Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dell Inspiron N7010 with Windows 7 Won't Boot, Has Malware [Solved

Started by vveditor , May 22 2013 12:37 PM

  • This topic is locked This topic is locked

#1
vveditor
Posted 22 May 2013 - 12:37 PM

vveditor

    New Member

  • Member
  • Pip
  • 8 posts
Hello I'm having problems with my Dell Inspiron, Windows 7, 64bit. I get a brief flash of the blue screen and then it goes into an endless Startup Repair routine. If I select the Startup Repair, the process runs but finally reports it is not able to fix the problem automatically. When I try to start windows normally, as soon as the windows logo animation appears, a blue screen very briefly flashes (So brief I can't read the message). I tried restoring the system using backup restore points but no luck again.

I followed your preliminary instructions to run AVG Rescue Disc, but that did not work. Again, when I tried to boot it up it went into the Startup Repair loop.

I used the Farbar Tool to scan the computer today and have the scan result available if you want me to post it.

I beleive the problem started after I downloaded Real Player on my computer, not sure though.

I hope someone can help and thank you in advance.
  • 0

Advertisements

#2
emeraldnzl
Posted 22 May 2013 - 03:39 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello vveditor,

Welcome to Geekstogo.

I used the Farbar Tool to scan the computer today and have the scan result available if you want me to post it.


Please copy and paste the log here.
  • 0

#3
vveditor
Posted 22 May 2013 - 03:58 PM

vveditor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I'm attaching it as txt file.Attached File  FRST.txt   29.39KB   252 downloads
  • 0

#4
emeraldnzl
Posted 22 May 2013 - 04:09 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
I have taken the liberty of pasting this in the thread (as I requested at my previous post) it's easier to analyze and this is a teaching site where it helps for the students to see the logs. :)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-05-2013
Ran by SYSTEM on 22-05-2013 15:03:24
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5470208 2009-12-16] (Dell Inc.)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run [x]
HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724536 2012-04-22] (Sony Corporation)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKU\vinod\...\Run: [Google Update] "C:\Users\vinod\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-06-08] (Google Inc.)
HKU\vinod\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\vinod\...\Run: [Facebook Update] "C:\Users\vinod\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-23] (Facebook Inc.)
Startup: C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) =================

S2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [352248 2012-08-03] (Verizon)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
S2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2009-12-16] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S1 gyrxuqxx; \??\C:\Windows\system32\drivers\gyrxuqxx.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\BCM42RLY.sys 5C0F919666954885D7760DFFE4B29A25
C:\Windows\System32\DRIVERS\bcmwl664.sys BAB887A2B2786310A966881F074F4A99
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys F4F91789C7C7A159CE8215C1F69F2A85
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 39918DB0EFCF045A1CE6FABBF339F975
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys F8A10560B35C66F9DE212F03DAD5BFA7
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 162100E0BC8377710F9D170631921C03
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\DRIVERS\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-17 00:49 - 2013-05-17 00:49 - 00000000 ____D C:\FRST
2013-05-14 00:01 - 2013-05-14 05:18 - 00000000 ____D C:\Windows\Microsoft Antimalware
2013-05-07 08:41 - 2013-05-07 08:41 - 00000000 ____D C:\Windows\Sun
2013-05-07 08:31 - 2013-05-07 08:31 - 00000000 ____D C:\Users\vinod\AppData\Roaming\RealNetworks
2013-05-07 08:29 - 2013-05-07 10:21 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-05-07 08:29 - 2013-05-07 08:29 - 00000000 ____D C:\ProgramData\RealNetworks
2013-05-07 08:28 - 2013-05-07 10:21 - 00000000 ____D C:\Program Files (x86)\Real
2013-05-07 08:28 - 2013-05-07 08:30 - 00000000 ____D C:\Users\vinod\AppData\Roaming\Real
2013-05-07 08:27 - 2013-05-07 08:31 - 00000000 ____D C:\ProgramData\Real
2013-05-06 18:50 - 2013-05-06 18:50 - 00000019 ____A C:\Users\vinod\Desktop\hasnain.txt
2013-04-23 12:08 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2013-05-17 00:49 - 2013-05-17 00:49 - 00000000 ____D C:\FRST
2013-05-14 07:30 - 2011-03-07 15:47 - 00000000 ____D C:\Users\vinod\AppData\Roaming\Mozilla
2013-05-14 07:30 - 2011-03-02 14:52 - 00000000 ____D C:\users\vinod
2013-05-14 07:30 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2013-05-14 07:30 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-14 07:30 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-05-14 07:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-05-14 05:18 - 2013-05-14 00:01 - 00000000 ____D C:\Windows\Microsoft Antimalware
2013-05-07 10:21 - 2013-05-07 08:29 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-05-07 10:21 - 2013-05-07 08:28 - 00000000 ____D C:\Program Files (x86)\Real
2013-05-07 08:41 - 2013-05-07 08:41 - 00000000 ____D C:\Windows\Sun
2013-05-07 08:31 - 2013-05-07 08:31 - 00000000 ____D C:\Users\vinod\AppData\Roaming\RealNetworks
2013-05-07 08:31 - 2013-05-07 08:27 - 00000000 ____D C:\ProgramData\Real
2013-05-07 08:30 - 2013-05-07 08:28 - 00000000 ____D C:\Users\vinod\AppData\Roaming\Real
2013-05-07 08:29 - 2013-05-07 08:29 - 00000000 ____D C:\ProgramData\RealNetworks
2013-05-06 18:50 - 2013-05-06 18:50 - 00000019 ____A C:\Users\vinod\Desktop\hasnain.txt
2013-05-03 07:24 - 2011-07-20 17:52 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000UA.job
2013-05-03 07:02 - 2012-07-23 06:57 - 00000928 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000UA.job
2013-05-03 07:02 - 2012-07-23 06:57 - 00000906 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000Core.job
2013-05-03 06:58 - 2011-03-12 15:36 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-03 06:58 - 2009-07-13 21:10 - 01471383 ____A C:\Windows\WindowsUpdate.log
2013-05-02 16:25 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-02 16:11 - 2011-07-20 17:52 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000Core.job
2013-05-02 16:04 - 2011-03-12 15:36 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-02 07:29 - 2011-03-02 15:05 - 00278800 ____A (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-05-01 17:13 - 2012-11-24 05:31 - 00000000 ____D C:\Users\vinod\AppData\Roaming\Dropbox
2013-05-01 04:30 - 2009-07-13 20:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-01 04:30 - 2009-07-13 20:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-01 04:22 - 2012-11-24 05:36 - 00000000 ___RD C:\Users\vinod\Dropbox
2013-05-01 04:21 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-01 04:21 - 2009-07-13 20:51 - 00108914 ____A C:\Windows\setupact.log

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3003383808-1756342594-762847216-1000\$6c5af07b2b511b6d5760ff63cd0faee5

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$6c5af07b2b511b6d5760ff63cd0faee5

Other Malware:
===========
C:\ProgramData\dsgsdgdsgdsgw.bat
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\dsgsdgdsgdsgw.reg
C:\ProgramData\ezsidmv.dat
C:\ProgramData\l_0_00_re.pad
C:\ProgramData\piz_0ef.pad

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-05-03 07:25:55
Restore point made on: 2013-05-05 11:45:50
Restore point made on: 2013-05-06 18:39:01
Restore point made on: 2013-05-11 16:16:36
Restore point made on: 2013-05-11 23:32:01
Restore point made on: 2013-05-12 15:44:21
Restore point made on: 2013-05-13 12:40:48
Restore point made on: 2013-05-13 14:48:36
Restore point made on: 2013-05-13 19:29:58

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=Y:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {b57a6033-4347-11e0-8400-001aa03efc3c}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {b57a6035-4347-11e0-8400-001aa03efc3c}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {b57a6033-4347-11e0-8400-001aa03efc3c}
nx OptIn

Windows Boot Loader
-------------------
identifier {b57a6035-4347-11e0-8400-001aa03efc3c}
device ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{b57a6036-4347-11e0-8400-001aa03efc3c}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{b57a6036-4347-11e0-8400-001aa03efc3c}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {b57a6033-4347-11e0-8400-001aa03efc3c}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
custom:26000022 Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {b57a6036-4347-11e0-8400-001aa03efc3c}
description Ramdisk Options
ramdisksdidevice partition=Y:
ramdisksdipath \Recovery\WindowsRE\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 7988.52 MB
Available physical RAM: 7180.28 MB
Total Pagefile: 7986.67 MB
Available Pagefile: 7177.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:584.92 GB) (Free:204.87 GB) NTFS (Disk=0 Partition=3)
Drive g: () (Removable) (Total:7.48 GB) (Free:6.87 GB) NTFS (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:11.15 GB) (Free:7.43 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive y: detected.

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: D8000000)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=7 GB) - (Type=07 NTFS)


Last Boot: 2013-05-05 15:05

==================== End Of Log ============================
  • 0

#5
vveditor
Posted 22 May 2013 - 04:15 PM

vveditor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
No problem. Thanks for the quick response.
  • 0

#6
emeraldnzl
Posted 22 May 2013 - 04:27 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello vveditor,

Download attached fixlist.txt file on your flashdrive .

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

After that if you can boot normally do this:

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Put a checkmark beside loaded modules.

    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Posted Image

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Finally in this post

Please download this new version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
So when you return please post
  • Fixlog.txt
  • TDSSKiller log
  • FRST.txt

  • 0

#7
vveditor
Posted 22 May 2013 - 05:16 PM

vveditor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Thank you very much. That seems to have worked. I'm attaching the three logs as you wanted. :) What is the next step to make sure this kind of thing doesn't happen again? Your help is greatly appreciated.Attached File  Fixlog.txt   897bytes   244 downloadsAttached File  TDSSKiller.2.8.16.0_22.05.2013_19.49.34_log.txt   424.77KB   230 downloadsAttached File  FRST.txt   42.54KB   227 downloads
  • 0

#8
emeraldnzl
Posted 22 May 2013 - 05:25 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Well actually I wanted them posted in the thread, like this: ;)

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-05-2013
Ran by SYSTEM at 2013-05-22 19:38:37 Run:2
Running from G:\
Boot Mode: Recovery
==============================================

gyrxuqxx => Service deleted successfully.
C:\$Recycle.Bin\S-1-5-21-3003383808-1756342594-762847216-1000\$6c5af07b2b511b6d5760ff63cd0faee5 => Moved successfully.
C:\$Recycle.Bin\S-1-5-18\$6c5af07b2b511b6d5760ff63cd0faee5 => Moved successfully.
C:\ProgramData\dsgsdgdsgdsgw.bat => Moved successfully.
C:\ProgramData\dsgsdgdsgdsgw.pad => Moved successfully.
C:\ProgramData\dsgsdgdsgdsgw.reg => Moved successfully.
C:\ProgramData\ezsidmv.dat => Moved successfully.
C:\ProgramData\l_0_00_re.pad => Moved successfully.
C:\ProgramData\piz_0ef.pad => Moved successfully.

The operation completed successfully.
The operation completed successfully.

==== End of Fixlog ====

19:49:34.0111 3376 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:49:34.0392 3376 ============================================================
19:49:34.0392 3376 Current date / time: 2013/05/22 19:49:34.0392
19:49:34.0392 3376 SystemInfo:
19:49:34.0392 3376
19:49:34.0392 3376 OS Version: 6.1.7601 ServicePack: 1.0
19:49:34.0392 3376 Product type: Workstation
19:49:34.0392 3376 ComputerName: LAPTOP-PC
19:49:34.0392 3376 UserName: vinod
19:49:34.0392 3376 Windows directory: C:\Windows
19:49:34.0392 3376 System windows directory: C:\Windows
19:49:34.0392 3376 Running under WOW64
19:49:34.0392 3376 Processor architecture: Intel x64
19:49:34.0392 3376 Number of processors: 4
19:49:34.0392 3376 Page size: 0x1000
19:49:34.0392 3376 Boot type: Normal boot
19:49:34.0392 3376 ============================================================
19:49:36.0670 3376 BG loaded
19:49:41.0022 3376 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:49:41.0053 3376 Drive \Device\Harddisk2\DR2 - Size: 0x1DEC00000 (7.48 Gb), SectorSize: 0x200, Cylinders: 0x3D0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:49:41.0053 3376 ============================================================
19:49:41.0053 3376 \Device\Harddisk0\DR0:
19:49:41.0053 3376 MBR partitions:
19:49:41.0053 3376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x164D000
19:49:41.0053 3376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1680000, BlocksNum 0x491D7800
19:49:41.0053 3376 \Device\Harddisk2\DR2:
19:49:41.0053 3376 MBR partitions:
19:49:41.0053 3376 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x1F80, BlocksNum 0xEF4080
19:49:41.0053 3376 ============================================================
19:49:41.0163 3376 C: <-> \Device\Harddisk0\DR0\Partition2
19:49:41.0163 3376 ============================================================
19:49:41.0163 3376 Initialize success
19:49:41.0163 3376 ============================================================
19:50:11.0629 1044 ============================================================
19:50:11.0629 1044 Scan started
19:50:11.0629 1044 Mode: Manual; SigCheck; TDLFS;
19:50:11.0629 1044 ============================================================
19:50:16.0762 1044 ================ Scan system memory ========================
19:50:16.0762 1044 System memory - ok
19:50:16.0762 1044 ================ Scan services =============================
19:50:17.0479 1044 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:50:17.0713 1044 1394ohci - ok
19:50:17.0823 1044 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:50:17.0854 1044 ACPI - ok
19:50:17.0932 1044 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:50:18.0103 1044 AcpiPmi - ok
19:50:18.0493 1044 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:50:18.0509 1044 AdobeARMservice - ok
19:50:18.0649 1044 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:50:18.0681 1044 adp94xx - ok
19:50:18.0930 1044 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:50:18.0961 1044 adpahci - ok
19:50:19.0117 1044 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:50:19.0149 1044 adpu320 - ok
19:50:19.0227 1044 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:50:19.0632 1044 AeLookupSvc - ok
19:50:19.0726 1044 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:50:19.0819 1044 AFD - ok
19:50:19.0991 1044 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:50:20.0287 1044 agp440 - ok
19:50:20.0428 1044 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:50:20.0537 1044 ALG - ok
19:50:20.0662 1044 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:50:20.0693 1044 aliide - ok
19:50:20.0709 1044 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:50:20.0724 1044 amdide - ok
19:50:20.0865 1044 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:50:20.0974 1044 AmdK8 - ok
19:50:21.0036 1044 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:50:21.0083 1044 AmdPPM - ok
19:50:21.0177 1044 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:50:21.0208 1044 amdsata - ok
19:50:21.0286 1044 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:50:21.0317 1044 amdsbs - ok
19:50:21.0379 1044 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:50:21.0411 1044 amdxata - ok
19:50:21.0551 1044 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:50:22.0315 1044 AppID - ok
19:50:22.0393 1044 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:50:22.0471 1044 AppIDSvc - ok
19:50:22.0596 1044 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:50:22.0659 1044 Appinfo - ok
19:50:23.0111 1044 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:50:23.0142 1044 Apple Mobile Device - ok
19:50:23.0283 1044 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:50:23.0314 1044 arc - ok
19:50:23.0329 1044 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:50:23.0345 1044 arcsas - ok
19:50:23.0844 1044 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:50:23.0938 1044 aspnet_state - ok
19:50:23.0985 1044 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:50:24.0156 1044 AsyncMac - ok
19:50:24.0187 1044 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:50:24.0203 1044 atapi - ok
19:50:24.0265 1044 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:50:24.0531 1044 AudioEndpointBuilder - ok
19:50:24.0624 1044 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:50:24.0671 1044 AudioSrv - ok
19:50:24.0765 1044 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:50:24.0858 1044 AxInstSV - ok
19:50:25.0014 1044 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:50:25.0155 1044 b06bdrv - ok
19:50:25.0233 1044 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:50:25.0389 1044 b57nd60a - ok
19:50:25.0498 1044 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
19:50:25.0529 1044 BCM42RLY - ok
19:50:25.0903 1044 [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:50:25.0966 1044 BCM43XX - ok
19:50:26.0106 1044 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:50:26.0262 1044 BDESVC - ok
19:50:26.0356 1044 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:50:26.0449 1044 Beep - ok
19:50:26.0668 1044 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:50:26.0746 1044 BFE - ok
19:50:26.0824 1044 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:50:26.0917 1044 BITS - ok
19:50:27.0089 1044 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:50:27.0198 1044 blbdrive - ok
19:50:27.0463 1044 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:50:27.0479 1044 Bonjour Service - ok
19:50:27.0510 1044 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:50:27.0604 1044 bowser - ok
19:50:27.0682 1044 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:50:27.0807 1044 BrFiltLo - ok
19:50:27.0822 1044 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:50:27.0838 1044 BrFiltUp - ok
19:50:27.0916 1044 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:50:28.0025 1044 Browser - ok
19:50:28.0150 1044 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:50:28.0399 1044 Brserid - ok
19:50:28.0493 1044 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:50:28.0789 1044 BrSerWdm - ok
19:50:28.0821 1044 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:50:29.0148 1044 BrUsbMdm - ok
19:50:29.0304 1044 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:50:29.0335 1044 BrUsbSer - ok
19:50:29.0445 1044 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:50:29.0538 1044 BthEnum - ok
19:50:29.0554 1044 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:50:29.0616 1044 BTHMODEM - ok
19:50:29.0663 1044 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:50:29.0866 1044 BthPan - ok
19:50:30.0022 1044 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:50:30.0084 1044 BTHPORT - ok
19:50:30.0115 1044 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:50:30.0521 1044 bthserv - ok
19:50:30.0599 1044 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:50:30.0646 1044 BTHUSB - ok
19:50:30.0677 1044 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:50:31.0005 1044 cdfs - ok
19:50:31.0239 1044 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:50:31.0270 1044 cdrom - ok
19:50:31.0348 1044 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:50:31.0426 1044 CertPropSvc - ok
19:50:31.0504 1044 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:50:31.0582 1044 circlass - ok
19:50:31.0707 1044 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:50:31.0738 1044 CLFS - ok
19:50:31.0863 1044 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:50:31.0878 1044 clr_optimization_v2.0.50727_32 - ok
19:50:31.0987 1044 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:50:32.0003 1044 clr_optimization_v2.0.50727_64 - ok
19:50:32.0237 1044 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:50:32.0643 1044 clr_optimization_v4.0.30319_32 - ok
19:50:32.0674 1044 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:50:32.0845 1044 clr_optimization_v4.0.30319_64 - ok
19:50:32.0970 1044 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:50:33.0111 1044 CmBatt - ok
19:50:33.0142 1044 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:50:33.0142 1044 cmdide - ok
19:50:33.0204 1044 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:50:33.0251 1044 CNG - ok
19:50:33.0313 1044 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:50:33.0329 1044 Compbatt - ok
19:50:33.0423 1044 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:50:33.0454 1044 CompositeBus - ok
19:50:33.0485 1044 COMSysApp - ok
19:50:33.0516 1044 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:50:33.0547 1044 crcdisk - ok
19:50:33.0844 1044 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:50:33.0875 1044 CryptSvc - ok
19:50:34.0078 1044 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:50:34.0140 1044 DcomLaunch - ok
19:50:34.0203 1044 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:50:34.0312 1044 defragsvc - ok
19:50:34.0499 1044 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:50:34.0686 1044 DfsC - ok
19:50:34.0905 1044 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:50:35.0139 1044 Dhcp - ok
19:50:35.0201 1044 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:50:35.0326 1044 discache - ok
19:50:35.0419 1044 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:50:35.0435 1044 Disk - ok
19:50:35.0482 1044 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:50:35.0529 1044 Dnscache - ok
19:50:35.0560 1044 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:50:35.0638 1044 dot3svc - ok
19:50:35.0716 1044 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:50:36.0199 1044 DPS - ok
19:50:36.0246 1044 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:50:36.0277 1044 drmkaud - ok
19:50:36.0371 1044 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:50:36.0387 1044 DXGKrnl - ok
19:50:36.0605 1044 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:50:36.0652 1044 EapHost - ok
19:50:37.0213 1044 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:50:37.0510 1044 ebdrv - ok
19:50:37.0681 1044 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:50:37.0837 1044 EFS - ok
19:50:37.0962 1044 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:50:38.0134 1044 ehRecvr - ok
19:50:38.0212 1044 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:50:38.0337 1044 ehSched - ok
19:50:38.0461 1044 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:50:38.0555 1044 elxstor - ok
19:50:38.0602 1044 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:50:38.0758 1044 ErrDev - ok
19:50:38.0898 1044 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:50:39.0007 1044 EventSystem - ok
19:50:39.0023 1044 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:50:39.0210 1044 exfat - ok
19:50:39.0257 1044 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:50:39.0522 1044 fastfat - ok
19:50:39.0725 1044 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:50:39.0975 1044 Fax - ok
19:50:39.0990 1044 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:50:40.0037 1044 fdc - ok
19:50:40.0193 1044 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:50:40.0443 1044 fdPHost - ok
19:50:40.0474 1044 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:50:40.0505 1044 FDResPub - ok
19:50:40.0552 1044 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:50:40.0567 1044 FileInfo - ok
19:50:40.0614 1044 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:50:40.0739 1044 Filetrace - ok
19:50:40.0770 1044 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:50:40.0786 1044 flpydisk - ok
19:50:41.0082 1044 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:50:41.0098 1044 FltMgr - ok
19:50:41.0503 1044 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
19:50:41.0550 1044 FontCache - ok
19:50:41.0613 1044 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:50:41.0613 1044 FontCache3.0.0.0 - ok
19:50:41.0644 1044 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:50:41.0659 1044 FsDepends - ok
19:50:41.0737 1044 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:50:41.0769 1044 Fs_Rec - ok
19:50:41.0847 1044 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:50:41.0878 1044 fvevol - ok
19:50:41.0925 1044 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:50:41.0940 1044 gagp30kx - ok
19:50:42.0003 1044 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:50:42.0018 1044 GEARAspiWDM - ok
19:50:42.0205 1044 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:50:42.0393 1044 gpsvc - ok
19:50:42.0705 1044 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:50:42.0720 1044 gupdate - ok
19:50:42.0939 1044 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:50:42.0954 1044 gupdatem - ok
19:50:43.0141 1044 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:50:43.0173 1044 gusvc - ok
19:50:43.0235 1044 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:50:43.0344 1044 hcw85cir - ok
19:50:43.0563 1044 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:50:43.0609 1044 HdAudAddService - ok
19:50:43.0843 1044 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:50:43.0875 1044 HDAudBus - ok
19:50:44.0046 1044 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:50:44.0062 1044 HECIx64 - ok
19:50:44.0109 1044 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:50:44.0202 1044 HidBatt - ok
19:50:44.0265 1044 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:50:44.0311 1044 HidBth - ok
19:50:44.0389 1044 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:50:44.0436 1044 HidIr - ok
19:50:44.0452 1044 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:50:44.0545 1044 hidserv - ok
19:50:44.0748 1044 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:50:44.0748 1044 HidUsb - ok
19:50:44.0795 1044 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:50:44.0904 1044 hkmsvc - ok
19:50:44.0967 1044 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:50:45.0076 1044 HomeGroupListener - ok
19:50:45.0107 1044 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:50:45.0185 1044 HomeGroupProvider - ok
19:50:45.0247 1044 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:50:45.0279 1044 HpSAMD - ok
19:50:45.0341 1044 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:50:45.0435 1044 HTTP - ok
19:50:45.0528 1044 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:50:45.0544 1044 hwpolicy - ok
19:50:45.0918 1044 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:50:45.0934 1044 i8042prt - ok
19:50:46.0074 1044 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:50:46.0105 1044 iaStorV - ok
19:50:46.0230 1044 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:50:46.0339 1044 idsvc - ok
19:50:47.0353 1044 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:50:47.0587 1044 igfx - ok
19:50:47.0899 1044 [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
19:50:47.0946 1044 IHA_MessageCenter - ok
19:50:47.0993 1044 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:50:48.0009 1044 iirsp - ok
19:50:48.0071 1044 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:50:48.0211 1044 IKEEXT - ok
19:50:48.0227 1044 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:50:48.0227 1044 intelide - ok
19:50:48.0289 1044 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:50:48.0804 1044 intelppm - ok
19:50:49.0366 1044 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
19:50:49.0366 1044 IntuitUpdateServiceV4 - ok
19:50:49.0459 1044 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:50:49.0537 1044 IPBusEnum - ok
19:50:49.0615 1044 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:50:49.0725 1044 IpFilterDriver - ok
19:50:49.0990 1044 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:50:50.0146 1044 iphlpsvc - ok
19:50:50.0193 1044 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:50:50.0442 1044 IPMIDRV - ok
19:50:50.0505 1044 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:50:50.0692 1044 IPNAT - ok
19:50:51.0066 1044 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:50:51.0097 1044 iPod Service - ok
19:50:51.0129 1044 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:50:51.0253 1044 IRENUM - ok
19:50:51.0347 1044 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:50:51.0363 1044 isapnp - ok
19:50:51.0409 1044 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:50:51.0456 1044 iScsiPrt - ok
19:50:51.0487 1044 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:50:51.0503 1044 kbdclass - ok
19:50:51.0675 1044 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:50:52.0143 1044 kbdhid - ok
19:50:52.0158 1044 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:50:52.0174 1044 KeyIso - ok
19:50:52.0236 1044 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:50:52.0252 1044 KSecDD - ok
19:50:52.0283 1044 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:50:52.0299 1044 KSecPkg - ok
19:50:52.0314 1044 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:50:52.0455 1044 ksthunk - ok
19:50:52.0501 1044 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:50:52.0579 1044 KtmRm - ok
19:50:52.0689 1044 [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
19:50:52.0704 1044 L1C - ok
19:50:53.0032 1044 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:50:53.0235 1044 LanmanServer - ok
19:50:53.0297 1044 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:50:54.0077 1044 LanmanWorkstation - ok
19:50:54.0389 1044 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:50:54.0483 1044 lltdio - ok
19:50:54.0561 1044 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:50:54.0623 1044 lltdsvc - ok
19:50:54.0763 1044 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:50:54.0795 1044 lmhosts - ok
19:50:54.0966 1044 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:50:54.0966 1044 LSI_FC - ok
19:50:55.0060 1044 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:50:55.0075 1044 LSI_SAS - ok
19:50:55.0309 1044 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:50:55.0341 1044 LSI_SAS2 - ok
19:50:55.0387 1044 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:50:55.0403 1044 LSI_SCSI - ok
19:50:55.0465 1044 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:50:55.0606 1044 luafv - ok
19:50:55.0668 1044 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:50:55.0684 1044 Mcx2Svc - ok
19:50:55.0715 1044 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:50:55.0731 1044 megasas - ok
19:50:55.0777 1044 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:50:55.0793 1044 MegaSR - ok
19:50:55.0996 1044 Microsoft SharePoint Workspace Audit Service - ok
19:50:56.0121 1044 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:50:56.0230 1044 MMCSS - ok
19:50:56.0261 1044 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:50:56.0526 1044 Modem - ok
19:50:56.0589 1044 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:50:56.0667 1044 monitor - ok
19:50:56.0776 1044 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:50:56.0791 1044 mouclass - ok
19:50:56.0869 1044 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:50:56.0979 1044 mouhid - ok
19:50:57.0057 1044 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:50:57.0072 1044 mountmgr - ok
19:50:57.0275 1044 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:50:57.0291 1044 MozillaMaintenance - ok
19:50:57.0400 1044 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:50:57.0431 1044 MpFilter - ok
19:50:57.0462 1044 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:50:57.0478 1044 mpio - ok
19:50:57.0525 1044 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:50:57.0883 1044 mpsdrv - ok
19:50:57.0993 1044 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:50:58.0055 1044 MpsSvc - ok
19:50:58.0086 1044 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:50:58.0429 1044 MRxDAV - ok
19:50:58.0476 1044 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:50:58.0585 1044 mrxsmb - ok
19:50:58.0648 1044 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:50:58.0726 1044 mrxsmb10 - ok
19:50:58.0757 1044 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:50:58.0773 1044 mrxsmb20 - ok
19:50:58.0804 1044 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:50:58.0819 1044 msahci - ok
19:50:58.0882 1044 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:50:58.0913 1044 msdsm - ok
19:50:59.0007 1044 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:50:59.0053 1044 MSDTC - ok
19:50:59.0116 1044 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:50:59.0178 1044 Msfs - ok
19:50:59.0209 1044 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:50:59.0241 1044 mshidkmdf - ok
19:50:59.0319 1044 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:50:59.0334 1044 msisadrv - ok
19:50:59.0428 1044 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:50:59.0584 1044 MSiSCSI - ok
19:50:59.0584 1044 msiserver - ok
19:50:59.0865 1044 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:50:59.0958 1044 MSKSSRV - ok
19:51:00.0239 1044 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:51:00.0255 1044 MsMpSvc - ok
19:51:00.0333 1044 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:51:00.0520 1044 MSPCLOCK - ok
19:51:00.0660 1044 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:51:00.0738 1044 MSPQM - ok
19:51:00.0801 1044 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:51:00.0832 1044 MsRPC - ok
19:51:00.0879 1044 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:51:00.0894 1044 mssmbios - ok
19:51:01.0206 1044 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:51:01.0378 1044 MSTEE - ok
19:51:01.0393 1044 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:51:01.0456 1044 MTConfig - ok
19:51:01.0487 1044 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:51:01.0487 1044 Mup - ok
19:51:01.0565 1044 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:51:01.0627 1044 napagent - ok
19:51:01.0721 1044 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:51:01.0846 1044 NativeWifiP - ok
19:51:02.0033 1044 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:51:02.0111 1044 NDIS - ok
19:51:02.0251 1044 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:51:02.0782 1044 NdisCap - ok
19:51:02.0891 1044 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:51:02.0922 1044 NdisTapi - ok
19:51:03.0000 1044 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:51:03.0063 1044 Ndisuio - ok
19:51:03.0094 1044 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:51:03.0281 1044 NdisWan - ok
19:51:03.0359 1044 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:51:03.0468 1044 NDProxy - ok
19:51:03.0749 1044 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:51:03.0905 1044 NetBIOS - ok
19:51:04.0014 1044 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:51:04.0139 1044 NetBT - ok
19:51:04.0170 1044 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:51:04.0186 1044 Netlogon - ok
19:51:04.0560 1044 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:51:04.0654 1044 Netman - ok
19:51:04.0966 1044 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:05.0091 1044 NetMsmqActivator - ok
19:51:05.0247 1044 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:05.0262 1044 NetPipeActivator - ok
19:51:05.0340 1044 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:51:05.0434 1044 netprofm - ok
19:51:05.0496 1044 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:05.0512 1044 NetTcpActivator - ok
19:51:05.0543 1044 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:05.0543 1044 NetTcpPortSharing - ok
19:51:05.0730 1044 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:51:05.0808 1044 nfrd960 - ok
19:51:05.0964 1044 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:51:05.0995 1044 NisDrv - ok
19:51:06.0120 1044 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:51:06.0167 1044 NisSrv - ok
19:51:06.0510 1044 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:51:06.0573 1044 NlaSvc - ok
19:51:06.0760 1044 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:51:07.0618 1044 Npfs - ok
19:51:07.0649 1044 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:51:07.0696 1044 nsi - ok
19:51:07.0711 1044 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:51:07.0899 1044 nsiproxy - ok
19:51:07.0992 1044 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:51:08.0055 1044 Ntfs - ok
19:51:08.0195 1044 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:51:08.0320 1044 Null - ok
19:51:08.0398 1044 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:51:08.0429 1044 nvraid - ok
19:51:08.0460 1044 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:51:08.0476 1044 nvstor - ok
19:51:08.0554 1044 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:51:08.0569 1044 nv_agp - ok
19:51:08.0616 1044 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:51:08.0694 1044 ohci1394 - ok
19:51:08.0819 1044 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:51:08.0850 1044 ose - ok
19:51:09.0474 1044 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:51:09.0849 1044 osppsvc - ok
19:51:09.0895 1044 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:51:10.0145 1044 p2pimsvc - ok
19:51:10.0254 1044 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:51:10.0301 1044 p2psvc - ok
19:51:10.0363 1044 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:51:10.0379 1044 Parport - ok
19:51:10.0410 1044 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:51:10.0441 1044 partmgr - ok
19:51:10.0457 1044 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:51:10.0519 1044 PcaSvc - ok
19:51:10.0566 1044 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:51:10.0582 1044 pci - ok
19:51:10.0613 1044 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:51:10.0629 1044 pciide - ok
19:51:10.0660 1044 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:51:10.0691 1044 pcmcia - ok
19:51:10.0722 1044 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:51:10.0753 1044 pcw - ok
19:51:10.0800 1044 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:51:10.0863 1044 PEAUTH - ok
19:51:11.0019 1044 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:51:11.0128 1044 PerfHost - ok
19:51:11.0409 1044 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:51:11.0596 1044 pla - ok
19:51:11.0643 1044 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:51:11.0752 1044 PlugPlay - ok
19:51:12.0017 1044 [ 3072137896BFCCF4B190D248F583B48E ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
19:51:12.0157 1044 PMBDeviceInfoProvider - ok
19:51:12.0189 1044 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:51:12.0220 1044 PNRPAutoReg - ok
19:51:12.0267 1044 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:51:12.0298 1044 PNRPsvc - ok
19:51:12.0407 1044 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:51:12.0672 1044 PolicyAgent - ok
19:51:12.0735 1044 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:51:12.0859 1044 Power - ok
19:51:13.0031 1044 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:51:13.0078 1044 PptpMiniport - ok
19:51:13.0093 1044 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:51:13.0218 1044 Processor - ok
19:51:13.0405 1044 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:51:13.0437 1044 ProfSvc - ok
19:51:13.0468 1044 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:51:13.0483 1044 ProtectedStorage - ok
19:51:13.0546 1044 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:51:13.0967 1044 Psched - ok
19:51:14.0123 1044 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:51:14.0217 1044 ql2300 - ok
19:51:14.0248 1044 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:51:14.0279 1044 ql40xx - ok
19:51:14.0341 1044 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:51:14.0373 1044 QWAVE - ok
19:51:14.0451 1044 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:51:14.0794 1044 QWAVEdrv - ok
19:51:14.0809 1044 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:51:15.0231 1044 RasAcd - ok
19:51:15.0293 1044 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:51:15.0340 1044 RasAgileVpn - ok
19:51:15.0387 1044 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:51:15.0496 1044 RasAuto - ok
19:51:15.0574 1044 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:51:15.0714 1044 Rasl2tp - ok
19:51:15.0792 1044 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:51:15.0901 1044 RasMan - ok
19:51:15.0979 1044 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:51:16.0073 1044 RasPppoe - ok
19:51:16.0182 1044 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:51:16.0213 1044 RasSstp - ok
19:51:16.0307 1044 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:51:16.0369 1044 rdbss - ok
19:51:16.0401 1044 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:51:16.0947 1044 rdpbus - ok
19:51:17.0056 1044 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:51:17.0103 1044 RDPCDD - ok
19:51:17.0165 1044 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:51:17.0212 1044 RDPENCDD - ok
19:51:17.0337 1044 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:51:17.0415 1044 RDPREFMP - ok
19:51:17.0461 1044 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:51:17.0680 1044 RDPWD - ok
19:51:17.0758 1044 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:51:17.0773 1044 rdyboost - ok
19:51:17.0820 1044 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:51:18.0070 1044 RemoteAccess - ok
19:51:18.0085 1044 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:51:18.0195 1044 RemoteRegistry - ok
19:51:18.0273 1044 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:51:18.0366 1044 RFCOMM - ok
19:51:18.0429 1044 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:51:18.0491 1044 RpcEptMapper - ok
19:51:18.0553 1044 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:51:18.0585 1044 RpcLocator - ok
19:51:18.0756 1044 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:51:18.0803 1044 RpcSs - ok
19:51:18.0897 1044 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:51:19.0006 1044 rspndr - ok
19:51:19.0037 1044 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:51:19.0053 1044 SamSs - ok
19:51:19.0084 1044 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:51:19.0084 1044 sbp2port - ok
19:51:19.0146 1044 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:51:19.0224 1044 SCardSvr - ok
19:51:19.0255 1044 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:51:19.0396 1044 scfilter - ok
19:51:19.0567 1044 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:51:19.0817 1044 Schedule - ok
19:51:19.0864 1044 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:51:19.0973 1044 SCPolicySvc - ok
19:51:20.0004 1044 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:51:20.0051 1044 SDRSVC - ok
19:51:20.0160 1044 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:51:20.0207 1044 secdrv - ok
19:51:20.0254 1044 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:51:20.0301 1044 seclogon - ok
19:51:20.0332 1044 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:51:20.0503 1044 SENS - ok
19:51:20.0550 1044 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:51:20.0659 1044 SensrSvc - ok
19:51:20.0691 1044 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:51:20.0862 1044 Serenum - ok
19:51:21.0018 1044 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:51:21.0034 1044 Serial - ok
19:51:21.0081 1044 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:51:21.0112 1044 sermouse - ok
19:51:21.0174 1044 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:51:21.0377 1044 SessionEnv - ok
19:51:21.0393 1044 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:51:21.0455 1044 sffdisk - ok
19:51:21.0486 1044 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:51:21.0533 1044 sffp_mmc - ok
19:51:21.0564 1044 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:51:21.0580 1044 sffp_sd - ok
19:51:21.0611 1044 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:51:21.0627 1044 sfloppy - ok
19:51:21.0798 1044 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:51:22.0063 1044 SharedAccess - ok
19:51:22.0157 1044 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:51:22.0282 1044 ShellHWDetection - ok
19:51:22.0344 1044 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:51:22.0360 1044 SiSRaid2 - ok
19:51:22.0391 1044 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:51:22.0407 1044 SiSRaid4 - ok
19:51:22.0500 1044 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:51:22.0516 1044 SkypeUpdate - ok
19:51:22.0563 1044 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:51:22.0656 1044 Smb - ok
19:51:22.0750 1044 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:51:22.0968 1044 SNMPTRAP - ok
19:51:22.0999 1044 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:51:23.0015 1044 spldr - ok
19:51:23.0156 1044 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:51:23.0390 1044 Spooler - ok
19:51:23.0687 1044 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:51:23.0890 1044 sppsvc - ok
19:51:23.0936 1044 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:51:24.0046 1044 sppuinotify - ok
19:51:24.0108 1044 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:51:24.0202 1044 srv - ok
19:51:24.0264 1044 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:51:24.0404 1044 srv2 - ok
19:51:24.0420 1044 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:51:24.0467 1044 srvnet - ok
19:51:24.0592 1044 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:51:24.0826 1044 SSDPSRV - ok
19:51:24.0872 1044 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:51:24.0919 1044 SstpSvc - ok
19:51:24.0966 1044 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:51:24.0982 1044 stexstor - ok
19:51:25.0013 1044 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:51:25.0559 1044 stisvc - ok
19:51:25.0590 1044 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:51:25.0606 1044 swenum - ok
19:51:25.0652 1044 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:51:25.0824 1044 swprv - ok
19:51:26.0042 1044 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:51:26.0370 1044 SysMain - ok
19:51:26.0433 1044 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:51:26.0573 1044 TabletInputService - ok
19:51:26.0651 1044 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:51:26.0745 1044 TapiSrv - ok
19:51:26.0807 1044 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:51:26.0854 1044 TBS - ok
19:51:27.0088 1044 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:51:27.0166 1044 Tcpip - ok
19:51:27.0384 1044 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:51:27.0447 1044 TCPIP6 - ok
19:51:27.0493 1044 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:51:27.0509 1044 tcpipreg - ok
19:51:27.0556 1044 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:51:27.0743 1044 TDPIPE - ok
19:51:27.0790 1044 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:51:27.0821 1044 TDTCP - ok
19:51:27.0961 1044 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:51:28.0024 1044 tdx - ok
19:51:28.0071 1044 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:51:28.0086 1044 TermDD - ok
19:51:28.0180 1044 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:51:28.0242 1044 TermService - ok
19:51:28.0305 1044 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:51:28.0383 1044 Themes - ok
19:51:28.0429 1044 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:51:28.0492 1044 THREADORDER - ok
19:51:28.0617 1044 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:51:28.0788 1044 TrkWks - ok
19:51:28.0882 1044 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:51:28.0944 1044 TrustedInstaller - ok
19:51:28.0960 1044 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:51:29.0599 1044 tssecsrv - ok
19:51:29.0677 1044 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:51:29.0709 1044 TsUsbFlt - ok
19:51:29.0865 1044 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:51:29.0989 1044 tunnel - ok
19:51:30.0036 1044 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:51:30.0052 1044 uagp35 - ok
19:51:30.0161 1044 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:51:30.0270 1044 udfs - ok
19:51:30.0286 1044 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:51:30.0301 1044 UI0Detect - ok
19:51:30.0333 1044 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:51:30.0348 1044 uliagpkx - ok
19:51:30.0426 1044 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:51:30.0473 1044 umbus - ok
19:51:30.0567 1044 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:51:30.0598 1044 UmPass - ok
19:51:30.0645 1044 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:51:30.0754 1044 upnphost - ok
19:51:30.0879 1044 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:51:30.0941 1044 USBAAPL64 - ok
19:51:30.0988 1044 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:51:31.0066 1044 usbccgp - ok
19:51:31.0128 1044 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:51:31.0144 1044 usbcir - ok
19:51:31.0159 1044 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:51:31.0222 1044 usbehci - ok
19:51:31.0300 1044 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:51:31.0331 1044 usbhub - ok
19:51:31.0378 1044 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:51:31.0456 1044 usbohci - ok
19:51:31.0503 1044 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:51:31.0581 1044 usbprint - ok
19:51:31.0643 1044 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:51:31.0721 1044 USBSTOR - ok
19:51:31.0737 1044 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:51:31.0799 1044 usbuhci - ok
19:51:31.0893 1044 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:51:31.0924 1044 usbvideo - ok
19:51:31.0955 1044 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:51:32.0080 1044 UxSms - ok
19:51:32.0189 1044 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:51:32.0205 1044 VaultSvc - ok
19:51:32.0298 1044 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:51:32.0314 1044 vdrvroot - ok
19:51:32.0361 1044 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:51:32.0407 1044 vds - ok
19:51:32.0454 1044 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:51:32.0485 1044 vga - ok
19:51:32.0517 1044 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:51:32.0626 1044 VgaSave - ok
19:51:32.0673 1044 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:51:32.0704 1044 vhdmp - ok
19:51:32.0735 1044 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:51:32.0751 1044 viaide - ok
19:51:32.0844 1044 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:51:32.0875 1044 volmgr - ok
19:51:32.0907 1044 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:51:32.0922 1044 volmgrx - ok
19:51:32.0953 1044 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:51:32.0969 1044 volsnap - ok
19:51:33.0016 1044 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:51:33.0031 1044 vsmraid - ok
19:51:33.0094 1044 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:51:33.0250 1044 VSS - ok
19:51:33.0281 1044 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:51:33.0359 1044 vwifibus - ok
19:51:33.0390 1044 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:51:33.0437 1044 vwififlt - ok
19:51:33.0515 1044 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:51:33.0546 1044 vwifimp - ok
19:51:33.0609 1044 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:51:33.0671 1044 W32Time - ok
19:51:33.0718 1044 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:51:33.0780 1044 WacomPen - ok
19:51:33.0905 1044 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:51:34.0030 1044 WANARP - ok
19:51:34.0077 1044 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:51:34.0123 1044 Wanarpv6 - ok
19:51:34.0342 1044 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:51:34.0482 1044 WatAdminSvc - ok
19:51:34.0529 1044 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:51:34.0623 1044 wbengine - ok
19:51:34.0638 1044 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:51:34.0669 1044 WbioSrvc - ok
19:51:34.0732 1044 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:51:34.0810 1044 wcncsvc - ok
19:51:34.0841 1044 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:51:34.0903 1044 WcsPlugInService - ok
19:51:34.0919 1044 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:51:34.0950 1044 Wd - ok
19:51:34.0981 1044 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:51:35.0028 1044 Wdf01000 - ok
19:51:35.0044 1044 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:51:35.0262 1044 WdiServiceHost - ok
19:51:35.0278 1044 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:51:35.0309 1044 WdiSystemHost - ok
19:51:35.0356 1044 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:51:35.0496 1044 WebClient - ok
19:51:35.0559 1044 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:51:35.0668 1044 Wecsvc - ok
19:51:35.0699 1044 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:51:35.0902 1044 wercplsupport - ok
19:51:35.0980 1044 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:51:36.0058 1044 WerSvc - ok
19:51:36.0105 1044 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:51:36.0136 1044 WfpLwf - ok
19:51:36.0526 1044 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:51:36.0541 1044 WIMMount - ok
19:51:36.0557 1044 WinDefend - ok
19:51:36.0573 1044 WinHttpAutoProxySvc - ok
19:51:36.0619 1044 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:51:36.0729 1044 Winmgmt - ok
19:51:37.0025 1044 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:51:37.0103 1044 WinRM - ok
19:51:37.0290 1044 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:51:37.0306 1044 WinUsb - ok
19:51:37.0431 1044 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:51:37.0493 1044 Wlansvc - ok
19:51:37.0743 1044 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:51:37.0789 1044 wlidsvc - ok
19:51:37.0852 1044 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
19:51:37.0899 1044 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
19:51:37.0899 1044 wltrysvc - detected UnsignedFile.Multi.Generic (1)
19:51:37.0961 1044 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:51:37.0977 1044 WmiAcpi - ok
19:51:38.0023 1044 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:51:38.0101 1044 wmiApSrv - ok
19:51:38.0133 1044 WMPNetworkSvc - ok
19:51:38.0179 1044 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:51:38.0211 1044 WPCSvc - ok
19:51:38.0242 1044 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:51:38.0257 1044 WPDBusEnum - ok
19:51:38.0398 1044 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:51:38.0445 1044 ws2ifsl - ok
19:51:38.0491 1044 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:51:38.0569 1044 wscsvc - ok
19:51:38.0569 1044 WSearch - ok
19:51:38.0788 1044 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:51:38.0835 1044 wuauserv - ok
19:51:38.0866 1044 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:51:38.0959 1044 WudfPf - ok
19:51:39.0084 1044 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:51:39.0162 1044 WUDFRd - ok
19:51:39.0225 1044 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:51:39.0256 1044 wudfsvc - ok
19:51:39.0287 1044 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:51:39.0365 1044 WwanSvc - ok
19:51:39.0459 1044 ================ Scan global ===============================
19:51:39.0583 1044 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:51:39.0802 1044 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:51:39.0817 1044 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:51:39.0880 1044 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:51:39.0911 1044 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:51:39.0911 1044 [Global] - ok
19:51:39.0911 1044 ================ Scan MBR ==================================
19:51:39.0927 1044 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:51:40.0551 1044 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:51:40.0551 1044 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:51:40.0551 1044 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:51:41.0237 1044 \Device\Harddisk2\DR2 - ok
19:51:41.0237 1044 ================ Scan VBR ==================================
19:51:41.0299 1044 [ 6977CC4CDF672489E065B22403E9B4D3 ] \Device\Harddisk0\DR0\Partition1
19:51:41.0299 1044 \Device\Harddisk0\DR0\Partition1 - ok
19:51:41.0331 1044 [ 564F71D00EBEBC0F5D52C8844A1BB5A2 ] \Device\Harddisk0\DR0\Partition2
19:51:41.0331 1044 \Device\Harddisk0\DR0\Partition2 - ok
19:51:41.0331 1044 [ 44723EFC236378EDCF3344E4B74B6334 ] \Device\Harddisk2\DR2\Partition1
19:51:41.0331 1044 \Device\Harddisk2\DR2\Partition1 - ok
19:51:41.0346 1044 ================ Scan active images ========================
19:51:41.0346 1044 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
19:51:41.0346 1044 C:\Windows\System32\drivers\crashdmp.sys - ok
19:51:41.0346 1044 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
19:51:41.0346 1044 C:\Windows\System32\drivers\Dumpata.sys - ok
19:51:41.0346 1044 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
19:51:41.0346 1044 C:\Windows\System32\drivers\msahci.sys - ok
19:51:41.0362 1044 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
19:51:41.0362 1044 C:\Windows\System32\drivers\dumpfve.sys - ok
19:51:41.0362 1044 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
19:51:41.0362 1044 C:\Windows\System32\drivers\cdrom.sys - ok
19:51:41.0362 1044 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
19:51:41.0362 1044 C:\Windows\System32\drivers\beep.sys - ok
19:51:41.0362 1044 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
19:51:41.0362 1044 C:\Windows\System32\drivers\null.sys - ok
19:51:41.0377 1044 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
19:51:41.0377 1044 C:\Windows\System32\drivers\vga.sys - ok
19:51:41.0377 1044 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
19:51:41.0377 1044 C:\Windows\System32\drivers\videoprt.sys - ok
19:51:41.0377 1044 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
19:51:41.0377 1044 C:\Windows\System32\drivers\watchdog.sys - ok
19:51:41.0377 1044 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
19:51:41.0377 1044 C:\Windows\System32\drivers\RDPCDD.sys - ok
19:51:41.0393 1044 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
19:51:41.0393 1044 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:51:41.0393 1044 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
19:51:41.0393 1044 C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:51:41.0393 1044 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
19:51:41.0393 1044 C:\Windows\System32\drivers\afd.sys - ok
19:51:41.0393 1044 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
19:51:41.0393 1044 C:\Windows\System32\drivers\msfs.sys - ok
19:51:41.0409 1044 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
19:51:41.0409 1044 C:\Windows\System32\drivers\npfs.sys - ok
19:51:41.0409 1044 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
19:51:41.0409 1044 C:\Windows\System32\drivers\tdi.sys - ok
19:51:41.0409 1044 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
19:51:41.0409 1044 C:\Windows\System32\drivers\tdx.sys - ok
19:51:41.0409 1044 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
19:51:41.0409 1044 C:\Windows\System32\drivers\netbios.sys - ok
19:51:41.0424 1044 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
19:51:41.0424 1044 C:\Windows\System32\drivers\netbt.sys - ok
19:51:41.0424 1044 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
19:51:41.0424 1044 C:\Windows\System32\drivers\pacer.sys - ok
19:51:41.0424 1044 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
19:51:41.0424 1044 C:\Windows\System32\drivers\termdd.sys - ok
19:51:41.0424 1044 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
19:51:41.0424 1044 C:\Windows\System32\drivers\vwififlt.sys - ok
19:51:41.0440 1044 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
19:51:41.0440 1044 C:\Windows\System32\drivers\wanarp.sys - ok
19:51:41.0440 1044 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
19:51:41.0440 1044 C:\Windows\System32\drivers\wfplwf.sys - ok
19:51:41.0440 1044 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
19:51:41.0440 1044 C:\Windows\System32\drivers\blbdrive.sys - ok
19:51:41.0440 1044 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
19:51:41.0440 1044 C:\Windows\System32\drivers\dfsc.sys - ok
19:51:41.0455 1044 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
19:51:41.0455 1044 C:\Windows\System32\drivers\discache.sys - ok
19:51:41.0455 1044 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
19:51:41.0455 1044 C:\Windows\System32\drivers\mssmbios.sys - ok
19:51:41.0455 1044 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
19:51:41.0455 1044 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:51:41.0455 1044 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
19:51:41.0455 1044 C:\Windows\System32\drivers\rdbss.sys - ok
19:51:41.0471 1044 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
19:51:41.0471 1044 C:\Windows\System32\drivers\tunnel.sys - ok
19:51:41.0471 1044 [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
19:51:41.0471 1044 C:\Windows\System32\smss.exe - ok
19:51:41.0471 1044 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
19:51:41.0471 1044 C:\Windows\System32\ntdll.dll - ok
19:51:41.0471 1044 [ F4F91789C7C7A159CE8215C1F69F2A85 ] C:\Windows\System32\drivers\igdkmd64.sys
19:51:41.0471 1044 C:\Windows\System32\drivers\igdkmd64.sys - ok
19:51:41.0471 1044 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
19:51:41.0471 1044 C:\Windows\System32\autochk.exe - ok
19:51:41.0487 1044 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
19:51:41.0487 1044 C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:51:41.0487 1044 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
19:51:41.0487 1044 C:\Windows\System32\drivers\dxgmms1.sys - ok
19:51:41.0487 1044 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
19:51:41.0487 1044 C:\Windows\System32\drivers\HECIx64.sys - ok
19:51:41.0487 1044 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
19:51:41.0487 1044 C:\Windows\System32\drivers\usbport.sys - ok
19:51:41.0502 1044 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
19:51:41.0502 1044 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:51:41.0502 1044 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
19:51:41.0502 1044 C:\Windows\System32\drivers\usbehci.sys - ok
19:51:41.0502 1044 [ BAB887A2B2786310A966881F074F4A99 ] C:\Windows\System32\drivers\BCMWL664.SYS
19:51:41.0502 1044 C:\Windows\System32\drivers\BCMWL664.SYS - ok
19:51:41.0502 1044 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
19:51:41.0502 1044 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
19:51:41.0518 1044 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
19:51:41.0518 1044 C:\Windows\System32\drivers\i8042prt.sys - ok
19:51:41.0518 1044 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
19:51:41.0518 1044 C:\Windows\System32\drivers\kbdclass.sys - ok
19:51:41.0518 1044 [ 39918DB0EFCF045A1CE6FABBF339F975 ] C:\Windows\System32\drivers\L1C62x64.sys
19:51:41.0518 1044 C:\Windows\System32\drivers\L1C62x64.sys - ok
19:51:41.0518 1044 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
19:51:41.0518 1044 C:\Windows\System32\drivers\mouclass.sys - ok
19:51:41.0533 1044 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
19:51:41.0533 1044 C:\Windows\System32\drivers\vwifibus.sys - ok
19:51:41.0533 1044 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
19:51:41.0533 1044 C:\Windows\System32\drivers\agilevpn.sys - ok
19:51:41.0533 1044 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
19:51:41.0533 1044 C:\Windows\System32\drivers\CmBatt.sys - ok
19:51:41.0533 1044 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
19:51:41.0533 1044 C:\Windows\System32\drivers\CompositeBus.sys - ok
19:51:41.0549 1044 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
19:51:41.0549 1044 C:\Windows\System32\drivers\intelppm.sys - ok
19:51:41.0549 1044 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
19:51:41.0549 1044 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:51:41.0549 1044 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
19:51:41.0549 1044 C:\Windows\System32\drivers\wmiacpi.sys - ok
19:51:41.0549 1044 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
19:51:41.0549 1044 C:\Windows\System32\drivers\ndistapi.sys - ok
19:51:41.0565 1044 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
19:51:41.0565 1044 C:\Windows\System32\drivers\ndiswan.sys - ok
19:51:41.0565 1044 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
19:51:41.0565 1044 C:\Windows\System32\drivers\raspppoe.sys - ok
19:51:41.0565 1044 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
19:51:41.0565 1044 C:\Windows\System32\drivers\raspptp.sys - ok
19:51:41.0565 1044 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
19:51:41.0565 1044 C:\Windows\System32\drivers\rassstp.sys - ok
19:51:41.0580 1044 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
19:51:41.0580 1044 C:\Windows\System32\drivers\ks.sys - ok
19:51:41.0580 1044 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
19:51:41.0580 1044 C:\Windows\System32\drivers\swenum.sys - ok
19:51:41.0580 1044 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
19:51:41.0580 1044 C:\Windows\System32\drivers\umbus.sys - ok
19:51:41.0596 1044 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
19:51:41.0596 1044 C:\Windows\System32\drivers\usbhub.sys - ok
19:51:41.0596 1044 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
19:51:41.0596 1044 C:\Windows\System32\drivers\ndproxy.sys - ok
19:51:41.0596 1044 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
19:51:41.0596 1044 C:\Windows\System32\drivers\drmk.sys - ok
19:51:41.0596 1044 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
19:51:41.0596 1044 C:\Windows\System32\drivers\HdAudio.sys - ok
19:51:41.0611 1044 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
19:51:41.0611 1044 C:\Windows\System32\drivers\ksthunk.sys - ok
19:51:41.0611 1044 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
19:51:41.0611 1044 C:\Windows\System32\drivers\portcls.sys - ok
19:51:41.0611 1044 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
19:51:41.0611 1044 C:\Windows\System32\kernel32.dll - ok
19:51:41.0611 1044 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
19:51:41.0611 1044 C:\Windows\System32\advapi32.dll - ok
19:51:41.0627 1044 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
19:51:41.0627 1044 C:\Windows\System32\gdi32.dll - ok
19:51:41.0627 1044 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
19:51:41.0627 1044 C:\Windows\System32\ole32.dll - ok
19:51:41.0627 1044 [ A4F6142CABA82FB7293ECE5FF864B440 ] C:\Windows\System32\wininet.dll
19:51:41.0627 1044 C:\Windows\System32\wininet.dll - ok
19:51:41.0627 1044 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
19:51:41.0627 1044 C:\Windows\System32\comdlg32.dll - ok
19:51:41.0643 1044 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
19:51:41.0643 1044 C:\Windows\System32\imm32.dll - ok
19:51:41.0643 1044 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
19:51:41.0643 1044 C:\Windows\System32\normaliz.dll - ok
19:51:41.0643 1044 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
19:51:41.0643 1044 C:\Windows\System32\msvcrt.dll - ok
19:51:41.0643 1044 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
19:51:41.0643 1044 C:\Windows\System32\shlwapi.dll - ok
19:51:41.0643 1044 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
19:51:41.0643 1044 C:\Windows\System32\difxapi.dll - ok
19:51:41.0658 1044 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
19:51:41.0658 1044 C:\Windows\System32\user32.dll - ok
19:51:41.0658 1044 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
19:51:41.0658 1044 C:\Windows\System32\msctf.dll - ok
19:51:41.0658 1044 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
19:51:41.0658 1044 C:\Windows\System32\oleaut32.dll - ok
19:51:41.0658 1044 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
19:51:41.0658 1044 C:\Windows\System32\clbcatq.dll - ok
19:51:41.0658 1044 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
19:51:41.0658 1044 C:\Windows\System32\usp10.dll - ok
19:51:41.0674 1044 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
19:51:41.0674 1044 C:\Windows\System32\imagehlp.dll - ok
19:51:41.0674 1044 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
19:51:41.0674 1044 C:\Windows\System32\nsi.dll - ok
19:51:41.0674 1044 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
19:51:41.0674 1044 C:\Windows\System32\Wldap32.dll - ok
19:51:41.0674 1044 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
19:51:41.0674 1044 C:\Windows\System32\setupapi.dll - ok
19:51:41.0689 1044 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
19:51:41.0689 1044 C:\Windows\System32\rpcrt4.dll - ok
19:51:41.0689 1044 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
19:51:41.0689 1044 C:\Windows\System32\shell32.dll - ok
19:51:41.0689 1044 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
19:51:41.0689 1044 C:\Windows\System32\ws2_32.dll - ok
19:51:41.0689 1044 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
19:51:41.0689 1044 C:\Windows\System32\psapi.dll - ok
19:51:41.0705 1044 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
19:51:41.0705 1044 C:\Windows\System32\sechost.dll - ok
19:51:41.0705 1044 [ D3A6792AED4841B4D055C7C80C815BB7 ] C:\Windows\System32\urlmon.dll
19:51:41.0705 1044 C:\Windows\System32\urlmon.dll - ok
19:51:41.0705 1044 [ 8D4DEA45FCDF9FCFD9E31232A07E6EF9 ] C:\Windows\System32\iertutil.dll
19:51:41.0705 1044 C:\Windows\System32\iertutil.dll - ok
19:51:41.0705 1044 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
19:51:41.0705 1044 C:\Windows\System32\lpk.dll - ok
19:51:41.0721 1044 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
19:51:41.0721 1044 C:\Windows\System32\wintrust.dll - ok
19:51:41.0721 1044 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
19:51:41.0721 1044 C:\Windows\System32\crypt32.dll - ok
19:51:41.0721 1044 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
19:51:41.0721 1044 C:\Windows\System32\devobj.dll - ok
19:51:41.0721 1044 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
19:51:41.0721 1044 C:\Windows\System32\KernelBase.dll - ok
19:51:41.0736 1044 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
19:51:41.0736 1044 C:\Windows\System32\cfgmgr32.dll - ok
19:51:41.0736 1044 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
19:51:41.0736 1044 C:\Windows\System32\comctl32.dll - ok
19:51:41.0736 1044 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
19:51:41.0736 1044 C:\Windows\System32\msasn1.dll - ok
19:51:41.0736 1044 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
19:51:41.0736 1044 C:\Windows\SysWOW64\normaliz.dll - ok
19:51:41.0752 1044 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
19:51:41.0752 1044 C:\Windows\System32\drivers\usbd.sys - ok
19:51:41.0752 1044 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
19:51:41.0752 1044 C:\Windows\System32\drivers\usbccgp.sys - ok
19:51:41.0752 1044 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
19:51:41.0752 1044 C:\Windows\System32\drivers\dxapi.sys - ok
19:51:41.0752 1044 [ 86F96630D28523F1C402C783F046DEF1 ] C:\Windows\System32\win32k.sys
19:51:41.0752 1044 C:\Windows\System32\win32k.sys - ok
19:51:41.0767 1044 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
19:51:41.0767 1044 C:\Windows\System32\drivers\usbvideo.sys - ok
19:51:41.0767 1044 [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
19:51:41.0767 1044 C:\Windows\System32\csrsrv.dll - ok
19:51:41.0767 1044 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
19:51:41.0767 1044 C:\Windows\System32\csrss.exe - ok
19:51:41.0783 1044 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
19:51:41.0783 1044 C:\Windows\System32\basesrv.dll - ok
19:51:41.0783 1044 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
19:51:41.0783 1044 C:\Windows\System32\winsrv.dll - ok
19:51:41.0783 1044 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
19:51:41.0783 1044 C:\Windows\System32\drivers\USBSTOR.SYS - ok
19:51:41.0783 1044 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
19:51:41.0783 1044 C:\Windows\System32\drivers\monitor.sys - ok
19:51:41.0799 1044 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
19:51:41.0799 1044 C:\Windows\System32\tsddd.dll - ok
19:51:41.0799 1044 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
19:51:41.0799 1044 C:\Windows\System32\sxssrv.dll - ok
19:51:41.0799 1044 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
19:51:41.0799 1044 C:\Windows\System32\wininit.exe - ok
19:51:41.0814 1044 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
19:51:41.0814 1044 C:\Windows\System32\cdd.dll - ok
19:51:41.0814 1044 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
19:51:41.0814 1044 C:\Windows\System32\KBDUS.DLL - ok
19:51:41.0814 1044 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
19:51:41.0814 1044 C:\Windows\System32\profapi.dll - ok
19:51:41.0830 1044 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
19:51:41.0830 1044 C:\Windows\System32\RpcRtRemote.dll - ok
19:51:41.0830 1044 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
19:51:41.0830 1044 C:\Windows\System32\sxs.dll - ok
19:51:41.0830 1044 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
19:51:41.0830 1044 C:\Windows\System32\WlS0WndH.dll - ok
19:51:41.0830 1044 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
19:51:41.0830 1044 C:\Windows\System32\cryptbase.dll - ok
19:51:41.0830 1044 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
19:51:41.0830 1044 C:\Windows\System32\apphelp.dll - ok
19:51:41.0845 1044 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
19:51:41.0845 1044 C:\Windows\System32\lsass.exe - ok
19:51:41.0845 1044 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
19:51:41.0845 1044 C:\Windows\System32\lsm.exe - ok
19:51:41.0845 1044 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
19:51:41.0845 1044 C:\Windows\System32\services.exe - ok
19:51:41.0861 1044 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
19:51:41.0861 1044 C:\Windows\System32\sspisrv.dll - ok
19:51:41.0861 1044 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
19:51:41.0861 1044 C:\Windows\System32\lsasrv.dll - ok
19:51:41.0861 1044 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
19:51:41.0861 1044 C:\Windows\System32\sspicli.dll - ok
19:51:41.0877 1044 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
19:51:41.0877 1044 C:\Windows\System32\scesrv.dll - ok
19:51:41.0877 1044 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
19:51:41.0877 1044 C:\Windows\System32\scext.dll - ok
19:51:41.0877 1044 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
19:51:41.0877 1044 C:\Windows\System32\secur32.dll - ok
19:51:41.0877 1044 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
19:51:41.0877 1044 C:\Windows\System32\samsrv.dll - ok
19:51:41.0877 1044 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
19:51:41.0877 1044 C:\Windows\System32\srvcli.dll - ok
19:51:41.0892 1044 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
19:51:41.0892 1044 C:\Windows\System32\cryptdll.dll - ok
19:51:41.0892 1044 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
19:51:41.0892 1044 C:\Windows\System32\wevtapi.dll - ok
19:51:41.0892 1044 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
19:51:41.0892 1044 C:\Windows\System32\sysntfy.dll - ok
19:51:41.0892 1044 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
19:51:41.0892 1044 C:\Windows\System32\wmsgapi.dll - ok
19:51:41.0908 1044 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
19:51:41.0908 1044 C:\Windows\System32\authz.dll - ok
19:51:41.0908 1044 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
19:51:41.0908 1044 C:\Windows\System32\cngaudit.dll - ok
19:51:41.0908 1044 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
19:51:41.0908 1044 C:\Windows\System32\bcrypt.dll - ok
19:51:41.0908 1044 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
19:51:41.0908 1044 C:\Windows\System32\ncrypt.dll - ok
19:51:41.0908 1044 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
19:51:41.0908 1044 C:\Windows\System32\msprivs.dll - ok
19:51:41.0923 1044 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
19:51:41.0923 1044 C:\Windows\System32\netjoin.dll - ok
19:51:41.0923 1044 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
19:51:41.0923 1044 C:\Windows\System32\negoexts.dll - ok
19:51:41.0923 1044 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
19:51:41.0923 1044 C:\Windows\System32\kerberos.dll - ok
19:51:41.0923 1044 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
19:51:41.0923 1044 C:\Windows\System32\cryptsp.dll - ok
19:51:41.0923 1044 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
19:51:41.0923 1044 C:\Windows\System32\mswsock.dll - ok
19:51:41.0939 1044 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
19:51:41.0939 1044 C:\Windows\System32\msv1_0.dll - ok
19:51:41.0939 1044 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
19:51:41.0939 1044 C:\Windows\System32\wship6.dll - ok
19:51:41.0939 1044 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
19:51:41.0939 1044 C:\Windows\System32\netlogon.dll - ok
19:51:41.0939 1044 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
19:51:41.0939 1044 C:\Windows\System32\dnsapi.dll - ok
19:51:41.0955 1044 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
19:51:41.0955 1044 C:\Windows\System32\logoncli.dll - ok
19:51:41.0955 1044 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
19:51:41.0955 1044 C:\Windows\System32\schannel.dll - ok
19:51:41.0955 1044 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
19:51:41.0955 1044 C:\Windows\System32\wdigest.dll - ok
19:51:41.0970 1044 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
19:51:41.0970 1044 C:\Windows\System32\rsaenh.dll - ok
19:51:41.0970 1044 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
19:51:41.0970 1044 C:\Windows\System32\TSpkg.dll - ok
19:51:41.0970 1044 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
19:51:41.0970 1044 C:\Windows\System32\pku2u.dll - ok
19:51:41.0970 1044 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
19:51:41.0970 1044 C:\Windows\System32\LIVESSP.DLL - ok
19:51:41.0970 1044 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
19:51:41.0970 1044 C:\Windows\System32\bcryptprimitives.dll - ok
19:51:41.0986 1044 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
19:51:41.0986 1044 C:\Windows\System32\efslsaext.dll - ok
19:51:41.0986 1044 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
19:51:41.0986 1044 C:\Windows\System32\credssp.dll - ok
19:51:41.0986 1044 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
19:51:41.0986 1044 C:\Windows\System32\winlogon.exe - ok
19:51:41.0986 1044 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
19:51:41.0986 1044 C:\Windows\System32\scecli.dll - ok
19:51:42.0001 1044 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
19:51:42.0001 1044 C:\Windows\System32\winsta.dll - ok
19:51:42.0001 1044 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
19:51:42.0001 1044 C:\Windows\System32\ubpm.dll - ok
19:51:42.0001 1044 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
19:51:42.0001 1044 C:\Windows\System32\svchost.exe - ok
19:51:42.0001 1044 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
19:51:42.0001 1044 C:\Windows\System32\umpnpmgr.dll - ok
19:51:42.0001 1044 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
19:51:42.0001 1044 C:\Windows\System32\SPInf.dll - ok
19:51:42.0017 1044 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
19:51:42.0017 1044 C:\Windows\System32\devrtl.dll - ok
19:51:42.0017 1044 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
19:51:42.0017 1044 C:\Windows\System32\gpapi.dll - ok
19:51:42.0017 1044 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
19:51:42.0017 1044 C:\Windows\System32\userenv.dll - ok
19:51:42.0017 1044 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
19:51:42.0017 1044 C:\Windows\System32\umpo.dll - ok
19:51:42.0033 1044 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
19:51:42.0033 1044 C:\Windows\System32\pcwum.dll - ok
19:51:42.0033 1044 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
19:51:42.0033 1044 C:\Windows\System32\powrprof.dll - ok
19:51:42.0033 1044 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
19:51:42.0033 1044 C:\Windows\System32\drivers\luafv.sys - ok
19:51:42.0033 1044 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
19:51:42.0033 1044 C:\Windows\System32\rpcss.dll - ok
19:51:42.0048 1044 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
19:51:42.0048 1044 C:\Windows\System32\RpcEpMap.dll - ok
19:51:42.0048 1044 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
19:51:42.0048 1044 C:\Windows\System32\WSHTCPIP.DLL - ok
19:51:42.0048 1044 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
19:51:42.0048 1044 C:\Windows\System32\wshqos.dll - ok
19:51:42.0048 1044 [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:51:42.0048 1044 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
19:51:42.0064 1044 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
19:51:42.0064 1044 C:\Windows\System32\FirewallAPI.dll - ok
19:51:42.0064 1044 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
19:51:42.0064 1044 C:\Windows\System32\LogonUI.exe - ok
19:51:42.0064 1044 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
19:51:42.0064 1044 C:\Windows\System32\version.dll - ok
19:51:42.0064 1044 [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
19:51:42.0064 1044 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
19:51:42.0079 1044 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
19:51:42.0079 1044 C:\Windows\System32\wtsapi32.dll - ok
19:51:42.0079 1044 [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
19:51:42.0079 1044 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
19:51:42.0079 1044 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
19:51:42.0079 1044 C:\Windows\System32\ntmarta.dll - ok
19:51:42.0079 1044 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
19:51:42.0079 1044 C:\Windows\System32\authui.dll - ok
19:51:42.0095 1044 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
19:51:42.0095 1044 C:\Windows\System32\cryptui.dll - ok
19:51:42.0095 1044 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:51:42.0095 1044 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:51:42.0095 1044 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
19:51:42.0095 1044 C:\Windows\System32\shacct.dll - ok
19:51:42.0095 1044 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
19:51:42.0095 1044 C:\Windows\System32\propsys.dll - ok
19:51:42.0111 1044 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
19:51:42.0111 1044 C:\Windows\System32\samlib.dll - ok
19:51:42.0111 1044 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
19:51:42.0111 1044 C:\Windows\System32\uxtheme.dll - ok
19:51:42.0111 1044 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
19:51:42.0111 1044 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
19:51:42.0111 1044 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
19:51:42.0111 1044 C:\Windows\System32\dui70.dll - ok
19:51:42.0111 1044 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
19:51:42.0111 1044 C:\Windows\System32\duser.dll - ok
19:51:42.0126 1044 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
19:51:42.0126 1044 C:\Windows\System32\SndVolSSO.dll - ok
19:51:42.0126 1044 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
19:51:42.0126 1044 C:\Windows\System32\hid.dll - ok
19:51:42.0126 1044 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
19:51:42.0126 1044 C:\Windows\System32\MMDevAPI.dll - ok
19:51:42.0126 1044 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
19:51:42.0142 1044 C:\Windows\System32\dwmapi.dll - ok
19:51:42.0142 1044 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
19:51:42.0142 1044 C:\Windows\System32\xmllite.dll - ok
19:51:42.0142 1044 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
19:51:42.0142 1044 C:\Windows\System32\WindowsCodecs.dll - ok
19:51:42.0142 1044 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
19:51:42.0142 1044 C:\Windows\System32\VaultCredProvider.dll - ok
19:51:42.0142 1044 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
19:51:42.0142 1044 C:\Windows\System32\winbrand.dll - ok
19:51:42.0157 1044 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:51:42.0157 1044 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:51:42.0157 1044 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
19:51:42.0157 1044 C:\Windows\System32\BioCredProv.dll - ok
19:51:42.0157 1044 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
19:51:42.0157 1044 C:\Windows\System32\winbio.dll - ok
19:51:42.0157 1044 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
19:51:42.0157 1044 C:\Windows\System32\credui.dll - ok
19:51:42.0173 1044 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
19:51:42.0173 1044 C:\Windows\System32\vaultcli.dll - ok
19:51:42.0173 1044 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
19:51:42.0173 1044 C:\Windows\System32\netapi32.dll - ok
19:51:42.0173 1044 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
19:51:42.0173 1044 C:\Windows\System32\netutils.dll - ok
19:51:42.0173 1044 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
19:51:42.0173 1044 C:\Windows\System32\wkscli.dll - ok
19:51:42.0173 1044 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
19:51:42.0173 1044 C:\Windows\System32\certCredProvider.dll - ok
19:51:42.0189 1044 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
19:51:42.0189 1044 C:\Windows\System32\samcli.dll - ok
19:51:42.0189 1044 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
19:51:42.0189 1044 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
19:51:42.0189 1044 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
19:51:42.0189 1044 C:\Windows\System32\rasplap.dll - ok
19:51:42.0189 1044 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
19:51:42.0189 1044 C:\Windows\System32\rasapi32.dll - ok
19:51:42.0204 1044 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
19:51:42.0204 1044 C:\Windows\System32\rasman.dll - ok
19:51:42.0204 1044 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
19:51:42.0204 1044 C:\Windows\System32\rtutils.dll - ok
19:51:42.0204 1044 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
19:51:42.0204 1044 C:\Windows\System32\oleacc.dll - ok
19:51:42.0204 1044 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
19:51:42.0204 1044 C:\Windows\System32\UIAutomationCore.dll - ok
19:51:42.0220 1044 [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
19:51:42.0220 1044 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
19:51:42.0220 1044 [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
19:51:42.0220 1044 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
19:51:42.0220 1044 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
19:51:42.0220 1044 C:\Windows\System32\fltLib.dll - ok
19:51:42.0220 1044 [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
19:51:42.0220 1044 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
19:51:42.0235 1044 [ 967BC3664DDC26959BD43A7B1681FF86 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
19:51:42.0235 1044 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
19:51:42.0235 1044 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\Windows\System32\drivers\MpFilter.sys
19:51:42.0235 1044 C:\Windows\System32\drivers\MpFilter.sys - ok
19:51:42.0235 1044 [ 29182220B4B0B9C5D2FD6C96E7E759A5 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpengine.dll
19:51:42.0235 1044 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpengine.dll - ok
19:51:42.0251 1044 [ A181FAA2F6C33FE5AF5A91BD8A0507D3 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpasbase.vdm
19:51:42.0251 1044 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpasbase.vdm - ok
19:51:42.0251 1044 [ FACC5B743FF1D1FE08AB5350A7EC11CB ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpasdlta.vdm
19:51:42.0251 1044 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpasdlta.vdm - ok
19:51:42.0251 1044 [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpavbase.vdm
19:51:42.0251 1044 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpavbase.vdm - ok
19:51:42.0251 1044 [ 0D285AC17DF2415AA692E00A937C2DC0 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpavdlta.vdm
19:51:42.0251 1044 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\mpavdlta.vdm - ok
19:51:42.0267 1044 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
19:51:42.0267 1044 C:\Windows\System32\wevtsvc.dll - ok
19:51:42.0267 1044 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
19:51:42.0267 1044 C:\Windows\System32\audiosrv.dll - ok
19:51:42.0267 1044 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
19:51:42.0267 1044 C:\Windows\System32\FntCache.dll - ok
19:51:42.0267 1044 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
19:51:42.0267 1044 C:\Windows\System32\avrt.dll - ok
19:51:42.0282 1044 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
19:51:42.0282 1044 C:\Windows\System32\mmcss.dll - ok
19:51:42.0282 1044 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
19:51:42.0282 1044 C:\Windows\System32\audiodg.exe - ok
19:51:42.0282 1044 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
19:51:42.0282 1044 C:\Windows\System32\profsvc.dll - ok
19:51:42.0298 1044 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
19:51:42.0298 1044 C:\Windows\System32\adtschema.dll - ok
19:51:42.0298 1044 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
19:51:42.0298 1044 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
19:51:42.0298 1044 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
19:51:42.0298 1044 C:\Windows\System32\gpsvc.dll - ok
19:51:42.0298 1044 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
19:51:42.0298 1044 C:\Windows\System32\atl.dll - ok
19:51:42.0313 1044 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
19:51:42.0313 1044 C:\Windows\System32\nlaapi.dll - ok
19:51:42.0313 1044 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
19:51:42.0313 1044 C:\Windows\System32\themeservice.dll - ok
19:51:42.0313 1044 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
19:51:42.0313 1044 C:\Windows\System32\dsrole.dll - ok
19:51:42.0329 1044 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
19:51:42.0329 1044 C:\Windows\System32\slc.dll - ok
19:51:42.0329 1044 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
19:51:42.0329 1044 C:\Windows\System32\netprofm.dll - ok
19:51:42.0329 1044 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
19:51:42.0329 1044 C:\Windows\System32\UXInit.dll - ok
19:51:42.0345 1044 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
19:51:42.0345 1044 C:\Windows\System32\WUDFPlatform.dll - ok
19:51:42.0345 1044 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
19:51:42.0345 1044 C:\Windows\System32\es.dll - ok
19:51:42.0345 1044 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
19:51:42.0345 1044 C:\Windows\System32\comres.dll - ok
19:51:42.0360 1044 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
19:51:42.0360 1044 C:\Windows\System32\Sens.dll - ok
19:51:42.0360 1044 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
19:51:42.0360 1044 C:\Windows\System32\uxsms.dll - ok
19:51:42.0360 1044 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
19:51:42.0360 1044 C:\Windows\System32\drivers\lltdio.sys - ok
19:51:42.0360 1044 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
19:51:42.0360 1044 C:\Windows\System32\wlansvc.dll - ok
19:51:42.0376 1044 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
19:51:42.0376 1044 C:\Windows\System32\drivers\ndisuio.sys - ok
19:51:42.0376 1044 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
19:51:42.0376 1044 C:\Windows\System32\drivers\nwifi.sys - ok
19:51:42.0376 1044 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
19:51:42.0376 1044 C:\Windows\System32\drivers\rspndr.sys - ok
19:51:42.0376 1044 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
19:51:42.0376 1044 C:\Windows\System32\imageres.dll - ok
19:51:42.0391 1044 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
19:51:42.0391 1044 C:\Windows\System32\IPHLPAPI.DLL - ok
19:51:42.0391 1044 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
19:51:42.0391 1044 C:\Windows\System32\lmhsvc.dll - ok
19:51:42.0391 1044 [ 893C44082C97F7AED3E7C180FA1F93D8 ] C:\Windows\System32\mpnotify.exe
19:51:42.0391 1044 C:\Windows\System32\mpnotify.exe - ok
19:51:42.0391 1044 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
19:51:42.0391 1044 C:\Windows\System32\MPSSVC.dll - ok
19:51:42.0407 1044 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
19:51:42.0407 1044 C:\Windows\System32\nrpsrv.dll - ok
19:51:42.0407 1044 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
19:51:42.0407 1044 C:\Windows\System32\nsisvc.dll - ok
19:51:42.0407 1044 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
19:51:42.0407 1044 C:\Windows\System32\winnsi.dll - ok
19:51:42.0407 1044 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
19:51:42.0407 1044 C:\Windows\System32\dhcpcore.dll - ok
19:51:42.0423 1044 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
19:51:42.0423 1044 C:\Windows\System32\dnsrslvr.dll - ok
19:51:42.0423 1044 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
19:51:42.0423 1044 C:\Windows\System32\drivers\fltMgr.sys - ok
19:51:42.0423 1044 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
19:51:42.0423 1044 C:\Windows\System32\eapphost.dll - ok
19:51:42.0423 1044 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
19:51:42.0423 1044 C:\Windows\System32\eapsvc.dll - ok
19:51:42.0423 1044 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
19:51:42.0423 1044 C:\Windows\System32\keyiso.dll - ok
19:51:42.0438 1044 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
19:51:42.0438 1044 C:\Windows\System32\FWPUCLNT.DLL - ok
19:51:42.0438 1044 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
19:51:42.0438 1044 C:\Windows\System32\umb.dll - ok
19:51:42.0438 1044 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
19:51:42.0438 1044 C:\Windows\System32\wlanmsm.dll - ok
19:51:42.0454 1044 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
19:51:42.0454 1044 C:\Windows\System32\dhcpcore6.dll - ok
19:51:42.0454 1044 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
19:51:42.0454 1044 C:\Windows\System32\PSHED.DLL - ok
19:51:42.0454 1044 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
19:51:42.0454 1044 C:\Windows\System32\aeevts.dll - ok
19:51:42.0454 1044 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
19:51:42.0454 1044 C:\Windows\System32\dnsext.dll - ok
19:51:42.0469 1044 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
19:51:42.0469 1044 C:\Windows\System32\dhcpcsvc.dll - ok
19:51:42.0469 1044 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
19:51:42.0469 1044 C:\Windows\System32\dhcpcsvc6.dll - ok
19:51:42.0469 1044 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:51:42.0469 1044 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:51:42.0485 1044 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
19:51:42.0485 1044 C:\Windows\System32\wlansec.dll - ok
19:51:42.0485 1044 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
19:51:42.0485 1044 C:\Windows\System32\eappprxy.dll - ok
19:51:42.0485 1044 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
19:51:42.0485 1044 C:\Windows\System32\onex.dll - ok
19:51:42.0485 1044 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
19:51:42.0485 1044 C:\Windows\System32\eappcfg.dll - ok
19:51:42.0501 1044 [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
19:51:42.0501 1044 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
19:51:42.0501 1044 [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
19:51:42.0501 1044 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
19:51:42.0501 1044 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
19:51:42.0501 1044 C:\Windows\System32\conhost.exe - ok
19:51:42.0501 1044 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
19:51:42.0501 1044 C:\Windows\System32\wscapi.dll - ok
19:51:42.0501 1044 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
19:51:42.0501 1044 C:\Windows\System32\cabinet.dll - ok
19:51:42.0516 1044 [ E03082BF43266EAC72E2CD3BC1283F24 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
19:51:42.0516 1044 C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
19:51:42.0516 1044 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
19:51:42.0516 1044 C:\Windows\System32\winhttp.dll - ok
19:51:42.0516 1044 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
19:51:42.0516 1044 C:\Windows\System32\webio.dll - ok
19:51:42.0516 1044 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
19:51:42.0516 1044 C:\Windows\System32\wuapi.dll - ok
19:51:42.0532 1044 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
19:51:42.0532 1044 C:\Windows\System32\wups.dll - ok
19:51:42.0532 1044 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
19:51:42.0532 1044 C:\Windows\System32\wlgpclnt.dll - ok
19:51:42.0532 1044 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
19:51:42.0532 1044 C:\Windows\System32\l2gpstore.dll - ok
19:51:42.0532 1044 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
19:51:42.0532 1044 C:\Windows\System32\WinSCard.dll - ok
19:51:42.0547 1044 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
19:51:42.0547 1044 C:\Windows\System32\wlanutil.dll - ok
19:51:42.0547 1044 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
19:51:42.0547 1044 C:\Windows\System32\msxml6.dll - ok
19:51:42.0547 1044 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
19:51:42.0547 1044 C:\Windows\System32\p2pcollab.dll - ok
19:51:42.0547 1044 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
19:51:42.0547 1044 C:\Windows\System32\QAGENTRT.DLL - ok
19:51:42.0563 1044 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
19:51:42.0563 1044 C:\Windows\System32\fveui.dll - ok
19:51:42.0563 1044 [ A96D6C0613DCF84F2D07FAEB75663072 ] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
19:51:42.0563 1044 C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE - ok
19:51:42.0563 1044 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
19:51:42.0563 1044 C:\Windows\System32\wlanext.exe - ok
19:51:42.0563 1044 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
19:51:42.0563 1044 C:\Windows\System32\mpr.dll - ok
19:51:42.0579 1044 [ 4E30A12A6C4B9886208F0A994D91786B ] C:\Windows\System32\BCMLogon.dll
19:51:42.0579 1044 C:\Windows\System32\BCMLogon.dll - ok
19:51:42.0579 1044 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
19:51:42.0579 1044 C:\Windows\System32\mscoree.dll - ok
19:51:42.0579 1044 [ 9803C65E1CF855404E4C1C794E6A725B ] C:\Windows\System32\bcmihvsrv64.dll
19:51:42.0579 1044 C:\Windows\System32\bcmihvsrv64.dll - ok
19:51:42.0579 1044 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
19:51:42.0579 1044 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
19:51:42.0594 1044 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
19:51:42.0594 1044 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
19:51:42.0594 1044 [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
19:51:42.0594 1044 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
19:51:42.0594 1044 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
19:51:42.0594 1044 C:\Windows\System32\slwga.dll - ok
19:51:42.0610 1044 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
19:51:42.0610 1044 C:\Windows\System32\wlanapi.dll - ok
19:51:42.0610 1044 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
19:51:42.0610 1044 C:\Windows\System32\sppc.dll - ok
19:51:42.0610 1044 [ DF4101744BFC6EB747382194C0268792 ] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
19:51:42.0610 1044 C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE - ok
19:51:42.0610 1044 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
19:51:42.0610 1044 C:\Windows\System32\shsvcs.dll - ok
19:51:42.0625 1044 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
19:51:42.0625 1044 C:\Windows\System32\schedsvc.dll - ok
19:51:42.0625 1044 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
19:51:42.0625 1044 C:\Windows\System32\ktmw32.dll - ok
19:51:42.0625 1044 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
19:51:42.0625 1044 C:\Windows\System32\nlasvc.dll - ok
19:51:42.0625 1044 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
19:51:42.0625 1044 C:\Windows\System32\NapiNSP.dll - ok
19:51:42.0625 1044 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
19:51:42.0625 1044 C:\Windows\System32\pnrpnsp.dll - ok
19:51:42.0641 1044 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
19:51:42.0641 1044 C:\Windows\System32\taskcomp.dll - ok
19:51:42.0641 1044 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
19:51:42.0641 1044 C:\Windows\System32\fveapi.dll - ok
19:51:42.0641 1044 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
19:51:42.0641 1044 C:\Windows\System32\fvecerts.dll - ok
19:51:42.0641 1044 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
19:51:42.0641 1044 C:\Windows\System32\tbs.dll - ok
19:51:42.0657 1044 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
19:51:42.0657 1044 C:\Windows\System32\msimg32.dll - ok
19:51:42.0657 1044 [ 252DF481AA820A659440307B8261013F ] C:\Program Files\Dell\DW WLAN Card\Packet.dll
19:51:42.0657 1044 C:\Program Files\Dell\DW WLAN Card\Packet.dll - ok
19:51:42.0657 1044 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:51:42.0657 1044 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:51:42.0657 1044 [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\offreg.dll
19:51:42.0657 1044 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35DCC39B-BDFF-492A-ACB2-52134CE4BC5E}\offreg.dll - ok
19:51:42.0672 1044 [ DB4BC74DC444CC7A5F8F6DF2D38FBD96 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
19:51:42.0672 1044 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll - ok
19:51:42.0672 1044 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
19:51:42.0672 1044 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
19:51:42.0672 1044 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
19:51:42.0672 1044 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
19:51:42.0672 1044 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
19:51:42.0672 1044 C:\Windows\System32\drivers\http.sys - ok
19:51:42.0688 1044 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:51:42.0688 1044 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:51:42.0688 1044 [ 324C4D3C3FC6ACCB72D5D83986442EBB ] C:\Windows\System32\drivers\npf.sys
19:51:42.0688 1044 C:\Windows\System32\drivers\npf.sys - ok
19:51:42.0688 1044 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
19:51:42.0688 1044 C:\Windows\System32\spoolsv.exe - ok
19:51:42.0688 1044 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
19:51:42.0688 1044 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
19:51:42.0703 1044 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
19:51:42.0703 1044 C:\Windows\System32\netcfgx.dll - ok
19:51:42.0703 1044 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
19:51:42.0703 1044 C:\Windows\System32\drivers\vwifimp.sys - ok
19:51:42.0703 1044 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
19:51:42.0703 1044 C:\Windows\System32\BFE.DLL - ok
19:51:42.0719 1044 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
19:51:42.0719 1044 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
19:51:42.0719 1044 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
19:51:42.0719 1044 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
19:51:42.0719 1044 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
19:51:42.0719 1044 C:\Windows\System32\drivers\bowser.sys - ok
19:51:42.0719 1044 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
19:51:42.0719 1044 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:51:42.0735 1044 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
19:51:42.0735 1044 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:51:42.0735 1044 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:51:42.0735 1044 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:51:42.0735 1044 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
19:51:42.0735 1044 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:51:42.0735 1044 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
19:51:42.0735 1044 C:\Windows\System32\wkssvc.dll - ok
19:51:42.0750 1044 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
19:51:42.0750 1044 C:\Windows\System32\wfapigp.dll - ok
19:51:42.0750 1044 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:51:42.0750 1044 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
19:51:42.0750 1044 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
19:51:42.0750 1044 C:\Windows\SysWOW64\ntdll.dll - ok
19:51:42.0750 1044 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
19:51:42.0750 1044 C:\Windows\System32\mscms.dll - ok
19:51:42.0766 1044 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
19:51:42.0766 1044 C:\Windows\System32\pcasvc.dll - ok
19:51:42.0766 1044 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
19:51:42.0766 1044 C:\Windows\System32\wow64.dll - ok
19:51:42.0766 1044 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
19:51:42.0766 1044 C:\Windows\System32\wow64cpu.dll - ok
19:51:42.0766 1044 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
19:51:42.0766 1044 C:\Windows\System32\wow64win.dll - ok
19:51:42.0766 1044 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
19:51:42.0766 1044 C:\Windows\System32\snmptrap.exe - ok
19:51:42.0781 1044 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
19:51:42.0781 1044 C:\Windows\SysWOW64\kernel32.dll - ok
19:51:42.0781 1044 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
19:51:42.0781 1044 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
19:51:42.0781 1044 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
19:51:42.0781 1044 C:\Windows\System32\provsvc.dll - ok
19:51:42.0797 1044 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
19:51:42.0797 1044 C:\Windows\System32\sstpsvc.dll - ok
19:51:42.0797 1044 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
19:51:42.0797 1044 C:\Windows\SysWOW64\KernelBase.dll - ok
19:51:42.0797 1044 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
19:51:42.0797 1044 C:\Windows\SysWOW64\user32.dll - ok
19:51:42.0797 1044 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
19:51:42.0797 1044 C:\Windows\SysWOW64\gdi32.dll - ok
19:51:42.0813 1044 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
19:51:42.0813 1044 C:\Windows\SysWOW64\lpk.dll - ok
19:51:42.0813 1044 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
19:51:42.0813 1044 C:\Windows\SysWOW64\usp10.dll - ok
19:51:42.0813 1044 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
19:51:42.0813 1044 C:\Windows\SysWOW64\msvcrt.dll - ok
19:51:42.0828 1044 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
19:51:42.0828 1044 C:\Windows\SysWOW64\advapi32.dll - ok
19:51:42.0828 1044 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
19:51:42.0828 1044 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:51:42.0828 1044 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
19:51:42.0828 1044 C:\Windows\SysWOW64\sechost.dll - ok
19:51:42.0828 1044 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
19:51:42.0828 1044 C:\Windows\SysWOW64\cryptbase.dll - ok
19:51:42.0844 1044 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
19:51:42.0844 1044 C:\Windows\SysWOW64\shell32.dll - ok
19:51:42.0844 1044 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
19:51:42.0844 1044 C:\Windows\SysWOW64\sspicli.dll - ok
19:51:42.0844 1044 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
19:51:42.0844 1044 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
19:51:42.0859 1044 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
19:51:42.0859 1044 C:\Windows\SysWOW64\shlwapi.dll - ok
19:51:42.0859 1044 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
19:51:42.0859 1044 C:\Windows\SysWOW64\ole32.dll - ok
19:51:42.0859 1044 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
19:51:42.0859 1044 C:\Windows\SysWOW64\crypt32.dll - ok
19:51:42.0859 1044 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
19:51:42.0859 1044 C:\Windows\SysWOW64\oleaut32.dll - ok
19:51:42.0875 1044 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
19:51:42.0875 1044 C:\Windows\SysWOW64\msasn1.dll - ok
19:51:42.0875 1044 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
19:51:42.0875 1044 C:\Windows\SysWOW64\wintrust.dll - ok
19:51:42.0875 1044 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
19:51:42.0875 1044 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
19:51:42.0891 1044 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
19:51:42.0891 1044 C:\Windows\SysWOW64\imm32.dll - ok
19:51:42.0891 1044 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
19:51:42.0891 1044 C:\Windows\SysWOW64\msctf.dll - ok
19:51:42.0891 1044 [ 45D8BE030DF4C1F849689AEACC24C76D ] C:\Program Files\Dell\DW WLAN Card\bcmwlrmt.dll
19:51:42.0891 1044 C:\Program Files\Dell\DW WLAN Card\bcmwlrmt.dll - ok
19:51:42.0891 1044 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:51:42.0891 1044 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
19:51:42.0906 1044 [ DC2376C1405643A1BB0C613F4A4F9FB6 ] C:\Windows\System32\wltrynt.dll
19:51:42.0906 1044 C:\Windows\System32\wltrynt.dll - ok
19:51:42.0906 1044 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
19:51:42.0906 1044 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
19:51:42.0906 1044 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
19:51:42.0906 1044 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
19:51:42.0922 1044 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
19:51:42.0922 1044 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
19:51:42.0922 1044 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
19:51:42.0922 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
19:51:42.0922 1044 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
19:51:42.0922 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
19:51:42.0937 1044 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
19:51:42.0937 1044 C:\Windows\SysWOW64\version.dll - ok
19:51:42.0937 1044 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
19:51:42.0937 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
19:51:42.0937 1044 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
19:51:42.0937 1044 C:\Windows\System32\wiarpc.dll - ok
19:51:42.0937 1044 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
19:51:42.0937 1044 C:\Windows\SysWOW64\ws2_32.dll - ok
19:51:42.0953 1044 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
19:51:42.0953 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
19:51:42.0953 1044 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
19:51:42.0953 1044 C:\Windows\SysWOW64\nsi.dll - ok
19:51:42.0953 1044 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
19:51:42.0953 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
19:51:42.0969 1044 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
19:51:42.0969 1044 C:\Windows\SysWOW64\wsock32.dll - ok
19:51:42.0969 1044 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
19:51:42.0969 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
19:51:42.0969 1044 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
19:51:42.0969 1044 C:\Windows\SysWOW64\winmm.dll - ok
19:51:42.0969 1044 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
19:51:42.0969 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
19:51:42.0984 1044 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
19:51:42.0984 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
19:51:42.0984 1044 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
19:51:42.0984 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
19:51:42.0984 1044 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
19:51:42.0984 1044 C:\Windows\System32\dllhost.exe - ok
19:51:43.0000 1044 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
19:51:43.0000 1044 C:\Windows\System32\IDStore.dll - ok
19:51:43.0000 1044 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
19:51:43.0000 1044 C:\Windows\System32\taskhost.exe - ok
19:51:43.0000 1044 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
19:51:43.0000 1044 C:\Windows\System32\HotStartUserAgent.dll - ok
19:51:43.0000 1044 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
19:51:43.0000 1044 C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:51:43.0015 1044 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
19:51:43.0015 1044 C:\Windows\System32\AtBroker.exe - ok
19:51:43.0015 1044 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
19:51:43.0015 1044 C:\Windows\System32\taskeng.exe - ok
19:51:43.0015 1044 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
19:51:43.0015 1044 C:\Windows\System32\userinit.exe - ok
19:51:43.0015 1044 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
19:51:43.0015 1044 C:\Windows\System32\dwm.exe - ok
19:51:43.0015 1044 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
19:51:43.0015 1044 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
19:51:43.0031 1044 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
19:51:43.0031 1044 C:\Windows\System32\dwmredir.dll - ok
19:51:43.0031 1044 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
19:51:43.0031 1044 C:\Windows\System32\localspl.dll - ok
19:51:43.0031 1044 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
19:51:43.0031 1044 C:\Windows\System32\rasadhlp.dll - ok
19:51:43.0047 1044 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
19:51:43.0047 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
19:51:43.0047 1044 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
19:51:43.0047 1044 C:\Windows\System32\PlaySndSrv.dll - ok
19:51:43.0047 1044 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
19:51:43.0047 1044 C:\Windows\System32\dwmcore.dll - ok
19:51:43.0062 1044 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
19:51:43.0062 1044 C:\Windows\SysWOW64\profapi.dll - ok
19:51:43.0062 1044 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
19:51:43.0062 1044 C:\Windows\System32\spoolss.dll - ok
19:51:43.0062 1044 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
19:51:43.0062 1044 C:\Windows\System32\winspool.drv - ok
19:51:43.0062 1044 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
19:51:43.0062 1044 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
19:51:43.0078 1044 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
19:51:43.0078 1044 C:\Windows\System32\MsCtfMonitor.dll - ok
19:51:43.0078 1044 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
19:51:43.0078 1044 C:\Windows\System32\msutb.dll - ok
19:51:43.0078 1044 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
19:51:43.0078 1044 C:\Windows\System32\TSChannel.dll - ok
19:51:43.0078 1044 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
19:51:43.0078 1044 C:\Windows\SysWOW64\setupapi.dll - ok
19:51:43.0093 1044 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
19:51:43.0093 1044 C:\Windows\System32\d3d10_1.dll - ok
19:51:43.0093 1044 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
19:51:43.0093 1044 C:\Windows\System32\d3d10_1core.dll - ok
19:51:43.0093 1044 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
19:51:43.0093 1044 C:\Windows\explorer.exe - ok
19:51:43.0093 1044 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
19:51:43.0093 1044 C:\Windows\System32\PrintIsolationProxy.dll - ok
19:51:43.0093 1044 [ 8CE9DA018A219B5E59209AFDFE6D698A ] C:\Windows\System32\CNMLMA7.DLL
19:51:43.0093 1044 C:\Windows\System32\CNMLMA7.DLL - ok
19:51:43.0109 1044 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
19:51:43.0109 1044 C:\Windows\System32\dxgi.dll - ok
19:51:43.0109 1044 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:51:43.0109 1044 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
19:51:43.0109 1044 [ 5D9A86B6B5328CE4FAE749276E60B420 ] C:\Windows\System32\CNMXLMA7.DLL
19:51:43.0109 1044 C:\Windows\System32\CNMXLMA7.DLL - ok
19:51:43.0109 1044 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
19:51:43.0109 1044 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
19:51:43.0125 1044 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:51:43.0125 1044 C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:51:43.0125 1044 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
19:51:43.0125 1044 C:\Windows\SysWOW64\devobj.dll - ok
19:51:43.0125 1044 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
19:51:43.0125 1044 C:\Windows\SysWOW64\userenv.dll - ok
19:51:43.0125 1044 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
19:51:43.0125 1044 C:\Windows\System32\d3d11.dll - ok
19:51:43.0140 1044 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
19:51:43.0140 1044 C:\Windows\SysWOW64\dnssd.dll - ok
19:51:43.0140 1044 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
19:51:43.0140 1044 C:\Windows\SysWOW64\wtsapi32.dll - ok
19:51:43.0140 1044 [ 7F725B746447B05B9154F57EFBF4F67E ] C:\Windows\System32\CNMN6PPM.DLL
19:51:43.0140 1044 C:\Windows\System32\CNMN6PPM.DLL - ok
19:51:43.0140 1044 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
19:51:43.0140 1044 C:\Windows\SysWOW64\ntmarta.dll - ok
19:51:43.0156 1044 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
19:51:43.0156 1044 C:\Windows\SysWOW64\Wldap32.dll - ok
19:51:43.0156 1044 [ 0AFFF58CC116399FADCDB76B3E5EEA35 ] C:\Windows\System32\CNCF2Lm.DLL
19:51:43.0156 1044 C:\Windows\System32\CNCF2Lm.DLL - ok
19:51:43.0156 1044 [ DD439A3AB75B1E5D693FE89BB509E417 ] C:\Windows\System32\igd10umd64.dll
19:51:43.0156 1044 C:\Windows\System32\igd10umd64.dll - ok
19:51:43.0156 1044 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
19:51:43.0156 1044 C:\Windows\System32\winmm.dll - ok
19:51:43.0156 1044 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
19:51:43.0156 1044 C:\Program Files\Bonjour\mDNSResponder.exe - ok
19:51:43.0171 1044 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
19:51:43.0171 1044 C:\Windows\SysWOW64\mswsock.dll - ok
19:51:43.0171 1044 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
19:51:43.0171 1044 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
19:51:43.0171 1044 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
19:51:43.0171 1044 C:\Windows\System32\FXSMON.dll - ok
19:51:43.0171 1044 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
19:51:43.0171 1044 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
19:51:43.0187 1044 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
19:51:43.0187 1044 C:\Windows\System32\cryptsvc.dll - ok
19:51:43.0187 1044 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
19:51:43.0187 1044 C:\Windows\System32\tcpmon.dll - ok
19:51:43.0187 1044 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:51:43.0187 1044 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:51:43.0187 1044 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
19:51:43.0187 1044 C:\Windows\System32\dps.dll - ok
19:51:43.0203 1044 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
19:51:43.0203 1044 C:\Windows\System32\efssvc.dll - ok
19:51:43.0203 1044 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
19:51:43.0203 1044 C:\Windows\System32\efscore.dll - ok
19:51:43.0203 1044 [ 23E1BCADABE423C35C19BBDFF10CCE6D ] C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
19:51:43.0203 1044 C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe - ok
19:51:43.0203 1044 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
19:51:43.0203 1044 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
19:51:43.0218 1044 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
19:51:43.0218 1044 C:\Windows\System32\cryptnet.dll - ok
19:51:43.0218 1044 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
19:51:43.0218 1044 C:\Windows\System32\riched20.dll - ok
19:51:43.0218 1044 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
19:51:43.0218 1044 C:\Windows\System32\vssapi.dll - ok
19:51:43.0218 1044 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
19:51:43.0218 1044 C:\Windows\System32\taskschd.dll - ok
19:51:43.0234 1044 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
19:51:43.0234 1044 C:\Windows\System32\snmpapi.dll - ok
19:51:43.0234 1044 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
19:51:43.0234 1044 C:\Windows\System32\usbmon.dll - ok
19:51:43.0234 1044 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
19:51:43.0234 1044 C:\Windows\System32\wsnmp32.dll - ok
19:51:43.0234 1044 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
19:51:43.0234 1044 C:\Windows\System32\efsutil.dll - ok
19:51:43.0249 1044 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
19:51:43.0249 1044 C:\Windows\System32\WSDMon.dll - ok
19:51:43.0249 1044 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
19:51:43.0249 1044 C:\Windows\System32\WSDApi.dll - ok
19:51:43.0249 1044 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
19:51:43.0249 1044 C:\Windows\System32\webservices.dll - ok
19:51:43.0249 1044 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
19:51:43.0249 1044 C:\Windows\System32\SensApi.dll - ok
19:51:43.0249 1044 [ C5B6468422DB1C8AA36C32CBB0197E5E ] C:\Windows\SysWOW64\wininet.dll
19:51:43.0249 1044 C:\Windows\SysWOW64\wininet.dll - ok
19:51:43.0265 1044 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
19:51:43.0265 1044 C:\Windows\System32\fundisc.dll - ok
19:51:43.0265 1044 [ 9BDDA34DC4890169DE5BA21134B33EFB ] C:\Windows\SysWOW64\iertutil.dll
19:51:43.0265 1044 C:\Windows\SysWOW64\iertutil.dll - ok
19:51:43.0265 1044 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
19:51:43.0265 1044 C:\Windows\System32\vsstrace.dll - ok
19:51:43.0265 1044 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
19:51:43.0265 1044 C:\Windows\System32\fdPnp.dll - ok
19:51:43.0281 1044 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
19:51:43.0281 1044 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
19:51:43.0281 1044 [ 2344AA330F5522D4687B0CB666865113 ] C:\Windows\System32\spool\prtprocs\x64\CNMPDA7.DLL
19:51:43.0281 1044 C:\Windows\System32\spool\prtprocs\x64\CNMPDA7.DLL - ok
19:51:43.0281 1044 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
19:51:43.0281 1044 C:\Windows\System32\win32spl.dll - ok
19:51:43.0281 1044 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
19:51:43.0281 1044 C:\Windows\System32\inetpp.dll - ok
19:51:43.0296 1044 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
19:51:43.0296 1044 C:\Windows\System32\cscapi.dll - ok
19:51:43.0296 1044 [ A57750E129AAE76E933417C8CD63B256 ] C:\Windows\System32\spool\drivers\x64\3\CNCFIMm.DLL
19:51:43.0296 1044 C:\Windows\System32\spool\drivers\x64\3\CNCFIMm.DLL - ok
19:51:43.0296 1044 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
19:51:43.0296 1044 C:\Windows\System32\uDWM.dll - ok
19:51:43.0296 1044 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
19:51:43.0296 1044 C:\Windows\System32\ExplorerFrame.dll - ok
19:51:43.0296 1044 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:51:43.0296 1044 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:51:43.0312 1044 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
19:51:43.0312 1044 C:\Windows\SysWOW64\netapi32.dll - ok
19:51:43.0312 1044 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
19:51:43.0312 1044 C:\Windows\SysWOW64\netutils.dll - ok
19:51:43.0312 1044 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
19:51:43.0312 1044 C:\Windows\SysWOW64\srvcli.dll - ok
19:51:43.0312 1044 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
19:51:43.0312 1044 C:\Windows\SysWOW64\winnsi.dll - ok
19:51:43.0327 1044 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
19:51:43.0327 1044 C:\Windows\SysWOW64\wkscli.dll - ok
19:51:43.0327 1044 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:51:43.0327 1044 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:51:43.0327 1044 [ 8965A4CAA8E006F5F32D084CABD3679E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll
19:51:43.0327 1044 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll - ok
19:51:43.0327 1044 [ D36AE1B392FAA88FBEF39DE1142DF051 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f5ec8051a7f0dc49a56aa2563039702e\System.ServiceProcess.ni.dll
19:51:43.0327 1044 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f5ec8051a7f0dc49a56aa2563039702e\System.ServiceProcess.ni.dll - ok
19:51:43.0343 1044 [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll
19:51:43.0343 1044 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok
19:51:43.0343 1044 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
19:51:43.0343 1044 C:\Windows\SysWOW64\imagehlp.dll - ok
19:51:43.0343 1044 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
19:51:43.0343 1044 C:\Windows\SysWOW64\msi.dll - ok
19:51:43.0343 1044 [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll
19:51:43.0343 1044 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok
19:51:43.0359 1044 [ 0181B4C10F409299E0D8EE130EF87353 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll
19:51:43.0359 1044 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll - ok
19:51:43.0359 1044 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
19:51:43.0359 1044 C:\Windows\System32\msiexec.exe - ok
19:51:43.0359 1044 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
19:51:43.0359 1044 C:\Windows\System32\msi.dll - ok
19:51:43.0359 1044 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
19:51:43.0359 1044 C:\Windows\System32\winrnr.dll - ok
19:51:43.0374 1044 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
19:51:43.0374 1044 C:\Windows\System32\wshbth.dll - ok
19:51:43.0374 1044 [ 86987386B3A25F956760C6F43F982E47 ] C:\Windows\AppPatch\AppPatch64\AcLayers.dll
19:51:43.0374 1044 C:\Windows\AppPatch\AppPatch64\AcLayers.dll - ok
19:51:43.0374 1044 [ 8CFBCCDD3DF24D6194FC4B6DBDFA6383 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
19:51:43.0374 1044 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
19:51:43.0374 1044 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
19:51:43.0374 1044 C:\Windows\System32\sfc.dll - ok
19:51:43.0374 1044 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
19:51:43.0374 1044 C:\Windows\System32\sfc_os.dll - ok
19:51:43.0390 1044 [ 162100E0BC8377710F9D170631921C03 ] C:\Windows\System32\drivers\NisDrvWFP.sys
19:51:43.0390 1044 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
19:51:43.0390 1044 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
19:51:43.0390 1044 C:\Windows\System32\aepic.dll - ok
19:51:43.0390 1044 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
19:51:43.0390 1044 C:\Windows\System32\ncsi.dll - ok
19:51:43.0390 1044 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
19:51:43.0390 1044 C:\Windows\System32\ssdpapi.dll - ok
19:51:43.0405 1044 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
19:51:43.0405 1044 C:\Windows\System32\drivers\PEAuth.sys - ok
19:51:43.0405 1044 [ 3072137896BFCCF4B190D248F583B48E ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
19:51:43.0405 1044 C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe - ok
19:51:43.0405 1044 [ C85670AB64068F8080998AEBA6C5019C ] C:\Windows\SysWOW64\atl100.dll
19:51:43.0405 1044 C:\Windows\SysWOW64\atl100.dll - ok
19:51:43.0405 1044 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
19:51:43.0405 1044 C:\Windows\SysWOW64\msvcp100.dll - ok
19:51:43.0421 1044 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
19:51:43.0421 1044 C:\Windows\SysWOW64\msvcr100.dll - ok
19:51:43.0421 1044 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
19:51:43.0421 1044 C:\Windows\System32\drivers\secdrv.sys - ok
19:51:43.0421 1044 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
19:51:43.0421 1044 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
19:51:43.0421 1044 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
19:51:43.0421 1044 C:\Windows\SysWOW64\psapi.dll - ok
19:51:43.0437 1044 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
19:51:43.0437 1044 C:\Windows\SysWOW64\clbcatq.dll - ok
19:51:43.0437 1044 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
19:51:43.0437 1044 C:\Windows\SysWOW64\cryptsp.dll - ok
19:51:43.0437 1044 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:51:43.0437 1044 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:51:43.0437 1044 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
19:51:43.0437 1044 C:\Windows\SysWOW64\rsaenh.dll - ok
19:51:43.0452 1044 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
19:51:43.0452 1044 C:\Windows\System32\drivers\srvnet.sys - ok
19:51:43.0452 1044 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
19:51:43.0452 1044 C:\Windows\System32\drivers\tcpipreg.sys - ok
19:51:43.0452 1044 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
19:51:43.0452 1044 C:\Windows\System32\sysmain.dll - ok
19:51:43.0452 1044 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
19:51:43.0452 1044 C:\Windows\System32\wiaservc.dll - ok
19:51:43.0468 1044 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
19:51:43.0468 1044 C:\Windows\System32\wiatrace.dll - ok
19:51:43.0468 1044 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
19:51:43.0468 1044 C:\Windows\System32\trkwks.dll - ok
19:51:43.0468 1044 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
19:51:43.0468 1044 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:51:43.0468 1044 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
19:51:43.0468 1044 C:\Users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
19:51:43.0468 1044 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
19:51:43.0483 1044 C:\Windows\System32\dbghelp.dll - ok
19:51:43.0483 1044 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
19:51:43.0483 1044 C:\Windows\System32\EhStorShell.dll - ok
19:51:43.0483 1044 [ F1D2ABA7038E01F7465E36F2057E7C13 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
19:51:43.0483 1044 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
19:51:43.0483 1044 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:51:43.0483 1044 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:51:43.0483 1044 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
19:51:43.0483 1044 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
19:51:43.0499 1044 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
19:51:43.0499 1044 C:\Windows\System32\ntshrui.dll - ok
19:51:43.0499 1044 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
19:51:43.0499 1044 C:\Windows\System32\IconCodecService.dll - ok
19:51:43.0499 1044 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:51:43.0499 1044 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
19:51:43.0499 1044 [ 4E7F83E1F6AEFA38E270EA7353D6911E ] C:\Windows\SysWOW64\urlmon.dll
19:51:43.0499 1044 C:\Windows\SysWOW64\urlmon.dll - ok
19:51:43.0515 1044 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
19:51:43.0515 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
19:51:43.0515 1044 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
19:51:43.0515 1044 C:\Windows\SysWOW64\cscapi.dll - ok
19:51:43.0515 1044 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
19:51:43.0515 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
19:51:43.0515 1044 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
19:51:43.0515 1044 C:\Windows\SysWOW64\dbghelp.dll - ok
19:51:43.0530 1044 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
19:51:43.0530 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
19:51:43.0530 1044 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
19:51:43.0530 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
19:51:43.0530 1044 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
19:51:43.0530 1044 C:\Windows\SysWOW64\apphelp.dll - ok
19:51:43.0546 1044 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
19:51:43.0546 1044 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
19:51:43.0546 1044 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
19:51:43.0546 1044 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
19:51:43.0546 1044 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
19:51:43.0546 1044 C:\Windows\SysWOW64\mstask.dll - ok
19:51:43.0546 1044 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
19:51:43.0546 1044 C:\Windows\System32\wbemcomn.dll - ok
19:51:43.0561 1044 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
19:51:43.0561 1044 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:51:43.0561 1044 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:51:43.0561 1044 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:51:43.0561 1044 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
19:51:43.0561 1044 C:\Windows\System32\wbem\fastprox.dll - ok
19:51:43.0561 1044 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
19:51:43.0561 1044 C:\Windows\System32\ntdsapi.dll - ok
19:51:43.0577 1044 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
19:51:43.0577 1044 C:\Windows\System32\wbem\wbemprox.dll - ok
19:51:43.0577 1044 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
19:51:43.0577 1044 C:\Windows\System32\wbem\wbemcore.dll - ok
19:51:43.0577 1044 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
19:51:43.0577 1044 C:\Windows\System32\wbem\esscli.dll - ok
19:51:43.0577 1044 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
19:51:43.0577 1044 C:\Windows\System32\wbem\wbemsvc.dll - ok
19:51:43.0593 1044 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
19:51:43.0593 1044 C:\Windows\System32\wbem\wmiutils.dll - ok
19:51:43.0593 1044 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
19:51:43.0593 1044 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:51:43.0593 1044 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:51:43.0593 1044 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:51:43.0593 1044 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
19:51:43.0593 1044 C:\Windows\System32\ncobjapi.dll - ok
19:51:43.0608 1044 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
19:51:43.0608 1044 C:\Windows\System32\wbem\wbemess.dll - ok
19:51:43.0608 1044 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
19:51:43.0608 1044 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
19:51:43.0608 1044 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
19:51:43.0608 1044 C:\Windows\System32\wer.dll - ok
19:51:43.0608 1044 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
19:51:43.0608 1044 C:\Windows\System32\drivers\srv2.sys - ok
19:51:43.0624 1044 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
19:51:43.0624 1044 C:\Windows\System32\iphlpsvc.dll - ok
19:51:43.0624 1044 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
19:51:43.0624 1044 C:\Windows\System32\drivers\srv.sys - ok
19:51:43.0624 1044 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
19:51:43.0624 1044 C:\Windows\System32\sqmapi.dll - ok
19:51:43.0624 1044 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
19:51:43.0624 1044 C:\Windows\System32\wdscore.dll - ok
19:51:43.0624 1044 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
19:51:43.0624 1044 C:\Windows\System32\srvsvc.dll - ok
19:51:43.0639 1044 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
19:51:43.0639 1044 C:\Windows\System32\browser.dll - ok
19:51:43.0639 1044 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
19:51:43.0639 1044 C:\Windows\System32\netmsg.dll - ok
19:51:43.0639 1044 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
19:51:43.0639 1044 C:\Windows\System32\sscore.dll - ok
19:51:43.0639 1044 [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
19:51:43.0639 1044 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
19:51:43.0655 1044 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
19:51:43.0655 1044 C:\Windows\System32\clusapi.dll - ok
19:51:43.0655 1044 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
19:51:43.0655 1044 C:\Windows\System32\hnetcfg.dll - ok
19:51:43.0655 1044 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
19:51:43.0655 1044 C:\Windows\System32\resutils.dll - ok
19:51:43.0655 1044 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
19:51:43.0655 1044 C:\Windows\System32\nci.dll - ok
19:51:43.0655 1044 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
19:51:43.0655 1044 C:\Windows\System32\appinfo.dll - ok
19:51:43.0671 1044 [ C6E15F2F95F9C0A6098D43510B604E52 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
19:51:43.0671 1044 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
19:51:43.0671 1044 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
19:51:43.0671 1044 C:\Windows\System32\wuaueng.dll - ok
19:51:43.0671 1044 [ 6BF27D309C6077F1E8A7747B49F7B17F ] C:\Program Files\Microsoft Security Client\NisLog.dll
19:51:43.0671 1044 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
19:51:43.0671 1044 [ 5C0F919666954885D7760DFFE4B29A25 ] C:\Windows\System32\drivers\bcm42rly.sys
19:51:43.0671 1044 C:\Windows\System32\drivers\bcm42rly.sys - ok
19:51:43.0686 1044 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
19:51:43.0686 1044 C:\Windows\System32\wdi.dll - ok
19:51:43.0686 1044 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
19:51:43.0686 1044 C:\Windows\System32\wpdbusenum.dll - ok
19:51:43.0686 1044 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
19:51:43.0686 1044 C:\Windows\System32\PortableDeviceApi.dll - ok
19:51:43.0686 1044 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
19:51:43.0686 1044 C:\Windows\System32\npmproxy.dll - ok
19:51:43.0686 1044 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
19:51:43.0686 1044 C:\Windows\System32\IPSECSVC.DLL - ok
19:51:43.0702 1044 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
19:51:43.0702 1044 C:\Windows\System32\Apphlpdm.dll - ok
19:51:43.0702 1044 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
19:51:43.0702 1044 C:\Windows\System32\diagperf.dll - ok
19:51:43.0702 1044 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
19:51:43.0702 1044 C:\Windows\System32\perftrack.dll - ok
19:51:43.0702 1044 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:51:43.0702 1044 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:51:43.0717 1044 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
19:51:43.0717 1044 C:\Windows\System32\drivers\WUDFRd.sys - ok
19:51:43.0717 1044 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
19:51:43.0717 1044 C:\Windows\System32\FwRemoteSvr.dll - ok
19:51:43.0717 1044 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
19:51:43.0717 1044 C:\Windows\System32\pnpts.dll - ok
19:51:43.0717 1044 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
19:51:43.0717 1044 C:\Windows\System32\radardt.dll - ok
19:51:43.0717 1044 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
19:51:43.0717 1044 C:\Windows\System32\wdiasqmmodule.dll - ok
19:51:43.0733 1044 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
19:51:43.0733 1044 C:\Windows\System32\msxml3.dll - ok
19:51:43.0733 1044 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
19:51:43.0733 1044 C:\Windows\System32\dimsjob.dll - ok
19:51:43.0733 1044 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
19:51:43.0733 1044 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
19:51:43.0733 1044 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
19:51:43.0733 1044 C:\Windows\System32\dssenh.dll - ok
19:51:43.0733 1044 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
19:51:43.0733 1044 C:\Windows\System32\esent.dll - ok
19:51:43.0749 1044 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
19:51:43.0749 1044 C:\Windows\System32\mspatcha.dll - ok
19:51:43.0749 1044 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
19:51:43.0749 1044 C:\Windows\System32\certcli.dll - ok
19:51:43.0749 1044 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
19:51:43.0749 1044 C:\Windows\System32\pautoenr.dll - ok
19:51:43.0749 1044 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
19:51:43.0749 1044 C:\Windows\System32\CertEnroll.dll - ok
19:51:43.0749 1044 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
19:51:43.0749 1044 C:\Windows\System32\drivers\WUDFPf.sys - ok
19:51:43.0764 1044 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
19:51:43.0764 1044 C:\Windows\System32\WUDFSvc.dll - ok
19:51:43.0764 1044 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
19:51:43.0764 1044 C:\Windows\System32\aelupsvc.dll - ok
19:51:43.0764 1044 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
19:51:43.0764 1044 C:\Windows\System32\wups2.dll - ok
19:51:43.0764 1044 [ 3CF1191584115E7812B13FC69CFE5416 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D59DB228-0783-4E98-84FF-E80914D698AE}\gapaengine.dll
19:51:43.0764 1044 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D59DB228-0783-4E98-84FF-E80914D698AE}\gapaengine.dll - ok
19:51:43.0780 1044 [ 639968DB8053498B00539D8018BD19DC ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D59DB228-0783-4E98-84FF-E80914D698AE}\nisfull.vdm
19:51:43.0780 1044 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D59DB228-0783-4E98-84FF-E80914D698AE}\nisfull.vdm - ok
19:51:43.0780 1044 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
19:51:43.0780 1044 C:\Windows\System32\runonce.exe - ok
19:51:43.0780 1044 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
19:51:43.0780 1044 C:\Windows\SysWOW64\runonce.exe - ok
19:51:43.0780 1044 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
19:51:43.0780 1044 C:\Windows\SysWOW64\uxtheme.dll - ok
19:51:43.0780 1044 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
19:51:43.0780 1044 C:\Windows\SysWOW64\propsys.dll - ok
19:51:43.0795 1044 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:51:43.0795 1044 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:51:43.0795 1044 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
19:51:43.0795 1044 C:\Windows\System32\wbem\cimwin32.dll - ok
19:51:43.0795 1044 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
19:51:43.0795 1044 C:\Windows\System32\framedynos.dll - ok
19:51:43.0795 1044 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
19:51:43.0795 1044 C:\Windows\System32\security.dll - ok
19:51:43.0795 1044 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
19:51:43.0795 1044 C:\Windows\System32\browcli.dll - ok
19:51:43.0811 1044 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
19:51:43.0811 1044 C:\Windows\System32\schedcli.dll - ok
19:51:43.0811 1044 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
19:51:43.0811 1044 C:\Windows\System32\wbem\wmipcima.dll - ok
19:51:43.0811 1044 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
19:51:43.0811 1044 C:\Program Files\Windows Defender\MpClient.dll - ok
19:51:43.0811 1044 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
19:51:43.0811 1044 C:\Windows\System32\qmgr.dll - ok
19:51:43.0827 1044 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
19:51:43.0827 1044 C:\Windows\System32\bitsperf.dll - ok
19:51:43.0827 1044 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
19:51:43.0827 1044 C:\Windows\System32\bitsigd.dll - ok
19:51:43.0827 1044 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
19:51:43.0827 1044 C:\Windows\System32\upnp.dll - ok
19:51:43.0827 1044 [ 660C8E78B94F483E44B0243A774A4746 ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
19:51:43.0827 1044 C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
19:51:43.0827 1044 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
19:51:43.0827 1044 C:\Windows\System32\ndiscapCfg.dll - ok
19:51:43.0842 1044 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
19:51:43.0842 1044 C:\Windows\System32\rascfg.dll - ok
19:51:43.0842 1044 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
19:51:43.0842 1044 C:\Windows\System32\mprapi.dll - ok
19:51:43.0842 1044 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
19:51:43.0842 1044 C:\Windows\System32\ssdpsrv.dll - ok
19:51:43.0842 1044 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
19:51:43.0842 1044 C:\Windows\System32\mprmsg.dll - ok
19:51:43.0858 1044 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
19:51:43.0858 1044 C:\Windows\System32\tcpipcfg.dll - ok
19:51:43.0858 1044 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
19:51:43.0858 1044 C:\Windows\System32\wmi.dll - ok
19:51:43.0858 1044 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
19:51:43.0858 1044 C:\Windows\System32\qmgrprxy.dll - ok
19:51:43.0858 1044 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
19:51:43.0858 1044 C:\Windows\System32\wlaninst.dll - ok
19:51:43.0858 1044 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
19:51:43.0858 1044 C:\Windows\System32\wwaninst.dll - ok
19:51:43.0873 1044 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
19:51:43.0873 1044 C:\Windows\System32\httpapi.dll - ok
19:51:43.0873 1044 [ A204A8659DA3C07F992C69CD972A288F ] C:\Windows\System32\bitsprx5.dll
19:51:43.0873 1044 C:\Windows\System32\bitsprx5.dll - ok
19:51:43.0873 1044 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
19:51:43.0873 1044 C:\Windows\System32\WUDFHost.exe - ok
19:51:43.0873 1044 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
19:51:43.0873 1044 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
19:51:43.0873 1044 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
19:51:43.0873 1044 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
19:51:43.0889 1044 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:51:43.0889 1044 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:51:43.0889 1044 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
19:51:43.0889 1044 C:\Windows\SysWOW64\secur32.dll - ok
19:51:43.0889 1044 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
19:51:43.0889 1044 C:\Windows\SysWOW64\cmd.exe - ok
19:51:43.0889 1044 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
19:51:43.0889 1044 C:\Windows\SysWOW64\winbrand.dll - ok
19:51:43.0905 1044 [ DFE118C95C6571B87D1923DAB3FA0A77 ] C:\Windows\SysWOW64\ieframe.dll
19:51:43.0905 1044 C:\Windows\SysWOW64\ieframe.dll - ok
19:51:43.0905 1044 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
19:51:43.0905 1044 C:\Windows\SysWOW64\oleacc.dll - ok
19:51:43.0905 1044 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
19:51:43.0905 1044 C:\Windows\SysWOW64\shdocvw.dll - ok
19:51:43.0905 1044 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
19:51:43.0905 1044 C:\Windows\System32\WUDFx.dll - ok
19:51:43.0905 1044 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
19:51:43.0905 1044 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
19:51:43.0920 1044 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
19:51:43.0920 1044 C:\Windows\System32\WMVCORE.DLL - ok
19:51:43.0920 1044 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
19:51:43.0920 1044 C:\Windows\System32\WMASF.DLL - ok
19:51:43.0920 1044 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
19:51:43.0920 1044 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
19:51:43.0920 1044 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
19:51:43.0920 1044 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:51:43.0920 1044 [ 4927DF280CBD35B8C8C7B9FD80638643 ] C:\Windows\System32\bitsprx3.dll
19:51:43.0920 1044 C:\Windows\System32\bitsprx3.dll - ok
19:51:43.0936 1044 [ DF2B70963BF48DC6ADF774894EF74C38 ] C:\Windows\System32\bitsprx2.dll
19:51:43.0936 1044 C:\Windows\System32\bitsprx2.dll - ok
19:51:43.0936 1044 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
19:51:43.0936 1044 C:\Windows\System32\rundll32.exe - ok
19:51:43.0936 1044 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
19:51:43.0936 1044 C:\Windows\System32\dpx.dll - ok
19:51:43.0936 1044 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
19:51:43.0936 1044 C:\Windows\System32\actxprxy.dll - ok
19:51:43.0936 1044 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
19:51:43.0936 1044 C:\Windows\servicing\TrustedInstaller.exe - ok
19:51:43.0951 1044 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\vinod\AppData\Local\Temp\95600903-C172-430A-8DB1-EEF4F28A5812.exe
19:51:43.0951 1044 C:\Users\vinod\AppData\Local\Temp\95600903-C172-430A-8DB1-EEF4F28A5812.exe - ok
19:51:43.0951 1044 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
19:51:43.0951 1044 C:\Windows\SysWOW64\ncrypt.dll - ok
19:51:43.0951 1044 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
19:51:43.0951 1044 C:\Windows\SysWOW64\bcrypt.dll - ok
19:51:43.0951 1044 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:51:43.0951 1044 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:51:43.0951 1044 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
19:51:43.0951 1044 C:\Windows\SysWOW64\gpapi.dll - ok
19:51:43.0967 1044 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
19:51:43.0967 1044 C:\Windows\SysWOW64\cryptnet.dll - ok
19:51:43.0967 1044 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
19:51:43.0967 1044 C:\Windows\SysWOW64\SensApi.dll - ok
19:51:43.0967 1044 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
19:51:43.0967 1044 C:\Windows\SysWOW64\winhttp.dll - ok
19:51:43.0967 1044 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
19:51:43.0967 1044 C:\Windows\SysWOW64\webio.dll - ok
19:51:43.0983 1044 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
19:51:43.0983 1044 C:\Windows\SysWOW64\credssp.dll - ok
19:51:43.0983 1044 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
19:51:43.0983 1044 C:\Windows\SysWOW64\wship6.dll - ok
19:51:43.0983 1044 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:51:43.0983 1044 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:51:43.0983 1044 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:51:43.0983 1044 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:51:43.0983 1044 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
19:51:43.0983 1044 C:\Windows\SysWOW64\dnsapi.dll - ok
19:51:43.0998 1044 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
19:51:43.0998 1044 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
19:51:43.0998 1044 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
19:51:43.0998 1044 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
19:51:43.0998 1044 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
19:51:43.0998 1044 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:51:43.0998 1044 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:51:43.0998 1044 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:51:43.0998 1044 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
19:51:43.0998 1044 C:\Windows\SysWOW64\cabinet.dll - ok
19:51:44.0014 1044 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
19:51:44.0014 1044 C:\Windows\SysWOW64\devrtl.dll - ok
19:51:44.0014 1044 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
19:51:44.0014 1044 C:\Windows\SysWOW64\dwmapi.dll - ok
19:51:44.0014 1044 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
19:51:44.0014 1044 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
19:51:44.0014 1044 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
19:51:44.0014 1044 C:\Windows\SysWOW64\EhStorShell.dll - ok
19:51:44.0029 1044 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
19:51:44.0029 1044 C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
19:51:44.0029 1044 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
19:51:44.0029 1044 C:\Windows\SysWOW64\ntshrui.dll - ok
19:51:44.0029 1044 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
19:51:44.0029 1044 C:\Windows\SysWOW64\slc.dll - ok
19:51:44.0029 1044 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
19:51:44.0029 1044 C:\Windows\SysWOW64\imageres.dll - ok
19:51:44.0045 1044 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
19:51:44.0045 1044 C:\Windows\System32\spfileq.dll - ok
19:51:44.0045 1044 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
19:51:44.0045 1044 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
19:51:44.0045 1044 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
19:51:44.0045 1044 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
19:51:44.0061 1044 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
19:51:44.0061 1044 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
19:51:44.0061 1044 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
19:51:44.0061 1044 C:\Windows\System32\srclient.dll - ok
19:51:44.0061 1044 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
19:51:44.0061 1044 C:\Windows\System32\spp.dll - ok
19:51:44.0076 1044 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
19:51:44.0076 1044 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
19:51:44.0076 1044 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
19:51:44.0076 1044 C:\Windows\System32\sxsstore.dll - ok
19:51:44.0076 1044 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
19:51:44.0076 1044 C:\Windows\servicing\CbsApi.dll - ok
19:51:44.0076 1044 [ D9A5B279A8D2F8775FA254927F33DA6D ] C:\Windows\System32\msdelta.dll
19:51:44.0076 1044 C:\Windows\System32\msdelta.dll - ok
19:51:44.0092 1044 [ DA962E6301C2B887F545DA88BEB8D5D5 ] C:\Windows\servicing\CbsMsg.dll
19:51:44.0092 1044 C:\Windows\servicing\CbsMsg.dll - ok
19:51:44.0092 1044 [ AC61CBEF0376F080588968476D063D45 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll
19:51:44.0092 1044 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll - ok
19:51:44.0092 1044 [ C5D0AEC12FED8323E1AE2E40C129F2D6 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll
19:51:44.0092 1044 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll - ok
19:51:44.0092 1044 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
19:51:44.0092 1044 C:\Windows\System32\drivers\fastfat.sys - ok
19:51:44.0092 1044 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
19:51:44.0107 1044 C:\Windows\System32\wuauclt.exe - ok
19:51:44.0107 1044 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
19:51:44.0107 1044 C:\Windows\System32\wucltux.dll - ok
19:51:44.0107 1044 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
19:51:44.0107 1044 C:\Windows\SysWOW64\sfc.dll - ok
19:51:44.0107 1044 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
19:51:44.0107 1044 C:\Windows\SysWOW64\sfc_os.dll - ok
19:51:44.0107 1044 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
19:51:44.0107 1044 C:\Windows\SysWOW64\mpr.dll - ok
19:51:44.0123 1044 [ EEEE89B907CCE33385B2ADA35D8305C8 ] C:\Windows\System32\ie4uinit.exe
19:51:44.0123 1044 C:\Windows\System32\ie4uinit.exe - ok
19:51:44.0123 1044 [ 5ABBAFD99C9FE090232DC7483D99907D ] C:\Windows\System32\iedkcs32.dll
19:51:44.0123 1044 C:\Windows\System32\iedkcs32.dll - ok
19:51:44.0123 1044 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
19:51:44.0123 1044 C:\Windows\System32\timedate.cpl - ok
19:51:44.0123 1044 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
19:51:44.0123 1044 C:\Windows\System32\shdocvw.dll - ok
19:51:44.0139 1044 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
19:51:44.0139 1044 C:\Windows\System32\linkinfo.dll - ok
19:51:44.0139 1044 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
19:51:44.0139 1044 C:\Windows\System32\msftedit.dll - ok
19:51:44.0139 1044 [ F79C76CDF4E7F8A607431851DAB510AD ] C:\Windows\System32\msls31.dll
19:51:44.0139 1044 C:\Windows\System32\msls31.dll - ok
19:51:44.0139 1044 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
19:51:44.0139 1044 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
19:51:44.0139 1044 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\26586044.sys
19:51:44.0139 1044 C:\Windows\System32\drivers\26586044.sys - ok
19:51:44.0154 1044 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
19:51:44.0154 1044 C:\Windows\System32\gameux.dll - ok
19:51:44.0154 1044 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
19:51:44.0154 1044 C:\Windows\System32\DeviceCenter.dll - ok
19:51:44.0154 1044 [ D1E2F5381E616AB9A8CF997AC14DDC19 ] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
19:51:44.0154 1044 C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE - ok
19:51:44.0154 1044 [ E9D228970356F01DB68E531A0F173FB8 ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
19:51:44.0154 1044 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
19:51:44.0170 1044 [ 605BB2B2A2171D3F5748F4919E80E6C7 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
19:51:44.0170 1044 C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE - ok
19:51:44.0170 1044 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
19:51:44.0170 1044 C:\Windows\SysWOW64\comdlg32.dll - ok
19:51:44.0170 1044 [ 810A5F70CEB063CEC85360394BEC2C56 ] C:\Windows\System32\igfxtray.exe
19:51:44.0170 1044 C:\Windows\System32\igfxtray.exe - ok
19:51:44.0170 1044 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
19:51:44.0170 1044 C:\Windows\SysWOW64\winspool.drv - ok
19:51:44.0170 1044 [ 3E94D32FD23950465BB94F7352E77FFC ] C:\Windows\System32\hccutils.dll
19:51:44.0170 1044 C:\Windows\System32\hccutils.dll - ok
19:51:44.0185 1044 [ 2FE8F6A30802B69A3F501607F346DEEA ] C:\Windows\System32\hkcmd.exe
19:51:44.0185 1044 C:\Windows\System32\hkcmd.exe - ok
19:51:44.0185 1044 [ 70DC94749409DF274776902F5583C710 ] C:\Windows\System32\igfxsrvc.exe
19:51:44.0185 1044 C:\Windows\System32\igfxsrvc.exe - ok
19:51:44.0185 1044 [ CA1941B93BA45B7EA4D7D9F451B25C84 ] C:\Windows\System32\igfxpers.exe
19:51:44.0185 1044 C:\Windows\System32\igfxpers.exe - ok
19:51:44.0185 1044 [ 37F04C533F3D8BA106B9F52FCE76616A ] C:\Program Files\Canon\MyPrinter\CNMPU.DLL
19:51:44.0185 1044 C:\Program Files\Canon\MyPrinter\CNMPU.DLL - ok
19:51:44.0185 1044 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
19:51:44.0185 1044 C:\Program Files\Windows Sidebar\sidebar.exe - ok
19:51:44.0201 1044 [ 3F333FFF31E5C2112E3F28FD598BFE47 ] C:\Program Files\Canon\MyPrinter\BJMYRES.DLL
19:51:44.0201 1044 C:\Program Files\Canon\MyPrinter\BJMYRES.DLL - ok
19:51:44.0201 1044 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
19:51:44.0201 1044 C:\Windows\SysWOW64\riched20.dll - ok
19:51:44.0201 1044 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:51:44.0201 1044 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:51:44.0201 1044 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
19:51:44.0201 1044 C:\Windows\SysWOW64\duser.dll - ok
19:51:44.0217 1044 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
19:51:44.0217 1044 C:\Windows\System32\wbem\NCProv.dll - ok
19:51:44.0217 1044 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
19:51:44.0217 1044 C:\Windows\SysWOW64\dui70.dll - ok
19:51:44.0217 1044 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\vinod\AppData\Local\Google\Update\GoogleUpdate.exe
19:51:44.0217 1044 C:\Users\vinod\AppData\Local\Google\Update\GoogleUpdate.exe - ok
19:51:44.0217 1044 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
19:51:44.0217 1044 C:\Windows\System32\stobject.dll - ok
19:51:44.0232 1044 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
19:51:44.0232 1044 C:\Windows\System32\batmeter.dll - ok
19:51:44.0232 1044 [ E0E15F209360E4A97ABCC21A486B4AEE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
19:51:44.0232 1044 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe - ok
19:51:44.0232 1044 [ 3181F76ED237CC3D50D10CEA05AF8B60 ] C:\Windows\System32\riched32.dll
19:51:44.0232 1044 C:\Windows\System32\riched32.dll - ok
19:51:44.0232 1044 [ 1154FEFC73880A2EF44295EF0DBDC59F ] C:\Windows\System32\mshtml.dll
19:51:44.0232 1044 C:\Windows\System32\mshtml.dll - ok
19:51:44.0232 1044 [ C8598917640A816C9C5C3E30FE8A8204 ] C:\Windows\System32\igfxsrvc.dll
19:51:44.0232 1044 C:\Windows\System32\igfxsrvc.dll - ok
19:51:44.0248 1044 [ 2A3FB4C98F139038E23330D2439DB8A4 ] C:\Users\vinod\AppData\Local\Facebook\Update\FacebookUpdate.exe
19:51:44.0248 1044 C:\Users\vinod\AppData\Local\Facebook\Update\FacebookUpdate.exe - ok
19:51:44.0248 1044 [ 3788FA5392A6E596CA4A3A7B2732AB03 ] C:\Windows\System32\igfxdev.dll
19:51:44.0248 1044 C:\Windows\System32\igfxdev.dll - ok
19:51:44.0248 1044 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
19:51:44.0248 1044 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
19:51:44.0248 1044 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
19:51:44.0248 1044 C:\Windows\System32\prnfldr.dll - ok
19:51:44.0263 1044 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
19:51:44.0263 1044 C:\Windows\SysWOW64\mscoree.dll - ok
19:51:44.0263 1044 [ BB73B4A6D4A9F1410563D1BA4D53E7CA ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
19:51:44.0263 1044 C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe - ok
19:51:44.0263 1044 [ 5E118E606E2AF56419A699210DFCF450 ] C:\Users\vinod\AppData\Roaming\Dropbox\bin\Dropbox.exe
19:51:44.0263 1044 C:\Users\vinod\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
19:51:44.0263 1044 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:51:44.0263 1044 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
19:51:44.0279 1044 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
19:51:44.0279 1044 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
19:51:44.0279 1044 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
19:51:44.0279 1044 C:\Windows\System32\IccLibDll_x64.dll - ok
19:51:44.0279 1044 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
19:51:44.0279 1044 C:\Windows\System32\DXP.dll - ok
19:51:44.0279 1044 [ 9E7480BFAD2363972986EA5B3789CCBF ] C:\Windows\System32\igfxrenu.lrc
19:51:44.0279 1044 C:\Windows\System32\igfxrenu.lrc - ok
19:51:44.0279 1044 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
19:51:44.0279 1044 C:\Windows\System32\Syncreg.dll - ok
19:51:44.0295 1044 [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:51:44.0295 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
19:51:44.0295 1044 [ D8ACD502354C2DA8693C205D601C3BD6 ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNSU_ENU.dll
19:51:44.0295 1044 C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNSU_ENU.dll - ok
19:51:44.0295 1044 [ 82D73D171BF119B5AAE68BFEFADFE9FE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll
19:51:44.0295 1044 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll - ok
19:51:44.0295 1044 [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
19:51:44.0295 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
19:51:44.0310 1044 [ 317B85233CBE5A86D1093C02F5F45EAC ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
19:51:44.0310 1044 C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe - ok
19:51:44.0310 1044 [ 050E000D89D4FB750B124380020674E9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\09a751d0d4d6e7af82c1d2844eefd34a\System.Web.ni.dll
19:51:44.0310 1044 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\09a751d0d4d6e7af82c1d2844eefd34a\System.Web.ni.dll - ok
19:51:44.0310 1044 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
19:51:44.0310 1044 C:\Windows\ehome\ehSSO.dll - ok
19:51:44.0310 1044 [ 8ADC2947FF8EF5A7B7D0409702069273 ] C:\Windows\SysWOW64\CNMNPPM.DLL
19:51:44.0310 1044 C:\Windows\SysWOW64\CNMNPPM.DLL - ok
19:51:44.0326 1044 [ C16C054F1E07EE69090B03B5E053BA36 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll
19:51:44.0326 1044 C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll - ok
19:51:44.0326 1044 [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
19:51:44.0326 1044 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
19:51:44.0326 1044 [ 52B1F8A8372E7529EF1585AAAD055B52 ] C:\Windows\System32\igfxress.dll
19:51:44.0326 1044 C:\Windows\System32\igfxress.dll - ok
19:51:44.0326 1044 [ F81F14DC4DD866552DD37398E68FE23F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll
19:51:44.0326 1044 C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll - ok
19:51:44.0341 1044 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
19:51:44.0341 1044 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
19:51:44.0341 1044 [ 41E31912E5B6345AAFFC9C82D8980A97 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
19:51:44.0341 1044 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
19:51:44.0341 1044 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
19:51:44.0341 1044 C:\Windows\System32\netshell.dll - ok
19:51:44.0341 1044 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:51:44.0341 1044 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
19:51:44.0357 1044 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
19:51:44.0357 1044 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
19:51:44.0357 1044 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Users\vinod\AppData\Local\Google\Update\1.3.21.135\goopdate.dll
19:51:44.0357 1044 C:\Users\vinod\AppData\Local\Google\Update\1.3.21.135\goopdate.dll - ok
19:51:44.0357 1044 [ E2D1853679F5BCCDB9100D02AE8A0444 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
19:51:44.0357 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
19:51:44.0373 1044 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
19:51:44.0373 1044 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
19:51:44.0373 1044 [ DB1976563498431B55D1A5D6F0548663 ] C:\Users\vinod\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
19:51:44.0373 1044 C:\Users\vinod\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll - ok
19:51:44.0373 1044 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Users\vinod\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
19:51:44.0373 1044 C:\Users\vinod\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
19:51:44.0373 1044 [ E84DA43E726D043CA2DEE71F01DB261A ] C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
19:51:44.0373 1044 C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE - ok
19:51:44.0388 1044 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
19:51:44.0388 1044 C:\Windows\System32\WPDShServiceObj.dll - ok
19:51:44.0388 1044 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
19:51:44.0388 1044 C:\Windows\System32\ActionCenter.dll - ok
19:51:44.0388 1044 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
19:51:44.0388 1044 C:\Windows\System32\msiltcfg.dll - ok
19:51:44.0388 1044 [ E1DCEE9E3EC0522DF24397BE1A64E449 ] C:\Windows\System32\dfshim.dll
19:51:44.0388 1044 C:\Windows\System32\dfshim.dll - ok
19:51:44.0404 1044 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:51:44.0404 1044 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:51:44.0404 1044 [ FC19F3D46E21EF65EEA990B8AF2076F6 ] C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL
19:51:44.0404 1044 C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL - ok
19:51:44.0404 1044 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
19:51:44.0404 1044 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
19:51:44.0404 1044 [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
19:51:44.0404 1044 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
19:51:44.0419 1044 [ 63427933EDF7A9A91049669ADED8D32A ] C:\Program Files (x86)\Sony\PlayMemories Home\XpStorageDevice_WinXp2k.dll
19:51:44.0419 1044 C:\Program Files (x86)\Sony\PlayMemories Home\XpStorageDevice_WinXp2k.dll - ok
19:51:44.0419 1044 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
19:51:44.0419 1044 C:\Windows\System32\msimtf.dll - ok
19:51:44.0419 1044 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
19:51:44.0419 1044 C:\Windows\SysWOW64\samcli.dll - ok
19:51:44.0419 1044 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Users\vinod\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
19:51:44.0419 1044 C:\Users\vinod\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
19:51:44.0435 1044 [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
19:51:44.0435 1044 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
19:51:44.0435 1044 [ 3687E37869B69040657E0CE3F5DB58AA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
19:51:44.0435 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
19:51:44.0435 1044 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
19:51:44.0435 1044 C:\Windows\SysWOW64\msxml6.dll - ok
19:51:44.0435 1044 [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
19:51:44.0435 1044 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
19:51:44.0451 1044 [ E6E1085CABFB325D75D34E87E9557B35 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll
19:51:44.0451 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll - ok
19:51:44.0451 1044 [ C753ED3DA24F3FE86F754E08A14E2460 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll
19:51:44.0451 1044 C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll - ok
19:51:44.0451 1044 [ 89084DD8C7A4C7FCDA50485B33C6C98D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll
19:51:44.0451 1044 C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll - ok
19:51:44.0451 1044 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
19:51:44.0451 1044 C:\Windows\System32\FXSST.dll - ok
19:51:44.0466 1044 [ 5DBDC85A9AB1C338E82DB4F118C04D6E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
19:51:44.0466 1044 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe - ok
19:51:44.0466 1044 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
19:51:44.0466 1044 C:\Windows\SysWOW64\qmgrprxy.dll - ok
19:51:44.0466 1044 [ B54C6B8CBF6F556C9930110164EB63E4 ] C:\Windows\System32\jscript9.dll
19:51:44.0466 1044 C:\Windows\System32\jscript9.dll - ok
19:51:44.0466 1044 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
19:51:44.0466 1044 C:\Windows\System32\FXSAPI.dll - ok
19:51:44.0482 1044 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
19:51:44.0482 1044 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
19:51:44.0482 1044 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
19:51:44.0482 1044 C:\Windows\System32\FXSRESM.dll - ok
19:51:44.0482 1044 [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
19:51:44.0482 1044 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
19:51:44.0482 1044 [ 101E82D37D9A8CBBDBB5991E9FEE7B5A ] C:\Program Files (x86)\Sony\PlayMemories Home\Resources\en-US\PMBVolumeWatcherLOC.dll
19:51:44.0482 1044 C:\Program Files (x86)\Sony\PlayMemories Home\Resources\en-US\PMBVolumeWatcherLOC.dll - ok
19:51:44.0497 1044 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
19:51:44.0497 1044 C:\Windows\System32\AudioSes.dll - ok
19:51:44.0497 1044 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
19:51:44.0497 1044 C:\Windows\SysWOW64\winsta.dll - ok
19:51:44.0497 1044 [ 20437681A7678D440BBEE38C0453B852 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll
19:51:44.0497 1044 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll - ok
19:51:44.0497 1044 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] C:\Program Files\iPod\bin\iPodService.exe
19:51:44.0497 1044 C:\Program Files\iPod\bin\iPodService.exe - ok
19:51:44.0513 1044 [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
19:51:44.0513 1044 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
19:51:44.0513 1044 [ 7E8A672B7B06A6EB11960C22E0360C59 ] C:\Windows\System32\d2d1.dll
19:51:44.0513 1044 C:\Windows\System32\d2d1.dll - ok
19:51:44.0513 1044 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
19:51:44.0513 1044 C:\Windows\SysWOW64\devenum.dll - ok
19:51:44.0513 1044 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
19:51:44.0513 1044 C:\Windows\SysWOW64\msdmo.dll - ok
19:51:44.0529 1044 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
19:51:44.0529 1044 C:\Windows\SysWOW64\avicap32.dll - ok
19:51:44.0529 1044 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
19:51:44.0529 1044 C:\Windows\SysWOW64\msvfw32.dll - ok
19:51:44.0529 1044 [ 04F4D7D7B97C616C33DC3EFFD48875E0 ] C:\Program Files (x86)\Java\jre7\bin\java.exe
19:51:44.0529 1044 C:\Program Files (x86)\Java\jre7\bin\java.exe - ok
19:51:44.0544 1044 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
19:51:44.0544 1044 C:\Windows\SysWOW64\ntdsapi.dll - ok
19:51:44.0544 1044 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
19:51:44.0544 1044 C:\Windows\SysWOW64\security.dll - ok
19:51:44.0544 1044 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
19:51:44.0544 1044 C:\Windows\SysWOW64\vfwwdm32.dll - ok
19:51:44.0544 1044 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
19:51:44.0544 1044 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
19:51:44.0560 1044 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
19:51:44.0560 1044 C:\Windows\System32\wersvc.dll - ok
19:51:44.0560 1044 [ B4E69051E313551F894C74B12042485D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
19:51:44.0560 1044 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
19:51:44.0560 1044 [ F3C016C3D0C889FDC04AF59CF8108B5C ] C:\Program Files (x86)\Java\jre7\bin\jpishare.dll
19:51:44.0560 1044 C:\Program Files (x86)\Java\jre7\bin\jpishare.dll - ok
19:51:44.0560 1044 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
19:51:44.0560 1044 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
19:51:44.0575 1044 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
19:51:44.0575 1044 C:\Windows\SysWOW64\logoncli.dll - ok
19:51:44.0575 1044 [ 8A53582955841F6FFC62D7FD2E913773 ] C:\Program Files (x86)\Java\jre7\bin\java.dll
19:51:44.0575 1044 C:\Program Files (x86)\Java\jre7\bin\java.dll - ok
19:51:44.0575 1044 [ 63BB89DED1E9104E68D33E54DE4D340D ] C:\Windows\System32\DWrite.dll
19:51:44.0575 1044 C:\Windows\System32\DWrite.dll - ok
19:51:44.0575 1044 [ 1105A14047A0D99C2770601EB61FBF5C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
19:51:44.0575 1044 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
19:51:44.0591 1044 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
19:51:44.0591 1044 C:\Windows\SysWOW64\msimg32.dll - ok
19:51:44.0591 1044 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
19:51:44.0591 1044 C:\Windows\SysWOW64\sxs.dll - ok
19:51:44.0591 1044 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
19:51:44.0591 1044 C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll - ok
19:51:44.0591 1044 [ C498EF41B93986BCBD483597573EB96D ] C:\Windows\System32\d3d10warp.dll
19:51:44.0591 1044 C:\Windows\System32\d3d10warp.dll - ok
19:51:44.0607 1044 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
19:51:44.0607 1044 C:\Windows\SysWOW64\nlaapi.dll - ok
19:51:44.0607 1044 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
19:51:44.0607 1044 C:\Windows\SysWOW64\NapiNSP.dll - ok
19:51:44.0607 1044 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:51:44.0607 1044 C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:51:44.0607 1044 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
19:51:44.0607 1044 C:\Windows\SysWOW64\winrnr.dll - ok
19:51:44.0622 1044 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
19:51:44.0622 1044 C:\Windows\SysWOW64\wshbth.dll - ok
19:51:44.0622 1044 [ D2D7E13F2702AC32EB95B386178E67E6 ] C:\Windows\System32\igdumd64.dll
19:51:44.0622 1044 C:\Windows\System32\igdumd64.dll - ok
19:51:44.0622 1044 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
19:51:44.0622 1044 C:\Windows\System32\msvcr100_clr0400.dll - ok
19:51:44.0622 1044 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
19:51:44.0622 1044 C:\Windows\System32\srchadmin.dll - ok
19:51:44.0622 1044 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
19:51:44.0622 1044 C:\Windows\System32\AltTab.dll - ok
19:51:44.0638 1044 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
19:51:44.0638 1044 C:\Windows\System32\SearchIndexer.exe - ok
19:51:44.0638 1044 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
19:51:44.0638 1044 C:\Windows\System32\pnidui.dll - ok
19:51:44.0638 1044 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
19:51:44.0638 1044 C:\Windows\System32\QUTIL.DLL - ok
19:51:44.0638 1044 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
19:51:44.0638 1044 C:\Windows\System32\tquery.dll - ok
19:51:44.0653 1044 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
19:51:44.0653 1044 C:\Windows\System32\mssrch.dll - ok
19:51:44.0653 1044 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll
19:51:44.0653 1044 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok
19:51:44.0653 1044 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
19:51:44.0653 1044 C:\Windows\System32\FXSSVC.exe - ok
19:51:44.0653 1044 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
19:51:44.0653 1044 C:\Windows\System32\msidle.dll - ok
19:51:44.0669 1044 [ 667A310A43EC417D810018AB5699A013 ] C:\Windows\System32\dxtrans.dll
19:51:44.0669 1044 C:\Windows\System32\dxtrans.dll - ok
19:51:44.0669 1044 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
19:51:44.0669 1044 C:\Windows\System32\mssprxy.dll - ok
19:51:44.0669 1044 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
19:51:44.0669 1044 C:\Windows\SysWOW64\msisip.dll - ok
19:51:44.0669 1044 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
19:51:44.0669 1044 C:\Windows\System32\bthprops.cpl - ok
19:51:44.0669 1044 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
19:51:44.0685 1044 C:\Windows\System32\ddrawex.dll - ok
19:51:44.0685 1044 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
19:51:44.0685 1044 C:\Windows\System32\ddraw.dll - ok
19:51:44.0685 1044 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
19:51:44.0685 1044 C:\Windows\System32\en-US\tquery.dll.mui - ok
19:51:44.0685 1044 [ EBCC2CEFDA0CE9F8DBFD7F4E380AF081 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
19:51:44.0685 1044 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe - ok
19:51:44.0685 1044 [ 8839C69D4E9468A1E5BDF4B9F4BCC5FE ] C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll
19:51:44.0685 1044 C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll - ok
19:51:44.0700 1044 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
19:51:44.0700 1044 C:\Windows\System32\dciman32.dll - ok
19:51:44.0700 1044 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
19:51:44.0700 1044 C:\Windows\System32\SearchFolder.dll - ok
19:51:44.0700 1044 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
19:51:44.0700 1044 C:\Windows\System32\thumbcache.dll - ok
19:51:44.0700 1044 [ E02F24BC4E41DFDBF64CF35C3B85597A ] C:\Windows\System32\dxtmsft.dll
19:51:44.0700 1044 C:\Windows\System32\dxtmsft.dll - ok
19:51:44.0716 1044 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
19:51:44.0716 1044 C:\Windows\System32\UIAnimation.dll - ok
19:51:44.0716 1044 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
19:51:44.0716 1044 C:\Windows\System32\StructuredQuery.dll - ok
19:51:44.0716 1044 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
19:51:44.0716 1044 C:\Windows\System32\netman.dll - ok
19:51:44.0716 1044 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
19:51:44.0716 1044 C:\Windows\System32\rasdlg.dll - ok
19:51:44.0731 1044 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
19:51:44.0731 1044 C:\Windows\System32\dot3api.dll - ok
19:51:44.0731 1044 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
19:51:44.0731 1044 C:\Windows\System32\wlanhlp.dll - ok
19:51:44.0731 1044 [ A072A3C7FD6247F1446D26A6929BDFD7 ] C:\Windows\System32\vbscript.dll
19:51:44.0731 1044 C:\Windows\System32\vbscript.dll - ok
19:51:44.0731 1044 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
19:51:44.0731 1044 C:\Windows\SysWOW64\FirewallAPI.dll - ok
19:51:44.0747 1044 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
19:51:44.0747 1044 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
19:51:44.0747 1044 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
19:51:44.0747 1044 C:\Windows\System32\WWanAPI.dll - ok
19:51:44.0747 1044 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
19:51:44.0747 1044 C:\Windows\System32\wwapi.dll - ok
19:51:44.0747 1044 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
19:51:44.0747 1044 C:\Windows\System32\QAGENT.DLL - ok
19:51:44.0763 1044 [ 3D2D108E14AD21889A2621B94C80A3DD ] C:\Windows\System32\tzres.dll
19:51:44.0763 1044 C:\Windows\System32\tzres.dll - ok
19:51:44.0763 1044 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
19:51:44.0763 1044 C:\Windows\SysWOW64\rasapi32.dll - ok
19:51:44.0763 1044 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
19:51:44.0763 1044 C:\Windows\SysWOW64\rasman.dll - ok
19:51:44.0763 1044 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
19:51:44.0763 1044 C:\Windows\SysWOW64\rtutils.dll - ok
19:51:44.0778 1044 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
19:51:44.0778 1044 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
19:51:44.0778 1044 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
19:51:44.0778 1044 C:\Windows\SysWOW64\netprofm.dll - ok
19:51:44.0778 1044 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
19:51:44.0778 1044 C:\Windows\System32\networkexplorer.dll - ok
19:51:44.0778 1044 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
19:51:44.0778 1044 C:\Windows\SysWOW64\npmproxy.dll - ok
19:51:44.0778 1044 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
19:51:44.0778 1044 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:51:44.0794 1044 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
19:51:44.0794 1044 C:\Windows\SysWOW64\schannel.dll - ok
19:51:44.0794 1044 [ 5DFE72B9F1FF669070FC032090B7B982 ] C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
19:51:44.0794 1044 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe - ok
19:51:44.0794 1044 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
19:51:44.0794 1044 C:\Windows\System32\consent.exe - ok
19:51:44.0794 1044 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
19:51:44.0794 1044 C:\Windows\System32\wsock32.dll - ok
19:51:44.0809 1044 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
19:51:44.0809 1044 C:\Windows\System32\drmv2clt.dll - ok
19:51:44.0809 1044 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
19:51:44.0809 1044 C:\Windows\System32\wmdrmdev.dll - ok
19:51:44.0809 1044 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
19:51:44.0809 1044 C:\Windows\System32\mfplat.dll - ok
19:51:44.0809 1044 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
19:51:44.0809 1044 C:\Windows\System32\wmp.dll - ok
19:51:44.0809 1044 [ EF4248D28C2940AE6D46470AC2479A4F ] C:\Windows\System32\msisip.dll
19:51:44.0809 1044 C:\Windows\System32\msisip.dll - ok
19:51:44.0825 1044 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
19:51:44.0825 1044 C:\Windows\System32\blackbox.dll - ok
19:51:44.0825 1044 [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
19:51:44.0825 1044 C:\Users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
19:51:44.0825 1044 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
19:51:44.0825 1044 C:\Windows\System32\wmploc.DLL - ok
19:51:44.0825 1044 [ 712D9EB4CD8D64AC78FBB3C9AE6A6DAC ] C:\Program Files\Internet Explorer\ieproxy.dll
19:51:44.0825 1044 C:\Program Files\Internet Explorer\ieproxy.dll - ok
19:51:44.0841 1044 ============================================================
19:51:44.0841 1044 Scan finished
19:51:44.0841 1044 ============================================================
19:51:44.0841 3132 Detected object count: 2
19:51:44.0841 3132 Actual detected object count: 2
19:53:08.0925 3132 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:08.0925 3132 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:08.0925 3132 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:53:08.0925 3132 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-05-2013 01
Ran by vinod (administrator) on 22-05-2013 20:03:39
Running from C:\Users\vinod\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Kaspersky Lab ZAO) C:\Users\vinod\AppData\Local\Temp\95600903-C172-430A-8DB1-EEF4F28A5812.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) Ca:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
(Dropbox, Inc.) C:\Users\vinod\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Farbar) C:\Users\vinod\Desktop\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5470208 2009-12-17] (Dell Inc.)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey [x]
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [Google Update] "C:\Users\vinod\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-06-08] (Google Inc.)
HKCU\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKCU\...\Run: [Facebook Update] "C:\Users\vinod\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-23] (Facebook Inc.)
HKCU\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe -update activex [812424 2013-04-21] (Adobe Systems Incorporated)
HKCR\...0c966feabec1\InprocServer32: [Default-shell32] C:\Users\vinod\AppData\Local\{6c5af07b-2b51-1b6d-5760-ff63cd0faee5}\n. ATTENTION! ====> ZeroAccess
MountPoints2: {9b7588d6-4531-11e0-92ba-afaa910b2ef2} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run [x]
HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724536 2012-04-22] (Sony Corporation)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
Startup: C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\vinod\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myincrediblegarden.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
URLSearchHook: (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT1060933
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT1060933
SearchScopes: HKCU - {CCFBDE6C-B70D-4A38-B1E8-C4C7795DCF4F} URL = http://search.yahoo....p={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
PDF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab
PDF: HKLM-x32 {3F4AC0C9-3A7D-4115-99B4-2693DE0014AF} http://optimum.net/d...nerXControl.ocx
PDF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto....veX_Control.cab
PDF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://epicare.webe...ex/ieatgpc1.cab
PDF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [20992] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 167.206.245.130 167.206.245.129

FireFox:
========
FF ProfilePath: C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\r3xcu4mv.default
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Visualisateur 3D de 20-20 - C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\r3xcu4mv.default\Extensions\[email protected]
FF Extension: Freecorder Community Toolbar - C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\r3xcu4mv.default\Extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
FF Extension: DownloadHelper - C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\r3xcu4mv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.sparkpeople.com/myspark/start-now.asp", "hxxp://www.menshealth.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\vinod\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\vinod\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\vinod\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\vinod\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\vinod\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (House Plans) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnmfkilicomdippcehaldlonfldmlfi\2.2_0
CHR Extension: (Angry Birds) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (iStoryBooks) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbmgijcnihjphndkjglleofcnohhkkl\1.0.10_0
CHR Extension: () - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0
CHR Extension: (Autodesk Homestyler) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0
CHR Extension: (Personal Trainer) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke\1.7_0
CHR Extension: (Skype Click to Call) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Floor Plan Creator) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogbnemfckmdpkeeccieeahplnemmbcfg\1.2_0
CHR Extension: (Picasa) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0
CHR Extension: () - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.12_0
CHR Extension: (Google Reader) - C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0

==================== Services (Whitelisted) =================

R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [352248 2012-08-03] (Verizon)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2009-12-17] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\BCM42RLY.sys 5C0F919666954885D7760DFFE4B29A25
C:\Windows\System32\DRIVERS\bcmwl664.sys BAB887A2B2786310A966881F074F4A99
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys F4F91789C7C7A159CE8215C1F69F2A85
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 39918DB0EFCF045A1CE6FABBF339F975
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys F8A10560B35C66F9DE212F03DAD5BFA7
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 162100E0BC8377710F9D170631921C03
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\DRIVERS\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-22 20:02 - 2013-05-22 20:02 - 01878472 ____A (Farbar) C:\Users\vinod\Desktop\FRST64.exe
2013-05-22 19:45 - 2013-05-22 18:42 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\vinod\Desktop\TDSSKiller.exe
2013-05-17 04:49 - 2013-05-17 04:49 - 00000000 ____D C:\FRST
2013-05-14 04:01 - 2013-05-14 09:18 - 00000000 ____D C:\Windows\Microsoft Antimalware
2013-05-07 12:41 - 2013-05-07 12:41 - 00000000 ____D C:\Windows\Sun
2013-05-07 12:31 - 2013-05-07 12:31 - 00000000 ____D C:\Users\vinod\AppData\Roaming\RealNetworks
2013-05-07 12:29 - 2013-05-07 14:21 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-05-07 12:29 - 2013-05-07 12:29 - 00000000 ____D C:\ProgramData\RealNetworks
2013-05-07 12:28 - 2013-05-07 14:21 - 00000000 ____D C:\Program Files (x86)\Real
2013-05-07 12:28 - 2013-05-07 12:30 - 00000000 ____D C:\Users\vinod\AppData\Roaming\Real
2013-05-07 12:27 - 2013-05-07 12:31 - 00000000 ____D C:\ProgramData\Real
2013-05-06 22:50 - 2013-05-06 22:50 - 00000019 ____A C:\Users\vinod\Desktop\hasnain.txt
2013-04-23 16:08 - 2013-04-12 10:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2013-05-22 20:02 - 2013-05-22 20:02 - 01878472 ____A (Farbar) C:\Users\vinod\Desktop\FRST64.exe
2013-05-22 20:02 - 2012-07-23 10:57 - 00000928 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000UA.job
2013-05-22 19:55 - 2009-07-14 01:10 - 02064585 ____A C:\Windows\WindowsUpdate.log
2013-05-22 19:55 - 2009-07-14 00:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-22 19:55 - 2009-07-14 00:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-22 19:54 - 2009-07-14 01:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-22 19:50 - 2012-11-24 09:36 - 00000000 ___RD C:\Users\vinod\Dropbox
2013-05-22 19:50 - 2012-11-24 09:31 - 00000000 ____D C:\Users\vinod\AppData\Roaming\Dropbox
2013-05-22 19:48 - 2011-03-12 19:36 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-22 19:48 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-22 19:48 - 2009-07-14 00:51 - 00109026 ____A C:\Windows\setupact.log
2013-05-22 19:39 - 2011-03-02 18:52 - 00000000 ____D C:\users\vinod
2013-05-22 18:42 - 2013-05-22 19:45 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\vinod\Desktop\TDSSKiller.exe
2013-05-17 04:49 - 2013-05-17 04:49 - 00000000 ____D C:\FRST
2013-05-14 11:30 - 2011-03-07 19:47 - 00000000 ____D C:\Users\vinod\AppData\Roaming\Mozilla
2013-05-14 11:30 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\sysprep
2013-05-14 11:30 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-14 11:30 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2013-05-14 11:29 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-05-14 09:18 - 2013-05-14 04:01 - 00000000 ____D C:\Windows\Microsoft Antimalware
2013-05-07 14:21 - 2013-05-07 12:29 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-05-07 14:21 - 2013-05-07 12:28 - 00000000 ____D C:\Program Files (x86)\Real
2013-05-07 12:41 - 2013-05-07 12:41 - 00000000 ____D C:\Windows\Sun
2013-05-07 12:31 - 2013-05-07 12:31 - 00000000 ____D C:\Users\vinod\AppData\Roaming\RealNetworks
2013-05-07 12:31 - 2013-05-07 12:27 - 00000000 ____D C:\ProgramData\Real
2013-05-07 12:30 - 2013-05-07 12:28 - 00000000 ____D C:\Users\vinod\AppData\Roaming\Real
2013-05-07 12:29 - 2013-05-07 12:29 - 00000000 ____D C:\ProgramData\RealNetworks
2013-05-06 22:50 - 2013-05-06 22:50 - 00000019 ____A C:\Users\vinod\Desktop\hasnain.txt
2013-05-03 11:24 - 2011-07-20 21:52 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000UA.job
2013-05-03 11:02 - 2012-07-23 10:57 - 00000906 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000Core.job
2013-05-03 10:58 - 2011-03-12 19:36 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-02 20:11 - 2011-07-20 21:52 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000Core.job
2013-05-02 11:29 - 2011-03-02 19:05 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {b57a6033-4347-11e0-8400-001aa03efc3c}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {b57a6035-4347-11e0-8400-001aa03efc3c}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {b57a6033-4347-11e0-8400-001aa03efc3c}
nx OptIn

Windows Boot Loader
-------------------
identifier {b57a6035-4347-11e0-8400-001aa03efc3c}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{b57a6036-4347-11e0-8400-001aa03efc3c}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{b57a6036-4347-11e0-8400-001aa03efc3c}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {b57a6033-4347-11e0-8400-001aa03efc3c}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {b57a6036-4347-11e0-8400-001aa03efc3c}
description Ramdisk Options
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi



Last Boot: 2013-05-05 19:05

==================== End Of Log ============================
  • 0

#9
emeraldnzl
Posted 22 May 2013 - 05:33 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

What is the next step to make sure this kind of thing doesn't happen again?


Bit to do yet to make sure we have got everything. :)

  • Close all windows and open OTL.
  • Double click on the OTL icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • Click the None button at the top.
  • Under the Custom Scan box paste this in:
    
dir C:\ /S /A:L /C
CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open a notepad window. OTL.Txt. This is saved in the same location as OTL.

Note: If the log doesn't appear where you saved OTL then a copy of the OTL log is saved in a text file at

:\_OTL\MovedFiles
in most cases this will be C:\_OTL\MovedFiles

Please copy (Edit->Select All, Edit->Copy) the contents post back here.
  • 0

#10
vveditor
Posted 22 May 2013 - 06:30 PM

vveditor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OTL logfile created on: 5/22/2013 9:26:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vinod\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16443)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.77 Gb Available Physical Memory | 74.01% Memory free
15.60 Gb Paging File | 13.53 Gb Available in Paging File | 86.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.92 Gb Total Space | 203.06 Gb Free Space | 34.72% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-PC | User Name: vinod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Custom Scans ==========

< dir C:\ /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is B06F-B6AC
Directory of C:\
07/14/2009 01:08 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 01:08 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 01:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 01:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 01:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 01:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 01:08 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 01:08 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 01:08 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 01:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 01:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 01:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 01:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 01:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 01:08 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 01:08 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 01:08 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 01:08 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 01:08 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 01:08 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 01:08 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 01:08 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 01:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 01:08 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 01:08 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 01:08 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 01:08 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 01:08 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 01:08 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 01:08 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 01:08 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\vinod
03/02/2011 06:52 PM <JUNCTION> Application Data [C:\Users\vinod\AppData\Roaming]
03/02/2011 06:52 PM <JUNCTION> Cookies [C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Cookies]
03/02/2011 06:52 PM <JUNCTION> Local Settings [C:\Users\vinod\AppData\Local]
03/02/2011 06:52 PM <JUNCTION> My Documents [C:\Users\vinod\Documents]
03/02/2011 06:52 PM <JUNCTION> NetHood [C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/02/2011 06:52 PM <JUNCTION> PrintHood [C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/02/2011 06:52 PM <JUNCTION> Recent [C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Recent]
03/02/2011 06:52 PM <JUNCTION> SendTo [C:\Users\vinod\AppData\Roaming\Microsoft\Windows\SendTo]
03/02/2011 06:52 PM <JUNCTION> Start Menu [C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu]
03/02/2011 06:52 PM <JUNCTION> Templates [C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\vinod\AppData\Local
03/02/2011 06:52 PM <JUNCTION> Application Data [C:\Users\vinod\AppData\Local]
03/02/2011 06:52 PM <JUNCTION> History [C:\Users\vinod\AppData\Local\Microsoft\Windows\History]
03/02/2011 06:52 PM <JUNCTION> Temporary Internet Files [C:\Users\vinod\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\vinod\Documents
03/02/2011 06:52 PM <JUNCTION> My Music [C:\Users\vinod\Music]
03/02/2011 06:52 PM <JUNCTION> My Pictures [C:\Users\vinod\Pictures]
03/02/2011 06:52 PM <JUNCTION> My Videos [C:\Users\vinod\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
50 Dir(s) 221,486,272,512 bytes free

< End of report >
  • 0

Advertisements

#11
emeraldnzl
Posted 22 May 2013 - 06:40 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Oh dear I notice I didn't give you the link for that OTL download. Well done getting it. :thumbsup:

Moving along

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#12
vveditor
Posted 22 May 2013 - 07:26 PM

vveditor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
ComboFix 13-05-22.01 - vinod 05/22/2013 22:01:30.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7989.5816 [GMT -4:00]
Running from: c:\users\vinod\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\videos\vlc-2.0.2-win32.exe
c:\users\vinod\AppData\Roaming\Roaming
c:\users\vinod\AppData\Roaming\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#blurpstar0.com\settings.sol
c:\users\vinod\AppData\Roaming\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#dmnstats01.com\settings.sol
c:\users\vinod\AppData\Roaming\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
c:\users\vinod\Documents\~WRL3139.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-04-23 to 2013-05-23 )))))))))))))))))))))))))))))))
.
.
2013-05-23 02:05 . 2013-05-23 02:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-22 23:55 . 2013-05-22 23:54 964552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DD1E044F-B123-48D7-B133-03A3B7BFE6D2}\gapaengine.dll
2013-05-22 23:54 . 2013-05-13 03:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DF4631CC-CBF6-4E84-AE67-E63B269B8191}\mpengine.dll
2013-05-22 23:39 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-17 08:49 . 2013-05-17 08:49 -------- d-----w- C:\FRST
2013-05-14 08:01 . 2013-05-14 13:18 -------- d-----w- c:\windows\Microsoft Antimalware
2013-05-10 07:57 . 2013-05-10 07:57 187456 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-05-10 07:57 . 2013-05-10 07:57 187456 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-07 16:41 . 2013-05-07 16:41 -------- d-----w- c:\windows\Sun
2013-05-07 16:28 . 2013-05-07 18:21 -------- d-----w- c:\program files (x86)\Real
2013-04-24 00:38 . 2013-04-24 00:37 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D59DB228-0783-4E98-84FF-E80914D698AE}\gapaengine.dll
2013-04-23 20:08 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-22 23:40 . 2011-03-28 23:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2011-03-02 23:05 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-24 00:37 . 2011-03-26 14:57 905296 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-04-21 19:33 . 2012-03-29 13:25 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-21 19:33 . 2011-06-16 09:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-15 03:36 . 2013-04-15 03:36 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-15 03:36 . 2012-10-26 23:45 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-15 03:36 . 2011-03-02 23:43 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-11 07:03 . 2011-03-02 23:06 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-19 06:04 . 2013-04-10 09:10 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 09:10 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 09:10 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 09:10 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 09:10 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 09:10 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-01 03:36 . 2013-04-10 09:11 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-22 06:57 . 2013-04-11 07:01 17817088 ----a-w- c:\windows\system32\mshtml.dll
2013-02-22 06:29 . 2013-04-11 07:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2013-02-22 06:27 . 2013-04-11 07:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-22 06:21 . 2013-04-11 07:01 1346560 ----a-w- c:\windows\system32\urlmon.dll
2013-02-22 06:20 . 2013-04-11 07:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2013-02-22 06:19 . 2013-04-11 07:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-22 06:18 . 2013-04-11 07:01 237056 ----a-w- c:\windows\system32\url.dll
2013-02-22 06:17 . 2013-04-11 07:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2013-02-22 06:15 . 2013-04-11 07:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-22 06:15 . 2013-04-11 07:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2013-02-22 06:15 . 2013-04-11 07:01 816640 ----a-w- c:\windows\system32\jscript.dll
2013-02-22 06:14 . 2013-04-11 07:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2013-02-22 06:13 . 2013-04-11 07:01 2147840 ----a-w- c:\windows\system32\iertutil.dll
2013-02-22 06:13 . 2013-04-11 07:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-02-22 06:12 . 2013-04-11 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-22 06:09 . 2013-04-11 07:01 248320 ----a-w- c:\windows\system32\ieui.dll
2013-02-22 03:46 . 2013-04-11 07:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-02-22 03:38 . 2013-04-11 07:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2013-02-22 03:37 . 2013-04-11 07:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-02-22 03:34 . 2013-04-11 07:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-02-22 03:34 . 2013-04-11 07:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-02-22 03:31 . 2013-04-11 07:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-07-12 18:18 . 2012-07-12 18:18 4024320 ----a-w- c:\program files (x86)\GUT5DAA.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Facebook Update"="c:\users\vinod\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-23 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-09-28 140640]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-04-22 724536]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\vinod\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2013-1-8 228448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-03 1255736]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-08-03 352248]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-04-22 474168]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 51866779
*NewlyCreated* - 82350812
*Deregistered* - 51866779
*Deregistered* - 82350812
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000Core.job
- c:\users\vinod\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-23 14:57]
.
2013-05-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000UA.job
- c:\users\vinod\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-23 14:57]
.
2013-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-12 23:36]
.
2013-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-12 23:36]
.
2013-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000Core.job
- c:\users\vinod\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-21 10:46]
.
2013-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003383808-1756342594-762847216-1000UA.job
- c:\users\vinod\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-21 10:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\vinod\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-17 5470208]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-02 2710856]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-11 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-11 417560]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.myincrediblegarden.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: agsdc.net\host54
TCP: DhcpNameServer = 167.206.245.130 167.206.245.129
FF - ProfilePath - c:\users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\r3xcu4mv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - ExtSQL: 2013-05-07 12:29; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\programdata\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Freecorder FLV Service - c:\program files (x86)\Freecorder\FLVSrvc.exe
SafeBoot-51866779.sys
Toolbar-Locked - (no file)
HKLM-Run-MSC - c:\program files\Microsoft Security Client\mssecex.exe
AddRemove-1221905138.optimumapp.iptv.optimum.net - c:\program files\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-22 22:07:57
ComboFix-quarantined-files.txt 2013-05-23 02:07
.
Pre-Run: 236,156,416,000 bytes free
Post-Run: 239,348,428,800 bytes free
.
- - End Of File - - 9C39D9DD53646882FB243611B9D50751
  • 0

#13
emeraldnzl
Posted 22 May 2013 - 08:44 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
After that

Please download Farbar Service Scanner and run.

  • Make sure the following options are checked:


  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Other Services

[*]Press Scan
[*]A log (FSS.txt) will be created in the same directory the tool is run.
[*]Copy and paste the log back here.
[/list]So when you return please post
  • JRT.txt
  • FSS.txt
  • 0

#14
vveditor
Posted 23 May 2013 - 02:58 AM

vveditor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by vinod on Thu 05/23/2013 at 5:50:17.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT1060933
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



~~~ Files

Successfully deleted: [File] "C:\end"
Successfully deleted: [File] C:\Users\vinod\appdata\local\{FA02AC9C-0658-11E2-8271-B8AC6F996F26}\chrome\content\browser.xul [Trojan:JS/Medfos.A]



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\Users\vinod\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\vinod\appdata\local\downtango"
Successfully deleted: [Folder] "C:\Users\vinod\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\vinod\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] C:\Users\vinod\appdata\local\{FA02AC9C-0658-11E2-8271-B8AC6F996F26} [Trojan:JS/Medfos.A]



~~~ FireFox

Successfully deleted: [Folder] C:\Users\vinod\AppData\Roaming\mozilla\firefox\profiles\r3xcu4mv.default\conduitcommon
Successfully deleted: [Folder] C:\Users\vinod\AppData\Roaming\mozilla\firefox\profiles\r3xcu4mv.default\extensions\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Successfully deleted the following from C:\Users\vinod\AppData\Roaming\mozilla\firefox\profiles\r3xcu4mv.default\prefs.js

user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT1060933.InstallationId", "ConduitNSISIntegration");
user_pref("CT1060933.InstallationType", "ConduitXPEIntegration");
user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT1060933.SearchCaption", "Freecorder Customized Web Search");
user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=");
user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT1060933.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1060933&SearchSource=13");
user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933");
user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"18f74906b822309baec8a84b57239ab43\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", "\"1362414052\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:1452\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:168a\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"6a637346d78ccc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933", "\"2cf4f33c40cf096b2e9e9778267eb346\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equalizer_dead.gif", "\"0678fe477ac91:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimize.gif", "\"046c7ab477ac91:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gif", "\"0484de117c4c91:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gif", "\"0e7a152347ac91:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif", "\"087c778347ac91:0\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"e821ce8a6b08dd56e0ad30aaa23afe7b\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\vinod\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\r3xcu4mv.default\\conduitCommon\\modules\\3.9.0.3");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/fc6/gadget/video.html", "833x247");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
user_pref("CommunityToolbar.globalUserId", "36014653-3eb5-4c78-9df1-e103f22aebfb");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jan 08 2012 09:41:06 GMT-0500 (Eastern Standard Time)");
user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jan 08 2012 10:41:15 GMT-0500 (Eastern Standard Time)");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jan 08 2012 09:41:06 GMT-0500 (Eastern Standard Time)");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "08f207a2-8ab6-44a2-a652-9234d39077ae");
user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com");
user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Emptied folder: C:\Users\vinod\AppData\Roaming\mozilla\firefox\profiles\r3xcu4mv.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/23/2013 at 5:54:25.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Farbar Service Scanner Version: 14-04-2013
Ran by vinod (administrator) on 23-05-2013 at 05:57:20
Running from "C:\Users\vinod\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#15
emeraldnzl
Posted 23 May 2013 - 02:09 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again vveditor,

Making good progress. All going well we will be able to clear away the tools we have been using after this one.

Now

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how your computer is now.

  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP