEE2 ] C:\WINDOWS\System32\lsasrv.dll
15:34:29.0120 8200  C:\WINDOWS\System32\lsasrv.dll - ok
15:34:29.0120 8200  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\WINDOWS\System32\cryptdll.dll
15:34:29.0120 8200  C:\WINDOWS\System32\cryptdll.dll - ok
15:34:29.0121 8200  [ A744BA6E04C8AA4592818178DBF89521 ] C:\WINDOWS\System32\samsrv.dll
15:34:29.0122 8200  C:\WINDOWS\System32\samsrv.dll - ok
15:34:29.0122 8200  [ 3C073B0C596A0AF84933E7406766B040 ] C:\WINDOWS\System32\wevtapi.dll
15:34:29.0123 8200  C:\WINDOWS\System32\wevtapi.dll - ok
15:34:29.0123 8200  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\WINDOWS\System32\authz.dll
15:34:29.0123 8200  C:\WINDOWS\System32\authz.dll - ok
15:34:29.0124 8200  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\WINDOWS\System32\cngaudit.dll
15:34:29.0124 8200  C:\WINDOWS\System32\cngaudit.dll - ok
15:34:29.0126 8200  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\WINDOWS\System32\scext.dll
15:34:29.0126 8200  C:\WINDOWS\System32\scext.dll - ok
15:34:29.0127 8200  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\WINDOWS\System32\secur32.dll
15:34:29.0127 8200  C:\WINDOWS\System32\secur32.dll - ok
15:34:29.0128 8200  [ 5F3307352216618221A17CFEF273EEE2 ] C:\WINDOWS\System32\ncrypt.dll
15:34:29.0128 8200  C:\WINDOWS\System32\ncrypt.dll - ok
15:34:29.0128 8200  [ B9A95365E52F421A20E1501935FADDA5 ] C:\WINDOWS\System32\bcrypt.dll
15:34:29.0128 8200  C:\WINDOWS\System32\bcrypt.dll - ok
15:34:29.0129 8200  [ 02B64609F865A39365FF88580DF11738 ] C:\WINDOWS\System32\msprivs.dll
15:34:29.0129 8200  C:\WINDOWS\System32\msprivs.dll - ok
15:34:29.0130 8200  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\WINDOWS\System32\scesrv.dll
15:34:29.0130 8200  C:\WINDOWS\System32\scesrv.dll - ok
15:34:29.0131 8200  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\WINDOWS\System32\srvcli.dll
15:34:29.0131 8200  C:\WINDOWS\System32\srvcli.dll - ok
15:34:29.0132 8200  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\WINDOWS\System32\aelupsvc.dll
15:34:29.0132 8200  C:\WINDOWS\System32\aelupsvc.dll - ok
15:34:29.0132 8200  [ 3290D6946B5E30E70414990574883DDB ] C:\WINDOWS\System32\alg.exe
15:34:29.0132 8200  C:\WINDOWS\System32\alg.exe - ok
15:34:29.0133 8200  [ C6505DE3561537BA1004D638C2F93F2F ] C:\WINDOWS\System32\netjoin.dll
15:34:29.0133 8200  C:\WINDOWS\System32\netjoin.dll - ok
15:34:29.0134 8200  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\WINDOWS\System32\negoexts.dll
15:34:29.0134 8200  C:\WINDOWS\System32\negoexts.dll - ok
15:34:29.0135 8200  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\WINDOWS\System32\kerberos.dll
15:34:29.0136 8200  C:\WINDOWS\System32\kerberos.dll - ok
15:34:29.0136 8200  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\WINDOWS\System32\cryptsp.dll
15:34:29.0137 8200  C:\WINDOWS\System32\cryptsp.dll - ok
15:34:29.0138 8200  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\WINDOWS\System32\mswsock.dll
15:34:29.0138 8200  C:\WINDOWS\System32\mswsock.dll - ok
15:34:29.0139 8200  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\WINDOWS\System32\wship6.dll
15:34:29.0139 8200  C:\WINDOWS\System32\wship6.dll - ok
15:34:29.0140 8200  [ EF12B8385AA2849999008A977918F96B ] C:\WINDOWS\System32\msv1_0.dll
15:34:29.0140 8200  C:\WINDOWS\System32\msv1_0.dll - ok
15:34:29.0140 8200  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\WINDOWS\System32\netlogon.dll
15:34:29.0140 8200  C:\WINDOWS\System32\netlogon.dll - ok
15:34:29.0141 8200  [ 492D07D79E7024CA310867B526D9636D ] C:\WINDOWS\System32\dnsapi.dll
15:34:29.0141 8200  C:\WINDOWS\System32\dnsapi.dll - ok
15:34:29.0142 8200  [ 8FFE297B8449386E7B6851458B6E474E ] C:\WINDOWS\System32\logoncli.dll
15:34:29.0142 8200  C:\WINDOWS\System32\logoncli.dll - ok
15:34:29.0143 8200  [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\WINDOWS\System32\schannel.dll
15:34:29.0143 8200  C:\WINDOWS\System32\schannel.dll - ok
15:34:29.0144 8200  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\WINDOWS\System32\wdigest.dll
15:34:29.0144 8200  C:\WINDOWS\System32\wdigest.dll - ok
15:34:29.0145 8200  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\WINDOWS\System32\rsaenh.dll
15:34:29.0145 8200  C:\WINDOWS\System32\rsaenh.dll - ok
15:34:29.0146 8200  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\WINDOWS\System32\TSpkg.dll
15:34:29.0146 8200  C:\WINDOWS\System32\TSpkg.dll - ok
15:34:29.0147 8200  [ E08088A97F95345E181C3DFCE2C615EF ] C:\WINDOWS\System32\pku2u.dll
15:34:29.0147 8200  C:\WINDOWS\System32\pku2u.dll - ok
15:34:29.0148 8200  [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\WINDOWS\System32\LIVESSP.DLL
15:34:29.0148 8200  C:\WINDOWS\System32\LIVESSP.DLL - ok
15:34:29.0149 8200  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\WINDOWS\System32\bcryptprimitives.dll
15:34:29.0149 8200  C:\WINDOWS\System32\bcryptprimitives.dll - ok
15:34:29.0150 8200  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\WINDOWS\System32\efslsaext.dll
15:34:29.0150 8200  C:\WINDOWS\System32\efslsaext.dll - ok
15:34:29.0151 8200  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\WINDOWS\System32\credssp.dll
15:34:29.0151 8200  C:\WINDOWS\System32\credssp.dll - ok
15:34:29.0152 8200  [ ED78427259134C63ED69804D2132B86C ] C:\WINDOWS\System32\scecli.dll
15:34:29.0152 8200  C:\WINDOWS\System32\scecli.dll - ok
15:34:29.0152 8200  [ 0BC381A15355A3982216F7172F545DE1 ] C:\WINDOWS\System32\appidsvc.dll
15:34:29.0152 8200  C:\WINDOWS\System32\appidsvc.dll - ok
15:34:29.0153 8200  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\WINDOWS\System32\appinfo.dll
15:34:29.0153 8200  C:\WINDOWS\System32\appinfo.dll - ok
15:34:29.0154 8200  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\WINDOWS\System32\rascfg.dll
15:34:29.0154 8200  C:\WINDOWS\System32\rascfg.dll - ok
15:34:29.0155 8200  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\WINDOWS\System32\audiosrv.dll
15:34:29.0155 8200  C:\WINDOWS\System32\audiosrv.dll - ok
15:34:29.0156 8200  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\WINDOWS\System32\AxInstSv.dll
15:34:29.0156 8200  C:\WINDOWS\System32\AxInstSv.dll - ok
15:34:29.0157 8200  [ FDE360167101B4E45A96F939F388AEB0 ] C:\WINDOWS\System32\bdesvc.dll
15:34:29.0157 8200  C:\WINDOWS\System32\bdesvc.dll - ok
15:34:29.0157 8200  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\WINDOWS\System32\BFE.DLL
15:34:29.0157 8200  C:\WINDOWS\System32\BFE.DLL - ok
15:34:29.0158 8200  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\WINDOWS\System32\qmgr.dll
15:34:29.0158 8200  C:\WINDOWS\System32\qmgr.dll - ok
15:34:29.0159 8200  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\WINDOWS\System32\browser.dll
15:34:29.0159 8200  C:\WINDOWS\System32\browser.dll - ok
15:34:29.0160 8200  [ 2D066FBE63F7026C43C662C094B98076 ] C:\WINDOWS\System32\bridgeres.dll
15:34:29.0160 8200  C:\WINDOWS\System32\bridgeres.dll - ok
15:34:29.0161 8200  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\WINDOWS\System32\bthserv.dll
15:34:29.0161 8200  C:\WINDOWS\System32\bthserv.dll - ok
15:34:29.0161 8200  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\WINDOWS\System32\certprop.dll
15:34:29.0161 8200  C:\WINDOWS\System32\certprop.dll - ok
15:34:29.0162 8200  [ FE1EC06F2253F691FE36217C592A0206 ] C:\WINDOWS\System32\clfs.sys
15:34:29.0162 8200  C:\WINDOWS\System32\clfs.sys - ok
15:34:29.0163 8200  [ 1A47D52E303B7543E4E6026595B95422 ] C:\WINDOWS\System32\comres.dll
15:34:29.0163 8200  C:\WINDOWS\System32\comres.dll - ok
15:34:29.0164 8200  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\WINDOWS\System32\cryptsvc.dll
15:34:29.0164 8200  C:\WINDOWS\System32\cryptsvc.dll - ok
15:34:29.0167 8200  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\WINDOWS\System32\oleres.dll
15:34:29.0167 8200  C:\WINDOWS\System32\oleres.dll - ok
15:34:29.0168 8200  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\WINDOWS\System32\defragsvc.dll
15:34:29.0168 8200  C:\WINDOWS\System32\defragsvc.dll - ok
15:34:29.0169 8200  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\WINDOWS\System32\dhcpcore.dll
15:34:29.0169 8200  C:\WINDOWS\System32\dhcpcore.dll - ok
15:34:29.0170 8200  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\WINDOWS\System32\dot3svc.dll
15:34:29.0170 8200  C:\WINDOWS\System32\dot3svc.dll - ok
15:34:29.0171 8200  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\WINDOWS\System32\dps.dll
15:34:29.0171 8200  C:\WINDOWS\System32\dps.dll - ok
15:34:29.0172 8200  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\WINDOWS\System32\eapsvc.dll
15:34:29.0172 8200  C:\WINDOWS\System32\eapsvc.dll - ok
15:34:29.0173 8200  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\WINDOWS\System32\efssvc.dll
15:34:29.0173 8200  C:\WINDOWS\System32\efssvc.dll - ok
15:34:29.0174 8200  [ C4002B6B41975F057D98C439030CEA07 ] C:\WINDOWS\ehome\ehrecvr.exe
15:34:29.0174 8200  C:\WINDOWS\ehome\ehrecvr.exe - ok
15:34:29.0175 8200  [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\WINDOWS\ehome\ehsched.exe
15:34:29.0175 8200  C:\WINDOWS\ehome\ehsched.exe - ok
15:34:29.0199 8200  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\WINDOWS\System32\wevtsvc.dll
15:34:29.0199 8200  C:\WINDOWS\System32\wevtsvc.dll - ok
15:34:29.0200 8200  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\WINDOWS\System32\FXSRESM.dll
15:34:29.0200 8200  C:\WINDOWS\System32\FXSRESM.dll - ok
15:34:29.0201 8200  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\WINDOWS\System32\fdPHost.dll
15:34:29.0201 8200  C:\WINDOWS\System32\fdPHost.dll - ok
15:34:29.0202 8200  [ 802496CB59A30349F9A6DD22D6947644 ] C:\WINDOWS\System32\FDResPub.dll
15:34:29.0202 8200  C:\WINDOWS\System32\FDResPub.dll - ok
15:34:29.0202 8200  [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\WINDOWS\System32\drivers\fileinfo.sys
15:34:29.0203 8200  C:\WINDOWS\System32\drivers\fileinfo.sys - ok
15:34:29.0203 8200  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\WINDOWS\System32\drivers\filetrace.sys
15:34:29.0203 8200  C:\WINDOWS\System32\drivers\filetrace.sys - ok
15:34:29.0204 8200  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\WINDOWS\System32\drivers\fltMgr.sys
15:34:29.0204 8200  C:\WINDOWS\System32\drivers\fltMgr.sys - ok
15:34:29.0205 8200  [ C4C183E6551084039EC862DA1C945E3D ] C:\WINDOWS\System32\FntCache.dll
15:34:29.0205 8200  C:\WINDOWS\System32\FntCache.dll - ok
15:34:29.0205 8200  [ 8A1846C0817513AD18BA48B4427771FC ] C:\WINDOWS\System32\PresentationHost.exe
15:34:29.0206 8200  C:\WINDOWS\System32\PresentationHost.exe - ok
15:34:29.0206 8200  [ D43703496149971890703B4B1B723EAC ] C:\WINDOWS\System32\drivers\fsdepends.sys
15:34:29.0207 8200  C:\WINDOWS\System32\drivers\fsdepends.sys - ok
15:34:29.0207 8200  [ 8F6322049018354F45F05A2FD2D4E5E0 ] C:\WINDOWS\System32\drivers\fvevol.sys
15:34:29.0207 8200  C:\WINDOWS\System32\drivers\fvevol.sys - ok
15:34:29.0208 8200  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\WINDOWS\System32\gpapi.dll
15:34:29.0208 8200  C:\WINDOWS\System32\gpapi.dll - ok
15:34:29.0209 8200  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\WINDOWS\System32\hidserv.dll
15:34:29.0209 8200  C:\WINDOWS\System32\hidserv.dll - ok
15:34:29.0210 8200  [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\WINDOWS\System32\KMSVC.DLL
15:34:29.0210 8200  C:\WINDOWS\System32\KMSVC.DLL - ok
15:34:29.0211 8200  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\WINDOWS\System32\ListSvc.dll
15:34:29.0211 8200  C:\WINDOWS\System32\ListSvc.dll - ok
15:34:29.0212 8200  [ 908ACB1F594274965A53926B10C81E89 ] C:\WINDOWS\System32\provsvc.dll
15:34:29.0212 8200  C:\WINDOWS\System32\provsvc.dll - ok
15:34:29.0213 8200  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\WINDOWS\System32\drivers\http.sys
15:34:29.0213 8200  C:\WINDOWS\System32\drivers\http.sys - ok
15:34:29.0214 8200  [ B9E2DAF71E44626011D70B4889171504 ] C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
15:34:29.0214 8200  C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
15:34:29.0215 8200  [ A5462BD6884960C9DC85ED49D34FF392 ] C:\WINDOWS\System32\drivers\hwpolicy.sys
15:34:29.0215 8200  C:\WINDOWS\System32\drivers\hwpolicy.sys - ok
15:34:29.0216 8200  [ FCD84C381E0140AF901E58D48882D26B ] C:\WINDOWS\System32\IKEEXT.DLL
15:34:29.0216 8200  C:\WINDOWS\System32\IKEEXT.DLL - ok
15:34:29.0217 8200  [ 098A91C54546A3B878DAD6A7E90A455B ] C:\WINDOWS\System32\IPBusEnum.dll
15:34:29.0217 8200  C:\WINDOWS\System32\IPBusEnum.dll - ok
15:34:29.0218 8200  [ 08C2957BB30058E663720C5606885653 ] C:\WINDOWS\System32\iphlpsvc.dll
15:34:29.0218 8200  C:\WINDOWS\System32\iphlpsvc.dll - ok
15:34:29.0219 8200  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\WINDOWS\System32\drivers\irenum.sys
15:34:29.0219 8200  C:\WINDOWS\System32\drivers\irenum.sys - ok
15:34:29.0220 8200  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\WINDOWS\System32\keyiso.dll
15:34:29.0220 8200  C:\WINDOWS\System32\keyiso.dll - ok
15:34:29.0222 8200  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\WINDOWS\System32\srvsvc.dll
15:34:29.0222 8200  C:\WINDOWS\System32\srvsvc.dll - ok
15:34:29.0223 8200  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\WINDOWS\System32\drivers\luafv.sys
15:34:29.0223 8200  C:\WINDOWS\System32\drivers\luafv.sys - ok
15:34:29.0224 8200  [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\WINDOWS\System32\lltdres.dll
15:34:29.0224 8200  C:\WINDOWS\System32\lltdres.dll - ok
15:34:29.0225 8200  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\WINDOWS\System32\lmhsvc.dll
15:34:29.0225 8200  C:\WINDOWS\System32\lmhsvc.dll - ok
15:34:29.0227 8200  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\WINDOWS\System32\wkssvc.dll
15:34:29.0227 8200  C:\WINDOWS\System32\wkssvc.dll - ok
15:34:29.0228 8200  [ E5DE3FFD785B6730291AD98E491D58BA ] C:\WINDOWS\ehome\ehres.dll
15:34:29.0228 8200  C:\WINDOWS\ehome\ehres.dll - ok
15:34:29.0228 8200  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\WINDOWS\System32\drivers\mountmgr.sys
15:34:29.0229 8200  C:\WINDOWS\System32\drivers\mountmgr.sys - ok
15:34:29.0229 8200  [ E40E80D0304A73E8D269F7141D77250B ] C:\WINDOWS\System32\mmcss.dll
15:34:29.0230 8200  C:\WINDOWS\System32\mmcss.dll - ok
15:34:29.0230 8200  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\WINDOWS\System32\FirewallAPI.dll
15:34:29.0230 8200  C:\WINDOWS\System32\FirewallAPI.dll - ok
15:34:29.0232 8200  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\WINDOWS\System32\WebClnt.dll
15:34:29.0232 8200  C:\WINDOWS\System32\WebClnt.dll - ok
15:34:29.0233 8200  [ F9D215A46A8B9753F61767FA72A20326 ] C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:34:29.0233 8200  C:\WINDOWS\System32\drivers\mshidkmdf.sys - ok
15:34:29.0233 8200  [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\WINDOWS\System32\iscsidsc.dll
15:34:29.0233 8200  C:\WINDOWS\System32\iscsidsc.dll - ok
15:34:29.0234 8200  [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\WINDOWS\System32\drivers\mup.sys
15:34:29.0234 8200  C:\WINDOWS\System32\drivers\mup.sys - ok
15:34:29.0235 8200  [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\WINDOWS\System32\msimsg.dll
15:34:29.0235 8200  C:\WINDOWS\System32\msimsg.dll - ok
15:34:29.0236 8200  [ 582AC6D9873E31DFA28A4547270862DD ] C:\WINDOWS\System32\QAGENTRT.DLL
15:34:29.0236 8200  C:\WINDOWS\System32\QAGENTRT.DLL - ok
15:34:29.0236 8200  [ 760E38053BF56E501D562B70AD796B88 ] C:\WINDOWS\System32\drivers\ndis.sys
15:34:29.0236 8200  C:\WINDOWS\System32\drivers\ndis.sys - ok
15:34:29.0237 8200  [ 847D3AE376C0817161A14A82C8922A9E ] C:\WINDOWS\System32\netman.dll
15:34:29.0237 8200  C:\WINDOWS\System32\netman.dll - ok
15:34:29.0238 8200  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\WINDOWS\System32\netprofm.dll
15:34:29.0238 8200  C:\WINDOWS\System32\netprofm.dll - ok
15:34:29.0239 8200  [ 8AD77806D336673F270DB31645267293 ] C:\WINDOWS\System32\nlasvc.dll
15:34:29.0239 8200  C:\WINDOWS\System32\nlasvc.dll - ok
15:34:29.0240 8200  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\WINDOWS\System32\nsisvc.dll
15:34:29.0240 8200  C:\WINDOWS\System32\nsisvc.dll - ok
15:34:29.0240 8200  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\WINDOWS\System32\pnrpsvc.dll
15:34:29.0240 8200  C:\WINDOWS\System32\pnrpsvc.dll - ok
15:34:29.0241 8200  [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\WINDOWS\System32\drivers\partmgr.sys
15:34:29.0241 8200  C:\WINDOWS\System32\drivers\partmgr.sys - ok
15:34:29.0242 8200  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\WINDOWS\System32\p2psvc.dll
15:34:29.0242 8200  C:\WINDOWS\System32\p2psvc.dll - ok
15:34:29.0243 8200  [ 3AEAA8B561E63452C655DC0584922257 ] C:\WINDOWS\System32\pcasvc.dll
15:34:29.0243 8200  C:\WINDOWS\System32\pcasvc.dll - ok
15:34:29.0244 8200  [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\WINDOWS\System32\pla.dll
15:34:29.0244 8200  C:\WINDOWS\System32\pla.dll - ok
15:34:29.0245 8200  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\WINDOWS\System32\umpnpmgr.dll
15:34:29.0246 8200  C:\WINDOWS\System32\umpnpmgr.dll - ok
15:34:29.0246 8200  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\WINDOWS\System32\pnrpauto.dll
15:34:29.0246 8200  C:\WINDOWS\System32\pnrpauto.dll - ok
15:34:29.0247 8200  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\WINDOWS\System32\polstore.dll
15:34:29.0247 8200  C:\WINDOWS\System32\polstore.dll - ok
15:34:29.0248 8200  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\WINDOWS\System32\umpo.dll
15:34:29.0249 8200  C:\WINDOWS\System32\umpo.dll - ok
15:34:29.0249 8200  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\WINDOWS\System32\profsvc.dll
15:34:29.0250 8200  C:\WINDOWS\System32\profsvc.dll - ok
15:34:29.0250 8200  [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\WINDOWS\System32\psbase.dll
15:34:29.0251 8200  C:\WINDOWS\System32\psbase.dll - ok
15:34:29.0251 8200  [ 906191634E99AEA92C4816150BDA3732 ] C:\WINDOWS\System32\qwave.dll
15:34:29.0252 8200  C:\WINDOWS\System32\qwave.dll - ok
15:34:29.0252 8200  [ 76707BB36430888D9CE9D705398ADB6C ] C:\WINDOWS\System32\drivers\qwavedrv.sys
15:34:29.0252 8200  C:\WINDOWS\System32\drivers\qwavedrv.sys - ok
15:34:29.0253 8200  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\WINDOWS\System32\rasauto.dll
15:34:29.0253 8200  C:\WINDOWS\System32\rasauto.dll - ok
15:34:29.0254 8200  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\WINDOWS\System32\rasmans.dll
15:34:29.0254 8200  C:\WINDOWS\System32\rasmans.dll - ok
15:34:29.0255 8200  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\WINDOWS\System32\sstpsvc.dll
15:34:29.0255 8200  C:\WINDOWS\System32\sstpsvc.dll - ok
15:34:29.0256 8200  [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\WINDOWS\System32\mprdim.dll
15:34:29.0256 8200  C:\WINDOWS\System32\mprdim.dll - ok
15:34:29.0257 8200  [ E4D94F24081440B5FC5AA556C7C62702 ] C:\WINDOWS\System32\regsvc.dll
15:34:29.0257 8200  C:\WINDOWS\System32\regsvc.dll - ok
15:34:29.0258 8200  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\WINDOWS\System32\RpcEpMap.dll
15:34:29.0258 8200  C:\WINDOWS\System32\RpcEpMap.dll - ok
15:34:29.0259 8200  [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\WINDOWS\System32\drivers\scfilter.sys
15:34:29.0259 8200  C:\WINDOWS\System32\drivers\scfilter.sys - ok
15:34:29.0260 8200  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\WINDOWS\System32\SCardSvr.dll
15:34:29.0260 8200  C:\WINDOWS\System32\SCardSvr.dll - ok
15:34:29.0261 8200  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\WINDOWS\System32\schedsvc.dll
15:34:29.0261 8200  C:\WINDOWS\System32\schedsvc.dll - ok
15:34:29.0262 8200  [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\WINDOWS\System32\sdrsvc.dll
15:34:29.0262 8200  C:\WINDOWS\System32\sdrsvc.dll - ok
15:34:29.0263 8200  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\WINDOWS\System32\seclogon.dll
15:34:29.0263 8200  C:\WINDOWS\System32\seclogon.dll - ok
15:34:29.0264 8200  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\WINDOWS\System32\Sens.dll
15:34:29.0264 8200  C:\WINDOWS\System32\Sens.dll - ok
15:34:29.0265 8200  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\WINDOWS\System32\sensrsvc.dll
15:34:29.0265 8200  C:\WINDOWS\System32\sensrsvc.dll - ok
15:34:29.0266 8200  [ 0B6231BF38174A1628C4AC812CC75804 ] C:\WINDOWS\System32\SessEnv.dll
15:34:29.0266 8200  C:\WINDOWS\System32\SessEnv.dll - ok
15:34:29.0266 8200  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\WINDOWS\System32\ipnathlp.dll
15:34:29.0266 8200  C:\WINDOWS\System32\ipnathlp.dll - ok
15:34:29.0267 8200  [ AAF932B4011D14052955D4B212A4DA8D ] C:\WINDOWS\System32\shsvcs.dll
15:34:29.0267 8200  C:\WINDOWS\System32\shsvcs.dll - ok
15:34:29.0268 8200  [ 55DE45B116711881C852D2841E4C84DD ] C:\WINDOWS\System32\tcpipcfg.dll
15:34:29.0268 8200  C:\WINDOWS\System32\tcpipcfg.dll - ok
15:34:29.0269 8200  [ 6313F223E817CC09AA41811DAA7F541D ] C:\WINDOWS\System32\snmptrap.exe
15:34:29.0269 8200  C:\WINDOWS\System32\snmptrap.exe - ok
15:34:29.0270 8200  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\WINDOWS\System32\spoolsv.exe
15:34:29.0270 8200  C:\WINDOWS\System32\spoolsv.exe - ok
15:34:29.0270 8200  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\WINDOWS\System32\sppsvc.exe
15:34:29.0270 8200  C:\WINDOWS\System32\sppsvc.exe - ok
15:34:29.0271 8200  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\WINDOWS\System32\sppuinotify.dll
15:34:29.0271 8200  C:\WINDOWS\System32\sppuinotify.dll - ok
15:34:29.0272 8200  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\WINDOWS\System32\ssdpsrv.dll
15:34:29.0272 8200  C:\WINDOWS\System32\ssdpsrv.dll - ok
15:34:29.0273 8200  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\WINDOWS\System32\wiaservc.dll
15:34:29.0273 8200  C:\WINDOWS\System32\wiaservc.dll - ok
15:34:29.0274 8200  [ E08E46FDD841B7184194011CA1955A0B ] C:\WINDOWS\System32\swprv.dll
15:34:29.0274 8200  C:\WINDOWS\System32\swprv.dll - ok
15:34:29.0275 8200  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\WINDOWS\System32\sysmain.dll
15:34:29.0276 8200  C:\WINDOWS\System32\sysmain.dll - ok
15:34:29.0276 8200  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\WINDOWS\System32\TabSvc.dll
15:34:29.0277 8200  C:\WINDOWS\System32\TabSvc.dll - ok
15:34:29.0277 8200  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\WINDOWS\System32\tapisrv.dll
15:34:29.0277 8200  C:\WINDOWS\System32\tapisrv.dll - ok
15:34:29.0278 8200  [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\WINDOWS\System32\tbssvc.dll
15:34:29.0278 8200  C:\WINDOWS\System32\tbssvc.dll - ok
15:34:29.0279 8200  [ 2E648163254233755035B46DD7B89123 ] C:\WINDOWS\System32\termsrv.dll
15:34:29.0279 8200  C:\WINDOWS\System32\termsrv.dll - ok
15:34:29.0280 8200  [ F0344071948D1A1FA732231785A0664C ] C:\WINDOWS\System32\themeservice.dll
15:34:29.0280 8200  C:\WINDOWS\System32\themeservice.dll - ok
15:34:29.0281 8200  [ 773212B2AAA24C1E31F10246B15B276C ] C:\WINDOWS\servicing\TrustedInstaller.exe
15:34:29.0281 8200  C:\WINDOWS\servicing\TrustedInstaller.exe - ok
15:34:29.0282 8200  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\WINDOWS\System32\trkwks.dll
15:34:29.0282 8200  C:\WINDOWS\System32\trkwks.dll - ok
15:34:29.0283 8200  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\WINDOWS\System32\drivers\tssecsrv.sys
15:34:29.0283 8200  C:\WINDOWS\System32\drivers\tssecsrv.sys - ok
15:34:29.0284 8200  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\WINDOWS\System32\UI0Detect.exe
15:34:29.0284 8200  C:\WINDOWS\System32\UI0Detect.exe - ok
15:34:29.0285 8200  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\WINDOWS\System32\upnphost.dll
15:34:29.0285 8200  C:\WINDOWS\System32\upnphost.dll - ok
15:34:29.0285 8200  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\WINDOWS\System32\dwm.exe
15:34:29.0286 8200  C:\WINDOWS\System32\dwm.exe - ok
15:34:29.0286 8200  [ 567BC1309E05FCFA680ADB6E02260736 ] C:\WINDOWS\System32\vaultsvc.dll
15:34:29.0286 8200  C:\WINDOWS\System32\vaultsvc.dll - ok
15:34:29.0287 8200  [ 8D6B481601D01A456E75C3210F1830BE ] C:\WINDOWS\System32\vds.exe
15:34:29.0287 8200  C:\WINDOWS\System32\vds.exe - ok
15:34:29.0288 8200  [ A255814907C89BE58B79EF2F189B843B ] C:\WINDOWS\System32\drivers\volmgrx.sys
15:34:29.0288 8200  C:\WINDOWS\System32\drivers\volmgrx.sys - ok
15:34:29.0289 8200  [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\WINDOWS\System32\VSSVC.exe
15:34:29.0289 8200  C:\WINDOWS\System32\VSSVC.exe - ok
15:34:29.0289 8200  [ 1C9D80CC3849B3788048078C26486E1A ] C:\WINDOWS\System32\w32time.dll
15:34:29.0290 8200  C:\WINDOWS\System32\w32time.dll - ok
15:34:29.0290 8200  [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\WINDOWS\System32\Wat\WatUX.exe
15:34:29.0290 8200  C:\WINDOWS\System32\Wat\WatUX.exe - ok
15:34:29.0291 8200  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\WINDOWS\System32\wbengine.exe
15:34:29.0291 8200  C:\WINDOWS\System32\wbengine.exe - ok
15:34:29.0292 8200  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\WINDOWS\System32\wbiosrvc.dll
15:34:29.0292 8200  C:\WINDOWS\System32\wbiosrvc.dll - ok
15:34:29.0293 8200  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\WINDOWS\System32\wcncsvc.dll
15:34:29.0293 8200  C:\WINDOWS\System32\wcncsvc.dll - ok
15:34:29.0294 8200  [ 20F7441334B18CEE52027661DF4A6129 ] C:\WINDOWS\System32\WcsPlugInService.dll
15:34:29.0294 8200  C:\WINDOWS\System32\WcsPlugInService.dll - ok
15:34:29.0295 8200  [ 442783E2CB0DA19873B7A63833FF4CB4 ] C:\WINDOWS\System32\drivers\Wdf01000.sys
15:34:29.0295 8200  C:\WINDOWS\System32\drivers\Wdf01000.sys - ok
15:34:29.0296 8200  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\WINDOWS\System32\wdi.dll
15:34:29.0296 8200  C:\WINDOWS\System32\wdi.dll - ok
15:34:29.0297 8200  [ C749025A679C5103E575E3B48E092C43 ] C:\WINDOWS\System32\wecsvc.dll
15:34:29.0297 8200  C:\WINDOWS\System32\wecsvc.dll - ok
15:34:29.0298 8200  [ 7E591867422DC788B9E5BD337A669A08 ] C:\WINDOWS\System32\wercplsupport.dll
15:34:29.0298 8200  C:\WINDOWS\System32\wercplsupport.dll - ok
15:34:29.0299 8200  [ 6D137963730144698CBD10F202E9F251 ] C:\WINDOWS\System32\wersvc.dll
15:34:29.0299 8200  C:\WINDOWS\System32\wersvc.dll - ok
15:34:29.0299 8200  [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
15:34:29.0300 8200  C:\Program Files\Windows Defender\MsMpRes.dll - ok
15:34:29.0300 8200  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\WINDOWS\System32\winhttp.dll
15:34:29.0301 8200  C:\WINDOWS\System32\winhttp.dll - ok
15:34:29.0301 8200  [ 19B07E7E8915D701225DA41CB3877306 ] C:\WINDOWS\System32\wbem\WMIsvc.dll
15:34:29.0301 8200  C:\WINDOWS\System32\wbem\WMIsvc.dll - ok
15:34:29.0302 8200  [ BCB1310604AA415C4508708975B3931E ] C:\WINDOWS\System32\WsmSvc.dll
15:34:29.0302 8200  C:\WINDOWS\System32\WsmSvc.dll - ok
15:34:29.0303 8200  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\WINDOWS\System32\wlansvc.dll
15:34:29.0303 8200  C:\WINDOWS\System32\wlansvc.dll - ok
15:34:29.0304 8200  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\WINDOWS\System32\wbem\WmiApSrv.exe
15:34:29.0304 8200  C:\WINDOWS\System32\wbem\WmiApSrv.exe - ok
15:34:29.0305 8200  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:34:29.0305 8200  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:34:29.0306 8200  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\WINDOWS\System32\wpcsvc.dll
15:34:29.0306 8200  C:\WINDOWS\System32\wpcsvc.dll - ok
15:34:29.0307 8200  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\WINDOWS\System32\wpdbusenum.dll
15:34:29.0307 8200  C:\WINDOWS\System32\wpdbusenum.dll - ok
15:34:29.0308 8200  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\WINDOWS\System32\wscsvc.dll
15:34:29.0308 8200  C:\WINDOWS\System32\wscsvc.dll - ok
15:34:29.0309 8200  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\WINDOWS\System32\SearchIndexer.exe
15:34:29.0309 8200  C:\WINDOWS\System32\SearchIndexer.exe - ok
15:34:29.0309 8200  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\WINDOWS\System32\wuaueng.dll
15:34:29.0309 8200  C:\WINDOWS\System32\wuaueng.dll - ok
15:34:29.0310 8200  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\WINDOWS\System32\drivers\WUDFPf.sys
15:34:29.0310 8200  C:\WINDOWS\System32\drivers\WUDFPf.sys - ok
15:34:29.0311 8200  [ B20F051B03A966392364C83F009F7D17 ] C:\WINDOWS\System32\WUDFSvc.dll
15:34:29.0311 8200  C:\WINDOWS\System32\WUDFSvc.dll - ok
15:34:29.0312 8200  [ FE90B750AB808FB9DD8FBB428B5FF83B ] C:\WINDOWS\System32\wwansvc.dll
15:34:29.0312 8200  C:\WINDOWS\System32\wwansvc.dll - ok
15:34:29.0312 8200  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\WINDOWS\System32\ubpm.dll
15:34:29.0312 8200  C:\WINDOWS\System32\ubpm.dll - ok
15:34:29.0313 8200  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\WINDOWS\System32\svchost.exe
15:34:29.0313 8200  C:\WINDOWS\System32\svchost.exe - ok
15:34:29.0314 8200  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\WINDOWS\System32\SPInf.dll
15:34:29.0314 8200  C:\WINDOWS\System32\SPInf.dll - ok
15:34:29.0315 8200  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\WINDOWS\System32\devrtl.dll
15:34:29.0315 8200  C:\WINDOWS\System32\devrtl.dll - ok
15:34:29.0315 8200  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\WINDOWS\System32\userenv.dll
15:34:29.0316 8200  C:\WINDOWS\System32\userenv.dll - ok
15:34:29.0316 8200  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\WINDOWS\System32\pcwum.dll
15:34:29.0316 8200  C:\WINDOWS\System32\pcwum.dll - ok
15:34:29.0317 8200  [ 716175021BDA290504CE434273F666BC ] C:\WINDOWS\System32\powrprof.dll
15:34:29.0317 8200  C:\WINDOWS\System32\powrprof.dll - ok
15:34:29.0318 8200  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\WINDOWS\System32\rpcss.dll
15:34:29.0318 8200  C:\WINDOWS\System32\rpcss.dll - ok
15:34:29.0319 8200  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\WINDOWS\System32\wshqos.dll
15:34:29.0319 8200  C:\WINDOWS\System32\wshqos.dll - ok
15:34:29.0319 8200  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\WINDOWS\System32\WSHTCPIP.DLL
15:34:29.0319 8200  C:\WINDOWS\System32\WSHTCPIP.DLL - ok
15:34:29.0320 8200  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\WINDOWS\System32\version.dll
15:34:29.0320 8200  C:\WINDOWS\System32\version.dll - ok
15:34:29.0321 8200  [ C4C4736DCE60276E9B0CB0FE3A848586 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
15:34:29.0321 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe - ok
15:34:29.0322 8200  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\WINDOWS\System32\LogonUI.exe
15:34:29.0322 8200  C:\WINDOWS\System32\LogonUI.exe - ok
15:34:29.0322 8200  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\WINDOWS\SysWOW64\ntdll.dll
15:34:29.0323 8200  C:\WINDOWS\SysWOW64\ntdll.dll - ok
15:34:29.0323 8200  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\WINDOWS\System32\wow64.dll
15:34:29.0323 8200  C:\WINDOWS\System32\wow64.dll - ok
15:34:29.0324 8200  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\WINDOWS\System32\wow64win.dll
15:34:29.0324 8200  C:\WINDOWS\System32\wow64win.dll - ok
15:34:29.0325 8200  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\WINDOWS\System32\wow64cpu.dll
15:34:29.0325 8200  C:\WINDOWS\System32\wow64cpu.dll - ok
15:34:29.0327 8200  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\WINDOWS\SysWOW64\kernel32.dll
15:34:29.0327 8200  C:\WINDOWS\SysWOW64\kernel32.dll - ok
15:34:29.0328 8200  [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\WINDOWS\System32\authui.dll
15:34:29.0328 8200  C:\WINDOWS\System32\authui.dll - ok
15:34:29.0329 8200  [ F501ED858B3C0E66345A5917DA136603 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
15:34:29.0329 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll - ok
15:34:29.0330 8200  [ E954A79D6A754A5475582CACED1565E6 ] C:\WINDOWS\SysWOW64\KernelBase.dll
15:34:29.0330 8200  C:\WINDOWS\SysWOW64\KernelBase.dll - ok
15:34:29.0330 8200  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\WINDOWS\System32\cryptui.dll
15:34:29.0330 8200  C:\WINDOWS\System32\cryptui.dll - ok
15:34:29.0331 8200  [ 8885B22BC859556E85A7FBC149D83CE4 ] C:\Program Files (x86)\Trusteer\Rapport\bin\TRF.dll
15:34:29.0331 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\TRF.dll - ok
15:34:29.0332 8200  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\WINDOWS\SysWOW64\msvcrt.dll
15:34:29.0332 8200  C:\WINDOWS\SysWOW64\msvcrt.dll - ok
15:34:29.0333 8200  [ A543AC1F7138376D778D630A35FCBC4C ] C:\WINDOWS\SysWOW64\psapi.dll
15:34:29.0333 8200  C:\WINDOWS\SysWOW64\psapi.dll - ok
15:34:29.0333 8200  [ 702254574E7E52052DE39408457B7149 ] C:\WINDOWS\SysWOW64\version.dll
15:34:29.0333 8200  C:\WINDOWS\SysWOW64\version.dll - ok
15:34:29.0334 8200  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
15:34:29.0334 8200  C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
15:34:29.0335 8200  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\WINDOWS\SysWOW64\user32.dll
15:34:29.0335 8200  C:\WINDOWS\SysWOW64\user32.dll - ok
15:34:29.0336 8200  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\WINDOWS\SysWOW64\gdi32.dll
15:34:29.0336 8200  C:\WINDOWS\SysWOW64\gdi32.dll - ok
15:34:29.0336 8200  [ 384721EF4024890092625E20CADFAF85 ] C:\WINDOWS\SysWOW64\lpk.dll
15:34:29.0336 8200  C:\WINDOWS\SysWOW64\lpk.dll - ok
15:34:29.0337 8200  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\WINDOWS\SysWOW64\usp10.dll
15:34:29.0337 8200  C:\WINDOWS\SysWOW64\usp10.dll - ok
15:34:29.0338 8200  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\WINDOWS\System32\samlib.dll
15:34:29.0338 8200  C:\WINDOWS\System32\samlib.dll - ok
15:34:29.0339 8200  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\WINDOWS\System32\shacct.dll
15:34:29.0339 8200  C:\WINDOWS\System32\shacct.dll - ok
15:34:29.0340 8200  [ 95E2376B3323F062EB562B8586D0F14A ] C:\WINDOWS\SysWOW64\advapi32.dll
15:34:29.0340 8200  C:\WINDOWS\SysWOW64\advapi32.dll - ok
15:34:29.0341 8200  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\WINDOWS\System32\propsys.dll
15:34:29.0341 8200  C:\WINDOWS\System32\propsys.dll - ok
15:34:29.0341 8200  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\WINDOWS\SysWOW64\rpcrt4.dll
15:34:29.0341 8200  C:\WINDOWS\SysWOW64\rpcrt4.dll - ok
15:34:29.0342 8200  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\WINDOWS\SysWOW64\sechost.dll
15:34:29.0342 8200  C:\WINDOWS\SysWOW64\sechost.dll - ok
15:34:29.0343 8200  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\WINDOWS\SysWOW64\cryptbase.dll
15:34:29.0343 8200  C:\WINDOWS\SysWOW64\cryptbase.dll - ok
15:34:29.0344 8200  [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\WINDOWS\SysWOW64\shell32.dll
15:34:29.0344 8200  C:\WINDOWS\SysWOW64\shell32.dll - ok
15:34:29.0345 8200  [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\WINDOWS\SysWOW64\sspicli.dll
15:34:29.0345 8200  C:\WINDOWS\SysWOW64\sspicli.dll - ok
15:34:29.0346 8200  [ D29E998E8277666982B4F0303BF4E7AF ] C:\WINDOWS\System32\uxtheme.dll
15:34:29.0347 8200  C:\WINDOWS\System32\uxtheme.dll - ok
15:34:29.0347 8200  [ 179E8401224D557ECFF3695F2016EA5B ] C:\WINDOWS\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
15:34:29.0348 8200  C:\WINDOWS\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
15:34:29.0348 8200  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\WINDOWS\System32\dui70.dll
15:34:29.0348 8200  C:\WINDOWS\System32\dui70.dll - ok
15:34:29.0349 8200  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\WINDOWS\System32\duser.dll
15:34:29.0349 8200  C:\WINDOWS\System32\duser.dll - ok
15:34:29.0350 8200  [ D7F1EF374A90709B31591823B002F918 ] C:\WINDOWS\System32\SndVolSSO.dll
15:34:29.0350 8200  C:\WINDOWS\System32\SndVolSSO.dll - ok
15:34:29.0351 8200  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\WINDOWS\System32\hid.dll
15:34:29.0351 8200  C:\WINDOWS\System32\hid.dll - ok
15:34:29.0351 8200  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\WINDOWS\System32\MMDevAPI.dll
15:34:29.0351 8200  C:\WINDOWS\System32\MMDevAPI.dll - ok
15:34:29.0352 8200  [ DA1B7075260F3872585BFCDD668C648B ] C:\WINDOWS\System32\dwmapi.dll
15:34:29.0352 8200  C:\WINDOWS\System32\dwmapi.dll - ok
15:34:29.0353 8200  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\WINDOWS\System32\xmllite.dll
15:34:29.0353 8200  C:\WINDOWS\System32\xmllite.dll - ok
15:34:29.0354 8200  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\WINDOWS\System32\WindowsCodecs.dll
15:34:29.0354 8200  C:\WINDOWS\System32\WindowsCodecs.dll - ok
15:34:29.0354 8200  [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\Program Files (x86)\Trusteer\Rapport\bin\msvcr80.dll
15:34:29.0354 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\msvcr80.dll - ok
15:34:29.0355 8200  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\WINDOWS\SysWOW64\shlwapi.dll
15:34:29.0355 8200  C:\WINDOWS\SysWOW64\shlwapi.dll - ok
15:34:29.0356 8200  [ 7717F84F483002815490033BF069DABD ] C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
15:34:29.0356 8200  C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
15:34:29.0357 8200  [ 928CF7268086631F54C3D8E17238C6DD ] C:\WINDOWS\SysWOW64\ole32.dll
15:34:29.0357 8200  C:\WINDOWS\SysWOW64\ole32.dll - ok
15:34:29.0358 8200  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\WINDOWS\System32\winbrand.dll
15:34:29.0358 8200  C:\WINDOWS\System32\winbrand.dll - ok
15:34:29.0359 8200  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\WINDOWS\System32\VaultCredProvider.dll
15:34:29.0359 8200  C:\WINDOWS\System32\VaultCredProvider.dll - ok
15:34:29.0360 8200  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\WINDOWS\SysWOW64\crypt32.dll
15:34:29.0361 8200  C:\WINDOWS\SysWOW64\crypt32.dll - ok
15:34:29.0362 8200  [ 6377051C63D5552A311935C67E9FDFDC ] C:\WINDOWS\SysWOW64\nsi.dll
15:34:29.0362 8200  C:\WINDOWS\SysWOW64\nsi.dll - ok
15:34:29.0363 8200  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\WINDOWS\SysWOW64\ws2_32.dll
15:34:29.0363 8200  C:\WINDOWS\SysWOW64\ws2_32.dll - ok
15:34:29.0364 8200  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\WINDOWS\SysWOW64\wtsapi32.dll
15:34:29.0364 8200  C:\WINDOWS\SysWOW64\wtsapi32.dll - ok
15:34:29.0365 8200  [ CA2985996BB49924B677113DF95CFEA7 ] C:\WINDOWS\System32\SmartcardCredentialProvider.dll
15:34:29.0365 8200  C:\WINDOWS\System32\SmartcardCredentialProvider.dll - ok
15:34:29.0366 8200  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\WINDOWS\System32\wtsapi32.dll
15:34:29.0366 8200  C:\WINDOWS\System32\wtsapi32.dll - ok
 



#10 CPU8U2

CPU8U2
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 02 June 2013 - 02:53 PM

Because of the length of the report, I cut it in half. Here's the 2nd half:

 

15:34:29.0367 8200  [ BF352E73615F5461AA6884472435A544 ] C:\WINDOWS\System32\BioCredProv.dll
15:34:29.0367 8200  C:\WINDOWS\System32\BioCredProv.dll - ok
15:34:29.0368 8200  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\WINDOWS\System32\winbio.dll
15:34:29.0368 8200  C:\WINDOWS\System32\winbio.dll - ok
15:34:29.0369 8200  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\WINDOWS\SysWOW64\msasn1.dll
15:34:29.0369 8200  C:\WINDOWS\SysWOW64\msasn1.dll - ok
15:34:29.0369 8200  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\WINDOWS\SysWOW64\oleaut32.dll
15:34:29.0370 8200  C:\WINDOWS\SysWOW64\oleaut32.dll - ok
15:34:29.0370 8200  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\WINDOWS\System32\credui.dll
15:34:29.0370 8200  C:\WINDOWS\System32\credui.dll - ok
15:34:29.0371 8200  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\WINDOWS\System32\netapi32.dll
15:34:29.0371 8200  C:\WINDOWS\System32\netapi32.dll - ok
15:34:29.0372 8200  [ 44B9C66177651F3F53C87B665D58D17A ] C:\WINDOWS\System32\vaultcli.dll
15:34:29.0372 8200  C:\WINDOWS\System32\vaultcli.dll - ok
15:34:29.0373 8200  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\WINDOWS\System32\netutils.dll
15:34:29.0373 8200  C:\WINDOWS\System32\netutils.dll - ok
15:34:29.0375 8200  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\WINDOWS\System32\wkscli.dll
15:34:29.0375 8200  C:\WINDOWS\System32\wkscli.dll - ok
15:34:29.0376 8200  [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\Program Files (x86)\Trusteer\Rapport\bin\msvcp80.dll
15:34:29.0376 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\msvcp80.dll - ok
15:34:29.0377 8200  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\WINDOWS\System32\samcli.dll
15:34:29.0377 8200  C:\WINDOWS\System32\samcli.dll - ok
15:34:29.0378 8200  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\WINDOWS\System32\certCredProvider.dll
15:34:29.0378 8200  C:\WINDOWS\System32\certCredProvider.dll - ok
15:34:29.0379 8200  [ A113AFEED3159A1ED52D78CB0226006D ] C:\WINDOWS\SysWOW64\secur32.dll
15:34:29.0379 8200  C:\WINDOWS\SysWOW64\secur32.dll - ok
15:34:29.0380 8200  [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
15:34:29.0380 8200  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
15:34:29.0381 8200  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\WINDOWS\SysWOW64\profapi.dll
15:34:29.0381 8200  C:\WINDOWS\SysWOW64\profapi.dll - ok
15:34:29.0381 8200  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\WINDOWS\SysWOW64\userenv.dll
15:34:29.0382 8200  C:\WINDOWS\SysWOW64\userenv.dll - ok
15:34:29.0382 8200  [ A0E8F3E4AA79509A6B043B10EB6DB2AD ] C:\WINDOWS\SysWOW64\wininet.dll
15:34:29.0382 8200  C:\WINDOWS\SysWOW64\wininet.dll - ok
15:34:29.0383 8200  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\WINDOWS\System32\rasplap.dll
15:34:29.0383 8200  C:\WINDOWS\System32\rasplap.dll - ok
15:34:29.0384 8200  [ 019CD868461B646E09BDF04474C19341 ] C:\WINDOWS\System32\rasapi32.dll
15:34:29.0384 8200  C:\WINDOWS\System32\rasapi32.dll - ok
15:34:29.0385 8200  [ EB38A254E097C6BBB9C4C3B81AD322AB ] C:\WINDOWS\SysWOW64\urlmon.dll
15:34:29.0385 8200  C:\WINDOWS\SysWOW64\urlmon.dll - ok
15:34:29.0386 8200  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\WINDOWS\System32\rasman.dll
15:34:29.0386 8200  C:\WINDOWS\System32\rasman.dll - ok
15:34:29.0386 8200  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\WINDOWS\System32\rtutils.dll
15:34:29.0386 8200  C:\WINDOWS\System32\rtutils.dll - ok
15:34:29.0387 8200  [ 64931E3C051A37A642FA72934359642B ] C:\WINDOWS\SysWOW64\iertutil.dll
15:34:29.0387 8200  C:\WINDOWS\SysWOW64\iertutil.dll - ok
15:34:29.0388 8200  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\WINDOWS\SysWOW64\imm32.dll
15:34:29.0388 8200  C:\WINDOWS\SysWOW64\imm32.dll - ok
15:34:29.0390 8200  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\WINDOWS\SysWOW64\wsock32.dll
15:34:29.0390 8200  C:\WINDOWS\SysWOW64\wsock32.dll - ok
15:34:29.0391 8200  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\WINDOWS\SysWOW64\msctf.dll
15:34:29.0391 8200  C:\WINDOWS\SysWOW64\msctf.dll - ok
15:34:29.0392 8200  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\WINDOWS\SysWOW64\msi.dll
15:34:29.0392 8200  C:\WINDOWS\SysWOW64\msi.dll - ok
15:34:29.0393 8200  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\WINDOWS\SysWOW64\cryptsp.dll
15:34:29.0393 8200  C:\WINDOWS\SysWOW64\cryptsp.dll - ok
15:34:29.0394 8200  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\WINDOWS\SysWOW64\rsaenh.dll
15:34:29.0394 8200  C:\WINDOWS\SysWOW64\rsaenh.dll - ok
15:34:29.0394 8200  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\WINDOWS\SysWOW64\ntmarta.dll
15:34:29.0394 8200  C:\WINDOWS\SysWOW64\ntmarta.dll - ok
15:34:29.0395 8200  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\WINDOWS\SysWOW64\Wldap32.dll
15:34:29.0395 8200  C:\WINDOWS\SysWOW64\Wldap32.dll - ok
15:34:29.0396 8200  [ 418E881201583A3039D81F43E39E6C78 ] C:\WINDOWS\SysWOW64\winsta.dll
15:34:29.0396 8200  C:\WINDOWS\SysWOW64\winsta.dll - ok
15:34:29.0397 8200  [ 2DFAB8C3C394E95D262E1325BDA5DFE4 ] C:\WINDOWS\SysWOW64\ntoskrnl.exe
15:34:29.0397 8200  C:\WINDOWS\SysWOW64\ntoskrnl.exe - ok
15:34:29.0398 8200  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\WINDOWS\SysWOW64\netapi32.dll
15:34:29.0398 8200  C:\WINDOWS\SysWOW64\netapi32.dll - ok
15:34:29.0398 8200  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\WINDOWS\SysWOW64\netutils.dll
15:34:29.0399 8200  C:\WINDOWS\SysWOW64\netutils.dll - ok
15:34:29.0399 8200  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\WINDOWS\SysWOW64\srvcli.dll
15:34:29.0399 8200  C:\WINDOWS\SysWOW64\srvcli.dll - ok
15:34:29.0400 8200  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\WINDOWS\SysWOW64\wkscli.dll
15:34:29.0400 8200  C:\WINDOWS\SysWOW64\wkscli.dll - ok
15:34:29.0401 8200  [ 65592E61FCE7551917D5A66C1EAB1D38 ] C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll.data
15:34:29.0401 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll.data - ok
15:34:29.0402 8200  [ 65592E61FCE7551917D5A66C1EAB1D38 ] C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll
15:34:29.0402 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll - ok
15:34:29.0402 8200  [ EE8ACC5B14B10898B2A6932775395E24 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll.data
15:34:29.0403 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll.data - ok
15:34:29.0403 8200  [ EE8ACC5B14B10898B2A6932775395E24 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll
15:34:29.0404 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll - ok
15:34:29.0404 8200  [ B89262DFCC5F567B73DFF55917A9A9E7 ] C:\Program Files (x86)\Trusteer\Rapport\bin\rookscom.dll.data
15:34:29.0405 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\rookscom.dll.data - ok
15:34:29.0405 8200  [ EF49E0D34358AE5FCD66EBEB3EC798BD ] C:\Program Files (x86)\Trusteer\Rapport\bin\rookscom.dll
15:34:29.0405 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\rookscom.dll - ok
15:34:29.0406 8200  [ FD45F85E265B0BFDB19540AE0AACD650 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rookscom_x64.dll.data
15:34:29.0406 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rookscom_x64.dll.data - ok
15:34:29.0407 8200  [ 1DF2774A37427B48E696736B8E4DC152 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rookscom_x64.dll
15:34:29.0407 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rookscom_x64.dll - ok
15:34:29.0408 8200  [ C1E9AAF3FC0FFB5EDB8795F02E1A2EFA ] C:\Program Files (x86)\Trusteer\Rapport\bin\rooksdol.dll.data
15:34:29.0408 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\rooksdol.dll.data - ok
15:34:29.0409 8200  [ C1E9AAF3FC0FFB5EDB8795F02E1A2EFA ] C:\Program Files (x86)\Trusteer\Rapport\bin\rooksdol.dll
15:34:29.0409 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\rooksdol.dll - ok
15:34:29.0410 8200  [ FD3C6F477ED5B6DA22AD473336DEDCCF ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksdol_x64.dll.data
15:34:29.0410 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksdol_x64.dll.data - ok
15:34:29.0411 8200  [ FD3C6F477ED5B6DA22AD473336DEDCCF ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksdol_x64.dll
15:34:29.0411 8200  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksdol_x64.dll - ok
15:34:29.0411 8200  [ 355129539881BCA4311EE32E79A99D67 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll
15:34:29.0411 8200  C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll - ok
15:34:29.0412 8200  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\WINDOWS\SysWOW64\oleacc.dll
15:34:29.0412 8200  C:\WINDOWS\SysWOW64\oleacc.dll - ok
15:34:29.0413 8200  [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll
15:34:29.0413 8200  C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll - ok
15:34:29.0414 8200  [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll
15:34:29.0414 8200  C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll - ok
15:34:29.0415 8200  [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll
15:34:29.0415 8200  C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll - ok
15:34:29.0416 8200  [ B00E9442B0BFE13C5ED2E5A07C20AEEC ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll
15:34:29.0416 8200  C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll - ok
15:34:29.0416 8200  [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll
15:34:29.0417 8200  C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll - ok
15:34:29.0417 8200  [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll
15:34:29.0417 8200  C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll - ok
15:34:29.0418 8200  [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll
15:34:29.0418 8200  C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll - ok
15:34:29.0419 8200  [ 81437FFE4702EEC19CE44E37929EC1F9 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus.dll
15:34:29.0419 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus.dll - ok
15:34:29.0420 8200  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\WINDOWS\SysWOW64\wintrust.dll
15:34:29.0420 8200  C:\WINDOWS\SysWOW64\wintrust.dll - ok
15:34:29.0422 8200  [ 1557FADD7DECA8C54AAB360EC125DB41 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll
15:34:29.0422 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll - ok
15:34:29.0423 8200  [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll
15:34:29.0424 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll - ok
15:34:29.0424 8200  [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll
15:34:29.0424 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll - ok
15:34:29.0425 8200  [ 8DDCC5CB606133D914430841CAD180FA ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
15:34:29.0426 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll - ok
15:34:29.0426 8200  [ B7E3E9D97C0E11EEA30C8B305A38B087 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\RapportVB.dll
15:34:29.0426 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\RapportVB.dll - ok
15:34:29.0427 8200  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\WINDOWS\SysWOW64\comdlg32.dll
15:34:29.0427 8200  C:\WINDOWS\SysWOW64\comdlg32.dll - ok
15:34:29.0428 8200  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
15:34:29.0428 8200  C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
15:34:29.0429 8200  [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\msvcp80.dll
15:34:29.0429 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\msvcp80.dll - ok
15:34:29.0430 8200  [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\msvcr80.dll
15:34:29.0430 8200  C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\msvcr80.dll - ok
15:34:29.0431 8200  [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll
15:34:29.0431 8200  C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll - ok
15:34:29.0432 8200  [ B170C933C71C439AE44DD0865B01D04D ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll
15:34:29.0432 8200  C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll - ok
15:34:29.0433 8200  [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll
15:34:29.0433 8200  C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll - ok
15:34:29.0434 8200  [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll
15:34:29.0434 8200  C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll - ok
15:34:29.0436 8200  [ 78A1E65207484B7F8D3217507745F47C ] C:\WINDOWS\System32\avrt.dll
15:34:29.0436 8200  C:\WINDOWS\System32\avrt.dll - ok
15:34:29.0437 8200  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\WINDOWS\System32\winmm.dll
15:34:29.0437 8200  C:\WINDOWS\System32\winmm.dll - ok
15:34:29.0438 8200  [ 9110FFAD124283F37D38771BB60556AF ] C:\WINDOWS\System32\dsound.dll
15:34:29.0438 8200  C:\WINDOWS\System32\dsound.dll - ok
15:34:29.0438 8200  [ 5697FB5DCF36ADA09C153378E88AE6AD ] C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe
15:34:29.0439 8200  C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe - ok
15:34:29.0439 8200  [ 47232CB3941B68B0E70FB053C42CBCE0 ] C:\WINDOWS\System32\stapi64.dll
15:34:29.0440 8200  C:\WINDOWS\System32\stapi64.dll - ok
15:34:29.0440 8200  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\WINDOWS\System32\audiodg.exe
15:34:29.0440 8200  C:\WINDOWS\System32\audiodg.exe - ok
15:34:29.0441 8200  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\WINDOWS\System32\MPSSVC.dll
15:34:29.0441 8200  C:\WINDOWS\System32\MPSSVC.dll - ok
15:34:29.0442 8200  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\WINDOWS\System32\AudioSes.dll
15:34:29.0442 8200  C:\WINDOWS\System32\AudioSes.dll - ok
15:34:29.0443 8200  [ 352B3DC62A0D259A82A052238425C872 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
15:34:29.0443 8200  C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
15:34:29.0444 8200  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\WINDOWS\System32\adtschema.dll
15:34:29.0444 8200  C:\WINDOWS\System32\adtschema.dll - ok
15:34:29.0445 8200  [ 50544D04AD845C43130B70212EC05CCD ] C:\WINDOWS\System32\microsoft-windows-kernel-power-events.dll
15:34:29.0445 8200  C:\WINDOWS\System32\microsoft-windows-kernel-power-events.dll - ok
15:34:29.0445 8200  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\WINDOWS\System32\PSHED.DLL
15:34:29.0445 8200  C:\WINDOWS\System32\PSHED.DLL - ok
15:34:29.0446 8200  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\WINDOWS\System32\microsoft-windows-kernel-processor-power-events.dll
15:34:29.0446 8200  C:\WINDOWS\System32\microsoft-windows-kernel-processor-power-events.dll - ok
15:34:29.0447 8200  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\WINDOWS\System32\ntmarta.dll
15:34:29.0447 8200  C:\WINDOWS\System32\ntmarta.dll - ok
15:34:29.0448 8200  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\WINDOWS\SysWOW64\dnsapi.dll
15:34:29.0448 8200  C:\WINDOWS\SysWOW64\dnsapi.dll - ok
15:34:29.0449 8200  [ A90DC9ABD65DB1A8902F361103029952 ] C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
15:34:29.0449 8200  C:\WINDOWS\SysWOW64\IPHLPAPI.DLL - ok
15:34:29.0450 8200  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\WINDOWS\SysWOW64\rasapi32.dll
15:34:29.0450 8200  C:\WINDOWS\SysWOW64\rasapi32.dll - ok
15:34:29.0451 8200  [ CFF35B879D1618D42C86644C717BA947 ] C:\WINDOWS\SysWOW64\winnsi.dll
15:34:29.0451 8200  C:\WINDOWS\SysWOW64\winnsi.dll - ok
15:34:29.0452 8200  [ 2B81776DA02017A37FE26C662827470E ] C:\WINDOWS\System32\IPHLPAPI.DLL
15:34:29.0452 8200  C:\WINDOWS\System32\IPHLPAPI.DLL - ok
15:34:29.0452 8200  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\WINDOWS\SysWOW64\rasman.dll
15:34:29.0453 8200  C:\WINDOWS\SysWOW64\rasman.dll - ok
15:34:29.0453 8200  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\WINDOWS\SysWOW64\mswsock.dll
15:34:29.0453 8200  C:\WINDOWS\SysWOW64\mswsock.dll - ok
15:34:29.0454 8200  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\WINDOWS\SysWOW64\rtutils.dll
15:34:29.0454 8200  C:\WINDOWS\SysWOW64\rtutils.dll - ok
15:34:29.0456 8200  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\WINDOWS\System32\nlaapi.dll
15:34:29.0456 8200  C:\WINDOWS\System32\nlaapi.dll - ok
15:34:29.0457 8200  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\WINDOWS\System32\winnsi.dll
15:34:29.0457 8200  C:\WINDOWS\System32\winnsi.dll - ok
15:34:29.0458 8200  [ 58A0CDABEA255616827B1C22C9994466 ] C:\WINDOWS\System32\NapiNSP.dll
15:34:29.0458 8200  C:\WINDOWS\System32\NapiNSP.dll - ok
15:34:29.0459 8200  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\WINDOWS\SysWOW64\nlaapi.dll
15:34:29.0459 8200  C:\WINDOWS\SysWOW64\nlaapi.dll - ok
15:34:29.0460 8200  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\WINDOWS\SysWOW64\wship6.dll
15:34:29.0460 8200  C:\WINDOWS\SysWOW64\wship6.dll - ok
15:34:29.0460 8200  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\WINDOWS\SysWOW64\WSHTCPIP.DLL
15:34:29.0460 8200  C:\WINDOWS\SysWOW64\WSHTCPIP.DLL - ok
15:34:29.0461 8200  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
15:34:29.0461 8200  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
15:34:29.0462 8200  [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
15:34:29.0462 8200  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
15:34:29.0463 8200  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\WINDOWS\System32\pnrpnsp.dll
15:34:29.0463 8200  C:\WINDOWS\System32\pnrpnsp.dll - ok
15:34:29.0463 8200  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
15:34:29.0463 8200  C:\Program Files\Bonjour\mdnsNSP.dll - ok
15:34:29.0464 8200  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\WINDOWS\System32\winrnr.dll
15:34:29.0464 8200  C:\WINDOWS\System32\winrnr.dll - ok
15:34:29.0465 8200  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\WINDOWS\SysWOW64\dhcpcsvc.dll
15:34:29.0465 8200  C:\WINDOWS\SysWOW64\dhcpcsvc.dll - ok
15:34:29.0466 8200  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
15:34:29.0466 8200  C:\WINDOWS\SysWOW64\dhcpcsvc6.dll - ok
15:34:29.0466 8200  [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
15:34:29.0467 8200  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
15:34:29.0467 8200  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\WINDOWS\System32\dhcpcsvc.dll
15:34:29.0467 8200  C:\WINDOWS\System32\dhcpcsvc.dll - ok
15:34:29.0469 8200  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\WINDOWS\System32\dhcpcsvc6.dll
15:34:29.0469 8200  C:\WINDOWS\System32\dhcpcsvc6.dll - ok
15:34:29.0470 8200  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\WINDOWS\SysWOW64\rasadhlp.dll
15:34:29.0470 8200  C:\WINDOWS\SysWOW64\rasadhlp.dll - ok
15:34:29.0471 8200  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\WINDOWS\System32\rasadhlp.dll
15:34:29.0471 8200  C:\WINDOWS\System32\rasadhlp.dll - ok
15:34:29.0472 8200  [ 0040C486584A8E582C861CFB57AB5387 ] C:\WINDOWS\System32\FWPUCLNT.DLL
15:34:29.0472 8200  C:\WINDOWS\System32\FWPUCLNT.DLL - ok
15:34:29.0473 8200  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\WINDOWS\System32\gpsvc.dll
15:34:29.0473 8200  C:\WINDOWS\System32\gpsvc.dll - ok
15:34:29.0474 8200  [ 58775492FFD419248B08325E583C527F ] C:\WINDOWS\System32\atl.dll
15:34:29.0475 8200  C:\WINDOWS\System32\atl.dll - ok
15:34:29.0475 8200  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\WINDOWS\System32\es.dll
15:34:29.0476 8200  C:\WINDOWS\System32\es.dll - ok
15:34:29.0476 8200  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\WINDOWS\System32\dsrole.dll
15:34:29.0477 8200  C:\WINDOWS\System32\dsrole.dll - ok
15:34:29.0477 8200  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\WINDOWS\System32\slc.dll
15:34:29.0478 8200  C:\WINDOWS\System32\slc.dll - ok
15:34:29.0479 8200  [ 0840ABBBDF438691EE65A20040635CBE ] C:\Program Files\Dell\DellDock\DockLogin.exe
15:34:29.0479 8200  C:\Program Files\Dell\DellDock\DockLogin.exe - ok
15:34:29.0480 8200  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\WINDOWS\System32\uxsms.dll
15:34:29.0480 8200  C:\WINDOWS\System32\uxsms.dll - ok
15:34:29.0481 8200  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\WINDOWS\System32\WUDFPlatform.dll
15:34:29.0481 8200  C:\WINDOWS\System32\WUDFPlatform.dll - ok
15:34:29.0482 8200  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\WINDOWS\System32\UXInit.dll
15:34:29.0482 8200  C:\WINDOWS\System32\UXInit.dll - ok
15:34:29.0483 8200  [ 1538831CF8AD2979A04C423779465827 ] C:\WINDOWS\System32\drivers\lltdio.sys
15:34:29.0483 8200  C:\WINDOWS\System32\drivers\lltdio.sys - ok
15:34:29.0484 8200  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\WINDOWS\System32\drivers\nwifi.sys
15:34:29.0484 8200  C:\WINDOWS\System32\drivers\nwifi.sys - ok
15:34:29.0484 8200  [ 136185F9FB2CC61E573E676AA5402356 ] C:\WINDOWS\System32\drivers\ndisuio.sys
15:34:29.0485 8200  C:\WINDOWS\System32\drivers\ndisuio.sys - ok
15:34:29.0485 8200  [ DDC86E4F8E7456261E637E3552E804FF ] C:\WINDOWS\System32\drivers\rspndr.sys
15:34:29.0485 8200  C:\WINDOWS\System32\drivers\rspndr.sys - ok
15:34:29.0486 8200  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\WINDOWS\System32\nrpsrv.dll
15:34:29.0486 8200  C:\WINDOWS\System32\nrpsrv.dll - ok
15:34:29.0487 8200  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\WINDOWS\System32\dhcpcore6.dll
15:34:29.0487 8200  C:\WINDOWS\System32\dhcpcore6.dll - ok
15:34:29.0488 8200  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\WINDOWS\System32\imageres.dll
15:34:29.0488 8200  C:\WINDOWS\System32\imageres.dll - ok
15:34:29.0489 8200  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\WINDOWS\System32\dnsrslvr.dll
15:34:29.0489 8200  C:\WINDOWS\System32\dnsrslvr.dll - ok
15:34:29.0489 8200  [ 87356377F31DA5F20A833811CD59499C ] C:\WINDOWS\System32\eapphost.dll
15:34:29.0489 8200  C:\WINDOWS\System32\eapphost.dll - ok
15:34:29.0490 8200  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\WINDOWS\System32\dnsext.dll
15:34:29.0490 8200  C:\WINDOWS\System32\dnsext.dll - ok
15:34:29.0491 8200  [ 7373DE70D405FF08DC53336B83989138 ] C:\WINDOWS\System32\rastls.dll
15:34:29.0491 8200  C:\WINDOWS\System32\rastls.dll - ok
15:34:29.0492 8200  [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\WINDOWS\System32\raschap.dll
15:34:29.0492 8200  C:\WINDOWS\System32\raschap.dll - ok
15:34:29.0493 8200  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\WINDOWS\System32\umb.dll
15:34:29.0493 8200  C:\WINDOWS\System32\umb.dll - ok
15:34:29.0494 8200  [ A648C4A06DE367065B24056D067B4460 ] C:\WINDOWS\System32\wlanmsm.dll
15:34:29.0494 8200  C:\WINDOWS\System32\wlanmsm.dll - ok
15:34:29.0494 8200  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\WINDOWS\System32\wlansec.dll
15:34:29.0494 8200  C:\WINDOWS\System32\wlansec.dll - ok
15:34:29.0495 8200  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\WINDOWS\System32\onex.dll
15:34:29.0495 8200  C:\WINDOWS\System32\onex.dll - ok
15:34:29.0496 8200  [ 0D753307D274F3688BD21C377B616700 ] C:\WINDOWS\System32\eappcfg.dll
15:34:29.0496 8200  C:\WINDOWS\System32\eappcfg.dll - ok
15:34:29.0497 8200  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\WINDOWS\System32\eappprxy.dll
15:34:29.0497 8200  C:\WINDOWS\System32\eappprxy.dll - ok
15:34:29.0498 8200  [ 97E43F324BE1503CB2FFB058534688DA ] C:\WINDOWS\System32\l2gpstore.dll
15:34:29.0498 8200  C:\WINDOWS\System32\l2gpstore.dll - ok
15:34:29.0498 8200  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\WINDOWS\System32\WinSCard.dll
15:34:29.0499 8200  C:\WINDOWS\System32\WinSCard.dll - ok
15:34:29.0499 8200  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\WINDOWS\System32\wlanutil.dll
15:34:29.0499 8200  C:\WINDOWS\System32\wlanutil.dll - ok
15:34:29.0500 8200  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\WINDOWS\System32\wlgpclnt.dll
15:34:29.0500 8200  C:\WINDOWS\System32\wlgpclnt.dll - ok
15:34:29.0501 8200  [ 11338E0557B07BC32CDB980B6EDB35AA ] C:\WINDOWS\System32\ci.dll
15:34:29.0501 8200  C:\WINDOWS\System32\ci.dll - ok
15:34:29.0502 8200  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\WINDOWS\System32\msxml6.dll
15:34:29.0502 8200  C:\WINDOWS\System32\msxml6.dll - ok
15:34:29.0503 8200  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\WINDOWS\System32\ktmw32.dll
15:34:29.0503 8200  C:\WINDOWS\System32\ktmw32.dll - ok
15:34:29.0504 8200  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\WINDOWS\System32\fveapi.dll
15:34:29.0504 8200  C:\WINDOWS\System32\fveapi.dll - ok
15:34:29.0504 8200  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\WINDOWS\System32\fvecerts.dll
15:34:29.0504 8200  C:\WINDOWS\System32\fvecerts.dll - ok
15:34:29.0505 8200  [ 694865362F0965779F92BCFE97712323 ] C:\WINDOWS\System32\tbs.dll
15:34:29.0505 8200  C:\WINDOWS\System32\tbs.dll - ok
15:34:29.0506 8200  [ 03706015DB44368375AEBE6339490E66 ] C:\WINDOWS\System32\netcfgx.dll
15:34:29.0506 8200  C:\WINDOWS\System32\netcfgx.dll - ok
15:34:29.0507 8200  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\WINDOWS\System32\wiarpc.dll
15:34:29.0507 8200  C:\WINDOWS\System32\wiarpc.dll - ok
15:34:29.0508 8200  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\WINDOWS\System32\drivers\vwifimp.sys
15:34:29.0508 8200  C:\WINDOWS\System32\drivers\vwifimp.sys - ok
15:34:29.0508 8200  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\WINDOWS\System32\taskcomp.dll
15:34:29.0509 8200  C:\WINDOWS\System32\taskcomp.dll - ok
15:34:29.0509 8200  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\WINDOWS\System32\drivers\srvnet.sys
15:34:29.0509 8200  C:\WINDOWS\System32\drivers\srvnet.sys - ok
15:34:29.0510 8200  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\WINDOWS\System32\drivers\bowser.sys
15:34:29.0510 8200  C:\WINDOWS\System32\drivers\bowser.sys - ok
15:34:29.0511 8200  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\WINDOWS\System32\drivers\mpsdrv.sys
15:34:29.0511 8200  C:\WINDOWS\System32\drivers\mpsdrv.sys - ok
15:34:29.0512 8200  [ A5D9106A73DC88564C825D317CAC68AC ] C:\WINDOWS\System32\drivers\mrxsmb.sys
15:34:29.0512 8200  C:\WINDOWS\System32\drivers\mrxsmb.sys - ok
15:34:29.0513 8200  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\WINDOWS\System32\drivers\mrxsmb10.sys
15:34:29.0513 8200  C:\WINDOWS\System32\drivers\mrxsmb10.sys - ok
15:34:29.0513 8200  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\WINDOWS\System32\drivers\mrxsmb20.sys
15:34:29.0513 8200  C:\WINDOWS\System32\drivers\mrxsmb20.sys - ok
15:34:29.0514 8200  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\WINDOWS\System32\drivers\srv2.sys
15:34:29.0514 8200  C:\WINDOWS\System32\drivers\srv2.sys - ok
15:34:29.0516 8200  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\WINDOWS\System32\drivers\srv.sys
15:34:29.0516 8200  C:\WINDOWS\System32\drivers\srv.sys - ok
15:34:29.0517 8200  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\WINDOWS\System32\netmsg.dll
15:34:29.0517 8200  C:\WINDOWS\System32\netmsg.dll - ok
15:34:29.0518 8200  [ 81749E073AC5857B044A686B406E5244 ] C:\WINDOWS\System32\clusapi.dll
15:34:29.0518 8200  C:\WINDOWS\System32\clusapi.dll - ok
15:34:29.0518 8200  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\WINDOWS\System32\sscore.dll
15:34:29.0519 8200  C:\WINDOWS\System32\sscore.dll - ok
15:34:29.0519 8200  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\WINDOWS\System32\wfapigp.dll
15:34:29.0519 8200  C:\WINDOWS\System32\wfapigp.dll - ok
15:34:29.0520 8200  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\WINDOWS\System32\resutils.dll
15:34:29.0520 8200  C:\WINDOWS\System32\resutils.dll - ok
15:34:29.0521 8200  [ 426E0E8127BAC7D5DDEE8251F104E053 ] C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
15:34:29.0521 8200  C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe - ok
15:34:29.0522 8200  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\WINDOWS\SysWOW64\mscoree.dll
15:34:29.0522 8200  C:\WINDOWS\SysWOW64\mscoree.dll - ok
15:34:29.0523 8200  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
15:34:29.0523 8200  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
15:34:29.0524 8200  [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
15:34:29.0524 8200  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
15:34:29.0525 8200  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:34:29.0525 8200  C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:34:29.0526 8200  [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
15:34:29.0526 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
15:34:29.0526 8200  [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
15:34:29.0526 8200  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
15:34:29.0527 8200  [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
15:34:29.0527 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
15:34:29.0528 8200  [ 7765680E25E329708CB034B180CF9FCD ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
15:34:29.0528 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
15:34:29.0529 8200  [ 43748180DE16AE74E12BFA415D3E3CBA ] C:\Program Files (x86)\Absolute Software\Absolute Notifier\Com.Absolute.Common.Agent.Remoting.dll
15:34:29.0529 8200  C:\Program Files (x86)\Absolute Software\Absolute Notifier\Com.Absolute.Common.Agent.Remoting.dll - ok
15:34:29.0529 8200  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:34:29.0529 8200  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
15:34:29.0530 8200  [ C3670CD073CAF4866F600CDA2E8CD0E5 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
15:34:29.0530 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll - ok
15:34:29.0531 8200  [ C6458BF42FD8A9194EA4B2C81AA3B157 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
15:34:29.0531 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll - ok
15:34:29.0532 8200  [ 871F7F32E3441580138E61A4AA072DF6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
15:34:29.0532 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
15:34:29.0532 8200  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
15:34:29.0532 8200  C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
15:34:29.0533 8200  [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
15:34:29.0534 8200  C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe - ok
15:34:29.0534 8200  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
15:34:29.0534 8200  C:\Program Files\Bonjour\mDNSResponder.exe - ok
15:34:29.0535 8200  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\WINDOWS\System32\cryptnet.dll
15:34:29.0535 8200  C:\WINDOWS\System32\cryptnet.dll - ok
15:34:29.0545 8200  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\WINDOWS\System32\taskschd.dll
15:34:29.0545 8200  C:\WINDOWS\System32\taskschd.dll - ok
15:34:29.0546 8200  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\WINDOWS\System32\vssapi.dll
15:34:29.0546 8200  C:\WINDOWS\System32\vssapi.dll - ok
15:34:29.0547 8200  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\WINDOWS\System32\vpnikeapi.dll
15:34:29.0547 8200  C:\WINDOWS\System32\vpnikeapi.dll - ok
15:34:29.0547 8200  [ 1727B2A2F379A32B864C096FA794AADC ] C:\WINDOWS\System32\aepic.dll
15:34:29.0548 8200  C:\WINDOWS\System32\aepic.dll - ok
15:34:29.0548 8200  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\WINDOWS\System32\ncsi.dll
15:34:29.0548 8200  C:\WINDOWS\System32\ncsi.dll - ok
15:34:29.0549 8200  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\WINDOWS\System32\vsstrace.dll
15:34:29.0549 8200  C:\WINDOWS\System32\vsstrace.dll - ok
15:34:29.0550 8200  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\WINDOWS\System32\sfc.dll
15:34:29.0550 8200  C:\WINDOWS\System32\sfc.dll - ok
15:34:29.0653 8200  [ 895C9AB0A855547445C4181195230757 ] C:\WINDOWS\System32\sfc_os.dll
15:34:29.0653 8200  C:\WINDOWS\System32\sfc_os.dll - ok
15:34:29.0711 8200  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\WINDOWS\System32\webio.dll
15:34:29.0711 8200  C:\WINDOWS\System32\webio.dll - ok
15:34:29.0712 8200  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\WINDOWS\System32\ssdpapi.dll
15:34:29.0712 8200  C:\WINDOWS\System32\ssdpapi.dll - ok
15:34:29.0713 8200  [ 3BEA1D461531D1D26F5695BB9CA97A18 ] C:\Program Files\Common Files\Motive\pcCMService.exe
15:34:29.0713 8200  C:\Program Files\Common Files\Motive\pcCMService.exe - ok
15:34:29.0714 8200  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\WINDOWS\System32\aeevts.dll
15:34:29.0714 8200  C:\WINDOWS\System32\aeevts.dll - ok
15:34:29.0715 8200  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\WINDOWS\System32\drivers\PEAuth.sys
15:34:29.0715 8200  C:\WINDOWS\System32\drivers\PEAuth.sys - ok
15:34:29.0716 8200  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\WINDOWS\System32\Locator.exe
15:34:29.0716 8200  C:\WINDOWS\System32\Locator.exe - ok
15:34:29.0716 8200  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\WINDOWS\System32\IPSECSVC.DLL
15:34:29.0717 8200  C:\WINDOWS\System32\IPSECSVC.DLL - ok
15:34:29.0717 8200  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\WINDOWS\System32\FwRemoteSvr.dll
15:34:29.0717 8200  C:\WINDOWS\System32\FwRemoteSvr.dll - ok
15:34:29.0718 8200  [ 16A252022535B680046F6E34E136D378 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:34:29.0718 8200  C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - ok
15:34:29.0719 8200  [ CA9F7888B524D8100B977C81F44C3234 ] C:\WINDOWS\SysWOW64\winhttp.dll
15:34:29.0719 8200  C:\WINDOWS\SysWOW64\winhttp.dll - ok
15:34:29.0724 8200  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\WINDOWS\SysWOW64\SensApi.dll
15:34:29.0724 8200  C:\WINDOWS\SysWOW64\SensApi.dll - ok
15:34:29.0725 8200  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\WINDOWS\SysWOW64\webio.dll
15:34:29.0725 8200  C:\WINDOWS\SysWOW64\webio.dll - ok
15:34:29.0725 8200  [ FF5688D309347F2720911D8796912834 ] C:\WINDOWS\SysWOW64\clbcatq.dll
15:34:29.0726 8200  C:\WINDOWS\SysWOW64\clbcatq.dll - ok
15:34:29.0726 8200  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\WINDOWS\SysWOW64\msxml6.dll
15:34:29.0726 8200  C:\WINDOWS\SysWOW64\msxml6.dll - ok
15:34:29.0727 8200  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\WINDOWS\System32\drivers\secdrv.sys
15:34:29.0728 8200  C:\WINDOWS\System32\drivers\secdrv.sys - ok
15:34:29.0728 8200  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\WINDOWS\SysWOW64\RpcRtRemote.dll
15:34:29.0728 8200  C:\WINDOWS\SysWOW64\RpcRtRemote.dll - ok
15:34:29.0729 8200  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:34:29.0729 8200  C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
15:34:29.0730 8200  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
15:34:29.0730 8200  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
15:34:29.0732 8200  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\WINDOWS\System32\httpapi.dll
15:34:29.0732 8200  C:\WINDOWS\System32\httpapi.dll - ok
15:34:29.0733 8200  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\WINDOWS\System32\drivers\tcpipreg.sys
15:34:29.0733 8200  C:\WINDOWS\System32\drivers\tcpipreg.sys - ok
15:34:29.0734 8200  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\WINDOWS\System32\wiatrace.dll
15:34:29.0734 8200  C:\WINDOWS\System32\wiatrace.dll - ok
15:34:29.0735 8200  [ 7E236CC26FF0C2513819FA453E2C5371 ] C:\WINDOWS\System32\icaapi.dll
15:34:29.0735 8200  C:\WINDOWS\System32\icaapi.dll - ok
15:34:29.0736 8200  [ 8AFFFDA081CFF3057391FEDBBB483601 ] C:\WINDOWS\SysWOW64\UTSCSI.EXE
15:34:29.0736 8200  C:\WINDOWS\SysWOW64\UTSCSI.EXE - ok
15:34:29.0737 8200  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\WINDOWS\System32\wbemcomn.dll
15:34:29.0737 8200  C:\WINDOWS\System32\wbemcomn.dll - ok
15:34:29.0738 8200  [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:34:29.0738 8200  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
15:34:29.0738 8200  [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
15:34:29.0738 8200  C:\Program Files\Windows Defender\MpSvc.dll - ok
15:34:29.0739 8200  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\WINDOWS\System32\wbem\WinMgmtR.dll
15:34:29.0739 8200  C:\WINDOWS\System32\wbem\WinMgmtR.dll - ok
15:34:29.0740 8200  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\WINDOWS\System32\wbem\WmiDcPrv.dll
15:34:29.0740 8200  C:\WINDOWS\System32\wbem\WmiDcPrv.dll - ok
15:34:29.0741 8200  [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
15:34:29.0741 8200  C:\Program Files\Windows Defender\MpClient.dll - ok
15:34:29.0742 8200  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\WINDOWS\System32\p2pcollab.dll
15:34:29.0742 8200  C:\WINDOWS\System32\p2pcollab.dll - ok
15:34:29.0743 8200  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\WINDOWS\System32\fveui.dll
15:34:29.0743 8200  C:\WINDOWS\System32\fveui.dll - ok
15:34:29.0744 8200  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\WINDOWS\System32\esent.dll
15:34:29.0744 8200  C:\WINDOWS\System32\esent.dll - ok
15:34:29.0744 8200  [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
15:34:29.0744 8200  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
15:34:29.0745 8200  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\WINDOWS\System32\wbem\fastprox.dll
15:34:29.0745 8200  C:\WINDOWS\System32\wbem\fastprox.dll - ok
15:34:29.0750 8200  [ EE26D130808D16C0E417BBBED0451B34 ] C:\WINDOWS\System32\ntdsapi.dll
15:34:29.0750 8200  C:\WINDOWS\System32\ntdsapi.dll - ok
15:34:29.0751 8200  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\WINDOWS\System32\wbem\wbemprox.dll
15:34:29.0751 8200  C:\WINDOWS\System32\wbem\wbemprox.dll - ok
15:34:29.0751 8200  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\WINDOWS\System32\wbem\wbemcore.dll
15:34:29.0752 8200  C:\WINDOWS\System32\wbem\wbemcore.dll - ok
15:34:29.0752 8200  [ 087D8668C71634A3A3761135ABF16EEE ] C:\WINDOWS\System32\wbem\esscli.dll
15:34:29.0752 8200  C:\WINDOWS\System32\wbem\esscli.dll - ok
15:34:29.0753 8200  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\WINDOWS\System32\wbem\wbemsvc.dll
15:34:29.0753 8200  C:\WINDOWS\System32\wbem\wbemsvc.dll - ok
15:34:29.0754 8200  [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
15:34:29.0754 8200  C:\Program Files\Windows Defender\MpRTP.dll - ok
15:34:29.0754 8200  [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\WINDOWS\System32\tdh.dll
15:34:29.0755 8200  C:\WINDOWS\System32\tdh.dll - ok
15:34:29.0755 8200  [ 4AB30A1E63CE139BE363F920220EDB83 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3E70F95-57CA-41A4-BE71-625DCBC203F8}\mpengine.dll
15:34:29.0755 8200  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3E70F95-57CA-41A4-BE71-625DCBC203F8}\mpengine.dll - ok
15:34:29.0756 8200  [ 7914E02F598F1DED9EDAF35268173877 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3E70F95-57CA-41A4-BE71-625DCBC203F8}\mpasbase.vdm
15:34:29.0756 8200  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3E70F95-57CA-41A4-BE71-625DCBC203F8}\mpasbase.vdm - ok
15:34:29.0757 8200  [ 314F6FC7F71DF85C9CD5E7447A97BF6D ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3E70F95-57CA-41A4-BE71-625DCBC203F8}\mpasdlta.vdm
15:34:29.0757 8200  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3E70F95-57CA-41A4-BE71-625DCBC203F8}\mpasdlta.vdm - ok
15:34:29.0758 8200  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\WINDOWS\System32\wbem\wmiutils.dll
15:34:29.0758 8200  C:\WINDOWS\System32\wbem\wmiutils.dll - ok
15:34:29.0759 8200  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\WINDOWS\System32\wbem\repdrvfs.dll
15:34:29.0759 8200  C:\WINDOWS\System32\wbem\repdrvfs.dll - ok
15:34:29.0760 8200  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
15:34:29.0760 8200  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
15:34:29.0761 8200  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\WINDOWS\System32\SensApi.dll
15:34:29.0761 8200  C:\WINDOWS\System32\SensApi.dll - ok
15:34:29.0762 8200  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\WINDOWS\System32\wer.dll
15:34:29.0762 8200  C:\WINDOWS\System32\wer.dll - ok
15:34:29.0766 8200  [ 7548066DF68A8A1A56B043359F915F37 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
15:34:29.0766 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
15:34:29.0767 8200  [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
15:34:29.0767 8200  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
15:34:29.0768 8200  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\WINDOWS\System32\msxml3.dll
15:34:29.0768 8200  C:\WINDOWS\System32\msxml3.dll - ok
15:34:29.0769 8200  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\WINDOWS\SysWOW64\winspool.drv
15:34:29.0769 8200  C:\WINDOWS\SysWOW64\winspool.drv - ok
15:34:29.0770 8200  [ 984BDAC9F4FC9993CE8D3A7D7DA3E9A5 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
15:34:29.0770 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
15:34:29.0770 8200  [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
15:34:29.0771 8200  C:\Program Files\Windows Defender\MsMpLics.dll - ok
15:34:29.0771 8200  [ 218A400108F280428FA22282D3268BBC ] C:\WINDOWS\System32\wscapi.dll
15:34:29.0771 8200  C:\WINDOWS\System32\wscapi.dll - ok
15:34:29.0772 8200  [ 3960CEB4A6B13784252D827ECF65CED3 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ARA\Shell_ARA.dll
15:34:29.0772 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ARA\Shell_ARA.dll - ok
15:34:29.0773 8200  [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
15:34:29.0773 8200  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
15:34:29.0774 8200  [ 27B9E163740A226B65E4B9E186117911 ] C:\WINDOWS\System32\sqmapi.dll
15:34:29.0774 8200  C:\WINDOWS\System32\sqmapi.dll - ok
15:34:29.0775 8200  [ 1530DFBDFD68AAD1FD5FDA52EA44925E ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CHS\Shell_CHS.dll
15:34:29.0775 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CHS\Shell_CHS.dll - ok
15:34:29.0776 8200  [ 7FC0F6C8A0CEFBE4E60D8577C6FF8584 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CHT\Shell_CHT.dll
15:34:29.0776 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CHT\Shell_CHT.dll - ok
15:34:29.0777 8200  [ EEA7E552C2C992CFD4B50857010F39EA ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CSY\Shell_CSY.dll
15:34:29.0777 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\CSY\Shell_CSY.dll - ok
15:34:29.0778 8200  [ 5E2623439A9936D320FE8DC1AB84526A ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\DAN\Shell_DAN.dll
15:34:29.0778 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\DAN\Shell_DAN.dll - ok
15:34:29.0780 8200  [ 8F1656DEB2E861D608909792F5A68C3B ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\DEU\Shell_DEU.dll
15:34:29.0780 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\DEU\Shell_DEU.dll - ok
15:34:29.0781 8200  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\WINDOWS\System32\wdscore.dll
15:34:29.0781 8200  C:\WINDOWS\System32\wdscore.dll - ok
15:34:29.0782 8200  [ 44C96B48112EB24AE7764EBF1C527000 ] C:\WINDOWS\System32\rastapi.dll
15:34:29.0782 8200  C:\WINDOWS\System32\rastapi.dll - ok
15:34:29.0782 8200  [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\WINDOWS\System32\tapi32.dll
15:34:29.0783 8200  C:\WINDOWS\System32\tapi32.dll - ok
15:34:29.0783 8200  [ 3B367397320C26DBA890B260F80D1B1B ] C:\WINDOWS\System32\hnetcfg.dll
15:34:29.0783 8200  C:\WINDOWS\System32\hnetcfg.dll - ok
15:34:29.0786 8200  [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\WINDOWS\System32\unimdm.tsp
15:34:29.0786 8200  C:\WINDOWS\System32\unimdm.tsp - ok
15:34:29.0786 8200  [ FEB91B4DA0D540865260A33838654FA3 ] C:\WINDOWS\System32\nci.dll
15:34:29.0787 8200  C:\WINDOWS\System32\nci.dll - ok
15:34:29.0787 8200  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\WINDOWS\System32\dllhost.exe
15:34:29.0787 8200  C:\WINDOWS\System32\dllhost.exe - ok
15:34:29.0788 8200  [ 94B7DF336815B47236724019FAB24B7C ] C:\WINDOWS\System32\uniplat.dll
15:34:29.0788 8200  C:\WINDOWS\System32\uniplat.dll - ok
15:34:29.0789 8200  [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\WINDOWS\System32\kmddsp.tsp
15:34:29.0789 8200  C:\WINDOWS\System32\kmddsp.tsp - ok
15:34:29.0790 8200  [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\WINDOWS\System32\ndptsp.tsp
15:34:29.0790 8200  C:\WINDOWS\System32\ndptsp.tsp - ok
15:34:29.0790 8200  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
15:34:29.0790 8200  C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
15:34:29.0791 8200  [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\WINDOWS\System32\hidphone.tsp
15:34:29.0791 8200  C:\WINDOWS\System32\hidphone.tsp - ok
15:34:29.0792 8200  [ A717A35120DBAB5AB707AB40662AF9DD ] C:\WINDOWS\System32\rasppp.dll
15:34:29.0792 8200  C:\WINDOWS\System32\rasppp.dll - ok
15:34:29.0815 8200  [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\WINDOWS\System32\vpnike.dll
15:34:29.0815 8200  C:\WINDOWS\System32\vpnike.dll - ok
15:34:29.0816 8200  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\WINDOWS\System32\IDStore.dll
15:34:29.0816 8200  C:\WINDOWS\System32\IDStore.dll - ok
15:34:29.0817 8200  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\WINDOWS\System32\mprapi.dll
15:34:29.0817 8200  C:\WINDOWS\System32\mprapi.dll - ok
15:34:29.0818 8200  [ 78193AA97D679531522C3E2FA4A5EDFE ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ELL\Shell_ELL.dll
15:34:29.0818 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ELL\Shell_ELL.dll - ok
15:34:29.0819 8200  [ 793A19EAB66BB232F019DFF9D1977A41 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\Shell_ENU.dll
15:34:29.0819 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\Shell_ENU.dll - ok
15:34:29.0820 8200  [ BA726152513EC650EED219B7995DE852 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\Shell_ESP.dll
15:34:29.0820 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\Shell_ESP.dll - ok
15:34:29.0821 8200  [ 77C8E1779E784189EA29D9A5ECCDD9E9 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\FIN\Shell_FIN.dll
15:34:29.0821 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\FIN\Shell_FIN.dll - ok
15:34:29.0822 8200  [ AFD87B70E2C48EC080CA28ADCC3175B5 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\FRA\Shell_FRA.dll
15:34:29.0822 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\FRA\Shell_FRA.dll - ok
15:34:29.0823 8200  [ 5ECEA5F29DCEE8D320454C86A1CB3366 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\HEB\Shell_HEB.dll
15:34:29.0823 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\HEB\Shell_HEB.dll - ok
15:34:29.0824 8200  [ 18873D2B1ABBB8826ED18F840CB8E0D3 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\HUN\Shell_HUN.dll
15:34:29.0824 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\HUN\Shell_HUN.dll - ok
15:34:29.0827 8200  [ 79ECBC83B844F7A474C66BE77AAF7180 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ITA\Shell_ITA.dll
15:34:29.0827 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ITA\Shell_ITA.dll - ok
15:34:29.0828 8200  [ 069006BF253F32CD980E67E8671DFE3C ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\JPN\Shell_JPN.dll
15:34:29.0828 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\JPN\Shell_JPN.dll - ok
15:34:29.0829 8200  [ 5925F32114BF5ACF50C66500433B35CC ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\KOR\Shell_KOR.dll
15:34:29.0829 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\KOR\Shell_KOR.dll - ok
15:34:29.0830 8200  [ 03C7D7A1553E3009CEBE3013A578B0ED ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\NLD\Shell_NLD.dll
15:34:29.0830 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\NLD\Shell_NLD.dll - ok
15:34:29.0831 8200  [ 4FFD3E3363EBAC7FC8BBA58EAD594AFF ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\NOR\Shell_NOR.dll
15:34:29.0831 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\NOR\Shell_NOR.dll - ok
15:34:29.0832 8200  [ 2499E32320905E68F9710527593A0EDB ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PLK\Shell_PLK.dll
15:34:29.0832 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PLK\Shell_PLK.dll - ok
15:34:29.0833 8200  [ 591EA8B6991D99720B36EBC1CC16CEA8 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PTB\Shell_PTB.dll
15:34:29.0833 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PTB\Shell_PTB.dll - ok
15:34:29.0833 8200  [ A4487F6CEFED12F2C1257F6DBCDAEB1E ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PTG\Shell_PTG.dll
15:34:29.0833 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PTG\Shell_PTG.dll - ok
15:34:29.0834 8200  [ 35989A505DEEC24DEF8D327D22FF14D4 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RUS\Shell_RUS.dll
15:34:29.0834 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RUS\Shell_RUS.dll - ok
15:34:29.0835 8200  [ 9D825B4E6B28F93F326538515EFC880B ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\SVE\Shell_SVE.dll
15:34:29.0835 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\SVE\Shell_SVE.dll - ok
15:34:29.0837 8200  [ D9BFF3E59CBE32FE72D6D68F6AF348BD ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\THA\Shell_THA.dll
15:34:29.0837 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\THA\Shell_THA.dll - ok
15:34:29.0838 8200  [ E84CB5D899098DDEA6D013057C9E4B5F ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\TRK\Shell_TRK.dll
15:34:29.0838 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\TRK\Shell_TRK.dll - ok
15:34:29.0839 8200  [ 15C42334805B711FBF0C788A1D751528 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll
15:34:29.0839 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll - ok
15:34:29.0840 8200  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\WINDOWS\SysWOW64\wbemcomn.dll
15:34:29.0840 8200  C:\WINDOWS\SysWOW64\wbemcomn.dll - ok
15:34:29.0841 8200  [ C5B0324DB461559ADD070E632A6919FA ] C:\WINDOWS\SysWOW64\wbem\wbemprox.dll
15:34:29.0841 8200  C:\WINDOWS\SysWOW64\wbem\wbemprox.dll - ok
15:34:29.0842 8200  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\WINDOWS\System32\netshell.dll
15:34:29.0842 8200  C:\WINDOWS\System32\netshell.dll - ok
15:34:29.0842 8200  [ 639774C9ACD063F028F6084ABF5593AD ] C:\WINDOWS\System32\taskhost.exe
15:34:29.0843 8200  C:\WINDOWS\System32\taskhost.exe - ok
15:34:29.0844 8200  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\WINDOWS\System32\wbem\WmiPrvSD.dll
15:34:29.0844 8200  C:\WINDOWS\System32\wbem\WmiPrvSD.dll - ok
15:34:29.0844 8200  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\WINDOWS\SysWOW64\wbem\wbemsvc.dll
15:34:29.0844 8200  C:\WINDOWS\SysWOW64\wbem\wbemsvc.dll - ok
15:34:29.0845 8200  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\WINDOWS\System32\ncobjapi.dll
15:34:29.0845 8200  C:\WINDOWS\System32\ncobjapi.dll - ok
15:34:29.0846 8200  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\WINDOWS\System32\wbem\wbemess.dll
15:34:29.0846 8200  C:\WINDOWS\System32\wbem\wbemess.dll - ok
15:34:29.0847 8200  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\WINDOWS\SysWOW64\wbem\fastprox.dll
15:34:29.0847 8200  C:\WINDOWS\SysWOW64\wbem\fastprox.dll - ok
15:34:29.0848 8200  [ E3E811471DE781900FF21C1FD84E941E ] C:\WINDOWS\SysWOW64\ntdsapi.dll
15:34:29.0848 8200  C:\WINDOWS\SysWOW64\ntdsapi.dll - ok
15:34:29.0849 8200  [ 23566F9723771108D2E6CD768AC27407 ] C:\WINDOWS\System32\AtBroker.exe
15:34:29.0849 8200  C:\WINDOWS\System32\AtBroker.exe - ok
15:34:29.0850 8200  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\WINDOWS\System32\mpr.dll
15:34:29.0850 8200  C:\WINDOWS\System32\mpr.dll - ok
15:34:29.0850 8200  [ A5DBC74C5B91CF6E43B73D62936F8186 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
15:34:29.0850 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
15:34:29.0851 8200  [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\WINDOWS\System32\bitsperf.dll
15:34:29.0851 8200  C:\WINDOWS\System32\bitsperf.dll - ok
15:34:29.0852 8200  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\WINDOWS\System32\PlaySndSrv.dll
15:34:29.0852 8200  C:\WINDOWS\System32\PlaySndSrv.dll - ok
15:34:29.0853 8200  [ 3CEF96890064B3CDB190963157F24BAC ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
15:34:29.0853 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
15:34:29.0854 8200  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\WINDOWS\System32\diagperf.dll
15:34:29.0854 8200  C:\WINDOWS\System32\diagperf.dll - ok
15:34:29.0857 8200  [ 5BFB02BDA2700D078400E149BC4CF87A ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
15:34:29.0857 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
15:34:29.0858 8200  [ F7073C962C4FB7C415565DDE109DE49F ] C:\WINDOWS\System32\npmproxy.dll
15:34:29.0858 8200  C:\WINDOWS\System32\npmproxy.dll - ok
15:34:29.0859 8200  [ 3C29B98149A28FEDA42796D3EA904F62 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
15:34:29.0859 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
15:34:29.0860 8200  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\WINDOWS\System32\userinit.exe
15:34:29.0860 8200  C:\WINDOWS\System32\userinit.exe - ok
15:34:29.0861 8200  [ 38ADD53ECFC5F040EF1C647ECD22A2A4 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
15:34:29.0861 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
15:34:29.0862 8200  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\WINDOWS\System32\PortableDeviceApi.dll
15:34:29.0863 8200  C:\WINDOWS\System32\PortableDeviceApi.dll - ok
15:34:29.0863 8200  [ F0BFA0FE6317B40CD4A3FE5EB6F8C55F ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
15:34:29.0864 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
15:34:29.0864 8200  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\WINDOWS\System32\bitsigd.dll
15:34:29.0865 8200  C:\WINDOWS\System32\bitsigd.dll - ok
15:34:29.0865 8200  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\WINDOWS\System32\HotStartUserAgent.dll
15:34:29.0866 8200  C:\WINDOWS\System32\HotStartUserAgent.dll - ok
15:34:29.0866 8200  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\WINDOWS\System32\dssenh.dll
15:34:29.0867 8200  C:\WINDOWS\System32\dssenh.dll - ok
15:34:29.0867 8200  [ 43B02D7C43B77775F1DA63B1D1014F38 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
15:34:29.0868 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
15:34:29.0868 8200  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\WINDOWS\System32\MsCtfMonitor.dll
15:34:29.0868 8200  C:\WINDOWS\System32\MsCtfMonitor.dll - ok
15:34:29.0869 8200  [ F436E847FA799ECD75AD8C313673F450 ] C:\WINDOWS\SysWOW64\cfgmgr32.dll
15:34:29.0869 8200  C:\WINDOWS\SysWOW64\cfgmgr32.dll - ok
15:34:29.0870 8200  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\WINDOWS\System32\Apphlpdm.dll
15:34:29.0870 8200  C:\WINDOWS\System32\Apphlpdm.dll - ok
15:34:29.0871 8200  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\WINDOWS\System32\perftrack.dll
15:34:29.0871 8200  C:\WINDOWS\System32\perftrack.dll - ok
15:34:29.0872 8200  [ 5AF1E9600E3FF841E522703A4993ED0C ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
15:34:29.0872 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
15:34:29.0873 8200  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\WINDOWS\System32\pnpts.dll
15:34:29.0873 8200  C:\WINDOWS\System32\pnpts.dll - ok
15:34:29.0874 8200  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\WINDOWS\System32\upnp.dll
15:34:29.0874 8200  C:\WINDOWS\System32\upnp.dll - ok
15:34:29.0875 8200  [ E811F8510B133E70CF6E509FB809824F ] C:\WINDOWS\System32\wdiasqmmodule.dll
15:34:29.0875 8200  C:\WINDOWS\System32\wdiasqmmodule.dll - ok
15:34:29.0876 8200  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\WINDOWS\System32\PortableDeviceConnectApi.dll
15:34:29.0876 8200  C:\WINDOWS\System32\PortableDeviceConnectApi.dll - ok
15:34:29.0877 8200  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\WINDOWS\System32\localspl.dll
15:34:29.0877 8200  C:\WINDOWS\System32\localspl.dll - ok
15:34:29.0878 8200  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\WINDOWS\System32\ndiscapCfg.dll
15:34:29.0878 8200  C:\WINDOWS\System32\ndiscapCfg.dll - ok
15:34:29.0879 8200  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\WINDOWS\System32\radardt.dll
15:34:29.0879 8200  C:\WINDOWS\System32\radardt.dll - ok
15:34:29.0880 8200  [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\WINDOWS\System32\mprmsg.dll
15:34:29.0880 8200  C:\WINDOWS\System32\mprmsg.dll - ok
15:34:29.0881 8200  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\WINDOWS\System32\taskeng.exe
15:34:29.0881 8200  C:\WINDOWS\System32\taskeng.exe - ok
15:34:29.0882 8200  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\WINDOWS\System32\spoolss.dll
15:34:29.0882 8200  C:\WINDOWS\System32\spoolss.dll - ok
15:34:29.0883 8200  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\WINDOWS\System32\winspool.drv
15:34:29.0883 8200  C:\WINDOWS\System32\winspool.drv - ok
15:34:29.0884 8200  [ 19E41CCCEE697CC9465396B370929792 ] C:\WINDOWS\System32\FXSMON.dll
15:34:29.0884 8200  C:\WINDOWS\System32\FXSMON.dll - ok
15:34:29.0885 8200  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\WINDOWS\System32\PrintIsolationProxy.dll
15:34:29.0885 8200  C:\WINDOWS\System32\PrintIsolationProxy.dll - ok
15:34:29.0886 8200  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\WINDOWS\System32\tcpmon.dll
15:34:29.0886 8200  C:\WINDOWS\System32\tcpmon.dll - ok
15:34:29.0887 8200  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\WINDOWS\System32\snmpapi.dll
15:34:29.0887 8200  C:\WINDOWS\System32\snmpapi.dll - ok
15:34:29.0888 8200  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\WINDOWS\System32\dwmredir.dll
15:34:29.0890 8200  C:\WINDOWS\System32\dwmredir.dll - ok
15:34:29.0891 8200  [ FFF9D00CF16397C64317F213484F94BD ] C:\WINDOWS\System32\wsnmp32.dll
15:34:29.0891 8200  C:\WINDOWS\System32\wsnmp32.dll - ok
15:34:29.0891 8200  [ DF72A9936D0C3F517083119648814B09 ] C:\WINDOWS\System32\usbmon.dll
15:34:29.0891 8200  C:\WINDOWS\System32\usbmon.dll - ok
15:34:29.0892 8200  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\WINDOWS\System32\WSDMon.dll
15:34:29.0892 8200  C:\WINDOWS\System32\WSDMon.dll - ok
15:34:29.0893 8200  [ F1B205F932F62F94506A5F332C895DAF ] C:\WINDOWS\System32\WSDApi.dll
15:34:29.0893 8200  C:\WINDOWS\System32\WSDApi.dll - ok
15:34:29.0894 8200  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\WINDOWS\System32\webservices.dll
15:34:29.0894 8200  C:\WINDOWS\System32\webservices.dll - ok
15:34:29.0894 8200  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\WINDOWS\System32\fundisc.dll
15:34:29.0894 8200  C:\WINDOWS\System32\fundisc.dll - ok
15:34:29.0895 8200  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\WINDOWS\System32\fdPnp.dll
15:34:29.0895 8200  C:\WINDOWS\System32\fdPnp.dll - ok
15:34:29.0896 8200  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\WINDOWS\System32\dimsjob.dll
15:34:29.0896 8200  C:\WINDOWS\System32\dimsjob.dll - ok
15:34:29.0897 8200  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\WINDOWS\System32\spool\prtprocs\x64\winprint.dll
15:34:29.0897 8200  C:\WINDOWS\System32\spool\prtprocs\x64\winprint.dll - ok
15:34:29.0897 8200  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\WINDOWS\System32\msutb.dll
15:34:29.0897 8200  C:\WINDOWS\System32\msutb.dll - ok
15:34:29.0898 8200  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\WINDOWS\System32\TSChannel.dll
15:34:29.0898 8200  C:\WINDOWS\System32\TSChannel.dll - ok
15:34:29.0899 8200  [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\WINDOWS\System32\win32spl.dll
15:34:29.0899 8200  C:\WINDOWS\System32\win32spl.dll - ok
15:34:29.0900 8200  [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:34:29.0900 8200  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
15:34:29.0900 8200  [ AC5DF873913B00E554D8F553459BC431 ] C:\WINDOWS\System32\qmgrprxy.dll
15:34:29.0900 8200  C:\WINDOWS\System32\qmgrprxy.dll - ok
15:34:29.0903 8200  [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\WINDOWS\SysWOW64\qmgrprxy.dll
15:34:29.0903 8200  C:\WINDOWS\SysWOW64\qmgrprxy.dll - ok
15:34:29.0904 8200  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\WINDOWS\System32\inetpp.dll
15:34:29.0904 8200  C:\WINDOWS\System32\inetpp.dll - ok
15:34:29.0905 8200  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\WINDOWS\System32\cscapi.dll
15:34:29.0905 8200  C:\WINDOWS\System32\cscapi.dll - ok
15:34:29.0906 8200  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\WINDOWS\System32\dwmcore.dll
15:34:29.0906 8200  C:\WINDOWS\System32\dwmcore.dll - ok
15:34:29.0907 8200  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\WINDOWS\System32\d3d10_1.dll
15:34:29.0907 8200  C:\WINDOWS\System32\d3d10_1.dll - ok
15:34:29.0908 8200  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\WINDOWS\System32\d3d10_1core.dll
15:34:29.0908 8200  C:\WINDOWS\System32\d3d10_1core.dll - ok
15:34:29.0909 8200  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\WINDOWS\System32\dxgi.dll
15:34:29.0909 8200  C:\WINDOWS\System32\dxgi.dll - ok
15:34:29.0910 8200  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\WINDOWS\System32\d3d11.dll
15:34:29.0910 8200  C:\WINDOWS\System32\d3d11.dll - ok
15:34:29.0911 8200  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll
15:34:29.0911 8200  C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll - ok
15:34:29.0913 8200  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\WINDOWS\SysWOW64\imagehlp.dll
15:34:29.0913 8200  C:\WINDOWS\SysWOW64\imagehlp.dll - ok
15:34:29.0914 8200  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\WINDOWS\SysWOW64\cscapi.dll
15:34:29.0914 8200  C:\WINDOWS\SysWOW64\cscapi.dll - ok
15:34:29.0915 8200  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\WINDOWS\SysWOW64\dbghelp.dll
15:34:29.0915 8200  C:\WINDOWS\SysWOW64\dbghelp.dll - ok
15:34:29.0916 8200  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\WINDOWS\explorer.exe
15:34:29.0916 8200  C:\WINDOWS\explorer.exe - ok
15:34:29.0917 8200  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\WINDOWS\SysWOW64\apphelp.dll
15:34:29.0917 8200  C:\WINDOWS\SysWOW64\apphelp.dll - ok
15:34:29.0918 8200  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
15:34:29.0918 8200  C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
15:34:29.0919 8200  [ E8701176E4CD557C27ACC80F53F51BB2 ] C:\WINDOWS\System32\igd10umd64.dll
15:34:29.0919 8200  C:\WINDOWS\System32\igd10umd64.dll - ok
15:34:29.0921 8200  [ 4E252E85E5DC31BD645E809222AFAF27 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
15:34:29.0921 8200  C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe - ok
15:34:29.0922 8200  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\WINDOWS\SysWOW64\mstask.dll
15:34:29.0922 8200  C:\WINDOWS\SysWOW64\mstask.dll - ok
15:34:29.0923 8200  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\WINDOWS\System32\uDWM.dll
15:34:29.0923 8200  C:\WINDOWS\System32\uDWM.dll - ok
15:34:29.0924 8200  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\WINDOWS\System32\dbghelp.dll
15:34:29.0924 8200  C:\WINDOWS\System32\dbghelp.dll - ok
15:34:29.0925 8200  [ EED05D42D91835064703E2318552ED25 ] C:\WINDOWS\System32\ExplorerFrame.dll
15:34:29.0925 8200  C:\WINDOWS\System32\ExplorerFrame.dll - ok
15:34:29.0926 8200  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\WINDOWS\System32\EhStorShell.dll
15:34:29.0926 8200  C:\WINDOWS\System32\EhStorShell.dll - ok
15:34:29.0927 8200  [ 037A719DAD50603202C978CD802623E4 ] C:\WINDOWS\System32\ntshrui.dll
15:34:29.0927 8200  C:\WINDOWS\System32\ntshrui.dll - ok
15:34:29.0928 8200  [ 1D63F4366288B8A7595397E27010FD44 ] C:\WINDOWS\System32\IconCodecService.dll
15:34:29.0928 8200  C:\WINDOWS\System32\IconCodecService.dll - ok
15:34:29.0929 8200  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\WINDOWS\SysWOW64\ncrypt.dll
15:34:29.0929 8200  C:\WINDOWS\SysWOW64\ncrypt.dll - ok
15:34:29.0930 8200  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\WINDOWS\SysWOW64\bcrypt.dll
15:34:29.0930 8200  C:\WINDOWS\SysWOW64\bcrypt.dll - ok
15:34:29.0931 8200  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\WINDOWS\SysWOW64\bcryptprimitives.dll
15:34:29.0931 8200  C:\WINDOWS\SysWOW64\bcryptprimitives.dll - ok
15:34:29.0932 8200  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\WINDOWS\SysWOW64\gpapi.dll
15:34:29.0932 8200  C:\WINDOWS\SysWOW64\gpapi.dll - ok
15:34:29.0933 8200  [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\WINDOWS\SysWOW64\cryptnet.dll
15:34:29.0933 8200  C:\WINDOWS\SysWOW64\cryptnet.dll - ok
15:34:29.0934 8200  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\WINDOWS\System32\runonce.exe
15:34:29.0934 8200  C:\WINDOWS\System32\runonce.exe - ok
15:34:29.0935 8200  [ D44741F65A1D71F65814A12CF6E2400A ] C:\WINDOWS\SysWOW64\runonce.exe
15:34:29.0935 8200  C:\WINDOWS\SysWOW64\runonce.exe - ok
15:34:29.0936 8200  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\WINDOWS\SysWOW64\uxtheme.dll
15:34:29.0936 8200  C:\WINDOWS\SysWOW64\uxtheme.dll - ok
15:34:29.0937 8200  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\WINDOWS\SysWOW64\setupapi.dll
15:34:29.0937 8200  C:\WINDOWS\SysWOW64\setupapi.dll - ok
15:34:29.0938 8200  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\WINDOWS\SysWOW64\devobj.dll
15:34:29.0938 8200  C:\WINDOWS\SysWOW64\devobj.dll - ok
15:34:29.0939 8200  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\WINDOWS\SysWOW64\propsys.dll
15:34:29.0939 8200  C:\WINDOWS\SysWOW64\propsys.dll - ok
15:34:29.0940 8200  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\WINDOWS\SysWOW64\cmd.exe
15:34:29.0940 8200  C:\WINDOWS\SysWOW64\cmd.exe - ok
15:34:29.0941 8200  [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\WINDOWS\System32\conhost.exe
15:34:29.0942 8200  C:\WINDOWS\System32\conhost.exe - ok
15:34:29.0942 8200  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\WINDOWS\SysWOW64\winbrand.dll
15:34:29.0943 8200  C:\WINDOWS\SysWOW64\winbrand.dll - ok
15:34:29.0943 8200  [ 1F458D8B38D23FDC5FA26EF030AB296F ] C:\WINDOWS\SysWOW64\ieframe.dll
15:34:29.0944 8200  C:\WINDOWS\SysWOW64\ieframe.dll - ok
15:34:29.0944 8200  [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\WINDOWS\SysWOW64\shdocvw.dll
15:34:29.0944 8200  C:\WINDOWS\SysWOW64\shdocvw.dll - ok
15:34:29.0946 8200  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\JJPopsonIV\AppData\Local\Temp\9FC1F023-0CE0-44D8-BC8E-8EBEB0326EC2.exe
15:34:29.0946 8200  C:\Users\JJPopsonIV\AppData\Local\Temp\9FC1F023-0CE0-44D8-BC8E-8EBEB0326EC2.exe - ok
15:34:29.0947 8200  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\WINDOWS\SysWOW64\credssp.dll
15:34:29.0947 8200  C:\WINDOWS\SysWOW64\credssp.dll - ok
15:34:29.0948 8200  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
15:34:29.0948 8200  C:\WINDOWS\SysWOW64\FWPUCLNT.DLL - ok
15:34:29.0950 8200  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\WINDOWS\SysWOW64\dwmapi.dll
15:34:29.0950 8200  C:\WINDOWS\SysWOW64\dwmapi.dll - ok
15:34:29.0951 8200  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\WINDOWS\SysWOW64\WindowsCodecs.dll
15:34:29.0952 8200  C:\WINDOWS\SysWOW64\WindowsCodecs.dll - ok
15:34:29.0952 8200  [ 846D0E4DB261CFAF363902E41498E961 ] C:\WINDOWS\SysWOW64\EhStorShell.dll
15:34:29.0953 8200  C:\WINDOWS\SysWOW64\EhStorShell.dll - ok
15:34:29.0954 8200  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\WINDOWS\SysWOW64\ntshrui.dll
15:34:29.0954 8200  C:\WINDOWS\SysWOW64\ntshrui.dll - ok
15:34:29.0955 8200  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\WINDOWS\SysWOW64\slc.dll
15:34:29.0955 8200  C:\WINDOWS\SysWOW64\slc.dll - ok
15:34:29.0956 8200  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\WINDOWS\SysWOW64\imageres.dll
15:34:29.0956 8200  C:\WINDOWS\SysWOW64\imageres.dll - ok
15:34:29.0956 8200  [ D81BD435CE162736EF797B2D7B8F23AD ] C:\WINDOWS\System32\ieframe.dll
15:34:29.0956 8200  C:\WINDOWS\System32\ieframe.dll - ok
15:34:29.0957 8200  [ CF636C92B762B26F0B39B38E92380A09 ] C:\WINDOWS\System32\oleacc.dll
15:34:29.0957 8200  C:\WINDOWS\System32\oleacc.dll - ok
15:34:29.0958 8200  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\WINDOWS\System32\mlang.dll
15:34:29.0958 8200  C:\WINDOWS\System32\mlang.dll - ok
15:34:29.0959 8200  [ 3E6AD89F2B84AD76ABF2D69C23D47762 ] C:\WINDOWS\System32\mshtml.dll
15:34:29.0959 8200  C:\WINDOWS\System32\mshtml.dll - ok
15:34:29.0960 8200  [ 7CB3ACB163DE051169095DC6507B8977 ] C:\WINDOWS\System32\msls31.dll
15:34:29.0960 8200  C:\WINDOWS\System32\msls31.dll - ok
15:34:29.0960 8200  [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\WINDOWS\System32\msimtf.dll
15:34:29.0960 8200  C:\WINDOWS\System32\msimtf.dll - ok
15:34:29.0961 8200  [ 25B50D384D3B6EBC782DC544502AB373 ] C:\WINDOWS\System32\jscript.dll
15:34:29.0961 8200  C:\WINDOWS\System32\jscript.dll - ok
15:34:29.0962 8200  [ 1C083F4B871FB5CE740DE4302310E956 ] C:\WINDOWS\System32\Macromed\Flash\Flash64_11_7_700_202.ocx
15:34:29.0962 8200  C:\WINDOWS\System32\Macromed\Flash\Flash64_11_7_700_202.ocx - ok
15:34:29.0963 8200  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\WINDOWS\System32\mscms.dll
15:34:29.0963 8200  C:\WINDOWS\System32\mscms.dll - ok
15:34:29.0964 8200  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\WINDOWS\System32\msimg32.dll
15:34:29.0964 8200  C:\WINDOWS\System32\msimg32.dll - ok
15:34:29.0964 8200  [ 040B198DA82AC2C4DB22E088BBAFD10B ] C:\WINDOWS\System32\t2embed.dll
15:34:29.0964 8200  C:\WINDOWS\System32\t2embed.dll - ok
15:34:29.0966 8200  [ F60B6FA0D353DD31A59E86D3D3FD8066 ] C:\WINDOWS\System32\imgutil.dll
15:34:29.0966 8200  C:\WINDOWS\System32\imgutil.dll - ok
15:34:29.0967 8200  [ 0728937194E98613051F4A72C7F1D4BF ] C:\WINDOWS\System32\pngfilt.dll
15:34:29.0967 8200  C:\WINDOWS\System32\pngfilt.dll - ok
15:34:29.0968 8200  [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\WINDOWS\System32\shdocvw.dll
15:34:29.0968 8200  C:\WINDOWS\System32\shdocvw.dll - ok
15:34:29.0969 8200  [ 30D5604D63055850D35A318F11A7D9F8 ] C:\WINDOWS\System32\stapo64.dll
15:34:29.0969 8200  C:\WINDOWS\System32\stapo64.dll - ok
15:34:29.0970 8200  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\WINDOWS\System32\AudioEng.dll
15:34:29.0970 8200  C:\WINDOWS\System32\AudioEng.dll - ok
15:34:29.0971 8200  [ B4F1BFD9165FDD72C03B7D9C20A39F71 ] C:\WINDOWS\System32\ctapo64.dll
15:34:29.0971 8200  C:\WINDOWS\System32\ctapo64.dll - ok
15:34:29.0972 8200  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\WINDOWS\System32\WMALFXGFXDSP.dll
15:34:29.0972 8200  C:\WINDOWS\System32\WMALFXGFXDSP.dll - ok
15:34:29.0973 8200  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\WINDOWS\System32\mfplat.dll
15:34:29.0973 8200  C:\WINDOWS\System32\mfplat.dll - ok
15:34:29.0974 8200  [ C1395286B822E306B4FE1568A8A77813 ] C:\WINDOWS\System32\AUDIOKSE.dll
15:34:29.0974 8200  C:\WINDOWS\System32\AUDIOKSE.dll - ok
15:34:29.0975 8200  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\WINDOWS\System32\ksuser.dll
15:34:29.0975 8200  C:\WINDOWS\System32\ksuser.dll - ok
15:34:29.0976 8200  [ C469893743E18BA547DB3C7ED98B32F5 ] C:\WINDOWS\System32\AESTAR64.dll
15:34:29.0976 8200  C:\WINDOWS\System32\AESTAR64.dll - ok
15:34:29.0977 8200  [ A658CDE3B23B01BE98347504566F2A46 ] C:\WINDOWS\System32\dxtrans.dll
15:34:29.0977 8200  C:\WINDOWS\System32\dxtrans.dll - ok
15:34:29.0977 8200  [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\WINDOWS\System32\ddrawex.dll
15:34:29.0978 8200  C:\WINDOWS\System32\ddrawex.dll - ok
15:34:29.0978 8200  [ A6C09924C6730DE8DEED9890A12AA691 ] C:\WINDOWS\System32\ddraw.dll
15:34:29.0979 8200  C:\WINDOWS\System32\ddraw.dll - ok
15:34:29.0979 8200  [ 29C22748937F45C26590909E9F8E7137 ] C:\WINDOWS\System32\dciman32.dll
15:34:29.0979 8200  C:\WINDOWS\System32\dciman32.dll - ok
15:34:29.0982 8200  [ 05F15349D9576B9443C13AFE10E1E249 ] C:\WINDOWS\System32\dxtmsft.dll
15:34:29.0982 8200  C:\WINDOWS\System32\dxtmsft.dll - ok
15:34:29.0983 8200  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\WINDOWS\System32\wmp.dll
15:34:29.0983 8200  C:\WINDOWS\System32\wmp.dll - ok
15:34:29.0984 8200  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\WINDOWS\System32\wmploc.DLL
15:34:29.0984 8200  C:\WINDOWS\System32\wmploc.DLL - ok
15:34:29.0985 8200  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\WINDOWS\System32\drivers\fastfat.sys
15:34:29.0985 8200  C:\WINDOWS\System32\drivers\fastfat.sys - ok
15:34:29.0986 8200  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\WINDOWS\SysWOW64\sfc.dll
15:34:29.0986 8200  C:\WINDOWS\SysWOW64\sfc.dll - ok
15:34:29.0987 8200  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\WINDOWS\SysWOW64\sfc_os.dll
15:34:29.0987 8200  C:\WINDOWS\SysWOW64\sfc_os.dll - ok
15:34:29.0988 8200  [ 162D247E995EAEBF3EF4289069E1111C ] C:\WINDOWS\SysWOW64\devrtl.dll
15:34:29.0988 8200  C:\WINDOWS\SysWOW64\devrtl.dll - ok
15:34:29.0989 8200  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\WINDOWS\SysWOW64\mpr.dll
15:34:29.0989 8200  C:\WINDOWS\SysWOW64\mpr.dll - ok
15:34:29.0990 8200  [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\WINDOWS\System32\themeui.dll
15:34:29.0990 8200  C:\WINDOWS\System32\themeui.dll - ok
15:34:29.0991 8200  [ 6D220604AA4240303DD8DEAEAB428377 ] C:\WINDOWS\System32\ie4uinit.exe
15:34:29.0991 8200  C:\WINDOWS\System32\ie4uinit.exe - ok
15:34:29.0992 8200  [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\WINDOWS\System32\iedkcs32.dll
15:34:29.0992 8200  C:\WINDOWS\System32\iedkcs32.dll - ok
15:34:29.0993 8200  [ 220159496484D34009DE71CA1A68E0D4 ] C:\WINDOWS\System32\wbem\NCProv.dll
15:34:29.0993 8200  C:\WINDOWS\System32\wbem\NCProv.dll - ok
15:34:29.0993 8200  [ FB10715E4099AF9FA389C71873245226 ] C:\WINDOWS\System32\timedate.cpl
15:34:29.0993 8200  C:\WINDOWS\System32\timedate.cpl - ok
15:34:29.0994 8200  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\WINDOWS\System32\actxprxy.dll
15:34:29.0994 8200  C:\WINDOWS\System32\actxprxy.dll - ok
15:34:29.0995 8200  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\WINDOWS\System32\linkinfo.dll
15:34:29.0995 8200  C:\WINDOWS\System32\linkinfo.dll - ok
15:34:29.0996 8200  [ FD28E3B46F63337EAF905120F1E00070 ] C:\WINDOWS\System32\accessibilitycpl.dll
15:34:29.0996 8200  C:\WINDOWS\System32\accessibilitycpl.dll - ok
15:34:29.0997 8200  [ 50EBD31C3527366FAFA468BD609F7352 ] C:\WINDOWS\System32\wucltux.dll
15:34:29.0997 8200  C:\WINDOWS\System32\wucltux.dll - ok
15:34:29.0997 8200  [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
15:34:29.0998 8200  C:\Program Files\Windows Sidebar\sidebar.exe - ok
15:34:30.0007 8200  [ FDA49D1D0C201F6C76BD2593F562BF80 ] C:\WINDOWS\System32\WindowsAnytimeUpgradeui.exe
15:34:30.0007 8200  C:\WINDOWS\System32\WindowsAnytimeUpgradeui.exe - ok
15:34:30.0007 8200  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\WINDOWS\System32\msftedit.dll
15:34:30.0008 8200  C:\WINDOWS\System32\msftedit.dll - ok
15:34:30.0008 8200  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
15:34:30.0008 8200  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
15:34:30.0009 8200  [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
15:34:30.0009 8200  C:\Program Files\DVD Maker\DVDMaker.exe - ok
15:34:30.0010 8200  [ E27F9CC5BAEEDEF832415D1513382AF6 ] C:\PROGRA~2\WIC4A1~1\Mail\maillang.dll
15:34:30.0010 8200  C:\PROGRA~2\WIC4A1~1\Mail\maillang.dll - ok
15:34:30.0011 8200  [ 2D05DB6FB64F5290499D0A0B7F6FFF7E ] C:\PROGRA~2\WIC4A1~1\PHOTOG~1\MOVIEM~2.DLL
15:34:30.0011 8200  C:\PROGRA~2\WIC4A1~1\PHOTOG~1\MOVIEM~2.DLL - ok
15:34:30.0011 8200  [ 49FD14B8F41EFA4BC2181ECECB441425 ] C:\PROGRA~2\WIC4A1~1\PHOTOG~1\WL09BB~1.DLL
15:34:30.0012 8200  C:\PROGRA~2\WIC4A1~1\PHOTOG~1\WL09BB~1.DLL - ok
15:34:30.0012 8200  [ 492CB6A624D5DAD73EE0294B5DB37DD6 ] C:\WINDOWS\System32\xpsrchvw.exe
15:34:30.0012 8200  C:\WINDOWS\System32\xpsrchvw.exe - ok
15:34:30.0013 8200  [ B795E6138E29A37508285FC31E92BD78 ] C:\WINDOWS\System32\DisplaySwitch.exe
15:34:30.0013 8200  C:\WINDOWS\System32\DisplaySwitch.exe - ok
15:34:30.0014 8200  [ 98F1C94E108DF0811CC5EF098ECFB842 ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
15:34:30.0014 8200  C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
15:34:30.0019 8200  [ FA4C36B574BF387D9582ED2C54A347A8 ] C:\WINDOWS\System32\mblctr.exe
15:34:30.0019 8200  C:\WINDOWS\System32\mblctr.exe - ok
15:34:30.0020 8200  [ 98C04A60A10777D99B569636C55FE91C ] C:\WINDOWS\System32\mstsc.exe
15:34:30.0020 8200  C:\WINDOWS\System32\mstsc.exe - ok
15:34:30.0021 8200  [ 47F0F526AD4982806C54B845B3289DE1 ] C:\WINDOWS\System32\SoundRecorder.exe
15:34:30.0022 8200  C:\WINDOWS\System32\SoundRecorder.exe - ok
15:34:30.0022 8200  [ 0A8BEC706DBC33BEA9A919BEDA137A2D ] C:\WINDOWS\System32\SNTSearch.dll
15:34:30.0022 8200  C:\WINDOWS\System32\SNTSearch.dll - ok
15:34:30.0023 8200  [ 101797BA603D227946B4B5109867EB19 ] C:\WINDOWS\System32\SyncCenter.dll
15:34:30.0023 8200  C:\WINDOWS\System32\SyncCenter.dll - ok
15:34:30.0024 8200  [ FCF433BFE9F44C8FD2FAF1E8DED23D72 ] C:\WINDOWS\System32\OobeFldr.dll
15:34:30.0024 8200  C:\WINDOWS\System32\OobeFldr.dll - ok
15:34:30.0025 8200  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\WINDOWS\System32\DeviceCenter.dll
15:34:30.0025 8200  C:\WINDOWS\System32\DeviceCenter.dll - ok
15:34:30.0026 8200  [ F121FF27B30D62EB148E928C4769328B ] C:\WINDOWS\System32\Speech\SpeechUX\sapi.cpl
15:34:30.0026 8200  C:\WINDOWS\System32\Speech\SpeechUX\sapi.cpl - ok
15:34:30.0027 8200  [ 6E26EE228F60D75C732D209688FB546C ] C:\WINDOWS\System32\wdc.dll
15:34:30.0027 8200  C:\WINDOWS\System32\wdc.dll - ok
15:34:30.0027 8200  [ D8EB92619557053E893B9AC35E480CE1 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:34:30.0027 8200  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
15:34:30.0029 8200  [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\WINDOWS\System32\msinfo32.exe
15:34:30.0029 8200  C:\WINDOWS\System32\msinfo32.exe - ok
15:34:30.0030 8200  [ 3DB5A1EACE7F3049ECC49FA64461E254 ] C:\WINDOWS\System32\rstrui.exe
15:34:30.0030 8200  C:\WINDOWS\System32\rstrui.exe - ok
15:34:30.0031 8200  [ A440A6EFED28AB4A8741E76BBDCF4B78 ] C:\WINDOWS\System32\migwiz\wet.dll
15:34:30.0031 8200  C:\WINDOWS\System32\migwiz\wet.dll - ok
15:34:30.0032 8200  [ B6E1FA33E70BB12B5BAEB65EF3969EC8 ] C:\WINDOWS\System32\SynCOM.dll
15:34:30.0032 8200  C:\WINDOWS\System32\SynCOM.dll - ok
15:34:30.0033 8200  [ 43600D39FA6DF51D90DF04D905BE4142 ] C:\WINDOWS\System32\vbscript.dll
15:34:30.0033 8200  C:\WINDOWS\System32\vbscript.dll - ok
15:34:30.0034 8200  [ E075F0AAC9B352E300B1362BF8DE9235 ] C:\WINDOWS\System32\SynTPAPI.dll
15:34:30.0034 8200  C:\WINDOWS\System32\SynTPAPI.dll - ok
15:34:30.0035 8200  [ 0C575800C1E262CCD193A33AB8A899BA ] C:\WINDOWS\System32\igfxtray.exe
15:34:30.0035 8200  C:\WINDOWS\System32\igfxtray.exe - ok
15:34:30.0036 8200  [ 030FC59A421DE94305B5EC9E558C4677 ] C:\Program Files\Synaptics\SynTP\DellTpad.exe
15:34:30.0036 8200  C:\Program Files\Synaptics\SynTP\DellTpad.exe - ok
15:34:30.0037 8200  [ 8128233611A1FF81110CE6C52E8D2F87 ] C:\WINDOWS\System32\hkcmd.exe
15:34:30.0037 8200  C:\WINDOWS\System32\hkcmd.exe - ok
15:34:30.0038 8200  [ 1754D88D7558384DECC1395EE2C604EA ] C:\WINDOWS\System32\igfxpers.exe
15:34:30.0038 8200  C:\WINDOWS\System32\igfxpers.exe - ok
15:34:30.0039 8200  [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
15:34:30.0039 8200  C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
15:34:30.0040 8200  [ 593569F826ED1829ADC4CA7C030DE70D ] C:\Program Files\IDT\WDM\sttray64.exe
15:34:30.0040 8200  C:\Program Files\IDT\WDM\sttray64.exe - ok
15:34:30.0041 8200  [ 1C09858449980D64577E377EB262C9D7 ] C:\Program Files\Windows Journal\Journal.exe
15:34:30.0041 8200  C:\Program Files\Windows Journal\Journal.exe - ok
15:34:30.0041 8200  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\WINDOWS\System32\stobject.dll
15:34:30.0042 8200  C:\WINDOWS\System32\stobject.dll - ok
15:34:30.0044 8200  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\WINDOWS\System32\batmeter.dll
15:34:30.0044 8200  C:\WINDOWS\System32\batmeter.dll - ok
15:34:30.0045 8200  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\WINDOWS\System32\drivers\64105138.sys
15:34:30.0045 8200  C:\WINDOWS\System32\drivers\64105138.sys - ok
15:34:30.0046 8200  [ 24F4B480F335A6C724AF352253C5D98B ] C:\WINDOWS\System32\thumbcache.dll
15:34:30.0046 8200  C:\WINDOWS\System32\thumbcache.dll - ok
15:34:30.0047 8200  [ 19F9B524A525D202194247E96656CB88 ] C:\WINDOWS\System32\mfc42u.dll
15:34:30.0047 8200  C:\WINDOWS\System32\mfc42u.dll - ok
15:34:30.0048 8200  [ E43B76D4E809597384CA7E5AA8F5CB88 ] C:\WINDOWS\System32\hccutils.dll
15:34:30.0048 8200  C:\WINDOWS\System32\hccutils.dll - ok
15:34:30.0049 8200  [ F4E2C938C7C507DD74ADA0C513580AC6 ] C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
15:34:30.0049 8200  C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe - ok
15:34:30.0050 8200  [ 852D67A27E454BD389FA7F02A8CBE23F ] C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe
15:34:30.0050 8200  C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe - ok
15:34:30.0051 8200  [ 18112C79E804A9B1026703A631A5F526 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
15:34:30.0051 8200  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
15:34:30.0052 8200  [ BC0DF782D8C5C446C2AC7D16D2F3312C ] C:\Users\JJPopsonIV\AppData\Roaming\mjusbsp\cdloader2.exe
15:34:30.0052 8200  C:\Users\JJPopsonIV\AppData\Roaming\mjusbsp\cdloader2.exe - ok
15:34:30.0053 8200  [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\WINDOWS\System32\odbc32.dll
15:34:30.0053 8200  C:\WINDOWS\System32\odbc32.dll - ok
15:34:30.0054 8200  [ FC4C561550E5407FFA29D4F6C69B272F ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\iaaMon_ENU.dll
15:34:30.0054 8200  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\iaaMon_ENU.dll - ok
15:34:30.0055 8200  [ 566A4355CCFC6FDA21A898AB7E251778 ] C:\Program Files\IDT\WDM\stlang64.dll
15:34:30.0055 8200  C:\Program Files\IDT\WDM\stlang64.dll - ok
15:34:30.0056 8200  [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\WINDOWS\System32\odbcint.dll
15:34:30.0056 8200  C:\WINDOWS\System32\odbcint.dll - ok
15:34:30.0057 8200  [ DC86785C996F78B0893C7CB52263E59A ] C:\WINDOWS\System32\igfxsrvc.exe
15:34:30.0057 8200  C:\WINDOWS\System32\igfxsrvc.exe - ok
15:34:30.0058 8200  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\WINDOWS\System32\networkexplorer.dll
15:34:30.0058 8200  C:\WINDOWS\System32\networkexplorer.dll - ok
15:34:30.0059 8200  [ E948D1D42DC68923ABD75EEB5BCCD1D3 ] C:\WINDOWS\System32\consent.exe
15:34:30.0059 8200  C:\WINDOWS\System32\consent.exe - ok
15:34:30.0060 8200  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\WINDOWS\System32\prnfldr.dll
15:34:30.0060 8200  C:\WINDOWS\System32\prnfldr.dll - ok
15:34:30.0061 8200  [ 51D186B582C905E49D84B70322F70B21 ] C:\WINDOWS\System32\miguiresource.dll
15:34:30.0061 8200  C:\WINDOWS\System32\miguiresource.dll - ok
15:34:30.0062 8200  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\WINDOWS\SysWOW64\riched20.dll
15:34:30.0062 8200  C:\WINDOWS\SysWOW64\riched20.dll - ok
15:34:30.0063 8200  [ B9CE8CF2FF2D5EAFFDBAA340E7B385A5 ] C:\WINDOWS\System32\iscsicpl.dll
15:34:30.0063 8200  C:\WINDOWS\System32\iscsicpl.dll - ok
15:34:30.0063 8200  [ B620B5C5C8E0D8A1121189692F24A4AF ] C:\Program Files (x86)\ARO 2013\ARO.exe
15:34:30.0063 8200  C:\Program Files (x86)\ARO 2013\ARO.exe - ok
15:34:30.0064 8200  [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\WINDOWS\System32\MdSched.exe
15:34:30.0064 8200  C:\WINDOWS\System32\MdSched.exe - ok
15:34:30.0065 8200  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\WINDOWS\SysWOW64\ExplorerFrame.dll
15:34:30.0065 8200  C:\WINDOWS\SysWOW64\ExplorerFrame.dll - ok
15:34:30.0066 8200  [ 6EF85B446F2CBFF39638FC5EFFA164FE ] C:\WINDOWS\System32\igfxsrvc.dll
15:34:30.0066 8200  C:\WINDOWS\System32\igfxsrvc.dll - ok
15:34:30.0067 8200  [ 3484F4928DA8482BE8BB59C2AE0A30A5 ] C:\ProgramData\Macrovision\FLEXnet Connect\11\agent.exe
15:34:30.0067 8200  C:\ProgramData\Macrovision\FLEXnet Connect\11\agent.exe - ok
15:34:30.0068 8200  [ 1473768973453DE50DC738C2955FC4DD ] C:\WINDOWS\System32\wdmaud.drv
15:34:30.0068 8200  C:\WINDOWS\System32\wdmaud.drv - ok
15:34:30.0069 8200  [ 51DFD047512A99313536444A07776B3E ] C:\WINDOWS\System32\igfxdev.dll
15:34:30.0069 8200  C:\WINDOWS\System32\igfxdev.dll - ok
15:34:30.0069 8200  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\WINDOWS\System32\DXP.dll
15:34:30.0070 8200  C:\WINDOWS\System32\DXP.dll - ok
15:34:30.0070 8200  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\WINDOWS\System32\Syncreg.dll
15:34:30.0070 8200  C:\WINDOWS\System32\Syncreg.dll - ok
15:34:30.0071 8200  [ 8AFB0A60FA17955E40FD3CCE9BBAC8BE ] C:\WINDOWS\System32\igfxrenu.lrc
15:34:30.0071 8200  C:\WINDOWS\System32\igfxrenu.lrc - ok
15:34:30.0072 8200  [ C836175870E00ACC546066632E15BD10 ] C:\WINDOWS\ehome\ehSSO.dll
15:34:30.0072 8200  C:\WINDOWS\ehome\ehSSO.dll - ok
15:34:30.0073 8200  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\WINDOWS\SysWOW64\duser.dll
15:34:30.0073 8200  C:\WINDOWS\SysWOW64\duser.dll - ok
15:34:30.0074 8200  [ 18D649E5ADE6C384300D7D1293E95698 ] C:\WINDOWS\System32\igfxress.dll
15:34:30.0074 8200  C:\WINDOWS\System32\igfxress.dll - ok
15:34:30.0076 8200  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\WINDOWS\SysWOW64\sxs.dll
15:34:30.0077 8200  C:\WINDOWS\SysWOW64\sxs.dll - ok
15:34:30.0077 8200  [ EE06B85BC69F18826302348A2AD089E0 ] C:\WINDOWS\SysWOW64\dui70.dll
15:34:30.0077 8200  C:\WINDOWS\SysWOW64\dui70.dll - ok
15:34:30.0078 8200  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\WINDOWS\System32\WPDShServiceObj.dll
15:34:30.0078 8200  C:\WINDOWS\System32\WPDShServiceObj.dll - ok
15:34:30.0079 8200  [ 8E9758CC0F272009BA08216F8C47DC8F ] C:\Program Files (x86)\ARO 2013\sqlite3.dll
15:34:30.0079 8200  C:\Program Files (x86)\ARO 2013\sqlite3.dll - ok
15:34:30.0080 8200  [ 1F5A26DF97C33CD24A8ED4D4A1FF1348 ] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
15:34:30.0080 8200  C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe - ok
15:34:30.0081 8200  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\WINDOWS\System32\FXSST.dll
15:34:30.0081 8200  C:\WINDOWS\System32\FXSST.dll - ok
15:34:30.0081 8200  [ 537E98480B7945FB145B91482D59473A ] C:\WINDOWS\System32\igdumd64.dll
15:34:30.0082 8200  C:\WINDOWS\System32\igdumd64.dll - ok
15:34:30.0082 8200  [ 650CAEA856943E29F25A25D31E004B18 ] C:\WINDOWS\System32\FXSAPI.dll
15:34:30.0082 8200  C:\WINDOWS\System32\FXSAPI.dll - ok
15:34:30.0083 8200  [ 80B62FF105908EC9E4B072AFB1CFC824 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
15:34:30.0083 8200  C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe - ok
15:34:30.0084 8200  [ 80E69585023A52F3CC5DAF2ABCE5E17E ] C:\Program Files\Dell\DellDock\DellDock.exe
15:34:30.0084 8200  C:\Program Files\Dell\DellDock\DellDock.exe - ok
15:34:30.0085 8200  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\WINDOWS\System32\PortableDeviceTypes.dll
15:34:30.0085 8200  C:\WINDOWS\System32\PortableDeviceTypes.dll - ok
15:34:30.0085 8200  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\WINDOWS\SysWOW64\oledlg.dll
15:34:30.0086 8200  C:\WINDOWS\SysWOW64\oledlg.dll - ok
15:34:30.0086 8200  [ 198552AEFECA69D646867EC8D792DE95 ] C:\WINDOWS\SysWOW64\ddraw.dll
15:34:30.0086 8200  C:\WINDOWS\SysWOW64\ddraw.dll - ok
15:34:30.0087 8200  [ 9E60922B6F9D810C757D0991E54D3281 ] C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe
15:34:30.0087 8200  C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe - ok
15:34:30.0088 8200  [ 8569E35D00F45972E506502EEE622BA4 ] C:\WINDOWS\System32\srchadmin.dll
15:34:30.0088 8200  C:\WINDOWS\System32\srchadmin.dll - ok
15:34:30.0090 8200  [ DE038C40F3033EDA732655FA42DCBD18 ] C:\WINDOWS\System32\filemgmt.dll
15:34:30.0090 8200  C:\WINDOWS\System32\filemgmt.dll - ok
15:34:30.0091 8200  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\WINDOWS\System32\mscoree.dll
15:34:30.0091 8200  C:\WINDOWS\System32\mscoree.dll - ok
15:34:30.0092 8200  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\WINDOWS\System32\FXSSVC.exe
15:34:30.0092 8200  C:\WINDOWS\System32\FXSSVC.exe - ok
15:34:30.0092 8200  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:34:30.0093 8200  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
15:34:30.0093 8200  [ 50F9394F53CF8015C703EBD2EF3BABC6 ] C:\WINDOWS\System32\LocationApi.dll
15:34:30.0093 8200  C:\WINDOWS\System32\LocationApi.dll - ok
15:34:30.0094 8200  [ A16BD962B04ED33E2E92CBD4E1D55CE2 ] C:\Program Files (x86)\ARO 2013\xmllite.dll
15:34:30.0094 8200  C:\Program Files (x86)\ARO 2013\xmllite.dll - ok
15:34:30.0095 8200  [ E19D102BAF266F34592F7C742FBFA886 ] C:\WINDOWS\System32\msconfig.exe
15:34:30.0095 8200  C:\WINDOWS\System32\msconfig.exe - ok
15:34:30.0096 8200  [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\WINDOWS\SysWOW64\dciman32.dll
15:34:30.0096 8200  C:\WINDOWS\SysWOW64\dciman32.dll - ok
15:34:30.0097 8200  [ 19003139C6AD35E51327FF2C8370E813 ] C:\WINDOWS\SysWOW64\mshtml.dll
15:34:30.0097 8200  C:\WINDOWS\SysWOW64\mshtml.dll - ok
15:34:30.0097 8200  [ 9111354A308612483F8DA995A1DD1835 ] C:\WINDOWS\System32\SensorsApi.dll
15:34:30.0098 8200  C:\WINDOWS\System32\SensorsApi.dll - ok
15:34:30.0098 8200  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\WINDOWS\System32\msacm32.drv
15:34:30.0099 8200  C:\WINDOWS\System32\msacm32.drv - ok
15:34:30.0099 8200  [ CA2A0750ED830678997695FF61B04C30 ] C:\WINDOWS\System32\midimap.dll
15:34:30.0100 8200  C:\WINDOWS\System32\midimap.dll - ok
15:34:30.0100 8200  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\WINDOWS\System32\msacm32.dll
15:34:30.0101 8200  C:\WINDOWS\System32\msacm32.dll - ok
15:34:30.0101 8200  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\WINDOWS\SysWOW64\d3d9.dll
15:34:30.0102 8200  C:\WINDOWS\SysWOW64\d3d9.dll - ok
15:34:30.0102 8200  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\WINDOWS\System32\AltTab.dll
15:34:30.0103 8200  C:\WINDOWS\System32\AltTab.dll - ok
15:34:30.0103 8200  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\WINDOWS\System32\pnidui.dll
15:34:30.0103 8200  C:\WINDOWS\System32\pnidui.dll - ok
15:34:30.0104 8200  [ A0A42BB19E085F4B3367F5057307C194 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll
15:34:30.0104 8200  C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll - ok
15:34:30.0106 8200  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
15:34:30.0106 8200  C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
15:34:30.0107 8200  [ 77B1471A490B53B24EFE136F09F76550 ] C:\WINDOWS\SysWOW64\d3d8thk.dll
15:34:30.0107 8200  C:\WINDOWS\SysWOW64\d3d8thk.dll - ok
15:34:30.0108 8200  [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files (x86)\CyberLink\PowerDVD DX\MFC71.dll
15:34:30.0108 8200  C:\Program Files (x86)\CyberLink\PowerDVD DX\MFC71.dll - ok
15:34:30.0109 8200  [ D458B563613E898EE7C627359AF5973D ] C:\WINDOWS\SysWOW64\Nlsdl.dll
15:34:30.0109 8200  C:\WINDOWS\SysWOW64\Nlsdl.dll - ok
15:34:30.0109 8200  [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\WINDOWS\System32\d3d9.dll
15:34:30.0109 8200  C:\WINDOWS\System32\d3d9.dll - ok
15:34:30.0110 8200  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\CyberLink\PowerDVD DX\msvcr71.dll
15:34:30.0110 8200  C:\Program Files (x86)\CyberLink\PowerDVD DX\msvcr71.dll - ok
15:34:30.0111 8200  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files (x86)\CyberLink\PowerDVD DX\msvcp71.dll
15:34:30.0111 8200  C:\Program Files (x86)\CyberLink\PowerDVD DX\msvcp71.dll - ok
15:34:30.0112 8200  [ E748D0B8F4060F4F7A7ABB705E289890 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll
15:34:30.0112 8200  C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll - ok
15:34:30.0112 8200  [ 26025A46FB3FDB40FF06BBF1834093B5 ] C:\WINDOWS\SysWOW64\msls31.dll
15:34:30.0112 8200  C:\WINDOWS\SysWOW64\msls31.dll - ok
15:34:30.0113 8200  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\WINDOWS\SysWOW64\shfolder.dll
15:34:30.0113 8200  C:\WINDOWS\SysWOW64\shfolder.dll - ok
15:34:30.0114 8200  [ 2E76FF14C5987BE45AB65A91332E3C58 ] C:\Program Files\Windows Sidebar\wlsrvc.dll
15:34:30.0114 8200  C:\Program Files\Windows Sidebar\wlsrvc.dll - ok
15:34:30.0115 8200  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\WINDOWS\System32\d3d8thk.dll
15:34:30.0115 8200  C:\WINDOWS\System32\d3d8thk.dll - ok
15:34:30.0115 8200  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\WINDOWS\System32\QUTIL.DLL
15:34:30.0115 8200  C:\WINDOWS\System32\QUTIL.DLL - ok
15:34:30.0116 8200  [ 82A4EC6F52B6A16A5227884480A9AFC7 ] C:\Program Files (x86)\ARO 2013\AROSS.dll
15:34:30.0116 8200  C:\Program Files (x86)\ARO 2013\AROSS.dll - ok
15:34:30.0117 8200  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\WINDOWS\System32\gameux.dll
15:34:30.0117 8200  C:\WINDOWS\System32\gameux.dll - ok
15:34:30.0118 8200  [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
15:34:30.0118 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
15:34:30.0119 8200  [ AA7AF619E26F44DD94C23B35EC8FE7F2 ] C:\WINDOWS\SysWOW64\igdumdx32.dll
15:34:30.0119 8200  C:\WINDOWS\SysWOW64\igdumdx32.dll - ok
15:34:30.0120 8200  [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
15:34:30.0120 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
15:34:30.0121 8200  [ DC5ECEA062C0633346B6D199FA2B578D ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
15:34:30.0121 8200  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
15:34:30.0122 8200  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\WINDOWS\System32\bthprops.cpl
15:34:30.0122 8200  C:\WINDOWS\System32\bthprops.cpl - ok
15:34:30.0123 8200  [ F113DDD4F264A8756DB36862CC3CACF3 ] C:\WINDOWS\SysWOW64\igdumd32.dll
15:34:30.0123 8200  C:\WINDOWS\SysWOW64\igdumd32.dll - ok
15:34:30.0124 8200  [ E7B1B5D5A1D1E4C77AE995D725A1FEE5 ] C:\WINDOWS\System32\sdcpl.dll
15:34:30.0124 8200  C:\WINDOWS\System32\sdcpl.dll - ok
15:34:30.0125 8200  [ F3B306179F1840C0813DC6771B018358 ] C:\WINDOWS\System32\recdisc.exe
15:34:30.0125 8200  C:\WINDOWS\System32\recdisc.exe - ok
15:34:30.0125 8200  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\WINDOWS\System32\tquery.dll
15:34:30.0126 8200  C:\WINDOWS\System32\tquery.dll - ok
15:34:30.0126 8200  [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
15:34:30.0127 8200  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
15:34:30.0127 8200  [ E79DF53BAD587E24B3CF965A5746C7B6 ] C:\WINDOWS\System32\msra.exe
15:34:30.0127 8200  C:\WINDOWS\System32\msra.exe - ok
15:34:30.0128 8200  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\WINDOWS\SysWOW64\powrprof.dll
15:34:30.0128 8200  C:\WINDOWS\SysWOW64\powrprof.dll - ok
15:34:30.0129 8200  [ 8D17F8532958E0AC4A32B0E7E3C94EF2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
15:34:30.0129 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll - ok
15:34:30.0130 8200  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\WINDOWS\System32\mssrch.dll
15:34:30.0130 8200  C:\WINDOWS\System32\mssrch.dll - ok
15:34:30.0131 8200  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\WINDOWS\SysWOW64\msvcp100.dll
15:34:30.0131 8200  C:\WINDOWS\SysWOW64\msvcp100.dll - ok
15:34:30.0132 8200  [ 1C770610954E0A93C185E310DCA660ED ] C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll
15:34:30.0132 8200  C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll - ok
15:34:30.0133 8200  [ 756FD9B1415A9BD05293FE07FA9F098B ] C:\PROGRA~2\WIC4A1~1\Mesh\WLSYNC~3.DLL
15:34:30.0133 8200  C:\PROGRA~2\WIC4A1~1\Mesh\WLSYNC~3.DLL - ok
15:34:30.0134 8200  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\WINDOWS\System32\msidle.dll
15:34:30.0134 8200  C:\WINDOWS\System32\msidle.dll - ok
15:34:30.0135 8200  [ D2155709E336C3BC15729EB87FEC6064 ] C:\WINDOWS\System32\rasdlg.dll
15:34:30.0136 8200  C:\WINDOWS\System32\rasdlg.dll - ok
15:34:30.0138 8200  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\WINDOWS\SysWOW64\msvcr100.dll
15:34:30.0138 8200  C:\WINDOWS\SysWOW64\msvcr100.dll - ok
15:34:30.0139 8200  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\WINDOWS\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
15:34:30.0139 8200  C:\WINDOWS\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
15:34:30.0139 8200  [ BF7DDBE14FA4B68AAB6A3C78EF5C96B8 ] C:\WINDOWS\SysWOW64\inetmib1.dll
15:34:30.0140 8200  C:\WINDOWS\SysWOW64\inetmib1.dll - ok
15:34:30.0141 8200  [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\WINDOWS\SysWOW64\snmpapi.dll
15:34:30.0141 8200  C:\WINDOWS\SysWOW64\snmpapi.dll - ok
15:34:30.0142 8200  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\WINDOWS\System32\mssprxy.dll
15:34:30.0142 8200  C:\WINDOWS\System32\mssprxy.dll - ok
15:34:30.0143 8200  [ CD5F3C76EA705EA436DE5B53A4C1EF7C ] C:\Program Files (x86)\ARO 2013\soref.dll
15:34:30.0143 8200  C:\Program Files (x86)\ARO 2013\soref.dll - ok
15:34:30.0144 8200  [ C3327D6E00DA58567E1585DDA25745CF ] C:\Program Files (x86)\ARO 2013\update.dll
15:34:30.0145 8200  C:\Program Files (x86)\ARO 2013\update.dll - ok
15:34:30.0146 8200  [ 809A3B17E0785B3BC7CA1A4C0F3EF27A ] C:\PROGRA~2\WIC4A1~1\Writer\WI68BE~1.DLL
15:34:30.0146 8200  C:\PROGRA~2\WIC4A1~1\Writer\WI68BE~1.DLL - ok
15:34:30.0147 8200  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\WINDOWS\SysWOW64\msxml3.dll
15:34:30.0147 8200  C:\WINDOWS\SysWOW64\msxml3.dll - ok
15:34:30.0148 8200  [ BE210318FA6DA2A862BD41EA87E8CBE6 ] C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
15:34:30.0148 8200  C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
15:34:30.0149 8200  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\WINDOWS\System32\dot3api.dll
15:34:30.0150 8200  C:\WINDOWS\System32\dot3api.dll - ok
15:34:30.0150 8200  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\WINDOWS\System32\wlanhlp.dll
15:34:30.0151 8200  C:\WINDOWS\System32\wlanhlp.dll - ok
15:34:30.0151 8200  [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
15:34:30.0152 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
15:34:30.0152 8200  [ 357BE883C5236BFC7341CB9E82308908 ] C:\WINDOWS\System32\wlanapi.dll
15:34:30.0152 8200  C:\WINDOWS\System32\wlanapi.dll - ok
15:34:30.0155 8200  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\WINDOWS\System32\en-US\tquery.dll.mui
15:34:30.0155 8200  C:\WINDOWS\System32\en-US\tquery.dll.mui - ok
15:34:30.0158 8200  [ 36010F875E8AAE70646186EB8D7C78ED ] C:\Program Files (x86)\Absolute Software\Absolute Notifier\Com.Absolute.Common.Agent.dll
15:34:30.0159 8200  C:\Program Files (x86)\Absolute Software\Absolute Notifier\Com.Absolute.Common.Agent.dll - ok
15:34:30.0160 8200  [ 95ED57DA07F80EC98D27E64B797E05E9 ] C:\Program Files (x86)\Absolute Software\Absolute Notifier\Agent.dll
15:34:30.0160 8200  C:\Program Files (x86)\Absolute Software\Absolute Notifier\Agent.dll - ok
15:34:30.0161 8200  [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
15:34:30.0162 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
15:34:30.0162 8200  [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\WINDOWS\System32\riched20.dll
15:34:30.0163 8200  C:\WINDOWS\System32\riched20.dll - ok
15:34:30.0163 8200  [ 48EC6869BD139936AF6EBAE4AB13058F ] C:\Program Files (x86)\ARO 2013\SASDetection.dll
15:34:30.0164 8200  C:\Program Files (x86)\ARO 2013\SASDetection.dll - ok
15:34:30.0164 8200  [ DD80D3894F5E1D36864D9727214605CD ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
15:34:30.0165 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll - ok
15:34:30.0166 8200  [ 3F50200237961034FACE602373838980 ] C:\WINDOWS\SysWOW64\FirewallAPI.dll
15:34:30.0166 8200  C:\WINDOWS\SysWOW64\FirewallAPI.dll - ok
15:34:30.0168 8200  [ 69754747274B76E7FAF287239333D7E6 ] C:\WINDOWS\System32\msiltcfg.dll
15:34:30.0168 8200  C:\WINDOWS\System32\msiltcfg.dll - ok
15:34:30.0169 8200  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\WINDOWS\System32\msi.dll
15:34:30.0169 8200  C:\WINDOWS\System32\msi.dll - ok
15:34:30.0170 8200  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\WINDOWS\System32\UIAnimation.dll
15:34:30.0170 8200  C:\WINDOWS\System32\UIAnimation.dll - ok
15:34:30.0172 8200  [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\WINDOWS\SysWOW64\wuapi.dll
15:34:30.0172 8200  C:\WINDOWS\SysWOW64\wuapi.dll - ok
15:34:30.0174 8200  [ 6E3155F216665BD375CBEC37F2C14123 ] C:\WINDOWS\System32\iepeers.dll
15:34:30.0174 8200  C:\WINDOWS\System32\iepeers.dll - ok
15:34:30.0175 8200  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
15:34:30.0176 8200  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
15:34:30.0178 8200  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\WINDOWS\System32\WWanAPI.dll
15:34:30.0178 8200  C:\WINDOWS\System32\WWanAPI.dll - ok
15:34:30.0178 8200  [ 7A6986DD659B96398A11AF5173892715 ] C:\WINDOWS\SysWOW64\cabinet.dll
15:34:30.0179 8200  C:\WINDOWS\SysWOW64\cabinet.dll - ok
15:34:30.0179 8200  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\WINDOWS\System32\wwapi.dll
15:34:30.0179 8200  C:\WINDOWS\System32\wwapi.dll - ok
15:34:30.0180 8200  [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
15:34:30.0180 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
15:34:30.0181 8200  [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\WINDOWS\SysWOW64\wups.dll
15:34:30.0181 8200  C:\WINDOWS\SysWOW64\wups.dll - ok
15:34:30.0182 8200  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\WINDOWS\System32\QAGENT.DLL
15:34:30.0182 8200  C:\WINDOWS\System32\QAGENT.DLL - ok
15:34:30.0182 8200  [ 7717932A16EF13787CA6D639AB3BC73F ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\MyDock.Util\c4da9bf5833ee64ea28ab66fb20f287e\MyDock.Util.ni.dll
15:34:30.0182 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\MyDock.Util\c4da9bf5833ee64ea28ab66fb20f287e\MyDock.Util.ni.dll - ok
15:34:30.0183 8200  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\WINDOWS\SysWOW64\netprofm.dll
15:34:30.0183 8200  C:\WINDOWS\SysWOW64\netprofm.dll - ok
15:34:30.0184 8200  [ 4EC45E3ABA42EA4B3F9E4D85B2AA604D ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\DellDock\1ba15d9114fc166fddb9bcafb6c91c19\DellDock.ni.exe
15:34:30.0184 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\DellDock\1ba15d9114fc166fddb9bcafb6c91c19\DellDock.ni.exe - ok
15:34:30.0185 8200  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
15:34:30.0185 8200  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
15:34:30.0186 8200  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\WINDOWS\SysWOW64\npmproxy.dll
15:34:30.0186 8200  C:\WINDOWS\SysWOW64\npmproxy.dll - ok
15:34:30.0187 8200  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\WINDOWS\SysWOW64\NapiNSP.dll
15:34:30.0187 8200  C:\WINDOWS\SysWOW64\NapiNSP.dll - ok
15:34:30.0187 8200  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\WINDOWS\SysWOW64\pnrpnsp.dll
15:34:30.0187 8200  C:\WINDOWS\SysWOW64\pnrpnsp.dll - ok
15:34:30.0188 8200  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\WINDOWS\SysWOW64\winrnr.dll
15:34:30.0188 8200  C:\WINDOWS\SysWOW64\winrnr.dll - ok
15:34:30.0189 8200  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\WINDOWS\System32\wsock32.dll
15:34:30.0189 8200  C:\WINDOWS\System32\wsock32.dll - ok
15:34:30.0190 8200  [ 50285CF938050C04B264DF5E0A317624 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\2ad4f3f934bdcd3f6764f8c9ee472dc9\VistaBridgeLibrary.ni.dll
15:34:30.0190 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\2ad4f3f934bdcd3f6764f8c9ee472dc9\VistaBridgeLibrary.ni.dll - ok
15:34:30.0191 8200  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\WINDOWS\SysWOW64\mlang.dll
15:34:30.0191 8200  C:\WINDOWS\SysWOW64\mlang.dll - ok
15:34:30.0191 8200  [ 2C1055E2C6D42753241FB2A129136994 ] C:\WINDOWS\System32\drmv2clt.dll
15:34:30.0192 8200  C:\WINDOWS\System32\drmv2clt.dll - ok
15:34:30.0192 8200  [ 423982DD851406A52B6399DDB196C606 ] C:\WINDOWS\System32\wmdrmdev.dll
15:34:30.0192 8200  C:\WINDOWS\System32\wmdrmdev.dll - ok
15:34:30.0193 8200  [ FB6B3A7DFDCFC01CE5AA2C4E00F9478B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\MenuSkinning\dbcfccc340e9eb0d322bc3ef19524096\MenuSkinning.ni.dll
15:34:30.0193 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\MenuSkinning\dbcfccc340e9eb0d322bc3ef19524096\MenuSkinning.ni.dll - ok
15:34:30.0194 8200  [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\WINDOWS\SysWOW64\msimtf.dll
15:34:30.0194 8200  C:\WINDOWS\SysWOW64\msimtf.dll - ok
15:34:30.0195 8200  [ DE77619A32EB97C9ED6BE61A2AB18B07 ] C:\WINDOWS\SysWOW64\jscript.dll
15:34:30.0195 8200  C:\WINDOWS\SysWOW64\jscript.dll - ok
15:34:30.0195 8200  [ 9AF7BCB3A5214C1EDDCFFA9E19732405 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
15:34:30.0195 8200  C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
15:34:30.0197 8200  [ 47B8DEBEC68FACCD026F99CAE8698C93 ] C:\WINDOWS\System32\webcheck.dll
15:34:30.0197 8200  C:\WINDOWS\System32\webcheck.dll - ok
15:34:30.0198 8200  [ A9AE9E65D5041249611D33A0FFDCEA8F ] C:\Program Files\Internet Explorer\ieproxy.dll
15:34:30.0198 8200  C:\Program Files\Internet Explorer\ieproxy.dll - ok
15:34:30.0199 8200  [ 8130391F82D52D36C0441F714136957F ] C:\WINDOWS\System32\imapi2.dll
15:34:30.0200 8200  C:\WINDOWS\System32\imapi2.dll - ok
15:34:30.0200 8200  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\WINDOWS\System32\wmpps.dll
15:34:30.0200 8200  C:\WINDOWS\System32\wmpps.dll - ok
15:34:30.0201 8200  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\WINDOWS\System32\hgcpl.dll
15:34:30.0201 8200  C:\WINDOWS\System32\hgcpl.dll - ok
15:34:30.0202 8200  [ F149E8CAE538DBF7059B00326673F602 ] C:\WINDOWS\System32\wmpmde.dll
15:34:30.0202 8200  C:\WINDOWS\System32\wmpmde.dll - ok
15:34:30.0203 8200  [ 171D7DB433314A868507C4326E8209DC ] C:\WINDOWS\System32\fdWSD.dll
15:34:30.0203 8200  C:\WINDOWS\System32\fdWSD.dll - ok
15:34:30.0204 8200  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\WINDOWS\System32\SearchProtocolHost.exe
15:34:30.0204 8200  C:\WINDOWS\System32\SearchProtocolHost.exe - ok
15:34:30.0205 8200  [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\WINDOWS\System32\fdSSDP.dll
15:34:30.0205 8200  C:\WINDOWS\System32\fdSSDP.dll - ok
15:34:30.0206 8200  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\WINDOWS\System32\fdProxy.dll
15:34:30.0206 8200  C:\WINDOWS\System32\fdProxy.dll - ok
15:34:30.0207 8200  [ 28638660E651578C354BF43CD646EF6D ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
15:34:30.0207 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
15:34:30.0208 8200  [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\WINDOWS\System32\IdListen.dll
15:34:30.0208 8200  C:\WINDOWS\System32\IdListen.dll - ok
15:34:30.0209 8200  [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\WINDOWS\System32\P2P.dll
15:34:30.0209 8200  C:\WINDOWS\System32\P2P.dll - ok
15:34:30.0210 8200  [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\WINDOWS\System32\hgprint.dll
15:34:30.0210 8200  C:\WINDOWS\System32\hgprint.dll - ok
15:34:30.0211 8200  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\WINDOWS\System32\WinSATAPI.dll
15:34:30.0212 8200  C:\WINDOWS\System32\WinSATAPI.dll - ok
15:34:30.0212 8200  [ 41D113966CAFEE905864259B7D4ECD65 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\18f31a371a986b6f6b968530d8b89e25\System.Windows.Forms.ni.dll
15:34:30.0213 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\18f31a371a986b6f6b968530d8b89e25\System.Windows.Forms.ni.dll - ok
15:34:30.0214 8200  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\WINDOWS\System32\msshooks.dll
15:34:30.0214 8200  C:\WINDOWS\System32\msshooks.dll - ok
15:34:30.0217 8200  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\WINDOWS\System32\MSMPEG2ENC.DLL
15:34:30.0217 8200  C:\WINDOWS\System32\MSMPEG2ENC.DLL - ok
15:34:30.0218 8200  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\WINDOWS\System32\devenum.dll
15:34:30.0218 8200  C:\WINDOWS\System32\devenum.dll - ok
15:34:30.0219 8200  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\WINDOWS\SysWOW64\msimg32.dll
15:34:30.0219 8200  C:\WINDOWS\SysWOW64\msimg32.dll - ok
15:34:30.0220 8200  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\WINDOWS\System32\msdmo.dll
15:34:30.0220 8200  C:\WINDOWS\System32\msdmo.dll - ok
15:34:30.0220 8200  [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\WINDOWS\System32\shfolder.dll
15:34:30.0220 8200  C:\WINDOWS\System32\shfolder.dll - ok
15:34:30.0221 8200  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\WINDOWS\System32\SearchFilterHost.exe
15:34:30.0221 8200  C:\WINDOWS\System32\SearchFilterHost.exe - ok
15:34:30.0222 8200  [ D9709FA638B789C1C961F028135CC696 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Configuration\bef0bd98b9d5d323d693a9cda5facdf3\System.Configuration.ni.dll
15:34:30.0222 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Configuration\bef0bd98b9d5d323d693a9cda5facdf3\System.Configuration.ni.dll - ok
15:34:30.0223 8200  [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll
15:34:30.0223 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok
15:34:30.0224 8200  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\WINDOWS\System32\P2PGraph.dll
15:34:30.0224 8200  C:\WINDOWS\System32\P2PGraph.dll - ok
15:34:30.0225 8200  [ 0181B4C10F409299E0D8EE130EF87353 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll
15:34:30.0225 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll - ok
15:34:30.0225 8200  [ 45375DF47ED4D0535739465105AAABE3 ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
15:34:30.0225 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
15:34:30.0226 8200  [ 1B1431D9520C7578AD5633ED2A70625F ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
15:34:30.0226 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
15:34:30.0227 8200  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\WINDOWS\System32\wbem\WmiPrvSE.exe
15:34:30.0227 8200  C:\WINDOWS\System32\wbem\WmiPrvSE.exe - ok
15:34:30.0228 8200  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\WINDOWS\System32\wbem\cimwin32.dll
15:34:30.0228 8200  C:\WINDOWS\System32\wbem\cimwin32.dll - ok
15:34:30.0229 8200  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\WINDOWS\System32\wbem\wmiprov.dll
15:34:30.0230 8200  C:\WINDOWS\System32\wbem\wmiprov.dll - ok
15:34:30.0230 8200  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\WINDOWS\System32\framedynos.dll
15:34:30.0231 8200  C:\WINDOWS\System32\framedynos.dll - ok
15:34:30.0231 8200  [ C00DB14550E4BD49737F311C644E45FF ] C:\WINDOWS\System32\wmi.dll
15:34:30.0232 8200  C:\WINDOWS\System32\wmi.dll - ok
15:34:30.0232 8200  [ A0CAAEA3BBB23D7F86F6E9A084AD445D ] C:\Program Files\Dell\DellDock\MyDockLib.dll
15:34:30.0233 8200  C:\Program Files\Dell\DellDock\MyDockLib.dll - ok
15:34:30.0233 8200  [ D64D99EC088B54FFE8EE67A480386C20 ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
15:34:30.0234 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
15:34:30.0234 8200  [ E2107F227E1C174C20BEB7A51404BBAC ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\csc.exe
15:34:30.0235 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
15:34:30.0235 8200  [ 17ED2224666F6F65F8054D84A3839E71 ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
15:34:30.0236 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
15:34:30.0236 8200  [ EE338F7673C339D5497C97E86D1011A3 ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\alink.dll
15:34:30.0236 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
15:34:30.0237 8200  [ E3A4D59ED585226D381225521BF2A36D ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
15:34:30.0237 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
15:34:30.0238 8200  [ 449F7C92A14B7F50B898FC67202A326C ] C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
15:34:30.0238 8200  C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
15:34:30.0239 8200  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:34:30.0239 8200  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
15:34:30.0240 8200  [ F4B233C49ABD64B98272E4273B1D78B8 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Accessibility\8856f5a897356823c4afd49a886f7c5c\Accessibility.ni.dll
15:34:30.0241 8200  C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Accessibility\8856f5a897356823c4afd49a886f7c5c\Accessibility.ni.dll - ok
15:34:30.0241 8200  [ 71E68F2443A80BD4DA89181889C457EA ] C:\WINDOWS\System32\udhisapi.dll
15:34:30.0242 8200  C:\WINDOWS\System32\udhisapi.dll - ok
15:34:30.0243 8200  [ 5F639198C4137075DA50E61C23963C11 ] C:\WINDOWS\System32\drprov.dll
15:34:30.0243 8200  C:\WINDOWS\System32\drprov.dll - ok
15:34:30.0244 8200  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\WINDOWS\System32\ntlanman.dll
15:34:30.0244 8200  C:\WINDOWS\System32\ntlanman.dll - ok
15:34:30.0245 8200  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\WINDOWS\System32\davclnt.dll
15:34:30.0245 8200  C:\WINDOWS\System32\davclnt.dll - ok
15:34:30.0246 8200  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\WINDOWS\System32\davhlpr.dll
15:34:30.0246 8200  C:\WINDOWS\System32\davhlpr.dll - ok
15:34:30.0247 8200  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
15:34:30.0247 8200  C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll - ok
15:34:30.0248 8200  [ 01073F2BA36792C9BFD1BD622A6247B3 ] C:\WINDOWS\System32\wpccpl.dll
15:34:30.0248 8200  C:\WINDOWS\System32\wpccpl.dll - ok
15:34:30.0249 8200  [ 55EDFADBEFB5B1C28DCE340DDCD2206E ] C:\WINDOWS\System32\powercpl.dll
15:34:30.0249 8200  C:\WINDOWS\System32\powercpl.dll - ok
15:34:30.0251 8200  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:34:30.0251 8200  C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
15:34:30.0252 8200  [ F0112F2DDAC14DFD4B3A69BB0164D005 ] C:\WINDOWS\System32\taskbarcpl.dll
15:34:30.0252 8200  C:\WINDOWS\System32\taskbarcpl.dll - ok
15:34:30.0253 8200  [ F8297797CC1993E25B8967D6032BFB31 ] C:\WINDOWS\System32\Vault.dll
15:34:30.0253 8200  C:\WINDOWS\System32\Vault.dll - ok
15:34:30.0254 8200  [ EC84D7DCAE6AE0FE87EE5D4F0D50DC55 ] C:\WINDOWS\System32\sud.dll
15:34:30.0254 8200  C:\WINDOWS\System32\sud.dll - ok
15:34:30.0255 8200  [ 03E012434BBE2B66D8C56B4A69461615 ] C:\WINDOWS\System32\TSWorkspace.dll
15:34:30.0256 8200  C:\WINDOWS\System32\TSWorkspace.dll - ok
15:34:30.0256 8200  [ 1870ED158D9E2FE8EB4E67917E6BCA71 ] C:\Program Files (x86)\Windows Live\Installer\LangSelectorLang.dll
15:34:30.0257 8200  C:\Program Files (x86)\Windows Live\Installer\LangSelectorLang.dll - ok
15:34:30.0257 8200  [ CB21CD39637AC13F3455454B2F648257 ] C:\WINDOWS\System32\msvcr100_clr0400.dll
15:34:30.0258 8200  C:\WINDOWS\System32\msvcr100_clr0400.dll - ok
15:34:30.0259 8200  [ 6F1AC6100B372F22709B24CFC9E2CC16 ] C:\WINDOWS\System32\FirewallControlPanel.dll
15:34:30.0259 8200  C:\WINDOWS\System32\FirewallControlPanel.dll - ok
15:34:30.0260 8200  [ 6E9BF5A8CD471D66E1154CCB640B0AA0 ] C:\WINDOWS\System32\telephon.cpl
15:34:30.0260 8200  C:\WINDOWS\System32\telephon.cpl - ok
15:34:30.0261 8200  [ D8496D85B7B8A1970ECA70EA5B857536 ] C:\Program Files\Java\jre6\bin\javacpl.exe
15:34:30.0261 8200  C:\Program Files\Java\jre6\bin\javacpl.exe - ok
15:34:30.0262 8200  [ 6A541D3C502BBA311375D1BB370B2BFD ] C:\WINDOWS\System32\Speech\SpeechUX\speechuxcpl.dll
15:34:30.0262 8200  C:\WINDOWS\System32\Speech\SpeechUX\speechuxcpl.dll - ok
15:34:30.0263 8200  [ 887EB84BB2EC3F4C1510C98E8C1ADFC0 ] C:\WINDOWS\System32\usercpl.dll
15:34:30.0263 8200  C:\WINDOWS\System32\usercpl.dll - ok
15:34:30.0264 8200  [ 2C2FBB6DC3CE8FAF4AB2F7C6C5071C4C ] C:\WINDOWS\System32\intl.cpl
15:34:30.0264 8200  C:\WINDOWS\System32\intl.cpl - ok
15:34:30.0265 8200  [ 11AFB3767663997E0CE911CD015599C9 ] C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll
15:34:30.0265 8200  C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll - ok
15:34:30.0266 8200  [ 6E90B7A6C66355AA8DDC5CABF6073DE1 ] C:\WINDOWS\System32\main.cpl
15:34:30.0266 8200  C:\WINDOWS\System32\main.cpl - ok
15:34:30.0267 8200  [ 1EB9CE09181421F2C5951164611170B9 ] C:\WINDOWS\System32\devmgr.dll
15:34:30.0267 8200  C:\WINDOWS\System32\devmgr.dll - ok
15:34:30.0268 8200  [ 9481CE9E51B3CA43FD61894B89ED4CCA ] C:\WINDOWS\System32\icardres.dll
15:34:30.0268 8200  C:\WINDOWS\System32\icardres.dll - ok
15:34:30.0269 8200  [ DC8560036F238C904DC9FBCEA7796D54 ] C:\WINDOWS\System32\PerfCenterCPL.dll
15:34:30.0269 8200  C:\WINDOWS\System32\PerfCenterCPL.dll - ok
15:34:30.0270 8200  [ 587BB0FA7D11F81251539A630C097C8C ] C:\WINDOWS\System32\appwiz.cpl
15:34:30.0270 8200  C:\WINDOWS\System32\appwiz.cpl - ok
15:34:30.0271 8200  [ 56BEB546F3F6EEAAAD5759E0B32E7C58 ] C:\WINDOWS\System32\netcenter.dll
15:34:30.0271 8200  C:\WINDOWS\System32\netcenter.dll - ok
15:34:30.0272 8200  [ 1FB6588DDF991124D49475C99BBC9C5B ] C:\WINDOWS\System32\autoplay.dll
15:34:30.0272 8200  C:\WINDOWS\System32\autoplay.dll - ok
15:34:30.0273 8200  [ FFF95479C7AB1550F0750A5D01744211 ] C:\WINDOWS\System32\drivers\spsys.sys
15:34:30.0273 8200  C:\WINDOWS\System32\drivers\spsys.sys - ok
15:34:30.0274 8200  [ F6F22291024906E43D135A4B1705FEAC ] C:\WINDOWS\System32\sppwinob.dll
15:34:30.0274 8200  C:\WINDOWS\System32\sppwinob.dll - ok
15:34:30.0275 8200  [ 2F6DA6A2C092BC61F0324E3C52935252 ] C:\WINDOWS\System32\recovery.dll
15:34:30.0276 8200  C:\WINDOWS\System32\recovery.dll - ok
15:34:30.0276 8200  [ FA43D418BC945D27D0625B697B8442B5 ] C:\WINDOWS\System32\cabinet.dll
15:34:30.0277 8200  C:\WINDOWS\System32\cabinet.dll - ok
15:34:30.0280 8200  [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\WINDOWS\System32\mspatcha.dll
15:34:30.0280 8200  C:\WINDOWS\System32\mspatcha.dll - ok
15:34:30.0281 8200  [ E746ED90132C6B6313CE9179F56BD31D ] C:\WINDOWS\System32\wups.dll
15:34:30.0281 8200  C:\WINDOWS\System32\wups.dll - ok
15:34:30.0282 8200  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\WINDOWS\System32\wups2.dll
15:34:30.0282 8200  C:\WINDOWS\System32\wups2.dll - ok
15:34:30.0283 8200  [ FCFF56E69B4961BFB2599E14E7EB7FDE ] C:\WINDOWS\System32\inetcpl.cpl
15:34:30.0283 8200  C:\WINDOWS\System32\inetcpl.cpl - ok
15:34:30.0284 8200  [ 1F6DC007EAB7F6911130D729B4739A12 ] C:\WINDOWS\System32\colorcpl.exe
15:34:30.0284 8200  C:\WINDOWS\System32\colorcpl.exe - ok
15:34:30.0285 8200  [ BB074F35B49EB2EA416962B596281E1E ] C:\WINDOWS\System32\systemcpl.dll
15:34:30.0285 8200  C:\WINDOWS\System32\systemcpl.dll - ok
15:34:30.0286 8200  [ 7D067C851FD270E7C3495788AD487CDE ] C:\WINDOWS\System32\ActionCenterCPL.dll
15:34:30.0286 8200  C:\WINDOWS\System32\ActionCenterCPL.dll - ok
15:34:30.0287 8200  [ F0074CEB72EA93608037C98A1F187DB5 ] C:\WINDOWS\System32\Display.dll
15:34:30.0287 8200  C:\WINDOWS\System32\Display.dll - ok
15:34:30.0288 8200  [ DC50B0FE1C3F654AC25B5484BF3A458C ] C:\WINDOWS\System32\DiagCpl.dll
15:34:30.0288 8200  C:\WINDOWS\System32\DiagCpl.dll - ok
15:34:30.0289 8200  [ B3F03B594E7A6353273D43F6E7EA1D25 ] C:\WINDOWS\System32\SensorsCpl.dll
15:34:30.0289 8200  C:\WINDOWS\System32\SensorsCpl.dll - ok
15:34:30.0290 8200  [ CFA6B4D4A70D67C6387C29FA6FD703D0 ] C:\WINDOWS\System32\themecpl.dll
15:34:30.0290 8200  C:\WINDOWS\System32\themecpl.dll - ok
15:34:30.0291 8200  [ 649F5F47EA85C08AEE9353CEEF810233 ] C:\WINDOWS\System32\mmsys.cpl
15:34:30.0291 8200  C:\WINDOWS\System32\mmsys.cpl - ok
15:34:30.0292 8200  [ D558E09CFB4E933F66B8D24178519300 ] C:\WINDOWS\Branding\ShellBrd\shellbrd.dll
15:34:30.0292 8200  C:\WINDOWS\Branding\ShellBrd\shellbrd.dll - ok
15:34:30.0293 8200  [ 2DE8F644428C8A012BDD505282099C3E ] C:\WINDOWS\System32\idtcpl64.cpl
15:34:30.0293 8200  C:\WINDOWS\System32\idtcpl64.cpl - ok
15:34:30.0294 8200  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\WINDOWS\System32\wuapi.dll
15:34:30.0294 8200  C:\WINDOWS\System32\wuapi.dll - ok
15:34:30.0295 8200  [ 9613BEA1E1509884EC472A10858EC61D ] C:\WINDOWS\System32\fontext.dll
15:34:30.0295 8200  C:\WINDOWS\System32\fontext.dll - ok
15:34:30.0296 8200  [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\WINDOWS\System32\sppobjs.dll
15:34:30.0296 8200  C:\WINDOWS\System32\sppobjs.dll - ok
15:34:30.0297 8200  [ ECEC505F96DC60024B5C3384B180D07C ] C:\WINDOWS\System32\osbaseln.dll
15:34:30.0297 8200  C:\WINDOWS\System32\osbaseln.dll - ok
15:34:30.0298 8200  [ 531D105E2377422D986A8F192211AB8F ] C:\Program Files (x86)\Windows Live\Installer\LangSelectorRes.dll
15:34:30.0298 8200  C:\Program Files (x86)\Windows Live\Installer\LangSelectorRes.dll - ok
15:34:30.0299 8200  [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\WINDOWS\SysWOW64\dllhost.exe
15:34:30.0299 8200  C:\WINDOWS\SysWOW64\dllhost.exe - ok
15:34:30.0300 8200  [ 814E524F8154553A4A2A7AA953D4BE67 ] C:\Program Files\Synaptics\SynTP\InstNT.exe
15:34:30.0300 8200  C:\Program Files\Synaptics\SynTP\InstNT.exe - ok
15:34:30.0301 8200  [ E1DCEE9E3EC0522DF24397BE1A64E449 ] C:\WINDOWS\System32\dfshim.dll
15:34:30.0301 8200  C:\WINDOWS\System32\dfshim.dll - ok
15:34:30.0302 8200  [ C1EF4900EAC105E0139764C3E4469061 ] C:\Program Files (x86)\Windows Live\Installer\wlsres.dll
15:34:30.0302 8200  C:\Program Files (x86)\Windows Live\Installer\wlsres.dll - ok
15:34:30.0303 8200  [ D2958325C1AE1AE37A83334C6229E3BC ] C:\WINDOWS\SysWOW64\actxprxy.dll
15:34:30.0303 8200  C:\WINDOWS\SysWOW64\actxprxy.dll - ok
15:34:30.0304 8200  [ 48DB5655861BC5786A8AF75216B40AED ] C:\WINDOWS\System32\igfxcpl.cpl
15:34:30.0304 8200  C:\WINDOWS\System32\igfxcpl.cpl - ok
15:34:30.0305 8200  [ F1C09EE3A594B19DD1F4B4AEA9E353C9 ] C:\WINDOWS\System32\comsvcs.dll
15:34:30.0305 8200  C:\WINDOWS\System32\comsvcs.dll - ok
15:34:30.0306 8200  [ DF50DAE4C547285E4997A0C61063B632 ] C:\WINDOWS\System32\wscui.cpl
15:34:30.0306 8200  C:\WINDOWS\System32\wscui.cpl - ok
15:34:30.0307 8200  [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\WINDOWS\System32\mf.dll
15:34:30.0307 8200  C:\WINDOWS\System32\mf.dll - ok
15:34:30.0308 8200  [ 8D7359CA3CB83492ED8251C0396852D3 ] C:\Program Files (x86)\ARO 2013\unins000.exe
15:34:30.0308 8200  C:\Program Files (x86)\ARO 2013\unins000.exe - ok
15:34:30.0309 8200  [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\WINDOWS\System32\wbem\WMIADAP.exe
15:34:30.0309 8200  C:\WINDOWS\System32\wbem\WMIADAP.exe - ok
15:34:30.0310 8200  [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\WINDOWS\System32\loadperf.dll
15:34:30.0310 8200  C:\WINDOWS\System32\loadperf.dll - ok
15:34:30.0312 8200  [ 0D893F8D145D3B125B0226727C243A69 ] C:\WINDOWS\System32\security.dll
15:34:30.0312 8200  C:\WINDOWS\System32\security.dll - ok
15:34:30.0313 8200  [ 012787CEB35505EB78DF82E0A0072888 ] C:\WINDOWS\System32\browcli.dll
15:34:30.0313 8200  C:\WINDOWS\System32\browcli.dll - ok
15:34:30.0314 8200  [ C4BFE4B61086416B0529212F92BCE081 ] C:\WINDOWS\System32\schedcli.dll
15:34:30.0314 8200  C:\WINDOWS\System32\schedcli.dll - ok
15:34:30.0315 8200  [ 5EA9A0950F322BFA382AF277801C0307 ] C:\WINDOWS\System32\wbem\wmipcima.dll
15:34:30.0315 8200  C:\WINDOWS\System32\wbem\wmipcima.dll - ok
15:34:30.0316 8200  [ B6D6886149573278CBA6ABD44C4317F5 ] C:\WINDOWS\System32\slwga.dll
15:34:30.0316 8200  C:\WINDOWS\System32\slwga.dll - ok
15:34:30.0317 8200  [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\WINDOWS\System32\sppc.dll
15:34:30.0317 8200  C:\WINDOWS\System32\sppc.dll - ok
15:34:30.0318 8200  [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\WINDOWS\System32\wuauclt.exe
15:34:30.0318 8200  C:\WINDOWS\System32\wuauclt.exe - ok
15:34:30.0319 8200  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\WINDOWS\System32\NaturalLanguage6.dll
15:34:30.0319 8200  C:\WINDOWS\System32\NaturalLanguage6.dll - ok
15:34:30.0320 8200  [ 701D9F5F3F21580936638D5C5F86B460 ] C:\WINDOWS\System32\NlsData0009.dll
15:34:30.0320 8200  C:\WINDOWS\System32\NlsData0009.dll - ok
15:34:30.0321 8200  [ 148A733B93A2AC104280495DA09D3CC2 ] C:\WINDOWS\System32\NlsLexicons0009.dll
15:34:30.0321 8200  C:\WINDOWS\System32\NlsLexicons0009.dll - ok
15:34:30.0322 8200  [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\WINDOWS\System32\mssph.dll
15:34:30.0322 8200  C:\WINDOWS\System32\mssph.dll - ok
15:34:30.0323 8200  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\WINDOWS\System32\mapi32.dll
15:34:30.0323 8200  C:\WINDOWS\System32\mapi32.dll - ok
15:34:30.0324 8200  [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\WINDOWS\System32\ELSCore.dll
15:34:30.0324 8200  C:\WINDOWS\System32\ELSCore.dll - ok
15:34:30.0325 8200  [ 12929BDE96189F4E968AD035573424F0 ] C:\WINDOWS\System32\elsTrans.dll
15:34:30.0325 8200  C:\WINDOWS\System32\elsTrans.dll - ok
15:34:30.0326 8200  [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\WINDOWS\System32\elslad.dll
15:34:30.0326 8200  C:\WINDOWS\System32\elslad.dll - ok
15:34:30.0327 8200  [ 534D84434D9DB1D1E1E865F64E52AA8E ] C:\WINDOWS\System32\twext.dll
15:34:30.0327 8200  C:\WINDOWS\System32\twext.dll - ok
15:34:30.0328 8200  [ 6441D2FFB14B613C1D44D709BC7F8FFA ] C:\WINDOWS\System32\sendmail.dll
15:34:30.0328 8200  C:\WINDOWS\System32\sendmail.dll - ok
15:34:30.0329 8200  [ A10B048B681C38E26CA90CD1BC123604 ] C:\WINDOWS\System32\syncui.dll
15:34:30.0330 8200  C:\WINDOWS\System32\syncui.dll - ok
15:34:30.0330 8200  [ 8699D17DFCFCD327784034DB6BD3A422 ] C:\WINDOWS\System32\synceng.dll
15:34:30.0331 8200  C:\WINDOWS\System32\synceng.dll - ok
15:34:30.0331 8200  [ 8B22B0CF8912F810B28AFBFC8B42727F ] C:\WINDOWS\System32\acppage.dll
15:34:30.0331 8200  C:\WINDOWS\System32\acppage.dll - ok
15:34:30.0332 8200  [ BBAAE027C176402E221CADBFCAEB5407 ] C:\WINDOWS\System32\zipfldr.dll
15:34:30.0332 8200  C:\WINDOWS\System32\zipfldr.dll - ok
15:34:30.0333 8200  [ C8994E2703410F8DFE19DE5BF82994C0 ] C:\WINDOWS\System32\mydocs.dll
15:34:30.0333 8200  C:\WINDOWS\System32\mydocs.dll - ok
15:34:30.0334 8200  [ 21B62252D283FBF75A5F67849EBD9B2E ] C:\WINDOWS\System32\WFSR.dll
15:34:30.0334 8200  C:\WINDOWS\System32\WFSR.dll - ok
15:34:30.0334 8200  [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\WINDOWS\System32\wpdshext.dll
15:34:30.0334 8200  C:\WINDOWS\System32\wpdshext.dll - ok
15:34:30.0335 8200  [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\WINDOWS\System32\EhStorAPI.dll
15:34:30.0335 8200  C:\WINDOWS\System32\EhStorAPI.dll - ok
15:34:30.0336 8200  [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\WINDOWS\System32\NlsData0000.dll
15:34:30.0336 8200  C:\WINDOWS\System32\NlsData0000.dll - ok
15:34:30.0337 8200  [ 3E876771ACA0358E6CC5D0D813A4085D ] C:\WINDOWS\System32\NlsData0026.dll
15:34:30.0337 8200  C:\WINDOWS\System32\NlsData0026.dll - ok
15:34:30.0337 8200  [ 925E7FF3C0A2C6BD98892E968F6CB142 ] C:\WINDOWS\System32\NlsLexicons0026.dll
15:34:30.0338 8200  C:\WINDOWS\System32\NlsLexicons0026.dll - ok
15:34:30.0338 8200  [ FF2B106909EED48C536DA04742C0324A ] C:\WINDOWS\System32\Query.dll
15:34:30.0338 8200  C:\WINDOWS\System32\Query.dll - ok
15:34:30.0339 8200  [ 9BDB62D5C4B3AE8807CB61F7503784E7 ] C:\WINDOWS\System32\NlsData0018.dll
15:34:30.0339 8200  C:\WINDOWS\System32\NlsData0018.dll - ok
15:34:30.0340 8200  [ 3A84190D1D472A3BB9CC4AF141326F13 ] C:\WINDOWS\System32\NlsLexicons0018.dll
15:34:30.0340 8200  C:\WINDOWS\System32\NlsLexicons0018.dll - ok
15:34:30.0341 8200  [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\WINDOWS\System32\advpack.dll
15:34:30.0341 8200  C:\WINDOWS\System32\advpack.dll - ok
15:34:30.0342 8200  [ 288ADDED26C80FDC135CAB4340161686 ] C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
15:34:30.0342 8200  C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
15:34:30.0343 8200  [ 6369F960C28A16F4502C480EEDE3652C ] C:\WINDOWS\System32\dpx.dll
15:34:30.0343 8200  C:\WINDOWS\System32\dpx.dll - ok
15:34:30.0344 8200  [ 7957A194B8421BC070FABBF1C55DB68B ] C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
15:34:30.0344 8200  C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
15:34:30.0345 8200  [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
15:34:30.0345 8200  C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
15:34:30.0346 8200  [ FC6C5D860CDB82411DA626821201BDF0 ] C:\WINDOWS\System32\srclient.dll
15:34:30.0346 8200  C:\WINDOWS\System32\srclient.dll - ok
15:34:30.0347 8200  [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\WINDOWS\System32\spp.dll
15:34:30.0347 8200  C:\WINDOWS\System32\spp.dll - ok
15:34:30.0348 8200  [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\WINDOWS\System32\sxsstore.dll
15:34:30.0348 8200  C:\WINDOWS\System32\sxsstore.dll - ok
15:34:30.0349 8200  [ 943F48CC3A59169E52A054946C2F59B8 ] C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
15:34:30.0349 8200  C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
15:34:30.0350 8200  [ F3D202F53A222D5F6944D459B73CF967 ] C:\WINDOWS\System32\fltLib.dll
15:34:30.0350 8200  C:\WINDOWS\System32\fltLib.dll - ok
15:34:30.0351 8200  [ 41DF7355A5A907E2C1D7804EC028965D ] C:\WINDOWS\System32\wermgr.exe
15:34:30.0351 8200  C:\WINDOWS\System32\wermgr.exe - ok
15:34:30.0352 8200  [ 26D652191B51854E66084DDAEE69EC65 ] C:\WINDOWS\System32\verifier.dll
15:34:30.0352 8200  C:\WINDOWS\System32\verifier.dll - ok
15:34:30.0353 8200  [ D485D1BE97777617B186FC8095F58421 ] C:\WINDOWS\servicing\CbsApi.dll
15:34:30.0353 8200  C:\WINDOWS\servicing\CbsApi.dll - ok
15:34:30.0354 8200  [ 9130377F87A2153FEAB900A00EA1EBFF ] C:\WINDOWS\SysWOW64\control.exe
15:34:30.0354 8200  C:\WINDOWS\SysWOW64\control.exe - ok
15:34:30.0356 8200  [ A42FBC61385A5F5F444209EE94D89F27 ] C:\WINDOWS\System32\NlsData0021.dll
15:34:30.0356 8200  C:\WINDOWS\System32\NlsData0021.dll - ok
15:34:30.0357 8200  [ E5283AFD7590ECC37F8D62C4D6F1FB48 ] C:\WINDOWS\System32\NlsLexicons0021.dll
15:34:30.0357 8200  C:\WINDOWS\System32\NlsLexicons0021.dll - ok
15:34:30.0358 8200  [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\WINDOWS\SysWOW64\rundll32.exe
15:34:30.0358 8200  C:\WINDOWS\SysWOW64\rundll32.exe - ok
15:34:30.0359 8200  [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\WINDOWS\AppPatch\AcLayers.dll
15:34:30.0359 8200  C:\WINDOWS\AppPatch\AcLayers.dll - ok
15:34:30.0362 8200  [ BFC68382466436FAE8B7A27966FB98CB ] C:\WINDOWS\AppPatch\acwow64.dll
15:34:30.0362 8200  C:\WINDOWS\AppPatch\acwow64.dll - ok
15:34:30.0363 8200  [ ADE059F2599D02D8A627357D410BF713 ] C:\WINDOWS\System32\networkitemfactory.dll
15:34:30.0363 8200  C:\WINDOWS\System32\networkitemfactory.dll - ok
15:34:30.0364 8200  [ BBDF608C1D964C6C4B8E8CF71059F09E ] C:\WINDOWS\System32\dtsh.dll
15:34:30.0364 8200  C:\WINDOWS\System32\dtsh.dll - ok
15:34:30.0367 8200  [ 45B5032CD23466294C0A381BFC6E8C65 ] C:\WINDOWS\System32\mshta.exe
15:34:30.0367 8200  C:\WINDOWS\System32\mshta.exe - ok
15:34:30.0368 8200  [ 4E81439902079C348B61D7FF027FE147 ] C:\WINDOWS\System32\StructuredQuery.dll
15:34:30.0368 8200  C:\WINDOWS\System32\StructuredQuery.dll - ok
15:34:30.0369 8200  [ E2FE656A79D8F4C4FD70201E7423BDA0 ] C:\WINDOWS\SysWOW64\mshta.exe
15:34:30.0369 8200  C:\WINDOWS\SysWOW64\mshta.exe - ok
15:34:30.0370 8200  [ 93117349047DDB7B3FF24EB006207606 ] C:\WINDOWS\SysWOW64\imgutil.dll
15:34:30.0370 8200  C:\WINDOWS\SysWOW64\imgutil.dll - ok
15:34:30.0371 8200  [ C85E9B1DF4A7E61AF9B02110EABC296D ] C:\WINDOWS\SysWOW64\Macromed\Flash\Flash32_11_7_700_202.ocx
15:34:30.0371 8200  C:\WINDOWS\SysWOW64\Macromed\Flash\Flash32_11_7_700_202.ocx - ok
15:34:30.0372 8200  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\WINDOWS\SysWOW64\winmm.dll
15:34:30.0372 8200  C:\WINDOWS\SysWOW64\winmm.dll - ok
15:34:30.0373 8200  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\WINDOWS\SysWOW64\dsound.dll
15:34:30.0373 8200  C:\WINDOWS\SysWOW64\dsound.dll - ok
15:34:30.0374 8200  [ 7F8678C59F188528D60104E697C2361E ] C:\WINDOWS\SysWOW64\mscms.dll
15:34:30.0374 8200  C:\WINDOWS\SysWOW64\mscms.dll - ok
15:34:30.0375 8200  [ EED5AE4EF38893DD1743A95760C98704 ] C:\WINDOWS\SysWOW64\pngfilt.dll
15:34:30.0375 8200  C:\WINDOWS\SysWOW64\pngfilt.dll - ok
15:34:30.0376 8200  [ FC6DFD7C56915026D86898C26425DEE3 ] C:\Program Files (x86)\IEPro\IEPro.dll
15:34:30.0376 8200  C:\Program Files (x86)\IEPro\IEPro.dll - ok
15:34:30.0377 8200  [ 7B17107D054A88C6D1ECC285B502D2D9 ] C:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
15:34:30.0377 8200  C:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll - ok
15:34:30.0378 8200  [ 103536B4C10D4273115F21805C5AD4B0 ] C:\PROGRA~1\McAfee\MSK\mskapbho.dll
15:34:30.0378 8200  C:\PROGRA~1\McAfee\MSK\mskapbho.dll - ok
15:34:30.0379 8200  [ A9B4DB69B89B9D1EFA9040FB8D4A17BE ] C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
15:34:30.0379 8200  C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll - ok
15:34:30.0380 8200  [ A4AD1AA4C57409480C1D84BBCA6BECF0 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
15:34:30.0380 8200  C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll - ok
15:34:30.0381 8200  [ 28A5E8A652DC15CBA3C9C3D7E9FCEA28 ] C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
15:34:30.0381 8200  C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll - ok
15:34:30.0382 8200  [ CF39A105CD553EED31E2255AFF4C6742 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
15:34:30.0382 8200  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll - ok
15:34:30.0383 8200  [ 20332DBD40EF87E8E83DF54806FFE07C ] C:\Program Files (x86)\IEPro\IEProRecorder.dll
15:34:30.0383 8200  C:\Program Files (x86)\IEPro\IEProRecorder.dll - ok
15:34:30.0384 8200  [ E7D55E121FF1951CB86C7E0DC6A33877 ] C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
15:34:30.0384 8200  C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll - ok
15:34:30.0385 8200  [ F152755F131ADFE452D534F4E9383590 ] C:\WINDOWS\System32\Faultrep.dll
15:34:30.0385 8200  C:\WINDOWS\System32\Faultrep.dll - ok
15:34:30.0386 8200  [ 8784236EED5079493DA9FC95B28B89F8 ] C:\WINDOWS\System32\WerFault.exe
15:34:30.0386 8200  C:\WINDOWS\System32\WerFault.exe - ok
15:34:30.0387 8200  [ 014E2651AB8F437E6A5ED0856401B470 ] C:\PROGRA~2\McAfee\SITEAD~1\x64\McIEPlg.dll
15:34:30.0387 8200  C:\PROGRA~2\McAfee\SITEAD~1\x64\McIEPlg.dll - ok
15:34:30.0390 8200  [ 990EA3103E06D68CE0E755A9C3D70107 ] C:\WINDOWS\System32\dbgeng.dll
15:34:30.0390 8200  C:\WINDOWS\System32\dbgeng.dll - ok
15:34:30.0391 8200  [ 12DE3039ED87AEF27A37A9A8BEED3071 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
15:34:30.0391 8200  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - ok
15:34:30.0392 8200  [ 99B25463CDA1BF355E7D67E00F219716 ] C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
15:34:30.0392 8200  C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll - ok
15:34:30.0393 8200  [ C69667EEB9586828DC55DE02575BB6C7 ] C:\Program Files\Java\jre6\bin\jp2ssv.dll
15:34:30.0393 8200  C:\Program Files\Java\jre6\bin\jp2ssv.dll - ok
15:34:30.0394 8200  [ 78E8580D5C32E9627D1B69761B76ED72 ] C:\Program Files\Dell Support Center\uaclauncher.exe
15:34:30.0394 8200  C:\Program Files\Dell Support Center\uaclauncher.exe - ok
15:34:30.0395 8200  ============================================================
15:34:30.0395 8200  Scan finished
15:34:30.0395 8200  ============================================================
15:34:30.0406 2812  Detected object count: 6
15:34:30.0407 2812  Actual detected object count: 6
15:35:59.0818 2812  AbsoluteNotifier ( UnsignedFile.Multi.Generic ) - skipped by user
15:35:59.0818 2812  AbsoluteNotifier ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:35:59.0818 2812  DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
15:35:59.0818 2812  DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:35:59.0818 2812  MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
15:35:59.0818 2812  MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:35:59.0818 2812  MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
15:35:59.0818 2812  MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:35:59.0828 2812  pcCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:35:59.0828 2812  pcCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:37:01.0475 2812  \Device\Harddisk0\DR0\# - copied to quarantine
15:37:01.0490 2812  \Device\Harddisk0\DR0 - copied to quarantine
15:37:02.0302 2812  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
15:37:03.0596 2812  \Device\Harddisk0\DR0 - ok
15:37:03.0908 2812  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
15:38:46.0038 3344  Deinitialize success
 



#11 CPU8U2

CPU8U2
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 02 June 2013 - 03:10 PM

Just ran RogueKiller, and the computer is still running quickly and the random music still hasn't reappeared. This is the report:

 

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : JJPopsonIV [Admin rights]
Mode : Remove -- Date : 06/02/2013 16:05:12
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[TASK][SUSP PATH] IHUninstallTrackingTASK : CMD /C DEL C:\Users\JJPOPS~1\AppData\Local\Temp\IHUA66B.tmp.exe [x] -> DELETED
[TASK][SUSP PATH] {4A406217-DB51-4AF3-AD7E-B7A1877960D7} : C:\Users\JJPopsonIV\AppData\Roaming\mjusbsp\magicJackLoader.exe  [7] -> DELETED
[TASK][SUSP PATH] {D34C62C6-445A-4E94-9412-BBEDC932B80A} : C:\Users\JJPopsonIV\AppData\Roaming\mjusbsp\magicJackLoader.exe  [7] -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9250315AS +++++
--- User ---
[MBR] a9d24cc24af147429f92da9963e0c465
[BSP] 1db652dbc0982cf5e0dabd7b3d918a01 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_06022013_02d1605.txt >>
RKreport[1]_S_06022013_02d1603.txt ; RKreport[2]_D_06022013_02d1605.txt



#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:18 AM

Posted 02 June 2013 - 03:54 PM


Hello CPU8U2

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


 
Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
CFScriptB-4.gif
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 CPU8U2

CPU8U2
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 02 June 2013 - 04:50 PM

Ran it, and everything seems to be working fine except Windows update keeps malfunctioning. Here's the log:

 

ComboFix 13-06-02.02 - JJPopsonIV 06/02/2013  17:29:32.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3032.1852 [GMT -4:00]
Running from: c:\users\JJPopsonIV\Desktop\ComboFix.exe
Command switches used :: c:\users\JJPopsonIV\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\3199403.exe
C:\6443706.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-02 to 2013-06-02  )))))))))))))))))))))))))))))))
.
.
2013-06-02 21:41 . 2013-06-02 21:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-02 21:15 . 2013-06-02 21:15 -------- d-----w- c:\windows\CheckSur
2013-06-02 19:35 . 2013-06-02 19:36 -------- d-----w- C:\TDSSKiller_Quarantine
2013-06-02 06:46 . 2013-06-02 06:46 -------- d-----w- c:\windows\ERUNT
2013-06-02 06:46 . 2013-06-02 06:46 -------- d-----w- C:\JRT
2013-05-30 17:26 . 2013-05-30 17:26 -------- d-----w- c:\users\JJPopsonIV\AppData\Roaming\Sammsoft
2013-05-29 18:53 . 2013-05-29 18:53 -------- d-----w- c:\users\JJPopsonIV\AppData\Local\Programs
2013-05-28 21:47 . 2013-05-28 21:47 -------- d-sh--w- C:\$$PendingFiles
2013-05-21 17:27 . 2013-05-29 04:16 -------- d-----w- c:\program files\My Dell
2013-05-14 23:03 . 2013-04-10 05:51 1111040 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-05-14 21:18 . 2013-05-14 22:52 -------- d-----w- C:\rei
2013-05-14 21:18 . 2013-05-14 21:18 -------- d-----w- c:\program files\Reimage
2013-05-14 16:54 . 2013-05-14 16:54 -------- d-----w- C:\WINSSLog
2013-05-14 15:05 . 2013-05-14 16:38 -------- d-----w- C:\MATS
2013-05-14 14:44 . 2013-05-14 15:31 -------- d-----w- c:\users\Guest
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-08 17:07 . 2013-05-14 15:30 -------- d-----w- c:\program files (x86)\Photo Viewer
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 15:32 . 2011-08-05 07:43 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 04:51 . 2010-01-19 17:17 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-14 23:40 . 2012-03-30 04:17 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 23:40 . 2011-08-14 22:07 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-02 15:29 . 2010-06-06 19:49 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-14 23:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-14 23:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-14 23:04 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-14 23:04 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-14 23:04 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 23:04 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-23 19:54 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-02 17:16 . 2013-01-15 19:02 236248 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2013-03-19 06:04 . 2013-04-10 18:07 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 18:07 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 18:07 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 18:07 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 18:07 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 18:07 112640 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"cdloader"="c:\users\JJPopsonIV\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [BU]
"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\JJPopsonIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 RapportKE64;RapportKE64;c:\windows\system32\Drivers\RapportKE64.sys [2013-04-02 236248]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 RapportCerberus_51755;RapportCerberus_51755;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_51755.sys [2013-04-22 586072]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-04-02 228600]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-04-02 357272]
S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-03 89600]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 pcCMService64;pcCMService64;c:\program files\Common Files\Motive\pcCMService.exe [2012-06-18 441344]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-04-02 1124184]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 23:40]
.
2013-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 02:21]
.
2013-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 02:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-26 487424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1276563885&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: $talisma_url$
Trusted Zone: internet
Trusted Zone: magicjack.com\data
Trusted Zone: magicjack.com\my
Trusted Zone: mcafee.com
Trusted Zone: talk4free.com
Trusted Zone: talk4free.com\reg
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\35C65656070294E6E6026202355796475637: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\46C696E6B6: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\A4A405F40535F4E49465D20534F5E4564777F627B6: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C74536EB-4CC4-4087-804D-B7519D0DC9C0}\D4F64756C60263: NameServer = 8.8.8.8,8.8.4.4
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AROReminder - c:\program files (x86)\ARO 2013\ARO.exe
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
SafeBoot-12832745.sys
SafeBoot-48456016.sys
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-ARO 2013_is1 - c:\program files (x86)\ARO 2013\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-02  17:45:21
ComboFix-quarantined-files.txt  2013-06-02 21:45
ComboFix2.txt  2013-06-02 09:14
ComboFix3.txt  2013-05-30 00:41
.
Pre-Run: 179,149,045,760 bytes free
Post-Run: 178,866,311,168 bytes free
.
- - End Of File - - B88E2E881545DAF356B35196DF6C937D
 


Edited by CPU8U2, 02 June 2013 - 05:03 PM.


#14 CPU8U2

CPU8U2
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 02 June 2013 - 08:17 PM

Windows update is still malfunctioning. It keeps alerting me to install the same 2 updates that have already been installed, and trying to manually run Windows Update always returns errors: WindowsUpdate_80073712 and WindowsUpdate_dt000.



#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:18 AM

Posted 02 June 2013 - 09:42 PM

which two updates are giving the trouble


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users