Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't Remove RCMP Ukash and Windows Security Center [Solved]


  • This topic is locked This topic is locked

#1
lillie_nemo

lillie_nemo

    Member

  • Member
  • PipPip
  • 66 posts
Hi, I have having problems getting rid of this malware. :-(

Problem: Can't remove Ukash virus and Windows Security Center from Windows Vista

Details: Despite running various programs to fix problem RCMP Ukash screen still appears whenever I reboot the system in normal mode, safe mode and safe mode with networking. I also see icon for Windows Security Center icon in right hand corner but the malware doesn't not seem to be actively creating pop ups. Currently I am only able to use safe mode with command prompt. Running explorer.exe in cmd loads the Ukash screen again. These problems began when I renewed Mcafee yesterday. FYI, I have Internet access on this netbook I'm currently using and am unable to access Internet via the infected computer.

What I've done: Ran Malwarebytes (with updates from yesterday), Spybot S&D, and McAfee in safe mode with command prompt. Several problems detected and fixed by these programs but Ukash screen still loads when starting up in normal mode and the other safe modes. Unable to turn on real-time scanning for McAfee.

Please, any help is greatly appreciated. I'm at my wits end! Thank you so much. m(_ _)m

The OTL log below:

OTL logfile created on: 2013/06/25 4:51:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16945)
Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

1021.88 Mb Total Physical Memory | 624.87 Mb Available Physical Memory | 61.15% Memory free
2.23 Gb Paging File | 1.99 Gb Available in Paging File | 88.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 363.68 Gb Total Space | 67.61 Gb Free Space | 18.59% Space Free | Partition Type: NTFS
Drive D: | 8.92 Gb Total Space | 0.98 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 3.73 Gb Total Space | 1.93 Gb Free Space | 51.75% Space Free | Partition Type: FAT32

Computer Name: ENFLEUR | User Name: saicoink | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/25 04:46:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
PRC - [2012/10/07 03:12:36 | 000,252,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
PRC - [2006/11/02 05:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\besclient.dll -- (w800bus)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - File not found [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (LiveUpdate Notice Ex)
SRV - [2013/06/24 20:25:39 | 000,143,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\ProgramData\gwdb.dat -- (Winmgmt)
SRV - [2013/04/11 22:08:25 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/04/03 13:50:34 | 000,172,416 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2013/04/03 13:47:22 | 000,169,320 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV - [2013/03/01 09:06:56 | 000,287,752 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2013/02/28 09:46:46 | 000,638,976 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe -- (mfecore)
SRV - [2012/07/08 22:57:48 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Stopped] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/07/08 22:57:40 | 000,184,840 | ---- | M] (Nitro PDF Software) [Auto | Stopped] -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe -- (NitroDriverReadSpool2)
SRV - [2011/10/25 19:00:46 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/06/29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2009/10/06 14:53:54 | 004,463,400 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Windows\System32\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/03/19 15:03:32 | 000,167,936 | ---- | M] (Teruten Inc.) [Auto | Stopped] -- C:\Windows\System32\TsService.exe -- (TsService)
SRV - [2008/06/20 14:26:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/11/28 20:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/11/04 18:36:32 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/02/05 11:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 11:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2006/12/14 03:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 03:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 02:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/15 19:57:58 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2006/09/11 19:02:44 | 000,544,256 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/09/11 19:01:04 | 000,167,936 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/09/11 18:56:32 | 000,075,264 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/09/11 18:56:20 | 000,188,416 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/09/03 13:32:28 | 000,208,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 02:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/05/10 12:13:52 | 000,029,696 | R--- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Zinf\portio.sys -- (portio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\cdrom.sys -- (cdrom)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/04/03 13:53:24 | 000,060,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2013/04/03 13:50:14 | 000,091,640 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2013/04/03 13:48:22 | 000,566,656 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2013/04/03 13:47:52 | 000,066,888 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2013/04/03 13:47:32 | 000,363,432 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2013/04/03 13:47:10 | 000,065,928 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2013/04/03 13:46:52 | 000,235,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2013/04/03 13:46:22 | 000,133,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2013/02/18 07:46:38 | 000,080,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencrk.sys -- (mfencrk)
DRV - [2013/02/18 07:46:34 | 000,257,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencbdc.sys -- (mfencbdc)
DRV - [2012/05/28 10:28:04 | 000,147,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2011/10/25 20:03:48 | 008,853,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/10/25 18:21:36 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/06/06 15:06:42 | 000,081,936 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2009/08/27 16:06:32 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009/05/20 12:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/05/02 00:15:44 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/25 10:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007/03/12 16:37:00 | 004,465,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/01/15 03:43:28 | 000,354,432 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw18bda.sys -- (hcw18bda)
DRV - [2006/11/02 05:02:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\[email protected] -- (RDPCDD)
DRV - [2006/11/02 03:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2002/08/08 16:51:32 | 000,038,951 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETMDUSB.sys -- (NETMDUSB)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Aspi32.sys -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\..\SearchScopes,DefaultScope = {76F3D4AC-5E11-4F6F-9F7F-F3FB98FC089E}
IE - HKLM\..\SearchScopes\{76F3D4AC-5E11-4F6F-9F7F-F3FB98FC089E}: "URL" = http://ca.search.yah...ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{8CBE3FF8-BC71-4515-AC21-4B5338A96073}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\..\SearchScopes\{9227DF63-238D-48B7-AFFA-90916A8D4255}: "URL" = http://search.live.c...#38;FORM=HVDCS7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKCU\..\SearchScopes\{76F3D4AC-5E11-4F6F-9F7F-F3FB98FC089E}: "URL" = http://ca.search.yah...ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{8CBE3FF8-BC71-4515-AC21-4B5338A96073}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKCU\..\SearchScopes\{9227DF63-238D-48B7-AFFA-90916A8D4255}: "URL" = http://search.live.c...#38;FORM=HVDCS7
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://ca.search.yah...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: brief%40mozdev.org:1.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\saicoink\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\saicoink\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Auslogics\Auslogics Antivirus\bdaphffext\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/21 23:33:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/21 23:32:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/06/23 15:52:36 | 000,000,000 | ---D | M]

[2009/05/29 00:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saicoink\AppData\Roaming\Mozilla\Extensions
[2013/05/21 10:17:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saicoink\AppData\Roaming\Mozilla\Firefox\Profiles\vlxpr8g8.default-1366383230636\extensions
[2013/05/21 10:17:36 | 000,242,942 | ---- | M] () (No name found) -- C:\Users\saicoink\AppData\Roaming\Mozilla\Firefox\Profiles\vlxpr8g8.default-1366383230636\extensions\[email protected]
[2013/05/21 23:33:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/21 23:33:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/13 22:10:06 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2010/06/08 09:50:17 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\saicoink\AppData\Local\Google\Chrome\Application\10.0.648.205\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\saicoink\AppData\Local\Google\Chrome\Application\10.0.648.205\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\saicoink\AppData\Local\Google\Chrome\Application\10.0.648.205\gcswf32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\saicoink\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.30.150.1_0\McChPlg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\saicoink\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: TweetDeck = C:\Users\saicoink\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\2.0.2_0\

O1 HOSTS File: ([2013/06/25 03:05:10 | 000,449,750 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15443 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ctfmon32.exe] c:\ProgramData\gwdb.dat (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: efbfcafebeccad = C:\Users\saicoink\AppData\Local\6e526fb3-f185-47c6-afe5-140b57ec9c52ad\efbfcafebeccad.exe ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: java.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 206.248.154.22 206.248.154.170
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B320FF9-9304-4A2E-ADD7-D4FC2BEBA624}: DhcpNameServer = 206.248.154.22 206.248.154.170
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\saicoink\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\saicoink\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/04 16:14:23 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{64b8653f-b1e0-11df-85c8-001bfcf8e1f2}\Shell - "" = AutoRun
O33 - MountPoints2\{64b8653f-b1e0-11df-85c8-001bfcf8e1f2}\Shell\AutoRun\command - "" = "K:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{bc6f828a-3bd6-11e2-bcf0-001bfcf8e1f2}\Shell\AutoRun\command - "" = E:\RunClubSanDisk.exe
O33 - MountPoints2\{f081b9ca-1043-11e0-a9f1-b4a0aaf81b7e}\Shell - "" = AutoRun
O33 - MountPoints2\{f081b9ca-1043-11e0-a9f1-b4a0aaf81b7e}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/25 04:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/06/25 03:55:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
[2013/06/25 02:31:07 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/06/24 20:25:39 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\gwdb.dat
[2013/06/23 15:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/23 15:43:54 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/06/23 15:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/06/23 13:44:34 | 000,147,472 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2013/06/23 13:35:48 | 000,066,888 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2013/06/23 13:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2013/06/23 13:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2013/06/15 19:01:01 | 000,000,000 | ---D | C] -- C:\Users\saicoink\AppData\Local\6e526fb3-f185-47c6-afe5-140b57ec9c52ad
[2007/11/14 23:53:43 | 000,411,248 | ---- | C] (Applian Technologies Inc.) -- C:\Program Files\FLV PlayerRCSetup.exe
[14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/25 04:20:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/25 04:15:27 | 095,023,320 | ---- | M] () -- C:\ProgramData\bdwg.pad
[2013/06/25 04:08:00 | 014,909,286 | ---- | M] () -- C:\Users\saicoink\Documents\safe130622.reg
[2013/06/25 03:57:26 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/25 03:57:26 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/25 03:05:10 | 000,449,750 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/06/25 02:38:04 | 000,000,840 | ---- | M] () -- C:\Users\saicoink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
[2013/06/25 01:47:20 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D3B927D7-35BB-44E3-85A4-77E8C7A308A2}.job
[2013/06/24 20:25:55 | 000,002,630 | ---- | M] () -- C:\ProgramData\bdwg.js
[2013/06/24 20:00:00 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - saicoink.job
[2013/06/24 20:00:00 | 000,000,340 | -H-- | M] () -- C:\Windows\tasks\{4538A45A-66C1-4743-98EC-EED8C1B8896C}.job
[2013/06/24 19:52:00 | 000,000,712 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-392368935-1018968332-2870084161-1001UA.job
[2013/06/23 16:28:59 | 002,523,136 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2013/06/23 16:28:59 | 000,081,920 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2013/06/23 16:28:59 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2013/06/23 16:03:41 | 000,001,356 | ---- | M] () -- C:\Users\saicoink\AppData\Local\d3d9caps.dat
[2013/06/23 15:44:02 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/21 15:52:00 | 000,000,660 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-392368935-1018968332-2870084161-1001Core.job
[2013/06/18 11:29:10 | 000,097,296 | ---- | M] () -- C:\Users\saicoink\Documents\An Nguyen-CV.pdf
[2013/06/18 11:28:34 | 000,006,499 | ---- | M] () -- C:\Users\saicoink\AppData\Roaming\PrimoPDFSet.xml
[2013/06/17 00:30:01 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\vlcplayer.exe
[2013/06/17 00:30:00 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\teamviewer.exe
[2013/06/17 00:30:00 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\flashplayer.exe
[2013/06/17 00:11:07 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\chrome.exe
[2013/06/17 00:11:07 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\acrobatreader.exe
[2013/06/15 19:00:56 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\notepad.exe
[2013/06/15 19:00:56 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\jucheck.exe
[2013/06/15 19:00:55 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\acrobat.exe
[2013/06/15 19:00:54 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\mstsc.exe
[2013/06/15 19:00:54 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\icq.exe
[2013/06/02 23:02:49 | 000,191,488 | ---- | M] () -- C:\Users\saicoink\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/25 04:07:59 | 014,909,286 | ---- | C] () -- C:\Users\saicoink\Documents\safe130622.reg
[2013/06/25 02:38:04 | 000,000,840 | ---- | C] () -- C:\Users\saicoink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
[2013/06/24 20:25:55 | 000,002,630 | ---- | C] () -- C:\ProgramData\bdwg.js
[2013/06/24 20:25:46 | 095,023,320 | ---- | C] () -- C:\ProgramData\bdwg.pad
[2013/06/23 16:10:15 | 002,523,136 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2013/06/23 16:10:15 | 000,081,920 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2013/06/23 16:10:15 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2013/06/23 15:44:02 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/23 13:43:46 | 000,002,641 | ---- | C] () -- C:\Windows\System32\drivers\mfencrk.inf
[2013/06/23 13:43:44 | 000,002,951 | ---- | C] () -- C:\Windows\System32\drivers\mfencbdc.inf
[2013/06/18 11:29:10 | 000,097,296 | ---- | C] () -- C:\Users\saicoink\Documents\An Nguyen-CV.pdf
[2013/06/17 00:30:01 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\vlcplayer.exe
[2013/06/17 00:30:00 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\teamviewer.exe
[2013/06/17 00:30:00 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\flashplayer.exe
[2013/06/17 00:11:07 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\chrome.exe
[2013/06/17 00:11:07 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\acrobatreader.exe
[2013/06/15 19:01:02 | 000,000,340 | -H-- | C] () -- C:\Windows\tasks\{4538A45A-66C1-4743-98EC-EED8C1B8896C}.job
[2013/06/15 19:00:56 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\notepad.exe
[2013/06/15 19:00:56 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\jucheck.exe
[2013/06/15 19:00:55 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\acrobat.exe
[2013/06/15 19:00:54 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\mstsc.exe
[2013/06/15 19:00:54 | 000,000,000 | ---- | C] () -- C:\Users\saicoink\icq.exe
[2012/08/21 03:30:47 | 000,014,244 | ---- | C] () -- C:\Windows\System32\Wacom_Tablet.dat
[2012/02/14 20:37:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/02/14 19:47:03 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2012/02/14 19:47:03 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012/02/14 19:46:59 | 000,239,869 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012/01/12 05:05:14 | 000,404,356 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/10/25 22:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
[2011/09/09 14:57:26 | 000,001,356 | ---- | C] () -- C:\Users\saicoink\AppData\Local\d3d9caps.dat
[2010/06/04 10:41:33 | 000,011,892 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2009/04/17 08:49:14 | 000,006,499 | ---- | C] () -- C:\Users\saicoink\AppData\Roaming\PrimoPDFSet.xml
[2008/07/15 10:23:26 | 000,000,247 | ---- | C] () -- C:\Users\saicoink\.jupload.properties
[2008/03/25 22:53:00 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007/11/05 14:01:06 | 000,191,488 | ---- | C] () -- C:\Users\saicoink\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/05 01:49:55 | 000,030,638 | ---- | C] () -- C:\Users\saicoink\AppData\Roaming\wklnhst.dat
[1999/07/06 20:00:00 | 000,000,006 | RHS- | C] () -- C:\ProgramData\D81EDBF9-D167-4011-B77D-211DF920EB80

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 08:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 00:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 05:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/07/09 23:44:24 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Ableton
[2008/08/30 22:54:40 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\acccore
[2011/10/30 15:38:05 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Audacity
[2010/02/18 13:02:39 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Auslogics
[2013/04/22 22:55:48 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\BHOK IT Consulting
[2013/03/06 02:42:14 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\BitTorrent
[2008/03/12 15:49:33 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\BitTorrent DNA
[2009/03/07 02:30:09 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Broad Intelligence
[2013/05/08 10:14:44 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Canon
[2010/08/24 22:10:12 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\CELSYS
[2010/06/19 18:28:26 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\DNA
[2012/07/12 14:57:00 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Downloaded Installations
[2012/02/25 03:21:36 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Dropbox
[2008/07/10 09:57:11 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\e frontier
[2013/01/14 22:40:10 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Feedreader
[2009/07/09 22:51:39 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Genie-Soft
[2009/03/07 02:22:52 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\GetRightToGo
[2010/07/09 23:25:02 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\MixVibes
[2009/03/07 02:09:32 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Moyea
[2012/02/25 11:45:23 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\muvee Technologies
[2013/06/18 03:03:21 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Nitro PDF
[2007/11/04 19:05:46 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Opera
[2012/01/22 13:40:59 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\RenPy
[2008/03/09 17:18:49 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Scientific Software
[2010/08/24 22:07:04 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Smith Micro
[2007/11/04 18:24:42 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Snapfish
[2011/12/19 23:23:30 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Sony
[2009/04/05 11:38:21 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\SYSTEMAX Software Development
[2007/11/05 01:50:01 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Template

========== Purity Check ==========



========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB53243$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:30FD0CBD
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8CE646EE

< End of report >
  • 0

Advertisements


#2
lillie_nemo

lillie_nemo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Sorry to bump the thread, but poking around it seems that the explorer.exe itself might be corrupted. I'm a bit weary to go through the process to replace explorer.exe and downloading clean .exe as suggested in this link: http://deletemalware...ransomware.html

Would appreciate any advice. Thanks again.
  • 0

#3
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hello and welcome to Geeks to Go. I am sorry that you are having troubles with your computer and will try my best to help you. I know that being infected is very frustrating, but I will be here to help you through the whole process of cleaning. Removing malware can be difficult and complicated and will most likely take many steps, so please stick with me until I have declared your computer clean. I always recommend printing my instructions before following them in case you cannot keep this webpage open. Please be sure to alway follow all steps exactly as they are written and let me know what happens each time. Stop and ask if something unexpected happens or if you are unsure of how to proceed.

Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

Sorry to bump the thread, but poking around it seems that the explorer.exe itself might be corrupted. I'm a bit weary to go through the process to replace explorer.exe and downloading clean .exe as suggested in this link: http://deletemalware...ransomware.html



It's never a good idea to download system files from the internet. You have a different variant than that also.

I will post some instructions for you soon. Please refrain from any self-fixes while I am helping you, as it can confuse my efforts.
  • 0

#4
lillie_nemo

lillie_nemo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Buddierdl - Thank you so much for responding and for helping me out!! Just like you suggested I haven't downloaded that system file or done anything else since I made the original post.
  • 0

#5
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Let's get started. This looks kind of nasty.



Step 1: Run OTL fix. We need to be able to run a fix in OTL. I assume that you used Safe Mode with Command Prompt to run OTL at first from a flash drive. If so, please copy the attached fix to the same flash drive and then run OTL in the same way as before. This time click the Run Fix button at the top. A box should pop up asking you for the location of the fix and you should select the fix on your flash drive. If this doesn't work, let me know and we'll try something else. Only continue with the steps below if you can run the fix and the computer will boot normally.

Attached File  fix.txt   2.31KB   59 downloads


Please post the log it produces in your next reply. It should be located in C:\_OTL\MovedFiles.

Step 2: Restore service.

Please download winmgmt.reg to your desktop, right click on it and select "Merge."

Step 3: Run TDSSKiller.


Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 4: Run Farbar's Service Scanner.


Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the all of the options are checked:

    Posted Image
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Things I need in your next reply:
  • OTL fix log
  • TDSSKiller log
  • FSS log
  • How is your computer running now?

  • 0

#6
lillie_nemo

lillie_nemo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Okay, I just ran the OTL fix.

Restarted and the Ukash screen does not show but there is a window called 'system configuration' that tell me that I am currently in diagnostic or selective startup mode.

Dialog saying that process run32dll was also stopped.

Can I proceed to the next step or should I try to reboot into normal mode? I will not turn off or restart the computer until I hear from you.

This is the notepad txt file that opened automatically during startup. It appears to be the same as the OTL log on my flash drive:

========== COMMANDS ==========
System Restore Service not available.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@viewpoint.com/VMP\ deleted successfully.
C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon32.exe deleted successfully.
File move failed. c:\ProgramData\gwdb.dat scheduled to be moved on reboot.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\efbfcafebeccad deleted successfully.
C:\Users\saicoink\AppData\Local\6e526fb3-f185-47c6-afe5-140b57ec9c52ad\efbfcafebeccad.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\java.com\ deleted successfully.
C:\ProgramData\rundll32.exe moved successfully.
C:\Users\saicoink\AppData\Local\6e526fb3-f185-47c6-afe5-140b57ec9c52ad folder moved successfully.
C:\ProgramData\bdwg.pad moved successfully.
C:\Users\saicoink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk moved successfully.
C:\ProgramData\bdwg.js moved successfully.
C:\Users\saicoink\vlcplayer.exe moved successfully.
C:\Users\saicoink\teamviewer.exe moved successfully.
C:\Users\saicoink\flashplayer.exe moved successfully.
C:\Users\saicoink\chrome.exe moved successfully.
C:\Users\saicoink\acrobatreader.exe moved successfully.
C:\Users\saicoink\notepad.exe moved successfully.
C:\Users\saicoink\jucheck.exe moved successfully.
C:\Users\saicoink\acrobat.exe moved successfully.
C:\Users\saicoink\mstsc.exe moved successfully.
C:\Users\saicoink\icq.exe moved successfully.
ADS C:\ProgramData\TEMP:30FD0CBD deleted successfully.
ADS C:\ProgramData\TEMP:8CE646EE deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 06252013_200745

Files\Folders moved on Reboot...
File move failed. c:\ProgramData\gwdb.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Edited by lillie_nemo, 25 June 2013 - 06:23 PM.

  • 0

#7
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Please continue in Normal Boot if you can.
  • 0

#8
lillie_nemo

lillie_nemo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Thank you so much for the help. I'm really appreciating it.

Was able to restart in normal mode.
Ran TDSS - all suspiscious files, no malicious. Was not prompted to restart.

Now waiting for your further directions.

edit: Forgot to add that Ukash is not loading and the Windows Security Center icon is not there in the icon tray. The computer seems to be running fine though I am not opening any files or attempting to do much of anything at the moment. McAfee icon is loaded in icon try.

TDSS log:
20:33:20.0730 0884 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:33:21.0853 0884 ============================================================
20:33:21.0853 0884 Current date / time: 2013/06/25 20:33:21.0853
20:33:21.0853 0884 SystemInfo:
20:33:21.0853 0884
20:33:21.0853 0884 OS Version: 6.0.6000 ServicePack: 0.0
20:33:21.0853 0884 Product type: Workstation
20:33:21.0853 0884 ComputerName: ENFLEUR
20:33:21.0853 0884 UserName: saicoink
20:33:21.0853 0884 Windows directory: C:\Windows
20:33:21.0853 0884 System windows directory: C:\Windows
20:33:21.0853 0884 Processor architecture: Intel x86
20:33:21.0853 0884 Number of processors: 4
20:33:21.0853 0884 Page size: 0x1000
20:33:21.0853 0884 Boot type: Normal boot
20:33:21.0853 0884 ============================================================
20:33:22.0415 0884 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:33:22.0446 0884 Drive \Device\Harddisk5\DR5 - Size: 0xF5F00000 (3.84 Gb), SectorSize: 0x200, Cylinders: 0x1F5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:33:22.0446 0884 ============================================================
20:33:22.0446 0884 \Device\Harddisk0\DR0:
20:33:22.0446 0884 MBR partitions:
20:33:22.0446 0884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2D75E835
20:33:22.0446 0884 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2D75E874, BlocksNum 0x11D944D
20:33:22.0446 0884 \Device\Harddisk5\DR5:
20:33:22.0446 0884 MBR partitions:
20:33:22.0446 0884 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x777BE0
20:33:22.0446 0884 ============================================================
20:33:22.0508 0884 C: <-> \Device\Harddisk0\DR0\Partition1
20:33:22.0618 0884 D: <-> \Device\Harddisk0\DR0\Partition2
20:33:22.0618 0884 ============================================================
20:33:22.0618 0884 Initialize success
20:33:22.0618 0884 ============================================================
20:33:44.0114 3884 Deinitialize success

FSS log:
Farbar Service Scanner Version: 16-06-2013
Ran by saicoink (administrator) on 25-06-2013 at 20:43:50
Running from "C:\Users\saicoink\Desktop"
Windows Vista ™ Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2009-09-09 09:58] - [2009-08-14 10:24] - 0813568 ____A (Microsoft Corporation) 300208927321066EA53761FDC98747C6

C:\Windows\system32\dnsrslvr.dll
[2008-04-08 16:04] - [2007-12-16 07:49] - 0084480 ____N (Microsoft Corporation) 05D7E62FD2EABAD579EB4D0C29245EEC

C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2007-11-04 18:36] - [2007-11-04 18:36] - 0265912 ____A (Microsoft Corporation) 0D5AD0E71FF5DDAC5DD2F443B499ABD0

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2007-11-04 18:32] - [2007-11-04 18:32] - 0178688 ____N (Microsoft Corporation) 637D942341DE63F91EED1A9847BA2471

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by lillie_nemo, 25 June 2013 - 06:53 PM.

  • 0

#9
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Is there another TDSSKiller log?

Can you connect to the internet?
  • 0

#10
lillie_nemo

lillie_nemo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
I put in the Internet cable and immediately Ukash starts again. I quickly take it out.
Now none of the icons and explorer.exe not running but I am running task manager and attempting to get the other TDSS file using cmd. Please wait a moment.
  • 0

Advertisements


#11
lillie_nemo

lillie_nemo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Okay here is the larger TDSS file. I think this is what you are looking for. I'm currently still open cmd, haven't restarted the computer yet but Ukash screen not appear.

20:35:33.0775 3624 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:35:33.0993 3624 ============================================================
20:35:33.0993 3624 Current date / time: 2013/06/25 20:35:33.0993
20:35:33.0993 3624 SystemInfo:
20:35:33.0993 3624
20:35:33.0993 3624 OS Version: 6.0.6000 ServicePack: 0.0
20:35:33.0993 3624 Product type: Workstation
20:35:33.0993 3624 ComputerName: ENFLEUR
20:35:33.0993 3624 UserName: saicoink
20:35:33.0993 3624 Windows directory: C:\Windows
20:35:33.0993 3624 System windows directory: C:\Windows
20:35:33.0993 3624 Processor architecture: Intel x86
20:35:33.0993 3624 Number of processors: 4
20:35:33.0993 3624 Page size: 0x1000
20:35:33.0993 3624 Boot type: Normal boot
20:35:33.0993 3624 ============================================================
20:35:41.0996 3624 BG loaded
20:35:43.0712 3624 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:35:43.0790 3624 ============================================================
20:35:43.0790 3624 \Device\Harddisk0\DR0:
20:35:43.0806 3624 MBR partitions:
20:35:43.0806 3624 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2D75E835
20:35:43.0806 3624 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2D75E874, BlocksNum 0x11D944D
20:35:43.0806 3624 ============================================================
20:35:43.0977 3624 C: <-> \Device\Harddisk0\DR0\Partition1
20:35:46.0146 3624 D: <-> \Device\Harddisk0\DR0\Partition2
20:35:46.0146 3624 ============================================================
20:35:46.0146 3624 Initialize success
20:35:46.0146 3624 ============================================================
20:36:48.0631 2712 ============================================================
20:36:48.0631 2712 Scan started
20:36:48.0632 2712 Mode: Manual; SigCheck; TDLFS;
20:36:48.0632 2712 ============================================================
20:36:55.0098 2712 ================ Scan system memory ========================
20:36:55.0098 2712 System memory - ok
20:36:55.0098 2712 ================ Scan services =============================
20:36:55.0466 2712 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
20:36:55.0851 2712 ACPI - ok
20:36:55.0949 2712 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
20:36:55.0986 2712 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
20:36:55.0986 2712 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
20:36:56.0323 2712 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
20:36:56.0407 2712 AdobeActiveFileMonitor6.0 - ok
20:36:56.0472 2712 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:36:56.0593 2712 adp94xx - ok
20:36:56.0628 2712 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:36:56.0668 2712 adpahci - ok
20:36:56.0696 2712 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:36:56.0770 2712 adpu160m - ok
20:36:56.0794 2712 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:36:56.0825 2712 adpu320 - ok
20:36:56.0888 2712 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:36:57.0034 2712 AeLookupSvc - ok
20:36:57.0072 2712 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
20:36:57.0261 2712 AFD - ok
20:36:57.0307 2712 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:36:57.0361 2712 agp440 - ok
20:36:57.0411 2712 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:36:57.0438 2712 aic78xx - ok
20:36:57.0760 2712 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
20:36:57.0823 2712 AlertService ( UnsignedFile.Multi.Generic ) - warning
20:36:57.0823 2712 AlertService - detected UnsignedFile.Multi.Generic (1)
20:36:57.0839 2712 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
20:36:57.0907 2712 ALG - ok
20:36:57.0940 2712 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
20:36:57.0993 2712 aliide - ok
20:36:58.0063 2712 [ 89DD6104E542552DAF25F42A30F75E08 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:36:58.0141 2712 AMD External Events Utility - ok
20:36:58.0167 2712 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:36:58.0184 2712 amdagp - ok
20:36:58.0208 2712 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
20:36:58.0231 2712 amdide - ok
20:36:58.0251 2712 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:36:58.0339 2712 AmdK7 - ok
20:36:58.0364 2712 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:36:58.0442 2712 AmdK8 - ok
20:37:00.0407 2712 [ 03AC6735672F15CEAAB502E4349286E0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:37:01.0182 2712 amdkmdag - ok
20:37:01.0297 2712 [ F566C90E4BBE387E905130B6E490DCCD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:37:01.0375 2712 amdkmdap - ok
20:37:01.0402 2712 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
20:37:01.0451 2712 Appinfo - ok
20:37:01.0679 2712 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:37:01.0688 2712 Apple Mobile Device - ok
20:37:01.0711 2712 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
20:37:01.0737 2712 arc - ok
20:37:01.0797 2712 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:37:01.0859 2712 arcsas - ok
20:37:01.0921 2712 [ B979979AB8027F7F53FB16EC4229B7DB ] ASPI32 C:\Windows\system32\drivers\ASPI32.sys
20:37:01.0970 2712 ASPI32 ( UnsignedFile.Multi.Generic ) - warning
20:37:01.0971 2712 ASPI32 - detected UnsignedFile.Multi.Generic (1)
20:37:02.0003 2712 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:37:02.0115 2712 AsyncMac - ok
20:37:02.0157 2712 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\drivers\atapi.sys
20:37:02.0200 2712 atapi - ok
20:37:02.0248 2712 [ F71B6EE018EADF4CFD52F3C83847E5F6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
20:37:02.0454 2712 AtiHDAudioService - ok
20:37:02.0480 2712 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:37:02.0586 2712 AudioEndpointBuilder - ok
20:37:02.0599 2712 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:37:02.0656 2712 Audiosrv - ok
20:37:02.0988 2712 [ B5D974C1FD078A68C7536C561B031D39 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
20:37:04.0026 2712 Automatic LiveUpdate Scheduler - ok
20:37:04.0057 2712 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
20:37:04.0161 2712 Beep - ok
20:37:04.0286 2712 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
20:37:04.0366 2712 BFE - ok
20:37:04.0564 2712 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
20:37:04.0727 2712 BITS - ok
20:37:04.0735 2712 blbdrive - ok
20:37:04.0778 2712 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:37:04.0856 2712 bowser - ok
20:37:04.0893 2712 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:37:05.0000 2712 BrFiltLo - ok
20:37:05.0033 2712 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:37:05.0090 2712 BrFiltUp - ok
20:37:05.0121 2712 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
20:37:05.0179 2712 Browser - ok
20:37:05.0203 2712 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:37:05.0250 2712 Brserid - ok
20:37:05.0270 2712 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:37:05.0291 2712 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
20:37:05.0291 2712 BrSerWdm - detected UnsignedFile.Multi.Generic (1)
20:37:05.0309 2712 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:37:05.0390 2712 BrUsbMdm - ok
20:37:05.0409 2712 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:37:05.0469 2712 BrUsbSer - ok
20:37:05.0492 2712 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:37:05.0574 2712 BTHMODEM - ok
20:37:05.0598 2712 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:37:05.0701 2712 cdfs - ok
20:37:05.0707 2712 cdrom - ok
20:37:05.0749 2712 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
20:37:05.0828 2712 CertPropSvc - ok
20:37:05.0909 2712 [ 1311AAAC5A27B445FE51400C6F41CEE3 ] cfwids C:\Windows\system32\drivers\cfwids.sys
20:37:05.0920 2712 cfwids - ok
20:37:05.0944 2712 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
20:37:06.0009 2712 circlass - ok
20:37:06.0060 2712 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
20:37:06.0083 2712 CLFS - ok
20:37:06.0233 2712 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:37:06.0258 2712 clr_optimization_v2.0.50727_32 - ok
20:37:06.0272 2712 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:37:06.0295 2712 cmdide - ok
20:37:06.0307 2712 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:37:06.0337 2712 Compbatt - ok
20:37:06.0341 2712 COMSysApp - ok
20:37:06.0355 2712 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:37:06.0387 2712 crcdisk - ok
20:37:06.0415 2712 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:37:06.0495 2712 Crusoe - ok
20:37:06.0530 2712 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:37:06.0613 2712 CryptSvc - ok
20:37:06.0690 2712 [ F054744F67576A01139885173392502B ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfo.sys
20:37:06.0723 2712 CrystalSysInfo - ok
20:37:06.0852 2712 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
20:37:07.0026 2712 DcomLaunch - ok
20:37:07.0049 2712 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:37:07.0111 2712 DfsC - ok
20:37:07.0143 2712 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:37:07.0209 2712 Dhcp - ok
20:37:07.0232 2712 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
20:37:07.0302 2712 disk - ok
20:37:07.0346 2712 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:37:07.0420 2712 Dnscache - ok
20:37:07.0463 2712 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
20:37:07.0562 2712 dot3svc - ok
20:37:07.0629 2712 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
20:37:07.0988 2712 DPS - ok
20:37:08.0079 2712 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
20:37:08.0236 2712 DQLWinService ( UnsignedFile.Multi.Generic ) - warning
20:37:08.0236 2712 DQLWinService - detected UnsignedFile.Multi.Generic (1)
20:37:08.0274 2712 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:37:08.0429 2712 drmkaud - ok
20:37:08.0652 2712 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:37:09.0156 2712 DXGKrnl - ok
20:37:09.0223 2712 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
20:37:09.0458 2712 e1express - ok
20:37:09.0565 2712 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:37:09.0810 2712 E1G60 - ok
20:37:09.0866 2712 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
20:37:09.0957 2712 EapHost - ok
20:37:09.0991 2712 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
20:37:10.0035 2712 Ecache - ok
20:37:10.0218 2712 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:37:10.0364 2712 ehRecvr - ok
20:37:10.0387 2712 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:37:10.0438 2712 ehSched - ok
20:37:10.0454 2712 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:37:10.0559 2712 ehstart - ok
20:37:10.0654 2712 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:37:10.0725 2712 elxstor - ok
20:37:10.0907 2712 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:37:11.0152 2712 EMDMgmt - ok
20:37:11.0297 2712 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
20:37:11.0379 2712 EventSystem - ok
20:37:11.0427 2712 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:37:11.0551 2712 fastfat - ok
20:37:11.0584 2712 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:37:11.0679 2712 fdc - ok
20:37:11.0716 2712 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
20:37:11.0776 2712 fdPHost - ok
20:37:11.0805 2712 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:37:11.0880 2712 FDResPub - ok
20:37:11.0949 2712 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:37:11.0997 2712 FileInfo - ok
20:37:12.0047 2712 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:37:12.0238 2712 Filetrace - ok
20:37:12.0348 2712 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:37:12.0463 2712 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:37:12.0463 2712 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
20:37:12.0520 2712 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:37:12.0621 2712 flpydisk - ok
20:37:12.0650 2712 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:37:12.0694 2712 FltMgr - ok
20:37:12.0794 2712 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:37:12.0821 2712 FontCache3.0.0.0 - ok
20:37:12.0861 2712 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:37:12.0945 2712 Fs_Rec - ok
20:37:12.0995 2712 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:37:13.0035 2712 gagp30kx - ok
20:37:13.0076 2712 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:37:13.0108 2712 GEARAspiWDM - ok
20:37:13.0145 2712 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
20:37:13.0266 2712 gpsvc - ok
20:37:13.0300 2712 [ 1D85AC0C6A8CF43B654695D7947C6823 ] hcw18bda C:\Windows\system32\drivers\hcw18bda.sys
20:37:13.0407 2712 hcw18bda - ok
20:37:13.0607 2712 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:37:13.0698 2712 HdAudAddService - ok
20:37:13.0736 2712 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:37:13.0779 2712 HDAudBus - ok
20:37:13.0802 2712 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:37:13.0858 2712 HidBth - ok
20:37:13.0895 2712 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:37:13.0953 2712 HidIr - ok
20:37:13.0990 2712 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
20:37:14.0046 2712 hidserv - ok
20:37:14.0075 2712 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:37:14.0154 2712 HidUsb - ok
20:37:14.0530 2712 [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
20:37:14.0614 2712 HipShieldK - ok
20:37:14.0771 2712 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
20:37:14.0905 2712 hkmsvc - ok
20:37:15.0386 2712 [ C966B6448B935E7E025E00561BC47743 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
20:37:15.0452 2712 HomeNetSvc - ok
20:37:15.0613 2712 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:37:15.0689 2712 HpCISSs - ok
20:37:15.0946 2712 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
20:37:17.0123 2712 HSF_DP - ok
20:37:17.0267 2712 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
20:37:17.0365 2712 HSXHWBS2 - ok
20:37:17.0602 2712 [ 5637078F2AB4E28F0E308A26089D9C92 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:37:17.0808 2712 HTTP - ok
20:37:17.0888 2712 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:37:17.0954 2712 i2omp - ok
20:37:18.0030 2712 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:37:18.0071 2712 i8042prt ( UnsignedFile.Multi.Generic ) - warning
20:37:18.0071 2712 i8042prt - detected UnsignedFile.Multi.Generic (1)
20:37:18.0267 2712 [ D72F2A013ADA9E2DDA417887A8DFD217 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
20:37:18.0316 2712 IAANTMON ( UnsignedFile.Multi.Generic ) - warning
20:37:18.0316 2712 IAANTMON - detected UnsignedFile.Multi.Generic (1)
20:37:18.0417 2712 [ DE01BF14FFB150C779FD561BD0E3C5C5 ] iaStor C:\Windows\system32\drivers\iastor.sys
20:37:18.0641 2712 iaStor - ok
20:37:18.0754 2712 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:37:19.0148 2712 iaStorV - ok
20:37:19.0269 2712 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:37:19.0297 2712 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:37:19.0297 2712 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:37:19.0441 2712 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:37:19.0532 2712 idsvc - ok
20:37:19.0566 2712 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:37:19.0602 2712 iirsp - ok
20:37:19.0669 2712 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
20:37:19.0817 2712 IKEEXT - ok
20:37:20.0337 2712 [ 4A705BF2A6F7972F2F2AD8A0D8079F95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:37:20.0597 2712 IntcAzAudAddService - ok
20:37:20.0773 2712 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
20:37:20.0809 2712 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - warning
20:37:20.0809 2712 IntelDHSvcConf - detected UnsignedFile.Multi.Generic (1)
20:37:20.0893 2712 [ 988981C840084F480BA9E3319CEBDE1B ] intelide C:\Windows\system32\drivers\intelide.sys
20:37:20.0941 2712 intelide - ok
20:37:20.0999 2712 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:37:21.0102 2712 intelppm - ok
20:37:21.0283 2712 [ 7BDB4E00E1CB174B56E5B2C31DDE68A7 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
20:37:21.0373 2712 IntuitUpdateService - ok
20:37:21.0431 2712 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:37:21.0501 2712 IPBusEnum - ok
20:37:21.0528 2712 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:37:21.0653 2712 IpFilterDriver - ok
20:37:21.0738 2712 [ 637D942341DE63F91EED1A9847BA2471 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:37:21.0850 2712 iphlpsvc - ok
20:37:21.0855 2712 IpInIp - ok
20:37:21.0908 2712 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:37:21.0998 2712 IPMIDRV - ok
20:37:22.0090 2712 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:37:22.0225 2712 IPNAT - ok
20:37:22.0486 2712 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:37:22.0618 2712 iPod Service - ok
20:37:22.0650 2712 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:37:22.0737 2712 IRENUM - ok
20:37:22.0807 2712 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:37:22.0875 2712 isapnp - ok
20:37:22.0915 2712 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:37:22.0944 2712 iScsiPrt - ok
20:37:22.0994 2712 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
20:37:23.0068 2712 ISSM ( UnsignedFile.Multi.Generic ) - warning
20:37:23.0068 2712 ISSM - detected UnsignedFile.Multi.Generic (1)
20:37:23.0095 2712 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:37:23.0120 2712 iteatapi - ok
20:37:23.0134 2712 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:37:23.0159 2712 iteraid - ok
20:37:23.0204 2712 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:37:23.0239 2712 kbdclass - ok
20:37:23.0311 2712 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:37:23.0346 2712 kbdhid ( UnsignedFile.Multi.Generic ) - warning
20:37:23.0346 2712 kbdhid - detected UnsignedFile.Multi.Generic (1)
20:37:23.0412 2712 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
20:37:23.0499 2712 KeyIso - ok
20:37:23.0676 2712 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:37:23.0795 2712 KSecDD - ok
20:37:23.0983 2712 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
20:37:24.0231 2712 KtmRm - ok
20:37:24.0312 2712 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
20:37:24.0383 2712 LanmanServer - ok
20:37:24.0466 2712 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:37:24.0525 2712 LanmanWorkstation - ok
20:37:24.0575 2712 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:37:24.0587 2712 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:37:24.0587 2712 LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:37:24.0939 2712 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
20:37:25.0090 2712 LiveUpdate - ok
20:37:25.0173 2712 LiveUpdate Notice Ex - ok
20:37:25.0321 2712 [ DEB2A99C1AD9B9190C78E895AE60A745 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
20:37:25.0452 2712 LiveUpdate Notice Service - ok
20:37:25.0489 2712 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:37:25.0623 2712 lltdio - ok
20:37:25.0662 2712 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:37:25.0729 2712 lltdsvc - ok
20:37:25.0752 2712 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:37:25.0864 2712 lmhosts - ok
20:37:25.0939 2712 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:37:25.0976 2712 LSI_FC - ok
20:37:25.0996 2712 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:37:26.0041 2712 LSI_SAS - ok
20:37:26.0066 2712 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:37:26.0114 2712 LSI_SCSI - ok
20:37:26.0145 2712 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
20:37:26.0235 2712 luafv - ok
20:37:26.0270 2712 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
20:37:26.0296 2712 M1 Server ( UnsignedFile.Multi.Generic ) - warning
20:37:26.0296 2712 M1 Server - detected UnsignedFile.Multi.Generic (1)
20:37:26.0426 2712 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:37:26.0439 2712 MBAMProtector - ok
20:37:26.0694 2712 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:37:26.0745 2712 MBAMScheduler - ok
20:37:26.0952 2712 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:37:27.0034 2712 MBAMService - ok
20:37:27.0089 2712 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
20:37:27.0117 2712 MCLServiceATL ( UnsignedFile.Multi.Generic ) - warning
20:37:27.0117 2712 MCLServiceATL - detected UnsignedFile.Multi.Generic (1)
20:37:27.0137 2712 [ C966B6448B935E7E025E00561BC47743 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
20:37:27.0168 2712 McMPFSvc - ok
20:37:27.0176 2712 [ C966B6448B935E7E025E00561BC47743 ] McNaiAnn C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
20:37:27.0192 2712 McNaiAnn - ok
20:37:27.0409 2712 [ 02A1B24273643B3F3542E73C12540599 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
20:37:27.0461 2712 McODS - ok
20:37:27.0467 2712 [ C966B6448B935E7E025E00561BC47743 ] mcpltsvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
20:37:27.0503 2712 mcpltsvc - ok
20:37:27.0510 2712 [ C966B6448B935E7E025E00561BC47743 ] McProxy C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
20:37:27.0531 2712 McProxy - ok
20:37:27.0565 2712 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:37:27.0600 2712 Mcx2Svc - ok
20:37:27.0632 2712 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:37:27.0667 2712 mdmxsdk - ok
20:37:27.0695 2712 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
20:37:27.0731 2712 megasas - ok
20:37:27.0798 2712 [ 0BF2E50CBA6123DDB20718E926031C3B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
20:37:27.0848 2712 mfeapfk - ok
20:37:27.0947 2712 [ 53B5197B7660B33DABDB17384450AD45 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:37:28.0018 2712 mfeavfk - ok
20:37:28.0147 2712 [ E13A1A37B5ED199333A0B1FFDBE009E2 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
20:37:28.0217 2712 mfebopk - ok
20:37:28.0558 2712 [ F83F25652D6B91F15630541429A216B4 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
20:37:28.0670 2712 mfecore - ok
20:37:28.0872 2712 [ 9721E7EDB7F47CD9F8D02C9369052630 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:37:28.0919 2712 mfefire - ok
20:37:29.0915 2712 [ B148A220460F3A4681585AAE0719B491 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
20:37:29.0944 2712 mfefirek - ok
20:37:30.0177 2712 [ A6CC801998A0FB33D47460D481A648BE ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:37:30.0320 2712 mfehidk - ok
20:37:30.0649 2712 [ 6B11AC33AF005FF8DF52B23B9491AB5A ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
20:37:30.0708 2712 mfencbdc - ok
20:37:30.0849 2712 [ 87DEB000657A1A0F81789B0154BF28AA ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
20:37:30.0912 2712 mfencrk - ok
20:37:30.0990 2712 [ 835F53753DD2A5B579EF22DA2B7B1923 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
20:37:31.0049 2712 mfenlfk - ok
20:37:31.0140 2712 [ B0CAF93E72327D7E7040C6C8DDB83876 ] mfetdi2k C:\Windows\system32\drivers\mfetdi2k.sys
20:37:31.0184 2712 mfetdi2k - ok
20:37:31.0425 2712 [ D7174549A3B550501C96B49DDF9EDF88 ] mfevtp C:\Windows\system32\mfevtps.exe
20:37:31.0498 2712 mfevtp - ok
20:37:31.0607 2712 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
20:37:31.0701 2712 MMCSS - ok
20:37:31.0712 2712 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
20:37:31.0812 2712 Modem - ok
20:37:31.0860 2712 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:37:31.0939 2712 monitor - ok
20:37:31.0969 2712 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:37:32.0020 2712 mouclass - ok
20:37:32.0100 2712 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:37:32.0136 2712 mouhid ( UnsignedFile.Multi.Generic ) - warning
20:37:32.0136 2712 mouhid - detected UnsignedFile.Multi.Generic (1)
20:37:32.0224 2712 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:37:32.0413 2712 MountMgr - ok
20:37:32.0903 2712 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:37:32.0952 2712 MozillaMaintenance - ok
20:37:32.0996 2712 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
20:37:33.0033 2712 mpio - ok
20:37:33.0073 2712 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:37:33.0125 2712 mpsdrv - ok
20:37:33.0232 2712 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
20:37:33.0368 2712 MpsSvc - ok
20:37:33.0410 2712 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:37:34.0172 2712 Mraid35x - ok
20:37:34.0205 2712 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:37:34.0301 2712 MRxDAV - ok
20:37:34.0397 2712 [ 529B64F9735D27FEF1B8EA1678F8C79E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:37:34.0473 2712 mrxsmb - ok
20:37:34.0549 2712 [ 2BBD3970018270D2C6A0B069F568154E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:37:34.0609 2712 mrxsmb10 - ok
20:37:34.0626 2712 [ 30A67C7D8B80281028916DED6A64AEC9 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:37:34.0669 2712 mrxsmb20 - ok
20:37:34.0694 2712 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
20:37:34.0740 2712 msahci - ok
20:37:34.0874 2712 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
20:37:34.0897 2712 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:37:34.0897 2712 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
20:37:34.0917 2712 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:37:34.0957 2712 msdsm - ok
20:37:35.0009 2712 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
20:37:35.0050 2712 MSDTC - ok
20:37:35.0069 2712 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:37:35.0140 2712 Msfs - ok
20:37:35.0174 2712 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:37:35.0193 2712 msisadrv - ok
20:37:35.0234 2712 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:37:35.0293 2712 MSiSCSI - ok
20:37:35.0297 2712 msiserver - ok
20:37:35.0322 2712 [ C966B6448B935E7E025E00561BC47743 ] MSK80Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
20:37:35.0333 2712 MSK80Service - ok
20:37:35.0390 2712 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:37:35.0459 2712 MSKSSRV - ok
20:37:35.0492 2712 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:37:35.0538 2712 MSPCLOCK - ok
20:37:35.0555 2712 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:37:35.0628 2712 MSPQM - ok
20:37:35.0661 2712 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:37:35.0701 2712 MsRPC - ok
20:37:35.0720 2712 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:37:35.0744 2712 mssmbios - ok
20:37:35.0765 2712 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:37:35.0847 2712 MSTEE - ok
20:37:35.0866 2712 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
20:37:35.0885 2712 Mup - ok
20:37:35.0950 2712 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
20:37:36.0022 2712 napagent - ok
20:37:36.0061 2712 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:37:36.0111 2712 NativeWifiP - ok
20:37:36.0218 2712 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:37:36.0306 2712 NDIS - ok
20:37:36.0362 2712 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:37:36.0425 2712 NdisTapi - ok
20:37:36.0480 2712 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:37:36.0562 2712 Ndisuio - ok
20:37:36.0577 2712 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:37:36.0643 2712 NdisWan - ok
20:37:36.0786 2712 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:37:36.0861 2712 NDProxy - ok
20:37:36.0898 2712 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:37:36.0986 2712 NetBIOS - ok
20:37:37.0027 2712 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:37:37.0115 2712 netbt - ok
20:37:37.0187 2712 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
20:37:37.0217 2712 Netlogon - ok
20:37:37.0314 2712 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
20:37:37.0472 2712 Netman - ok
20:37:37.0551 2712 [ 986ACDECE933131288F1957DC359865F ] NETMDUSB C:\Windows\system32\Drivers\NETMDUSB.sys
20:37:37.0771 2712 NETMDUSB - ok
20:37:37.0854 2712 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
20:37:38.0006 2712 netprofm - ok
20:37:38.0181 2712 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:37:58.0799 2712 NetTcpPortSharing - ok
20:37:59.0028 2712 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:37:59.0098 2712 nfrd960 - ok
20:37:59.0463 2712 [ BD71AA430743613803FE92DE14137347 ] NitroDriverReadSpool2 C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
20:37:59.0963 2712 NitroDriverReadSpool2 - ok
20:38:00.0080 2712 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
20:38:00.0196 2712 NlaSvc - ok
20:38:00.0249 2712 [ 447108589F2074FFCD3FCFB690E43026 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
20:38:01.0364 2712 nlsX86cc - ok
20:38:01.0387 2712 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:38:01.0641 2712 Npfs - ok
20:38:01.0745 2712 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
20:38:01.0871 2712 nsi - ok
20:38:01.0924 2712 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:38:02.0014 2712 nsiproxy - ok
20:38:03.0284 2712 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:38:03.0787 2712 Ntfs - ok
20:38:03.0867 2712 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:38:04.0076 2712 ntrigdigi - ok
20:38:04.0117 2712 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
20:38:04.0194 2712 Null - ok
20:38:05.0635 2712 [ 2D892BB73314ECA5549B96F783BB45E8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:38:08.0367 2712 nvlddmkm - ok
20:38:08.0434 2712 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:38:08.0490 2712 nvraid - ok
20:38:08.0514 2712 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:38:08.0562 2712 nvstor - ok
20:38:08.0625 2712 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:38:08.0672 2712 nv_agp - ok
20:38:08.0678 2712 NwlnkFlt - ok
20:38:08.0684 2712 NwlnkFwd - ok
20:38:08.0822 2712 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:38:08.0907 2712 odserv - ok
20:38:08.0941 2712 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:38:09.0031 2712 ohci1394 - ok
20:38:09.0151 2712 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:38:09.0277 2712 ose - ok
20:38:09.0450 2712 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:38:09.0955 2712 p2pimsvc - ok
20:38:10.0192 2712 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
20:38:10.0337 2712 p2psvc - ok
20:38:10.0422 2712 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
20:38:10.0559 2712 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
20:38:10.0559 2712 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
20:38:10.0643 2712 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
20:38:10.0854 2712 Parport - ok
20:38:11.0041 2712 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:38:11.0096 2712 partmgr - ok
20:38:11.0120 2712 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:38:11.0231 2712 Parvdm - ok
20:38:11.0304 2712 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:38:11.0340 2712 PcaSvc - ok
20:38:11.0447 2712 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
20:38:11.0504 2712 pci - ok
20:38:11.0532 2712 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
20:38:11.0578 2712 pciide - ok
20:38:11.0637 2712 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:38:11.0691 2712 pcmcia - ok
20:38:11.0923 2712 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:38:12.0053 2712 PEAUTH - ok
20:38:13.0062 2712 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
20:38:13.0445 2712 pla - ok
20:38:13.0548 2712 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:38:13.0617 2712 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
20:38:13.0617 2712 PlugPlay - detected UnsignedFile.Multi.Generic (1)
20:38:13.0825 2712 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:38:13.0932 2712 PNRPAutoReg - ok
20:38:14.0004 2712 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:38:14.0132 2712 PNRPsvc - ok
20:38:14.0271 2712 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:38:14.0418 2712 PolicyAgent - ok
20:38:14.0466 2712 portio - ok
20:38:14.0555 2712 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:38:14.0656 2712 PptpMiniport - ok
20:38:14.0680 2712 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
20:38:14.0807 2712 Processor - ok
20:38:14.0933 2712 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
20:38:15.0025 2712 ProfSvc - ok
20:38:15.0086 2712 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:38:15.0131 2712 ProtectedStorage - ok
20:38:15.0178 2712 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
20:38:15.0192 2712 ProtexisLicensing - ok
20:38:15.0215 2712 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
20:38:15.0285 2712 Ps2 - ok
20:38:15.0333 2712 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:38:15.0384 2712 PSched - ok
20:38:15.0418 2712 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:38:15.0460 2712 PxHelp20 - ok
20:38:15.0773 2712 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:38:15.0851 2712 ql2300 - ok
20:38:15.0875 2712 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:38:36.0274 2712 ql40xx - ok
20:38:36.0439 2712 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
20:38:36.0545 2712 QWAVE - ok
20:38:36.0578 2712 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:38:36.0677 2712 QWAVEdrv - ok
20:38:36.0747 2712 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:39:07.0083 2712 RasAcd - ok
20:39:07.0434 2712 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
20:39:07.0520 2712 RasAuto - ok
20:39:07.0546 2712 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:39:07.0742 2712 Rasl2tp - ok
20:39:07.0807 2712 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
20:39:08.0061 2712 RasMan - ok
20:39:08.0147 2712 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:39:08.0263 2712 RasPppoe - ok
20:39:08.0388 2712 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:39:08.0505 2712 rdbss - ok
20:39:08.0841 2712 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\[email protected]
20:39:08.0982 2712 RDPCDD - ok
20:39:09.0367 2712 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:39:11.0875 2712 rdpdr - ok
20:39:11.0929 2712 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:39:12.0071 2712 RDPENCDD - ok
20:39:12.0293 2712 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:39:12.0393 2712 RDPWD - ok
20:39:12.0549 2712 [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
20:39:12.0770 2712 Remote UI Service ( UnsignedFile.Multi.Generic ) - warning
20:39:12.0770 2712 Remote UI Service - detected UnsignedFile.Multi.Generic (1)
20:39:12.0867 2712 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
20:39:12.0989 2712 RemoteAccess - ok
20:39:13.0052 2712 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:39:13.0165 2712 RemoteRegistry - ok
20:39:13.0560 2712 [ 062D1268CFCF569BA5FBCFD1BEA88D2A ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
20:39:26.0887 2712 RoxMediaDB9 - ok
20:39:27.0137 2712 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:39:27.0513 2712 RpcLocator - ok
20:39:27.0721 2712 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
20:39:28.0001 2712 RpcSs - ok
20:39:28.0062 2712 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:39:28.0199 2712 rspndr - ok
20:39:28.0265 2712 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
20:39:28.0316 2712 SamSs - ok
20:39:28.0462 2712 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:39:28.0823 2712 sbp2port - ok
20:39:29.0221 2712 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
20:39:30.0329 2712 SBSDWSCService - ok
20:39:30.0437 2712 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:39:30.0510 2712 SCardSvr - ok
20:39:30.0917 2712 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
20:39:31.0746 2712 Schedule ( UnsignedFile.Multi.Generic ) - warning
20:39:31.0746 2712 Schedule - detected UnsignedFile.Multi.Generic (1)
20:39:31.0948 2712 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:39:32.0154 2712 SCPolicySvc - ok
20:39:32.0297 2712 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:39:32.0653 2712 SDRSVC - ok
20:39:32.0782 2712 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:39:32.0950 2712 secdrv - ok
20:39:33.0039 2712 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
20:39:33.0102 2712 seclogon - ok
20:39:33.0291 2712 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
20:39:33.0391 2712 SENS - ok
20:39:33.0460 2712 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:39:33.0921 2712 Serenum - ok
20:39:34.0081 2712 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
20:39:34.0300 2712 Serial - ok
20:39:34.0552 2712 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:39:34.0758 2712 sermouse ( UnsignedFile.Multi.Generic ) - warning
20:39:34.0758 2712 sermouse - detected UnsignedFile.Multi.Generic (1)
20:39:34.0985 2712 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
20:39:35.0202 2712 SessionEnv - ok
20:39:35.0895 2712 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:39:36.0419 2712 sffdisk - ok
20:39:36.0663 2712 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:39:37.0169 2712 sffp_mmc - ok
20:39:37.0211 2712 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:39:37.0363 2712 sffp_sd - ok
20:39:37.0519 2712 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:39:37.0888 2712 sfloppy - ok
20:39:38.0111 2712 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:39:38.0266 2712 SharedAccess - ok
20:39:38.0679 2712 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:39:41.0042 2712 ShellHWDetection - ok
20:39:41.0077 2712 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:39:42.0342 2712 sisagp - ok
20:39:42.0391 2712 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:39:42.0456 2712 SiSRaid2 - ok
20:39:42.0513 2712 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:39:42.0681 2712 SiSRaid4 - ok
20:39:43.0470 2712 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
20:39:49.0422 2712 slsvc - ok
20:39:49.0557 2712 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:39:49.0619 2712 SLUINotify - ok
20:39:49.0719 2712 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:39:49.0817 2712 Smb - ok
20:39:49.0886 2712 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:39:49.0911 2712 SNMPTRAP - ok
20:39:50.0056 2712 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
20:39:50.0252 2712 SonicStage Back-End Service - ok
20:39:50.0424 2712 [ 1A623F2B69E1F182F995F963C55DB935 ] Sony Ericsson PCCompanion C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
20:39:50.0602 2712 Sony Ericsson PCCompanion ( UnsignedFile.Multi.Generic ) - warning
20:39:50.0603 2712 Sony Ericsson PCCompanion - detected UnsignedFile.Multi.Generic (1)
20:39:50.0668 2712 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
20:39:50.0702 2712 spldr - ok
20:39:50.0788 2712 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
20:39:50.0864 2712 Spooler - ok
20:39:50.0932 2712 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
20:39:51.0044 2712 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:39:51.0044 2712 SPTISRV - detected UnsignedFile.Multi.Generic (1)
20:39:51.0284 2712 [ C962E98179E54B769028C025C7E470A5 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:39:51.0564 2712 srv - ok
20:39:51.0680 2712 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:39:51.0893 2712 srv2 - ok
20:39:51.0964 2712 [ CD11A0767E82DD8B1A3A26D305DBEC0F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:39:52.0082 2712 srvnet - ok
20:39:52.0222 2712 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:39:52.0346 2712 SSDPSRV - ok
20:39:52.0597 2712 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
20:39:52.0633 2712 SSScsiSV - ok
20:39:52.0684 2712 [ 7A95B5DEB594616F1693486B8161411E ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
20:39:52.0763 2712 StillCam - ok
20:39:52.0838 2712 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
20:39:53.0001 2712 stisvc - ok
20:39:53.0148 2712 [ 4CFEB2BD9723489DA072B300940EA287 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:39:53.0210 2712 stllssvr - ok
20:39:53.0245 2712 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:39:53.0288 2712 swenum - ok
20:39:53.0376 2712 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
20:39:53.0543 2712 swprv - ok
20:39:53.0559 2712 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:39:53.0603 2712 Symc8xx - ok
20:39:53.0657 2712 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:39:53.0710 2712 Sym_hi - ok
20:39:53.0726 2712 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:39:56.0800 2712 Sym_u3 - ok
20:39:57.0104 2712 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
20:39:57.0367 2712 SysMain - ok
20:39:57.0455 2712 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:39:57.0753 2712 TabletInputService - ok
20:39:58.0884 2712 [ BA9D96EF2999EF216B18C70B574D8746 ] TabletServiceWacom C:\Windows\system32\Wacom_Tablet.exe
20:40:02.0798 2712 TabletServiceWacom - ok
20:40:02.0931 2712 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:40:03.0053 2712 TapiSrv - ok
20:40:03.0099 2712 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
20:40:03.0204 2712 TBS - ok
20:40:03.0409 2712 [ 300208927321066EA53761FDC98747C6 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:40:03.0683 2712 Tcpip - ok
20:40:03.0721 2712 [ 300208927321066EA53761FDC98747C6 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:40:03.0786 2712 Tcpip6 - ok
20:40:03.0884 2712 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:40:03.0954 2712 tcpipreg - ok
20:40:03.0983 2712 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:40:04.0070 2712 TDPIPE - ok
20:40:04.0156 2712 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:40:04.0293 2712 TDTCP - ok
20:40:04.0336 2712 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:40:04.0411 2712 tdx - ok
20:40:04.0456 2712 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:40:04.0489 2712 TermDD - ok
20:40:04.0583 2712 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
20:40:04.0749 2712 TermService - ok
20:40:04.0802 2712 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
20:40:04.0887 2712 Themes - ok
20:40:04.0981 2712 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
20:40:05.0116 2712 THREADORDER - ok
20:40:05.0210 2712 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
20:40:05.0330 2712 TrkWks - ok
20:40:05.0440 2712 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:40:05.0503 2712 TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
20:40:05.0503 2712 TrustedInstaller - detected UnsignedFile.Multi.Generic (1)
20:40:05.0599 2712 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:40:05.0697 2712 tssecsrv - ok
20:40:05.0793 2712 [ 75468777EE7CB712E984E27001BF07C2 ] TsService C:\Windows\system32\TsService.exe
20:40:05.0890 2712 TsService ( UnsignedFile.Multi.Generic ) - warning
20:40:05.0890 2712 TsService - detected UnsignedFile.Multi.Generic (1)
20:40:05.0941 2712 [ A858917785681743C512950FDFA14DB7 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:40:06.0070 2712 tunmp - ok
20:40:06.0101 2712 [ 29F1D1D888EE61D20D5662E72AA34129 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:40:06.0160 2712 tunnel - ok
20:40:06.0249 2712 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:40:06.0314 2712 uagp35 - ok
20:40:06.0409 2712 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:40:06.0573 2712 udfs - ok
20:40:06.0665 2712 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:40:06.0722 2712 UI0Detect - ok
20:40:06.0799 2712 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:40:06.0861 2712 uliagpkx - ok
20:40:06.0952 2712 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:40:07.0104 2712 uliahci - ok
20:40:07.0180 2712 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:40:07.0265 2712 UlSata - ok
20:40:07.0342 2712 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:40:07.0449 2712 ulsata2 - ok
20:40:07.0485 2712 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:40:07.0650 2712 umbus - ok
20:40:08.0377 2712 [ 4847639D852763EE39415C929470F672 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
20:40:08.0612 2712 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
20:40:08.0612 2712 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
20:40:08.0738 2712 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
20:40:08.0965 2712 upnphost - ok
20:40:09.0132 2712 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:40:09.0264 2712 USBAAPL - ok
20:40:09.0315 2712 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
20:40:09.0432 2712 usbccgp - ok
20:40:09.0462 2712 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:40:09.0546 2712 usbcir - ok
20:40:09.0582 2712 [ FB50F987304F907A0103B14A5F2F2344 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:40:09.0784 2712 usbehci - ok
20:40:09.0890 2712 [ 16675AB7E199635086AB0556137371F5 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:40:09.0960 2712 usbhub - ok
20:40:10.0003 2712 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:40:10.0115 2712 usbohci - ok
20:40:10.0159 2712 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:40:10.0275 2712 usbprint - ok
20:40:10.0380 2712 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:40:10.0515 2712 usbscan - ok
20:40:10.0559 2712 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:40:10.0689 2712 USBSTOR - ok
20:40:10.0721 2712 [ 165BB1F0801118DC86AA3FC87D3D101C ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:40:10.0849 2712 usbuhci - ok
20:40:10.0901 2712 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
20:40:10.0961 2712 UxSms - ok
20:40:11.0056 2712 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
20:40:11.0138 2712 vds - ok
20:40:11.0163 2712 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:40:11.0303 2712 vga - ok
20:40:11.0351 2712 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:40:11.0427 2712 VgaSave - ok
20:40:11.0452 2712 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:40:11.0486 2712 viaagp - ok
20:40:11.0520 2712 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:40:11.0637 2712 ViaC7 - ok
20:40:11.0652 2712 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
20:40:11.0709 2712 viaide - ok
20:40:11.0742 2712 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:40:11.0794 2712 volmgr - ok
20:40:11.0835 2712 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:40:11.0916 2712 volmgrx - ok
20:40:11.0979 2712 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:40:12.0025 2712 volsnap - ok
20:40:12.0078 2712 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:40:12.0156 2712 vsmraid - ok
20:40:12.0358 2712 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
20:40:12.0642 2712 VSS - ok
20:40:12.0731 2712 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
20:40:12.0817 2712 W32Time - ok
20:40:12.0889 2712 w800bus - ok
20:40:12.0949 2712 [ 8724531219AE3F9E3729012B61DCE527 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
20:40:12.0997 2712 wacmoumonitor - ok
20:40:13.0060 2712 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
20:40:13.0092 2712 wacommousefilter - ok
20:40:13.0117 2712 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:40:13.0237 2712 WacomPen - ok
20:40:13.0253 2712 wacomrouterfilter - ok
20:40:13.0294 2712 [ 51D580F30D1A1F2EA4965AF6ABC2BCB2 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
20:40:13.0319 2712 wacomvhid - ok
20:40:13.0379 2712 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:40:13.0472 2712 Wanarp - ok
20:40:13.0488 2712 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:40:13.0505 2712 Wanarpv6 - ok
20:40:13.0594 2712 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:40:13.0697 2712 wcncsvc - ok
20:40:13.0740 2712 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:40:16.0686 2712 WcsPlugInService - ok
20:40:16.0744 2712 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
20:40:16.0830 2712 Wd - ok
20:40:16.0959 2712 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:40:17.0072 2712 Wdf01000 - ok
20:40:17.0112 2712 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:40:17.0200 2712 WdiServiceHost - ok
20:40:17.0217 2712 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:40:17.0239 2712 WdiSystemHost - ok
20:40:17.0311 2712 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
20:40:17.0478 2712 WebClient - ok
20:40:17.0577 2712 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
20:40:17.0720 2712 Wecsvc - ok
20:40:17.0756 2712 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:40:17.0897 2712 wercplsupport - ok
20:40:17.0952 2712 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
20:40:18.0060 2712 WerSvc - ok
20:40:18.0293 2712 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:40:18.0500 2712 winachsf - ok
20:40:18.0668 2712 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:40:18.0736 2712 WinDefend - ok
20:40:18.0744 2712 WinHttpAutoProxySvc - ok
20:40:19.0092 2712 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:40:19.0234 2712 Winmgmt - ok
20:40:19.0370 2712 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
20:40:19.0571 2712 WinRM - ok
20:40:19.0683 2712 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:40:19.0955 2712 Wlansvc - ok
20:40:20.0004 2712 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:40:20.0121 2712 WmiAcpi - ok
20:40:20.0219 2712 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:40:20.0320 2712 wmiApSrv - ok
20:40:20.0579 2712 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:40:21.0032 2712 WMPNetworkSvc - ok
20:40:21.0159 2712 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:40:24.0126 2712 WPCSvc - ok
20:40:24.0196 2712 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:40:24.0295 2712 WPDBusEnum - ok
20:40:24.0423 2712 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:40:24.0583 2712 WpdUsb - ok
20:40:24.0673 2712 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:40:24.0790 2712 ws2ifsl - ok
20:40:24.0864 2712 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
20:40:24.0960 2712 wscsvc - ok
20:40:24.0966 2712 WSearch - ok
20:40:25.0476 2712 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
20:40:25.0678 2712 wuauserv - ok
20:40:25.0703 2712 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:40:25.0834 2712 WUDFRd - ok
20:40:25.0882 2712 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:40:25.0988 2712 wudfsvc - ok
20:40:26.0100 2712 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
20:40:26.0254 2712 XAudio - ok
20:40:26.0342 2712 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
20:40:26.0441 2712 XAudioService - ok
20:40:26.0448 2712 ================ Scan global ===============================
20:40:26.0719 2712 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
20:40:26.0859 2712 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
20:40:26.0965 2712 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
20:40:27.0068 2712 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
20:40:27.0099 2712 [Global] - ok
20:40:27.0100 2712 ================ Scan MBR ==================================
20:40:27.0119 2712 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
20:40:34.0307 2712 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:40:34.0307 2712 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:40:34.0307 2712 ================ Scan VBR ==================================
20:40:34.0326 2712 [ 0A5699119BF9E0198091AA677BAF6B12 ] \Device\Harddisk0\DR0\Partition1
20:40:34.0362 2712 \Device\Harddisk0\DR0\Partition1 - ok
20:40:34.0395 2712 [ D15113173991D850F29CF2D726FD035A ] \Device\Harddisk0\DR0\Partition2
20:40:34.0439 2712 \Device\Harddisk0\DR0\Partition2 - ok
20:40:34.0439 2712 ================ Scan active images ========================
20:40:34.0443 2712 [ 3596CB9EA8A12E6E858107912973EBFB ] C:\Windows\System32\drivers\crashdmp.sys
20:40:34.0443 2712 C:\Windows\System32\drivers\crashdmp.sys - ok
20:40:34.0449 2712 [ DE01BF14FFB150C779FD561BD0E3C5C5 ] C:\Windows\System32\drivers\iaStor.sys
20:40:34.0449 2712 C:\Windows\System32\drivers\iaStor.sys - ok
20:40:34.0455 2712 [ CE44CC04262F28216DD4341E9E36A16F ] C:\Windows\System32\drivers\intelppm.sys
20:40:34.0455 2712 C:\Windows\System32\drivers\intelppm.sys - ok
20:40:34.0460 2712 [ A858917785681743C512950FDFA14DB7 ] C:\Windows\System32\drivers\TUNMP.SYS
20:40:34.0460 2712 C:\Windows\System32\drivers\TUNMP.SYS - ok
20:40:34.0466 2712 [ 29F1D1D888EE61D20D5662E72AA34129 ] C:\Windows\System32\drivers\tunnel.sys
20:40:34.0466 2712 C:\Windows\System32\drivers\tunnel.sys - ok
20:40:34.0472 2712 [ F566C90E4BBE387E905130B6E490DCCD ] C:\Windows\System32\drivers\atikmpag.sys
20:40:34.0472 2712 C:\Windows\System32\drivers\atikmpag.sys - ok
20:40:34.0479 2712 [ 03AC6735672F15CEAAB502E4349286E0 ] C:\Windows\System32\drivers\atikmdag.sys
20:40:34.0479 2712 C:\Windows\System32\drivers\atikmdag.sys - ok
20:40:34.0486 2712 [ 334988883DE69ADB27E2CF9F9715BBDB ] C:\Windows\System32\drivers\dxgkrnl.sys
20:40:34.0487 2712 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:40:34.0492 2712 [ 0DB613A7E427B5663563677796FD5258 ] C:\Windows\System32\drivers\hdaudbus.sys
20:40:34.0492 2712 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:40:34.0498 2712 [ 3A1F38A6FB749FC7A57A2826F6F8FB01 ] C:\Windows\System32\drivers\watchdog.sys
20:40:34.0498 2712 C:\Windows\System32\drivers\watchdog.sys - ok
20:40:34.0504 2712 [ 7505290504C8E2D172FA378CC0497BCC ] C:\Windows\System32\drivers\e1e6032.sys
20:40:34.0504 2712 C:\Windows\System32\drivers\e1e6032.sys - ok
20:40:34.0510 2712 [ FB50F987304F907A0103B14A5F2F2344 ] C:\Windows\System32\drivers\usbehci.sys
20:40:34.0510 2712 C:\Windows\System32\drivers\usbehci.sys - ok
20:40:34.0513 2712 [ 9FF052063BD746B65575D255D3959FD5 ] C:\Windows\System32\drivers\usbport.sys
20:40:34.0513 2712 C:\Windows\System32\drivers\usbport.sys - ok
20:40:34.0520 2712 [ 165BB1F0801118DC86AA3FC87D3D101C ] C:\Windows\System32\drivers\usbuhci.sys
20:40:34.0520 2712 C:\Windows\System32\drivers\usbuhci.sys - ok
20:40:34.0526 2712 [ 7E1A145A316DA06D339DF644DEE86C4C ] C:\Windows\System32\drivers\bdasup.sys
20:40:34.0526 2712 C:\Windows\System32\drivers\bdasup.sys - ok
20:40:34.0532 2712 [ 1D85AC0C6A8CF43B654695D7947C6823 ] C:\Windows\System32\drivers\hcw18bda.sys
20:40:34.0532 2712 C:\Windows\System32\drivers\hcw18bda.sys - ok
20:40:34.0538 2712 [ 48314CDD79CE94B8F36BD6243323A310 ] C:\Windows\System32\drivers\ks.sys
20:40:34.0538 2712 C:\Windows\System32\drivers\ks.sys - ok
20:40:34.0543 2712 [ B46AA621E7BD4FE150BCC140DACEDA1B ] C:\Windows\System32\drivers\1394bus.sys
20:40:34.0543 2712 C:\Windows\System32\drivers\1394bus.sys - ok
20:40:34.0550 2712 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] C:\Windows\System32\drivers\ohci1394.sys
20:40:34.0550 2712 C:\Windows\System32\drivers\ohci1394.sys - ok
20:40:34.0556 2712 [ FE440536BD98AF772130DC3A6FE1915F ] C:\Windows\System32\drivers\HSXHWBS2.sys
20:40:34.0556 2712 C:\Windows\System32\drivers\HSXHWBS2.sys - ok
20:40:34.0561 2712 [ 88749FBF8BEB18C90E7D6626C8C1910B ] C:\Windows\System32\drivers\HSX_DP.sys
20:40:34.0561 2712 C:\Windows\System32\drivers\HSX_DP.sys - ok
20:40:34.0565 2712 [ 72CC6A8CA7891031D6380DB5025C773C ] C:\Windows\System32\drivers\HSX_CNXT.sys
20:40:34.0565 2712 C:\Windows\System32\drivers\HSX_CNXT.sys - ok
20:40:34.0570 2712 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] C:\Windows\System32\drivers\i8042prt.sys
20:40:34.0570 2712 C:\Windows\System32\drivers\i8042prt.sys - ok
20:40:34.0574 2712 [ 21755967298A46FB6ADFEC9DB6012211 ] C:\Windows\System32\drivers\modem.sys
20:40:34.0574 2712 C:\Windows\System32\drivers\modem.sys - ok
20:40:34.0578 2712 [ 5FBA13C1A1841B0885D316ED3589489D ] C:\Windows\System32\drivers\mouclass.sys
20:40:34.0578 2712 C:\Windows\System32\drivers\mouclass.sys - ok
20:40:34.0582 2712 [ 081655939FA6C09EEC56DA090F461ECC ] C:\Windows\System32\drivers\hidclass.sys
20:40:34.0582 2712 C:\Windows\System32\drivers\hidclass.sys - ok
20:40:34.0586 2712 [ 451A4D76448CEE21407FB0A9A362C057 ] C:\Windows\System32\drivers\hidparse.sys
20:40:34.0586 2712 C:\Windows\System32\drivers\hidparse.sys - ok
20:40:34.0590 2712 [ B076B2AB806B3F696DAB21375389101C ] C:\Windows\System32\drivers\kbdclass.sys
20:40:34.0590 2712 C:\Windows\System32\drivers\kbdclass.sys - ok
20:40:34.0594 2712 [ 390C204CED3785609AB24E9C52054A84 ] C:\Windows\System32\drivers\PS2.sys
20:40:34.0594 2712 C:\Windows\System32\drivers\PS2.sys - ok
20:40:34.0599 2712 [ 7A95B5DEB594616F1693486B8161411E ] C:\Windows\System32\drivers\serscan.sys
20:40:34.0599 2712 C:\Windows\System32\drivers\serscan.sys - ok
20:40:34.0603 2712 [ 51D580F30D1A1F2EA4965AF6ABC2BCB2 ] C:\Windows\System32\drivers\wacomvhid.sys
20:40:34.0603 2712 C:\Windows\System32\drivers\wacomvhid.sys - ok
20:40:34.0607 2712 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] C:\Windows\System32\drivers\msiscsi.sys
20:40:34.0607 2712 C:\Windows\System32\drivers\msiscsi.sys - ok
20:40:34.0611 2712 [ ED386E31D263448B2ED36D4839F2CA04 ] C:\Windows\System32\drivers\Storport.sys
20:40:34.0611 2712 C:\Windows\System32\drivers\Storport.sys - ok
20:40:34.0615 2712 [ BBE07D2766FB165BDF1F49107DABCE85 ] C:\Windows\System32\drivers\tdi.sys
20:40:34.0615 2712 C:\Windows\System32\drivers\tdi.sys - ok
20:40:34.0619 2712 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] C:\Windows\System32\drivers\ndistapi.sys
20:40:34.0619 2712 C:\Windows\System32\drivers\ndistapi.sys - ok
20:40:34.0623 2712 [ 397402ADCBB8946223A1950101F6CD94 ] C:\Windows\System32\drivers\ndiswan.sys
20:40:34.0623 2712 C:\Windows\System32\drivers\ndiswan.sys - ok
20:40:34.0627 2712 [ 68B0019FEE429EC49D29017AF937E482 ] C:\Windows\System32\drivers\rasl2tp.sys
20:40:34.0627 2712 C:\Windows\System32\drivers\rasl2tp.sys - ok
20:40:34.0631 2712 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] C:\Windows\System32\drivers\raspppoe.sys
20:40:34.0631 2712 C:\Windows\System32\drivers\raspppoe.sys - ok
20:40:34.0635 2712 [ C04DEC5ACE67C5247B150C4223970BB7 ] C:\Windows\System32\drivers\raspptp.sys
20:40:34.0635 2712 C:\Windows\System32\drivers\raspptp.sys - ok
20:40:34.0639 2712 [ 1379BDB336F8158C176A465E30759F57 ] C:\Windows\System32\drivers\swenum.sys
20:40:34.0639 2712 C:\Windows\System32\drivers\swenum.sys - ok
20:40:34.0643 2712 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] C:\Windows\System32\drivers\termdd.sys
20:40:34.0643 2712 C:\Windows\System32\drivers\termdd.sys - ok
20:40:34.0648 2712 [ 4385C80EDE885E25492D408CAD91BD6F ] C:\Windows\System32\drivers\mssmbios.sys
20:40:34.0648 2712 C:\Windows\System32\drivers\mssmbios.sys - ok
20:40:34.0652 2712 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] C:\Windows\System32\drivers\umbus.sys
20:40:34.0652 2712 C:\Windows\System32\drivers\umbus.sys - ok
20:40:34.0656 2712 [ 16675AB7E199635086AB0556137371F5 ] C:\Windows\System32\drivers\usbhub.sys
20:40:34.0656 2712 C:\Windows\System32\drivers\usbhub.sys - ok
20:40:34.0660 2712 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] C:\Windows\System32\drivers\mouhid.sys
20:40:34.0660 2712 C:\Windows\System32\drivers\mouhid.sys - ok
20:40:34.0664 2712 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] C:\Windows\System32\drivers\wacommousefilter.sys
20:40:34.0664 2712 C:\Windows\System32\drivers\wacommousefilter.sys - ok
20:40:34.0669 2712 [ 1B24FA907AF283199A81B3BB37E5E526 ] C:\Windows\System32\drivers\ndproxy.sys
20:40:34.0669 2712 C:\Windows\System32\drivers\ndproxy.sys - ok
20:40:34.0673 2712 [ F71B6EE018EADF4CFD52F3C83847E5F6 ] C:\Windows\System32\drivers\AtihdLH3.sys
20:40:34.0673 2712 C:\Windows\System32\drivers\AtihdLH3.sys - ok
20:40:34.0677 2712 [ 1660613337E5EBE07B4DD78C1A55C5C0 ] C:\Windows\System32\drivers\drmk.sys
20:40:34.0677 2712 C:\Windows\System32\drivers\drmk.sys - ok
20:40:34.0681 2712 [ 9A23E21ECA1246950E440E158DE50750 ] C:\Windows\System32\drivers\portcls.sys
20:40:34.0681 2712 C:\Windows\System32\drivers\portcls.sys - ok
20:40:34.0685 2712 [ 4A705BF2A6F7972F2F2AD8A0D8079F95 ] C:\Windows\System32\drivers\RTKVHDA.sys
20:40:34.0685 2712 C:\Windows\System32\drivers\RTKVHDA.sys - ok
20:40:34.0689 2712 [ 42885BB44B6E065B8575A8DD6C430C52 ] C:\Windows\System32\drivers\luafv.sys
20:40:34.0689 2712 C:\Windows\System32\drivers\luafv.sys - ok
20:40:34.0694 2712 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] C:\Windows\System32\drivers\beep.sys
20:40:34.0694 2712 C:\Windows\System32\drivers\beep.sys - ok
20:40:34.0698 2712 [ 66A078591208BAA210C7634B11EB392C ] C:\Windows\System32\drivers\fs_rec.sys
20:40:34.0698 2712 C:\Windows\System32\drivers\fs_rec.sys - ok
20:40:34.0702 2712 [ ED61DBC6603F612B7338283EDBACBC4B ] C:\Windows\System32\drivers\kbdhid.sys
20:40:34.0702 2712 C:\Windows\System32\drivers\kbdhid.sys - ok
20:40:34.0706 2712 [ EC5EFB3C60F1B624648344A328BCE596 ] C:\Windows\System32\drivers\null.sys
20:40:34.0706 2712 C:\Windows\System32\drivers\null.sys - ok
20:40:34.0710 2712 [ 17A8F877314E4067F8C8172CC6D9101C ] C:\Windows\System32\drivers\vga.sys
20:40:34.0710 2712 C:\Windows\System32\drivers\vga.sys - ok
20:40:34.0714 2712 [ D1FA901E4878B7011FE8A8C2890E90C7 ] C:\Windows\System32\drivers\videoprt.sys
20:40:34.0714 2712 C:\Windows\System32\drivers\videoprt.sys - ok
20:40:34.0718 2712 [ 729EAFEFD4E7417165F353A18DBE947D ] C:\Windows\System32\drivers\msfs.sys
20:40:34.0718 2712 C:\Windows\System32\drivers\msfs.sys - ok
20:40:34.0722 2712 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] C:\Windows\System32\drivers\npfs.sys
20:40:34.0722 2712 C:\Windows\System32\drivers\npfs.sys - ok
20:40:34.0727 2712 [ BD7B30F55B3649506DD8B3D38F571D2A ] C:\Windows\System32\drivers\rasacd.sys
20:40:34.0727 2712 C:\Windows\System32\drivers\rasacd.sys - ok
20:40:34.0731 2712 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] C:\Windows\System32\drivers\[email protected]
20:40:34.0731 2712 C:\Windows\System32\drivers\[email protected] - ok
20:40:34.0735 2712 [ 980B56E2E273E19D3A9D72D5C420F008 ] C:\Windows\System32\drivers\RDPENCDD.sys
20:40:34.0735 2712 C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:40:34.0739 2712 [ E216CF8C8605E546981098484B78D08B ] C:\Windows\System32\drivers\FWPKCLNT.SYS
20:40:34.0739 2712 C:\Windows\System32\drivers\FWPKCLNT.SYS - ok
20:40:34.0743 2712 [ 300208927321066EA53761FDC98747C6 ] C:\Windows\System32\drivers\tcpip.sys
20:40:34.0749 2712 C:\Windows\System32\drivers\tcpip.sys - ok
20:40:34.0752 2712 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] C:\Windows\System32\drivers\tdx.sys
20:40:34.0752 2712 C:\Windows\System32\drivers\tdx.sys - ok
20:40:34.0756 2712 [ B0CAF93E72327D7E7040C6C8DDB83876 ] C:\Windows\System32\drivers\mfetdi2k.sys
20:40:34.0756 2712 C:\Windows\System32\drivers\mfetdi2k.sys - ok
20:40:34.0760 2712 [ AC0D90738ADB51A6FD12FF00874A2162 ] C:\Windows\System32\drivers\smb.sys
20:40:34.0760 2712 C:\Windows\System32\drivers\smb.sys - ok
20:40:34.0765 2712 [ 5D24CAF8EFD924A875698FF28384DB8B ] C:\Windows\System32\drivers\afd.sys
20:40:34.0765 2712 C:\Windows\System32\drivers\afd.sys - ok
20:40:34.0767 2712 [ E3A168912E7EEFC3BD3B814720D68B41 ] C:\Windows\System32\drivers\netbt.sys
20:40:34.0767 2712 C:\Windows\System32\drivers\netbt.sys - ok
20:40:34.0771 2712 [ 2C8BAE55247C4E09352E870292E4D1AB ] C:\Windows\System32\drivers\pacer.sys
20:40:34.0771 2712 C:\Windows\System32\drivers\pacer.sys - ok
20:40:34.0776 2712 [ 835F53753DD2A5B579EF22DA2B7B1923 ] C:\Windows\System32\drivers\mfenlfk.sys
20:40:34.0776 2712 C:\Windows\System32\drivers\mfenlfk.sys - ok
20:40:34.0780 2712 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] C:\Windows\System32\drivers\netbios.sys
20:40:34.0780 2712 C:\Windows\System32\drivers\netbios.sys - ok
20:40:34.0784 2712 [ B488DFEC274DE1FC9D653870EF2587BE ] C:\Windows\System32\drivers\nsiproxy.sys
20:40:34.0784 2712 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:40:34.0788 2712 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] C:\Windows\System32\drivers\rdbss.sys
20:40:34.0788 2712 C:\Windows\System32\drivers\rdbss.sys - ok
20:40:34.0793 2712 [ 6798C1209A53B5A0DED8D437C45145FF ] C:\Windows\System32\drivers\wanarp.sys
20:40:34.0793 2712 C:\Windows\System32\drivers\wanarp.sys - ok
20:40:34.0797 2712 [ B979979AB8027F7F53FB16EC4229B7DB ] C:\Windows\System32\drivers\Aspi32.sys
20:40:34.0797 2712 C:\Windows\System32\drivers\Aspi32.sys - ok
20:40:34.0801 2712 [ A7179DE59AE269AB70345527894CCD7C ] C:\Windows\System32\drivers\dfsc.sys
20:40:34.0801 2712 C:\Windows\System32\drivers\dfsc.sys - ok
20:40:34.0804 2712 [ 33D7700BF22CCBAC499D6A1291A677DE ] C:\Windows\System32\drivers\usbd.sys
20:40:34.0805 2712 C:\Windows\System32\drivers\usbd.sys - ok
20:40:34.0809 2712 [ 7887CE56934E7F104E98C975F47353C5 ] C:\Windows\System32\drivers\USBSTOR.SYS
20:40:34.0809 2712 C:\Windows\System32\drivers\USBSTOR.SYS - ok
20:40:34.0813 2712 [ 53B5197B7660B33DABDB17384450AD45 ] C:\Windows\System32\drivers\mfeavfk.sys
20:40:34.0813 2712 C:\Windows\System32\drivers\mfeavfk.sys - ok
20:40:34.0817 2712 [ B148A220460F3A4681585AAE0719B491 ] C:\Windows\System32\drivers\mfefirek.sys
20:40:34.0817 2712 C:\Windows\System32\drivers\mfefirek.sys - ok
20:40:34.0821 2712 [ 6B11AC33AF005FF8DF52B23B9491AB5A ] C:\Windows\System32\drivers\mfencbdc.sys
20:40:34.0821 2712 C:\Windows\System32\drivers\mfencbdc.sys - ok
20:40:34.0825 2712 [ 04E4C2069D7254E3FBB90D5B519AB53C ] C:\Windows\System32\ntdll.dll
20:40:34.0825 2712 C:\Windows\System32\ntdll.dll - ok
20:40:34.0828 2712 [ CAA75757BB3695478C23CB0624342A61 ] C:\Windows\System32\smss.exe
20:40:34.0829 2712 C:\Windows\System32\smss.exe - ok
20:40:34.0832 2712 [ C08D1FE284C3330934E45D6E5F5B768B ] C:\Windows\System32\autochk.exe
20:40:34.0832 2712 C:\Windows\System32\autochk.exe - ok
20:40:34.0836 2712 [ 84A317CB0B3954D3768CDCD018DBF670 ] C:\Windows\System32\drivers\fastfat.sys
20:40:34.0836 2712 C:\Windows\System32\drivers\fastfat.sys - ok
20:40:34.0840 2712 [ CCE6FB960F8985BF500CE9CB0B2EF4CF ] C:\Windows\System32\ole32.dll
20:40:34.0840 2712 C:\Windows\System32\ole32.dll - ok
20:40:34.0843 2712 [ 3AE909879284F30B3466FDCD2B1CE85C ] C:\Windows\System32\urlmon.dll
20:40:34.0843 2712 C:\Windows\System32\urlmon.dll - ok
20:40:34.0847 2712 [ 7924BCCE665AC92FC04CD45A46FE3E3D ] C:\Windows\System32\oleaut32.dll
20:40:34.0847 2712 C:\Windows\System32\oleaut32.dll - ok
20:40:34.0851 2712 [ D99A071C1018BB3D4ABAAD4B62048AC2 ] C:\Windows\System32\ws2_32.dll
20:40:34.0851 2712 C:\Windows\System32\ws2_32.dll - ok
20:40:34.0854 2712 [ 63B4F59D7C89B1BF5277F1FFEFD491CD ] C:\Windows\System32\user32.dll
20:40:34.0854 2712 C:\Windows\System32\user32.dll - ok
20:40:34.0858 2712 [ F352E76E220EB21A0C29734B66048DDE ] C:\Windows\System32\msctf.dll
20:40:34.0858 2712 C:\Windows\System32\msctf.dll - ok
20:40:34.0861 2712 [ 5D53724E96F6B907355E616FFE08EB83 ] C:\Windows\System32\imagehlp.dll
20:40:34.0861 2712 C:\Windows\System32\imagehlp.dll - ok
20:40:34.0865 2712 [ 9F5D9DBBC7613712A8778385B6FB12CA ] C:\Windows\System32\rpcrt4.dll
20:40:34.0865 2712 C:\Windows\System32\rpcrt4.dll - ok
20:40:34.0868 2712 [ 9178B1C1C55DAD01BD65A162A39AE6C3 ] C:\Windows\System32\advapi32.dll
20:40:34.0868 2712 C:\Windows\System32\advapi32.dll - ok
20:40:34.0872 2712 [ 7BE32E67440BB5B2205C5402A2FBDE25 ] C:\Windows\System32\lpk.dll
20:40:34.0872 2712 C:\Windows\System32\lpk.dll - ok
20:40:34.0876 2712 [ 4306242128019B290E1FA7EB998952D7 ] C:\Windows\System32\Wldap32.dll
20:40:34.0876 2712 C:\Windows\System32\Wldap32.dll - ok
20:40:34.0880 2712 [ 438AE83490959C0F5A6BE97DAFEA68D2 ] C:\Windows\System32\shlwapi.dll
20:40:34.0880 2712 C:\Windows\System32\shlwapi.dll - ok
20:40:34.0884 2712 [ 71A0DC633D1D76744441EFD4B7FB230F ] C:\Windows\System32\gdi32.dll
20:40:34.0884 2712 C:\Windows\System32\gdi32.dll - ok
20:40:34.0889 2712 [ 5CD3F8485A88CF0F035CFF5576D66029 ] C:\Windows\System32\nsi.dll
20:40:34.0889 2712 C:\Windows\System32\nsi.dll - ok
20:40:34.0892 2712 [ BA95D134FE1A3577A174D9A85D6ED1F1 ] C:\Windows\System32\wininet.dll
20:40:34.0892 2712 C:\Windows\System32\wininet.dll - ok
20:40:34.0896 2712 [ 7F3415D246E2AE6E8CFD6A561016A91F ] C:\Windows\System32\comdlg32.dll
20:40:34.0896 2712 C:\Windows\System32\comdlg32.dll - ok
20:40:34.0902 2712 [ 75287677BB8BC9A16C32CE8A72F485A0 ] C:\Windows\System32\msvcrt.dll
20:40:34.0902 2712 C:\Windows\System32\msvcrt.dll - ok
20:40:34.0906 2712 [ CF1D75E7B4A7CC6D2A21FE64C9E50A12 ] C:\Windows\System32\shell32.dll
20:40:34.0906 2712 C:\Windows\System32\shell32.dll - ok
20:40:34.0910 2712 [ DF43158D5E043553CAC6BFE28F90E545 ] C:\Windows\System32\clbcatq.dll
20:40:34.0910 2712 C:\Windows\System32\clbcatq.dll - ok
20:40:34.0913 2712 [ B82C7AC1D559F0FD088792171D64C7F3 ] C:\Windows\System32\kernel32.dll
20:40:34.0913 2712 C:\Windows\System32\kernel32.dll - ok
20:40:34.0917 2712 [ EE12864398F1C3BF5BEE91F6AF9842E1 ] C:\Windows\System32\imm32.dll
20:40:34.0917 2712 C:\Windows\System32\imm32.dll - ok
20:40:34.0921 2712 [ 3D7FE2E7923EEA92E68062BBA3377067 ] C:\Windows\System32\setupapi.dll
20:40:34.0921 2712 C:\Windows\System32\setupapi.dll - ok
20:40:34.0925 2712 [ 456FB859236C9074ACF6C3B6243D8B46 ] C:\Windows\System32\usp10.dll
20:40:34.0925 2712 C:\Windows\System32\usp10.dll - ok
20:40:34.0928 2712 [ 553811F2263EAB42965CD296262AB179 ] C:\Windows\System32\iertutil.dll
20:40:34.0928 2712 C:\Windows\System32\iertutil.dll - ok
20:40:34.0932 2712 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
20:40:34.0932 2712 C:\Windows\System32\normaliz.dll - ok
20:40:34.0936 2712 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
20:40:34.0936 2712 C:\Windows\System32\psapi.dll - ok
20:40:34.0940 2712 [ BB61FB941A382A197AC2989337BF6364 ] C:\Windows\System32\comctl32.dll
20:40:34.0940 2712 C:\Windows\System32\comctl32.dll - ok
20:40:34.0944 2712 [ A253AA14CA560A4B8BA6E9D1F78EF10E ] C:\Windows\System32\drivers\dxapi.sys
20:40:34.0944 2712 C:\Windows\System32\drivers\dxapi.sys - ok
20:40:34.0949 2712 [ 9352E049F234BFA756C840CD8BDF4FFE ] C:\Windows\System32\win32k.sys
20:40:34.0949 2712 C:\Windows\System32\win32k.sys - ok
20:40:34.0954 2712 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\System32\basesrv.dll
20:40:34.0954 2712 C:\Windows\System32\basesrv.dll - ok
20:40:34.0958 2712 [ 2F8A776FF2087357DDEB9992E06EECAA ] C:\Windows\System32\csrsrv.dll
20:40:34.0958 2712 C:\Windows\System32\csrsrv.dll - ok
20:40:34.0961 2712 [ 117B7C8A8B026A5DCE5E3180ED05E823 ] C:\Windows\System32\csrss.exe
20:40:34.0961 2712 C:\Windows\System32\csrss.exe - ok
20:40:34.0965 2712 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\System32\winsrv.dll
20:40:34.0965 2712 C:\Windows\System32\winsrv.dll - ok
20:40:34.0969 2712 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] C:\Windows\System32\drivers\monitor.sys
20:40:34.0969 2712 C:\Windows\System32\drivers\monitor.sys - ok
20:40:34.0973 2712 [ D77B3F6785289CEC0F32D5A7B5B1268E ] C:\Windows\System32\tsddd.dll
20:40:34.0973 2712 C:\Windows\System32\tsddd.dll - ok
20:40:34.0976 2712 [ 68410CF6FB13CED160EF0149EABFC35C ] C:\Windows\System32\secur32.dll
20:40:34.0976 2712 C:\Windows\System32\secur32.dll - ok
20:40:34.0980 2712 [ CD5F587157B0150FB6955D939BDAB825 ] C:\Windows\System32\userenv.dll
20:40:34.0980 2712 C:\Windows\System32\userenv.dll - ok
20:40:34.0985 2712 [ D4385B03E8CCCEE6F0EE249F827C1F3E ] C:\Windows\System32\wininit.exe
20:40:34.0985 2712 C:\Windows\System32\wininit.exe - ok
20:40:34.0990 2712 [ 4F1718D06A6EE0CE40BAD958156097A0 ] C:\Windows\System32\KBDCA.DLL
20:40:34.0990 2712 C:\Windows\System32\KBDCA.DLL - ok
20:40:34.0994 2712 [ E8C6F8EC1064EE21704307B2CE72C3FB ] C:\Windows\System32\cdd.dll
20:40:34.0994 2712 C:\Windows\System32\cdd.dll - ok
20:40:34.0998 2712 [ 9F75392B9128A91ABAFB044EA350BAAD ] C:\Windows\System32\winlogon.exe
20:40:34.0998 2712 C:\Windows\System32\winlogon.exe - ok
20:40:35.0002 2712 [ 9CA8B435FB0B8F7BD25268AE75639107 ] C:\Windows\System32\winsta.dll
20:40:35.0002 2712 C:\Windows\System32\winsta.dll - ok
20:40:35.0005 2712 [ 9E7AADE8A00E260D143E744710942E6F ] C:\Windows\System32\KBDCAN.DLL
20:40:35.0005 2712 C:\Windows\System32\KBDCAN.DLL - ok
20:40:35.0009 2712 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
20:40:35.0009 2712 C:\Windows\System32\KBDUS.DLL - ok
20:40:35.0013 2712 [ 75EDBAACA7D5F2B3B165B8DAB3E1542E ] C:\Windows\System32\apphelp.dll
20:40:35.0013 2712 C:\Windows\System32\apphelp.dll - ok
20:40:35.0015 2712 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\System32\services.exe
20:40:35.0015 2712 C:\Windows\System32\services.exe - ok
20:40:35.0020 2712 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
20:40:35.0020 2712 C:\Windows\System32\WlS0WndH.dll - ok
20:40:35.0023 2712 [ C19BA7DAD3AB3AFE6322248047560122 ] C:\Windows\System32\sxs.dll
20:40:35.0023 2712 C:\Windows\System32\sxs.dll - ok
20:40:35.0027 2712 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] C:\Windows\System32\lsass.exe
20:40:35.0027 2712 C:\Windows\System32\lsass.exe - ok
20:40:35.0030 2712 [ 77F52395637906269B91264FFE576B51 ] C:\Windows\System32\lsm.exe
20:40:35.0030 2712 C:\Windows\System32\lsm.exe - ok
20:40:35.0034 2712 [ D39DB142B8A0C56616136DD0A1028FC1 ] C:\Windows\System32\scesrv.dll
20:40:35.0034 2712 C:\Windows\System32\scesrv.dll - ok
20:40:35.0037 2712 [ 67FEFD286869A5EC50257AC62DCBA2B7 ] C:\Windows\System32\lsasrv.dll
20:40:35.0037 2712 C:\Windows\System32\lsasrv.dll - ok
20:40:35.0041 2712 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
20:40:35.0041 2712 C:\Windows\System32\sysntfy.dll - ok
20:40:35.0044 2712 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
20:40:35.0044 2712 C:\Windows\System32\wmsgapi.dll - ok
20:40:35.0048 2712 [ F3AA50FABE35385A7A1613E75B95565D ] C:\Windows\System32\authz.dll
20:40:35.0048 2712 C:\Windows\System32\authz.dll - ok
20:40:35.0052 2712 [ E3AFCA30714898BAAE6F12B52627761C ] C:\Windows\System32\netapi32.dll
20:40:35.0052 2712 C:\Windows\System32\netapi32.dll - ok
20:40:35.0055 2712 [ 1E4B805A21583C9BAEC3758AA6BCA1CD ] C:\Windows\System32\ncobjapi.dll
20:40:35.0055 2712 C:\Windows\System32\ncobjapi.dll - ok
20:40:35.0059 2712 [ 22054E4E3CF6174CFCE6AB2776DA22A0 ] C:\Windows\System32\samsrv.dll
20:40:35.0059 2712 C:\Windows\System32\samsrv.dll - ok
20:40:35.0062 2712 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
20:40:35.0062 2712 C:\Windows\System32\aelupsvc.dll - ok
20:40:35.0066 2712 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] C:\Windows\System32\alg.exe
20:40:35.0066 2712 C:\Windows\System32\alg.exe - ok
20:40:35.0069 2712 [ 2079C0B313846B4564380DBEDAD00E5E ] C:\Windows\System32\cryptdll.dll
20:40:35.0070 2712 C:\Windows\System32\cryptdll.dll - ok
20:40:35.0073 2712 [ D1F08D246BC7FC7629C138B867F1AB43 ] C:\Windows\System32\dnsapi.dll
20:40:35.0073 2712 C:\Windows\System32\dnsapi.dll - ok
20:40:35.0077 2712 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] C:\Windows\System32\appinfo.dll
20:40:35.0077 2712 C:\Windows\System32\appinfo.dll - ok
20:40:35.0081 2712 [ 3233F31FF7046A5C54A312B6687C5376 ] C:\Windows\System32\crypt32.dll
20:40:35.0081 2712 C:\Windows\System32\crypt32.dll - ok
20:40:35.0084 2712 [ 47D3305C6986EC21A25B023779881015 ] C:\Windows\System32\feclient.dll
20:40:35.0084 2712 C:\Windows\System32\feclient.dll - ok
20:40:35.0088 2712 [ 75AEB9BA69D36AFF80011B74F27912AF ] C:\Windows\System32\mpr.dll
20:40:35.0088 2712 C:\Windows\System32\mpr.dll - ok
20:40:35.0091 2712 [ 24D50EA947B40A8C816B9206FBBB8BEE ] C:\Windows\System32\msasn1.dll
20:40:35.0091 2712 C:\Windows\System32\msasn1.dll - ok
20:40:35.0095 2712 [ 83942D329D01B8AA9721FEF668E1E1A6 ] C:\Windows\System32\ntdsapi.dll
20:40:35.0095 2712 C:\Windows\System32\ntdsapi.dll - ok
20:40:35.0098 2712 [ 039E4E0488F4E1A985139A24D0359AC3 ] C:\Windows\System32\samlib.dll
20:40:35.0098 2712 C:\Windows\System32\samlib.dll - ok
20:40:35.0103 2712 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] C:\Windows\System32\audiosrv.dll
20:40:35.0103 2712 C:\Windows\System32\audiosrv.dll - ok
20:40:35.0107 2712 [ 98EBDFFB824A7C265337D68DD480E45C ] C:\Windows\System32\BFE.DLL
20:40:35.0107 2712 C:\Windows\System32\BFE.DLL - ok
20:40:35.0111 2712 [ DA551697E34D2B9943C8B1C8EAFFE89A ] C:\Windows\System32\qmgr.dll
20:40:35.0112 2712 C:\Windows\System32\qmgr.dll - ok
20:40:35.0115 2712 [ AE43F1EEA8CB7BD6D372F5A08B00849D ] C:\Windows\System32\SLC.dll
20:40:35.0115 2712 C:\Windows\System32\SLC.dll - ok
20:40:35.0120 2712 [ BCE6F538105E7713C4A5A0CA683D6795 ] C:\Windows\System32\wevtapi.dll
20:40:35.0120 2712 C:\Windows\System32\wevtapi.dll - ok
20:40:35.0125 2712 [ DC45739BC22D528D2B3E50D3F6761750 ] C:\Windows\System32\dhcpcsvc.dll
20:40:35.0125 2712 C:\Windows\System32\dhcpcsvc.dll - ok
20:40:35.0130 2712 [ B1143BE81DD6AE13943B806261CE91A0 ] C:\Windows\System32\dhcpcsvc6.dll
20:40:35.0130 2712 C:\Windows\System32\dhcpcsvc6.dll - ok
20:40:35.0134 2712 [ 3B7336FC377803D3BDA3139DF1343B2D ] C:\Windows\System32\IPHLPAPI.DLL
20:40:35.0134 2712 C:\Windows\System32\IPHLPAPI.DLL - ok
20:40:35.0138 2712 [ 86FBD7D3E975464E94F0A270E5E79CEC ] C:\Windows\System32\winnsi.dll
20:40:35.0138 2712 C:\Windows\System32\winnsi.dll - ok
20:40:35.0141 2712 [ BEB6470532B7461D7BB426E3FACB424F ] C:\Windows\System32\browser.dll
20:40:35.0141 2712 C:\Windows\System32\browser.dll - ok
20:40:35.0145 2712 [ 0600E04315FE543802A379D5D23C8BE0 ] C:\Windows\System32\certprop.dll
20:40:35.0145 2712 C:\Windows\System32\certprop.dll - ok
20:40:35.0149 2712 [ 4843A1784BA6434DFF80F841DDC592C6 ] C:\Windows\System32\comres.dll
20:40:35.0149 2712 C:\Windows\System32\comres.dll - ok
20:40:35.0152 2712 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
20:40:35.0152 2712 C:\Windows\System32\cngaudit.dll - ok
20:40:35.0156 2712 [ 121AFD967914292D5CBF7BEE9572BE71 ] C:\Windows\System32\ncrypt.dll
20:40:35.0156 2712 C:\Windows\System32\ncrypt.dll - ok
20:40:35.0160 2712 [ 1C90E67A15D7B35909AF8A808A1ECCFF ] C:\Windows\System32\bcrypt.dll
20:40:35.0160 2712 C:\Windows\System32\bcrypt.dll - ok
20:40:35.0164 2712 [ 1C26FB097170A2A91066D1E3A24366E3 ] C:\Windows\System32\cryptsvc.dll
20:40:35.0164 2712 C:\Windows\System32\cryptsvc.dll - ok
20:40:35.0167 2712 [ 8C312DE50B90F7C22349E6DB1D9538E3 ] C:\Windows\System32\credssp.dll
20:40:35.0167 2712 C:\Windows\System32\credssp.dll - ok
20:40:35.0171 2712 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
20:40:35.0171 2712 C:\Windows\System32\oleres.dll - ok
20:40:35.0175 2712 [ 1F795D214820E496BF1124434A6DB546 ] C:\Windows\System32\dot3svc.dll
20:40:35.0175 2712 C:\Windows\System32\dot3svc.dll - ok
20:40:35.0179 2712 [ F4AFBEB2BD4972F57C53CB8D54561C4E ] C:\Windows\System32\kerberos.dll
20:40:35.0179 2712 C:\Windows\System32\kerberos.dll - ok
20:40:35.0183 2712 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
20:40:35.0183 2712 C:\Windows\System32\msprivs.dll - ok
20:40:35.0189 2712 [ 032C90AD677BF7B7A8013D6087C7A921 ] C:\Windows\System32\dps.dll
20:40:35.0189 2712 C:\Windows\System32\dps.dll - ok
20:40:35.0194 2712 [ 90A0A875642E18618010645311B4E89E ] C:\Windows\System32\eapsvc.dll
20:40:35.0194 2712 C:\Windows\System32\eapsvc.dll - ok
20:40:35.0197 2712 [ C424117A562F2DE37A42266894C79AEB ] C:\Windows\System32\nlasvc.dll
20:40:35.0197 2712 C:\Windows\System32\nlasvc.dll - ok
20:40:35.0201 2712 [ B4580122B0A7B263B6EE9ACBA69C8013 ] C:\Windows\ehome\ehrecvr.exe
20:40:35.0201 2712 C:\Windows\ehome\ehrecvr.exe - ok
20:40:35.0204 2712 [ 5E72DCFF9FB2374642043899A1C2E446 ] C:\Windows\System32\NapiNSP.dll
20:40:35.0204 2712 C:\Windows\System32\NapiNSP.dll - ok
20:40:35.0209 2712 [ C0DC476E89558242848572F9ADE1D685 ] C:\Windows\System32\pnrpnsp.dll
20:40:35.0209 2712 C:\Windows\System32\pnrpnsp.dll - ok
20:40:35.0212 2712 [ CE0D320700CCF7C78AEF9ED84332CC53 ] C:\Windows\System32\WSHTCPIP.DLL
20:40:35.0212 2712 C:\Windows\System32\WSHTCPIP.DLL - ok
20:40:35.0216 2712 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe
20:40:35.0216 2712 C:\Windows\ehome\ehsched.exe - ok
20:40:35.0219 2712 [ 54E9576169A248AD62A1EB9773225826 ] C:\Windows\System32\mswsock.dll
20:40:35.0219 2712 C:\Windows\System32\mswsock.dll - ok
20:40:35.0223 2712 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\Windows\ehome\ehstart.dll
20:40:35.0223 2712 C:\Windows\ehome\ehstart.dll - ok
20:40:35.0227 2712 [ C5213AC0CD7D4A6BE4BBABA0B18B9BE5 ] C:\Windows\System32\msv1_0.dll
20:40:35.0227 2712 C:\Windows\System32\msv1_0.dll - ok
20:40:35.0230 2712 [ 9F6487E56876511E764DD097AB0CE9A0 ] C:\Windows\System32\wship6.dll
20:40:35.0230 2712 C:\Windows\System32\wship6.dll - ok
20:40:35.0234 2712 [ 3226FDA08988526E819E364E8CCE4CEE ] C:\Windows\System32\emdmgmt.dll
20:40:35.0234 2712 C:\Windows\System32\emdmgmt.dll - ok
20:40:35.0238 2712 [ 889A2C9F2AACCD8F64EF50AC0B3D553B ] C:\Windows\System32\netlogon.dll
20:40:35.0238 2712 C:\Windows\System32\netlogon.dll - ok
20:40:35.0241 2712 [ A46C2C9C69D1F5D1F91157A0F2DB55CD ] C:\Windows\System32\atmfd.dll
20:40:35.0241 2712 C:\Windows\System32\atmfd.dll - ok
20:40:35.0245 2712 [ 37ADD2A134AE436FFF0976D69449F45C ] C:\Windows\System32\wevtsvc.dll
20:40:35.0245 2712 C:\Windows\System32\wevtsvc.dll - ok
20:40:35.0249 2712 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
20:40:35.0249 2712 C:\Windows\System32\winbrand.dll - ok
20:40:35.0252 2712 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] C:\Windows\System32\fdPHost.dll
20:40:35.0252 2712 C:\Windows\System32\fdPHost.dll - ok
20:40:35.0257 2712 [ 4F34903E7989C6EDDAAABDEE6E01D381 ] C:\Windows\System32\schannel.dll
20:40:35.0257 2712 C:\Windows\System32\schannel.dll - ok
20:40:35.0262 2712 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
20:40:35.0262 2712 C:\Windows\System32\FDResPub.dll - ok
20:40:35.0266 2712 [ 8DFB65834D4EE6DEB463858F591EA8D8 ] C:\Windows\System32\PresentationHost.exe
20:40:35.0266 2712 C:\Windows\System32\PresentationHost.exe - ok
20:40:35.0269 2712 [ 8B8DF4AE8B98BB671E1DAB65C72411B4 ] C:\Windows\System32\wdigest.dll
20:40:35.0269 2712 C:\Windows\System32\wdigest.dll - ok
20:40:35.0273 2712 [ 0DFC9EA99681BF966F794AF7C39495F2 ] C:\Windows\System32\gpapi.dll
20:40:35.0273 2712 C:\Windows\System32\gpapi.dll - ok
20:40:35.0277 2712 [ 8FA640195279ACE21BEA91396A0054FC ] C:\Windows\System32\hidserv.dll
20:40:35.0277 2712 C:\Windows\System32\hidserv.dll - ok
20:40:35.0280 2712 [ D40AA05E29BF6ED29B139F044B461E9B ] C:\Windows\System32\KMSVC.DLL
20:40:35.0280 2712 C:\Windows\System32\KMSVC.DLL - ok
20:40:35.0283 2712 [ A90247CD20C2DB51C264EACC00A3039F ] C:\Windows\System32\rsaenh.dll
20:40:35.0283 2712 C:\Windows\System32\rsaenh.dll - ok
20:40:35.0287 2712 [ 58236642134BC28334F3209F0130F7A0 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
20:40:35.0288 2712 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
20:40:35.0292 2712 [ 07A6B9B0227E2FAAD4DF420B7230E790 ] C:\Windows\System32\TSpkg.dll
20:40:35.0292 2712 C:\Windows\System32\TSpkg.dll - ok
20:40:35.0295 2712 [ 35662FE4D8622F667AA5A5568F7F1B40 ] C:\Windows\System32\IKEEXT.DLL
20:40:35.0295 2712 C:\Windows\System32\IKEEXT.DLL - ok
20:40:35.0298 2712 [ 88CF5281ED9880D74DC9011CF8B5262D ] C:\Windows\System32\IPBusEnum.dll
20:40:35.0298 2712 C:\Windows\System32\IPBusEnum.dll - ok
20:40:35.0303 2712 [ 637D942341DE63F91EED1A9847BA2471 ] C:\Windows\System32\iphlpsvc.dll
20:40:35.0303 2712 C:\Windows\System32\iphlpsvc.dll - ok
20:40:35.0307 2712 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
20:40:35.0307 2712 C:\Windows\System32\keyiso.dll - ok
20:40:35.0310 2712 [ 53D1482FC1AA36AC015A85E6CF2146BD ] C:\Windows\System32\srvsvc.dll
20:40:35.0310 2712 C:\Windows\System32\srvsvc.dll - ok
20:40:35.0314 2712 [ 435F0F6DC87A4B5DA78F1FA309884189 ] C:\Windows\System32\wkssvc.dll
20:40:35.0314 2712 C:\Windows\System32\wkssvc.dll - ok
20:40:35.0317 2712 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
20:40:35.0317 2712 C:\Windows\System32\lltdres.dll - ok
20:40:35.0321 2712 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
20:40:35.0321 2712 C:\Windows\System32\lmhsvc.dll - ok
20:40:35.0324 2712 [ 1C0A6AF5FA2960CD23F8D849703F685E ] C:\Windows\ehome\ehres.dll
20:40:35.0324 2712 C:\Windows\ehome\ehres.dll - ok
20:40:35.0328 2712 [ 5ED6BB7CB8726BB1E5EE479FB9E61A18 ] C:\Windows\System32\FirewallAPI.dll
20:40:35.0328 2712 C:\Windows\System32\FirewallAPI.dll - ok
20:40:35.0331 2712 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] C:\Windows\System32\mmcss.dll
20:40:35.0332 2712 C:\Windows\System32\mmcss.dll - ok
20:40:35.0335 2712 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
20:40:35.0335 2712 C:\Windows\System32\iscsidsc.dll - ok
20:40:35.0339 2712 [ 200C81D5EB703CEF14C5A11D12E22396 ] C:\Windows\System32\msimsg.dll
20:40:35.0339 2712 C:\Windows\System32\msimsg.dll - ok
20:40:35.0343 2712 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] C:\Windows\System32\QAGENTRT.DLL
20:40:35.0343 2712 C:\Windows\System32\QAGENTRT.DLL - ok
20:40:35.0347 2712 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] C:\Windows\System32\netman.dll
20:40:35.0347 2712 C:\Windows\System32\netman.dll - ok
20:40:35.0351 2712 [ 3A500F3E98436E852C25E6206161B0D4 ] C:\Windows\System32\netprof.dll
20:40:35.0351 2712 C:\Windows\System32\netprof.dll - ok
20:40:35.0355 2712 [ 23B8201A363DE0E649FC75EE9874DEE2 ] C:\Windows\System32\nsisvc.dll
20:40:35.0355 2712 C:\Windows\System32\nsisvc.dll - ok
20:40:35.0358 2712 [ 016D01D3B8FB976A193C7434BED8DCCF ] C:\Windows\System32\p2psvc.dll
20:40:35.0358 2712 C:\Windows\System32\p2psvc.dll - ok
20:40:35.0361 2712 [ D8C5C215C932233A4F1D7F368F4E4E65 ] C:\Windows\System32\pcasvc.dll
20:40:35.0361 2712 C:\Windows\System32\pcasvc.dll - ok
20:40:35.0365 2712 [ CD05A38D166BEADE18030BAFC0C0A939 ] C:\Windows\System32\pla.dll
20:40:35.0365 2712 C:\Windows\System32\pla.dll - ok
20:40:35.0369 2712 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] C:\Windows\System32\umpnpmgr.dll
20:40:35.0369 2712 C:\Windows\System32\umpnpmgr.dll - ok
20:40:35.0373 2712 [ 6B23DBA3732D20A59348B766E1CFBD20 ] C:\Windows\System32\polstore.dll
20:40:35.0373 2712 C:\Windows\System32\polstore.dll - ok
20:40:35.0376 2712 [ 213112E152E68F0E4705E36F052A2880 ] C:\Windows\System32\profsvc.dll
20:40:35.0376 2712 C:\Windows\System32\profsvc.dll - ok
20:40:35.0380 2712 [ 740FCD1371B5E2E34072397DBA4BCFB2 ] C:\Windows\System32\psbase.dll
20:40:35.0380 2712 C:\Windows\System32\psbase.dll - ok
20:40:35.0383 2712 [ CA61BDFD3713A7CE75F2812AFC431594 ] C:\Windows\System32\qwave.dll
20:40:35.0383 2712 C:\Windows\System32\qwave.dll - ok
20:40:35.0387 2712 [ D2B3E2B7426DC23E185FBC73C8936C12 ] C:\Windows\System32\drivers\qwavedrv.sys
20:40:35.0387 2712 C:\Windows\System32\drivers\qwavedrv.sys - ok
20:40:35.0391 2712 [ F14F4AAB9F54D099FE99192BDB100AC9 ] C:\Windows\System32\rasauto.dll
20:40:35.0391 2712 C:\Windows\System32\rasauto.dll - ok
20:40:35.0395 2712 [ 11D65E29BC9D1E4114D18FE68194394C ] C:\Windows\System32\rasmans.dll
20:40:35.0395 2712 C:\Windows\System32\rasmans.dll - ok
20:40:35.0399 2712 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] C:\Windows\System32\mprdim.dll
20:40:35.0399 2712 C:\Windows\System32\mprdim.dll - ok
20:40:35.0403 2712 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
20:40:35.0403 2712 C:\Windows\System32\Locator.exe - ok
20:40:35.0406 2712 [ 9A043808667C8C1893DA7275AF373F0E ] C:\Windows\System32\regsvc.dll
20:40:35.0406 2712 C:\Windows\System32\regsvc.dll - ok
20:40:35.0409 2712 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] C:\Windows\System32\SCardSvr.dll
20:40:35.0409 2712 C:\Windows\System32\SCardSvr.dll - ok
20:40:35.0413 2712 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] C:\Windows\System32\schedsvc.dll
20:40:35.0413 2712 C:\Windows\System32\schedsvc.dll - ok
20:40:35.0417 2712 [ F7B6BF02240D0A764ADF8C8966735552 ] C:\Windows\System32\sdrsvc.dll
20:40:35.0417 2712 C:\Windows\System32\sdrsvc.dll - ok
20:40:35.0421 2712 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] C:\Windows\System32\seclogon.dll
20:40:35.0421 2712 C:\Windows\System32\seclogon.dll - ok
20:40:35.0424 2712 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] C:\Windows\System32\Sens.dll
20:40:35.0424 2712 C:\Windows\System32\Sens.dll - ok
20:40:35.0428 2712 [ 78878235DA4DF0D116E86837A0A21DF8 ] C:\Windows\System32\SessEnv.dll
20:40:35.0428 2712 C:\Windows\System32\SessEnv.dll - ok
20:40:35.0431 2712 [ 9A82BF4C90B00A63150A606A1E2FD82B ] C:\Windows\System32\ipnathlp.dll
20:40:35.0431 2712 C:\Windows\System32\ipnathlp.dll - ok
20:40:35.0435 2712 [ B264DFA21677728613267FE63802B332 ] C:\Windows\System32\shsvcs.dll
20:40:35.0435 2712 C:\Windows\System32\shsvcs.dll - ok
20:40:35.0438 2712 [ A1DCD30534835CB67733AD00175125A6 ] C:\Windows\System32\SLsvc.exe
20:40:35.0438 2712 C:\Windows\System32\SLsvc.exe - ok
20:40:35.0442 2712 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] C:\Windows\System32\SLUINotify.dll
20:40:35.0442 2712 C:\Windows\System32\SLUINotify.dll - ok
20:40:35.0445 2712 [ 4441747365CCAAA53892903DEE5692A2 ] C:\Windows\System32\tcpipcfg.dll
20:40:35.0445 2712 C:\Windows\System32\tcpipcfg.dll - ok
20:40:35.0449 2712 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
20:40:35.0449 2712 C:\Windows\System32\snmptrap.exe - ok
20:40:35.0453 2712 [ DA612EF2556776DF2630B68BF2D48935 ] C:\Windows\System32\spoolsv.exe
20:40:35.0453 2712 C:\Windows\System32\spoolsv.exe - ok
20:40:35.0456 2712 [ 8D3E4BAFF8B3997138C38EB1B600519A ] C:\Windows\System32\ssdpsrv.dll
20:40:35.0456 2712 C:\Windows\System32\ssdpsrv.dll - ok
20:40:35.0460 2712 [ A941E099EF46E3CC12F898CBE1C39910 ] C:\Windows\System32\wiaservc.dll
20:40:35.0460 2712 C:\Windows\System32\wiaservc.dll - ok
20:40:35.0464 2712 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] C:\Windows\System32\swprv.dll
20:40:35.0464 2712 C:\Windows\System32\swprv.dll - ok
20:40:35.0467 2712 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] C:\Windows\System32\sysmain.dll
20:40:35.0467 2712 C:\Windows\System32\sysmain.dll - ok
20:40:35.0471 2712 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
20:40:35.0471 2712 C:\Windows\System32\TabSvc.dll - ok
20:40:35.0474 2712 [ EF3DD33C740FC2F82E7E4622F1C49289 ] C:\Windows\System32\tapisrv.dll
20:40:35.0474 2712 C:\Windows\System32\tapisrv.dll - ok
20:40:35.0477 2712 [ 68FA52794AE9ACC61BDE16FE0956B414 ] C:\Windows\System32\tbssvc.dll
20:40:35.0478 2712 C:\Windows\System32\tbssvc.dll - ok
20:40:35.0481 2712 [ FAD71C1E8E4047B154E899AE31EB8CAA ] C:\Windows\System32\termsrv.dll
20:40:35.0481 2712 C:\Windows\System32\termsrv.dll - ok
20:40:35.0485 2712 [ 34E388A395FEDBA1D0511ED39BBF4074 ] C:\Windows\servicing\TrustedInstaller.exe
20:40:35.0485 2712 C:\Windows\servicing\TrustedInstaller.exe - ok
20:40:35.0488 2712 [ 6BBA0582C0025D43729A1112D3B57897 ] C:\Windows\System32\trkwks.dll
20:40:35.0489 2712 C:\Windows\System32\trkwks.dll - ok
20:40:35.0492 2712 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] C:\Windows\System32\UI0Detect.exe
20:40:35.0492 2712 C:\Windows\System32\UI0Detect.exe - ok
20:40:35.0497 2712 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] C:\Windows\System32\upnphost.dll
20:40:35.0497 2712 C:\Windows\System32\upnphost.dll - ok
20:40:35.0501 2712 [ E87B968F3D49117445893EB0503FE34F ] C:\Windows\System32\dwm.exe
20:40:35.0501 2712 C:\Windows\System32\dwm.exe - ok
20:40:35.0505 2712 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] C:\Windows\System32\vds.exe
20:40:35.0505 2712 C:\Windows\System32\vds.exe - ok
20:40:35.0508 2712 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] C:\Windows\System32\VSSVC.exe
20:40:35.0508 2712 C:\Windows\System32\VSSVC.exe - ok
20:40:35.0512 2712 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] C:\Windows\System32\w32time.dll
20:40:35.0512 2712 C:\Windows\System32\w32time.dll - ok
20:40:35.0516 2712 [ C1B19162E0509CEAB4CDF664E139D956 ] C:\Windows\System32\wcncsvc.dll
20:40:35.0516 2712 C:\Windows\System32\wcncsvc.dll - ok
20:40:35.0518 2712 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
20:40:35.0518 2712 C:\Windows\System32\WcsPlugInService.dll - ok
20:40:35.0522 2712 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] C:\Windows\System32\wdi.dll
20:40:35.0522 2712 C:\Windows\System32\wdi.dll - ok
20:40:35.0525 2712 [ 01E41C264EEDCB827820A1909162579F ] C:\Windows\System32\WebClnt.dll
20:40:35.0525 2712 C:\Windows\System32\WebClnt.dll - ok
20:40:35.0529 2712 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] C:\Windows\System32\wecsvc.dll
20:40:35.0529 2712 C:\Windows\System32\wecsvc.dll - ok
20:40:35.0533 2712 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] C:\Windows\System32\wercplsupport.dll
20:40:35.0533 2712 C:\Windows\System32\wercplsupport.dll - ok
20:40:35.0536 2712 [ DAC5F421AE71278D84B42A7513C4BCC2 ] C:\Program Files\Windows Defender\MsMpRes.dll
20:40:35.0536 2712 C:\Program Files\Windows Defender\MsMpRes.dll - ok
20:40:35.0540 2712 [ 36BA0707680EF4236FD752BEE982CC25 ] C:\Windows\System32\wersvc.dll
20:40:35.0540 2712 C:\Windows\System32\wersvc.dll - ok
20:40:35.0544 2712 [ E762562A8D43BDE3EE11428EB681FF9C ] C:\Windows\System32\winhttp.dll
20:40:35.0544 2712 C:\Windows\System32\winhttp.dll - ok
20:40:35.0547 2712 [ 3F6823040030C3E4DA1CF11CD40B7534 ] C:\Windows\System32\WsmSvc.dll
20:40:35.0547 2712 C:\Windows\System32\WsmSvc.dll - ok
20:40:35.0551 2712 [ 7640ACEA41348BFEF34B76E245501261 ] C:\Windows\System32\wlansvc.dll
20:40:35.0551 2712 C:\Windows\System32\wlansvc.dll - ok
20:40:35.0555 2712 [ A279323BEE5FFFAFDA222910BCE92132 ] C:\Windows\System32\wbem\WmiApSrv.exe
20:40:35.0555 2712 C:\Windows\System32\wbem\WmiApSrv.exe - ok
20:40:35.0559 2712 [ ACB2E63D50157E3EA7140F29D9E76A48 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:40:35.0559 2712 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:40:35.0563 2712 [ 3D3B3B80C12ABE506F56930C46422C28 ] C:\Windows\System32\wpcsvc.dll
20:40:35.0563 2712 C:\Windows\System32\wpcsvc.dll - ok
20:40:35.0566 2712 [ C24844A1D0D9528B19D5BC266B8CD572 ] C:\Windows\System32\wpdbusenum.dll
20:40:35.0566 2712 C:\Windows\System32\wpdbusenum.dll - ok
20:40:35.0570 2712 [ F97CBB919AF6D0A6643D1A59C15014D1 ] C:\Windows\System32\wscsvc.dll
20:40:35.0570 2712 C:\Windows\System32\wscsvc.dll - ok
20:40:35.0574 2712 [ 5DE40982E3AE45DC00586A93637B351B ] C:\Windows\System32\SearchIndexer.exe
20:40:35.0574 2712 C:\Windows\System32\SearchIndexer.exe - ok
20:40:35.0578 2712 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] C:\Windows\System32\WUDFSvc.dll
20:40:35.0578 2712 C:\Windows\System32\WUDFSvc.dll - ok
20:40:35.0581 2712 [ 80E2839D05CA5970A86D7BE2A08BFF61 ] C:\Windows\System32\scecli.dll
20:40:35.0581 2712 C:\Windows\System32\scecli.dll - ok
20:40:35.0585 2712 [ BBDE9DB609D0657BE77AF63CC392F6B0 ] C:\Windows\System32\ntmarta.dll
20:40:35.0585 2712 C:\Windows\System32\ntmarta.dll - ok
20:40:35.0588 2712 [ 10DA15933D582D2FEDCF705EFE394B09 ] C:\Windows\System32\svchost.exe
20:40:35.0589 2712 C:\Windows\System32\svchost.exe - ok
20:40:35.0593 2712 [ 3CDEC51291F735C5C276B957239017A3 ] C:\Windows\System32\powrprof.dll
20:40:35.0593 2712 C:\Windows\System32\powrprof.dll - ok
20:40:35.0597 2712 [ 4470E3C1E0C3378E4CAB137893C12C3A ] C:\Windows\System32\drivers\mbam.sys
20:40:35.0597 2712 C:\Windows\System32\drivers\mbam.sys - ok
20:40:35.0600 2712 [ 7B981222A257D076885BFFB66F19B7CE ] C:\Windows\System32\rpcss.dll
20:40:35.0600 2712 C:\Windows\System32\rpcss.dll - ok
20:40:35.0604 2712 [ D8C819157EBA10401FD25FB48184EF24 ] C:\Windows\System32\version.dll
20:40:35.0604 2712 C:\Windows\System32\version.dll - ok
20:40:35.0608 2712 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] C:\Program Files\Windows Defender\MpSvc.dll
20:40:35.0608 2712 C:\Program Files\Windows Defender\MpSvc.dll - ok
20:40:35.0612 2712 [ 83829DBC347D8262409147F1489EB71C ] C:\Program Files\Windows Defender\MpClient.dll
20:40:35.0612 2712 C:\Program Files\Windows Defender\MpClient.dll - ok
20:40:35.0616 2712 [ B0AB58FEA8BF848CDF31F38CFA9E37B0 ] C:\Windows\System32\wintrust.dll
20:40:35.0616 2712 C:\Windows\System32\wintrust.dll - ok
20:40:35.0620 2712 [ EAB1144395AACB4CBB85AE5F6334CB3F ] C:\Windows\System32\LogonUI.exe
20:40:35.0620 2712 C:\Windows\System32\LogonUI.exe - ok
20:40:35.0623 2712 [ 501956FA7FF3E5277BEB396E4F5C6F23 ] C:\Windows\System32\authui.dll
20:40:35.0623 2712 C:\Windows\System32\authui.dll - ok
20:40:35.0627 2712 [ B28A9B2300A250B703D44C1759AF2605 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
20:40:35.0627 2712 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll - ok
20:40:35.0631 2712 [ B39F1844AD6C656F64ACD32CAEE72CAA ] C:\Windows\System32\slwga.dll
20:40:35.0631 2712 C:\Windows\System32\slwga.dll - ok
20:40:35.0634 2712 [ 89DD6104E542552DAF25F42A30F75E08 ] C:\Windows\System32\atiesrxx.exe
20:40:35.0634 2712 C:\Windows\System32\atiesrxx.exe - ok
20:40:35.0639 2712 [ 4D14689094BFE7C16CDECF659D8A80F6 ] C:\Windows\System32\wtsapi32.dll
20:40:35.0639 2712 C:\Windows\System32\wtsapi32.dll - ok
20:40:35.0643 2712 [ 91B7EC5F0FE04566782075171BF94A86 ] C:\Windows\System32\p2pcollab.dll
20:40:35.0643 2712 C:\Windows\System32\p2pcollab.dll - ok
20:40:35.0647 2712 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
20:40:35.0647 2712 C:\Windows\System32\msimg32.dll - ok
20:40:35.0650 2712 [ 1D0BE0492BD62F7B563442C967629219 ] C:\Windows\System32\MMDevAPI.dll
20:40:35.0650 2712 C:\Windows\System32\MMDevAPI.dll - ok
20:40:35.0654 2712 [ E340D47578B8CB8A86D3578EA50A3B83 ] C:\Windows\System32\uxtheme.dll
20:40:35.0654 2712 C:\Windows\System32\uxtheme.dll - ok
20:40:35.0659 2712 [ AD5B9D71CCCFB5FA200271537F185544 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll
20:40:35.0659 2712 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll - ok
20:40:35.0662 2712 [ B3FF96D8591FF8608BB53214FF0A8B49 ] C:\Windows\System32\avrt.dll
20:40:35.0662 2712 C:\Windows\System32\avrt.dll - ok
20:40:35.0666 2712 [ 7C0D4B898C24000DBEDFF0BDAFEC2EC4 ] C:\Windows\System32\adtschema.dll
20:40:35.0666 2712 C:\Windows\System32\adtschema.dll - ok
20:40:35.0669 2712 [ 54BF0DCEC92854F8FAEC362AB2BC8600 ] C:\Windows\System32\cabinet.dll
20:40:35.0669 2712 C:\Windows\System32\cabinet.dll - ok
20:40:35.0674 2712 [ 3E4F7CEF4D814584D3E9E390CA59DE5F ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4392B3C-FD7A-4621-8B7D-F0A28A6F1FE6}\mpengine.dll
20:40:35.0674 2712 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4392B3C-FD7A-4621-8B7D-F0A28A6F1FE6}\mpengine.dll - ok
20:40:35.0678 2712 [ 6D78A92F2CDB58DA04207AA57C58E87C ] C:\Windows\System32\WUDFPlatform.dll
20:40:35.0678 2712 C:\Windows\System32\WUDFPlatform.dll - ok
20:40:35.0682 2712 [ 3CC7841F318C99819BE3A9736C9A7BA1 ] C:\Windows\System32\duser.dll
20:40:35.0682 2712 C:\Windows\System32\duser.dll - ok
20:40:35.0685 2712 [ 71A2DCA8F626FCEF8BFF7E2C17C67A7F ] C:\Windows\System32\xmllite.dll
20:40:35.0685 2712 C:\Windows\System32\xmllite.dll - ok
20:40:35.0690 2712 [ 26535C8F7105D7C2767C93FDFC49CF57 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4392B3C-FD7A-4621-8B7D-F0A28A6F1FE6}\mpasbase.vdm
20:40:35.0690 2712 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4392B3C-FD7A-4621-8B7D-F0A28A6F1FE6}\mpasbase.vdm - ok
20:40:35.0693 2712 [ 8A788ADCCFA5BA5AC391D340A4374C98 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4392B3C-FD7A-4621-8B7D-F0A28A6F1FE6}\mpasdlta.vdm
20:40:35.0694 2712 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4392B3C-FD7A-4621-8B7D-F0A28A6F1FE6}\mpasdlta.vdm - ok
20:40:35.0697 2712 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] C:\Windows\System32\drivers\drmkaud.sys
20:40:35.0698 2712 C:\Windows\System32\drivers\drmkaud.sys - ok
20:40:35.0701 2712 [ B1B7BF8A406A19CC4AD6E45555EA77E5 ] C:\Windows\System32\audiodg.exe
20:40:35.0701 2712 C:\Windows\System32\audiodg.exe - ok
20:40:35.0706 2712 [ 9694942A39AB2A7DF58A1D95EA37AC3D ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:40:35.0706 2712 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:40:35.0709 2712 [ 35A9D03D0B77E4A35104D851B1095A59 ] C:\Windows\System32\WinSCard.dll
20:40:35.0709 2712 C:\Windows\System32\WinSCard.dll - ok
20:40:35.0713 2712 [ 2CD4F35B30A5781D0628BEF5BC07CA70 ] C:\Windows\System32\rasplap.dll
20:40:35.0713 2712 C:\Windows\System32\rasplap.dll - ok
20:40:35.0716 2712 [ 4E579F380701D9BF0669ED61E8EC5951 ] C:\Windows\System32\rasapi32.dll
20:40:35.0716 2712 C:\Windows\System32\rasapi32.dll - ok
20:40:35.0720 2712 [ 9BCBDCA7312A0806CE7D8976C314A988 ] C:\Windows\System32\rasman.dll
20:40:35.0720 2712 C:\Windows\System32\rasman.dll - ok
20:40:35.0724 2712 [ BF832D4C49AAEA869E7D9248D0E73A83 ] C:\Windows\System32\rtutils.dll
20:40:35.0724 2712 C:\Windows\System32\rtutils.dll - ok
20:40:35.0728 2712 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
20:40:35.0728 2712 C:\Windows\System32\tapi32.dll - ok
20:40:35.0731 2712 [ 3B5E50A380AE03249C9F60E5BB28EFCB ] C:\Windows\System32\winmm.dll
20:40:35.0731 2712 C:\Windows\System32\winmm.dll - ok
20:40:35.0734 2712 [ 40AC3601ACA74A015C4E0DB0727929CA ] C:\Windows\System32\oleacc.dll
20:40:35.0734 2712 C:\Windows\System32\oleacc.dll - ok
20:40:35.0738 2712 [ BCF6589C42D8F6A20F33EF133FFE0524 ] C:\Windows\System32\gpsvc.dll
20:40:35.0738 2712 C:\Windows\System32\gpsvc.dll - ok
20:40:35.0741 2712 [ 8758474CE387F7F18F2672C89D8AF6E8 ] C:\Windows\System32\shgina.dll
20:40:35.0741 2712 C:\Windows\System32\shgina.dll - ok
20:40:35.0745 2712 [ 96BC076D1BA9FEE72709FC72DC025270 ] C:\Windows\System32\propsys.dll
20:40:35.0745 2712 C:\Windows\System32\propsys.dll - ok
20:40:35.0749 2712 [ 0227EDA48B7A2E8751557006D4ABD832 ] C:\Windows\System32\shacct.dll
20:40:35.0749 2712 C:\Windows\System32\shacct.dll - ok
20:40:35.0753 2712 [ 297ED36343DE583013757975AF58DA84 ] C:\Windows\System32\drivers\spsys.sys
20:40:35.0753 2712 C:\Windows\System32\drivers\spsys.sys - ok
20:40:35.0756 2712 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
20:40:35.0756 2712 C:\Windows\System32\ksuser.dll - ok
20:40:35.0760 2712 [ C3A87CA43956F2B8D0C3F567F129ABF3 ] C:\Windows\System32\wdmaud.drv
20:40:35.0760 2712 C:\Windows\System32\wdmaud.drv - ok
20:40:35.0763 2712 [ 03F14F32FA71F9DA9FA60CC0000EACD4 ] C:\Windows\System32\AudioEng.dll
20:40:35.0764 2712 C:\Windows\System32\AudioEng.dll - ok
20:40:35.0768 2712 [ 663C2340C3061A99D1C58F8094F66CEC ] C:\Windows\System32\AudioSes.dll
20:40:35.0768 2712 C:\Windows\System32\AudioSes.dll - ok
20:40:35.0770 2712 [ 02BA9C898969CA850C84DDF867378C27 ] C:\Windows\System32\msacm32.dll
20:40:35.0770 2712 C:\Windows\System32\msacm32.dll - ok
20:40:35.0774 2712 [ 49F6BF22FA9DAD48E5E6964B1775EEBF ] C:\Windows\System32\msacm32.drv
20:40:35.0774 2712 C:\Windows\System32\msacm32.drv - ok
20:40:35.0778 2712 [ 848E745A842F903FD521DB585AB00D97 ] C:\Windows\System32\midimap.dll
20:40:35.0778 2712 C:\Windows\System32\midimap.dll - ok
20:40:35.0782 2712 [ B2D633D018D722879B6AAAECE9CBFEE1 ] C:\Windows\System32\AUDIOKSE.dll
20:40:35.0782 2712 C:\Windows\System32\AUDIOKSE.dll - ok
20:40:35.0785 2712 [ 888CDDEF92D426563A6B7BAD9D08C2ED ] C:\Windows\System32\RtkAPO.dll
20:40:35.0785 2712 C:\Windows\System32\RtkAPO.dll - ok
20:40:35.0789 2712 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] C:\Windows\System32\drivers\fltMgr.sys
20:40:35.0789 2712 C:\Windows\System32\drivers\fltMgr.sys - ok
20:40:35.0793 2712 [ 8356A02DD1B2783987134FDF8B71633F ] C:\Windows\System32\ci.dll
20:40:35.0793 2712 C:\Windows\System32\ci.dll - ok
20:40:35.0796 2712 [ 0EEBCBCFE7DD5378BAC3EC1EEC046A5F ] C:\Program Files\Windows Defender\MpRtPlug.dll
20:40:35.0796 2712 C:\Program Files\Windows Defender\MpRtPlug.dll - ok
20:40:35.0800 2712 [ 1512BB9B328DAB003E71EFCFE19542C6 ] C:\Windows\System32\tdh.dll
20:40:35.0800 2712 C:\Windows\System32\tdh.dll - ok
20:40:35.0804 2712 [ 0F0DA05C44E911301028D9CEC6294EBB ] C:\Windows\System32\nlaapi.dll
20:40:35.0804 2712 C:\Windows\System32\nlaapi.dll - ok
20:40:35.0807 2712 [ 36C5C3CAB3B467BA68AE345C9B9DADC3 ] C:\Windows\System32\atl.dll
20:40:35.0807 2712 C:\Windows\System32\atl.dll - ok
20:40:35.0810 2712 [ 7B4971C3D43525175A4EA0D143E0412E ] C:\Windows\System32\es.dll
20:40:35.0810 2712 C:\Windows\System32\es.dll - ok
20:40:35.0814 2712 [ F79D0D7C9004474CB42746D9B2C30A2B ] C:\Windows\System32\uxsms.dll
20:40:35.0814 2712 C:\Windows\System32\uxsms.dll - ok
20:40:35.0817 2712 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
20:40:35.0817 2712 C:\Windows\System32\hid.dll - ok
20:40:35.0821 2712 [ FD015B4F95DAA2B712F0E372A116FBAD ] C:\Windows\System32\drivers\lltdio.sys
20:40:35.0821 2712 C:\Windows\System32\drivers\lltdio.sys - ok
20:40:35.0825 2712 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] C:\Windows\System32\drivers\rspndr.sys
20:40:35.0825 2712 C:\Windows\System32\drivers\rspndr.sys - ok
20:40:35.0829 2712 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] C:\Windows\System32\dnsrslvr.dll
20:40:35.0829 2712 C:\Windows\System32\dnsrslvr.dll - ok
20:40:35.0833 2712 [ 851FDD759A4A6F254C5AF09A5185EB4D ] C:\Windows\System32\atieclxx.exe
20:40:35.0833 2712 C:\Windows\System32\atieclxx.exe - ok
20:40:35.0837 2712 [ 5C8D22F3E0B49216C9D2E71BDF202218 ] C:\Windows\System32\dwmapi.dll
20:40:35.0837 2712 C:\Windows\System32\dwmapi.dll - ok
20:40:35.0840 2712 [ AD38BD7F36A71D1B0BE965BD3CB376AC ] C:\Windows\System32\WindowsCodecs.dll
20:40:35.0840 2712 C:\Windows\System32\WindowsCodecs.dll - ok
20:40:35.0844 2712 [ B26601A7F546A7424F6F772A5DD3FA10 ] C:\Windows\System32\atiadlxx.dll
20:40:35.0844 2712 C:\Windows\System32\atiadlxx.dll - ok
20:40:35.0848 2712 [ E5DBB8BB4374C7739F3AE05623983A59 ] C:\Windows\System32\wisptis.exe
20:40:35.0848 2712 C:\Windows\System32\wisptis.exe - ok
20:40:35.0852 2712 [ 4A05089F43041903A3C523A3C16E3350 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
20:40:35.0852 2712 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll - ok
20:40:35.0856 2712 [ 1A000BFD90B64B8A5D6BAC50149FF410 ] C:\Windows\System32\Tabbtn.dll
20:40:35.0856 2712 C:\Windows\System32\Tabbtn.dll - ok
20:40:35.0859 2712 [ 972A0C4A4CBF7575D5E2CA20229820B9 ] C:\Windows\System32\PSHED.DLL
20:40:35.0859 2712 C:\Windows\System32\PSHED.DLL - ok
20:40:35.0863 2712 [ D6185339319ADE924A5531196AE4040F ] C:\Windows\System32\WMALFXGFXDSP.dll
20:40:35.0863 2712 C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:40:35.0867 2712 [ 3283DE6F4B572CE2E1710F336489AA28 ] C:\Windows\System32\mfplat.dll
20:40:35.0867 2712 C:\Windows\System32\mfplat.dll - ok
20:40:35.0870 2712 [ 7812ED1E5F39F057C725ED9EFAE19529 ] C:\Windows\System32\actxprxy.dll
20:40:35.0870 2712 C:\Windows\System32\actxprxy.dll - ok
20:40:35.0874 2712 [ 38D84E4D1F7514B883D2858C54E81441 ] C:\Windows\System32\ktmw32.dll
20:40:35.0874 2712 C:\Windows\System32\ktmw32.dll - ok
20:40:35.0877 2712 [ 096B4ACC6E513D400B79BBE986A12AC3 ] C:\Windows\System32\taskcomp.dll
20:40:35.0877 2712 C:\Windows\System32\taskcomp.dll - ok
20:40:35.0881 2712 [ 151A9EB1398736668D9E78DECFD013D2 ] C:\Windows\System32\wiarpc.dll
20:40:35.0881 2712 C:\Windows\System32\wiarpc.dll - ok
20:40:35.0885 2712 [ 5637078F2AB4E28F0E308A26089D9C92 ] C:\Windows\System32\drivers\http.sys
20:40:35.0885 2712 C:\Windows\System32\drivers\http.sys - ok
20:40:35.0889 2712 [ 976B09666D0A076ECC3F330891DA0DAD ] C:\Windows\System32\spoolss.dll
20:40:35.0889 2712 C:\Windows\System32\spoolss.dll - ok
20:40:35.0893 2712 [ CD11A0767E82DD8B1A3A26D305DBEC0F ] C:\Windows\System32\drivers\srvnet.sys
20:40:35.0893 2712 C:\Windows\System32\drivers\srvnet.sys - ok
20:40:35.0897 2712 [ BBC285B1A17A0C08FC6A2E1FB3E9D141 ] C:\Windows\System32\FWPUCLNT.DLL
20:40:35.0897 2712 C:\Windows\System32\FWPUCLNT.DLL - ok
20:40:35.0901 2712 [ 913CD06FBE9105CE6077E90FD4418561 ] C:\Windows\System32\drivers\bowser.sys
20:40:35.0901 2712 C:\Windows\System32\drivers\bowser.sys - ok
20:40:35.0905 2712 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] C:\Windows\System32\drivers\mpsdrv.sys
20:40:35.0905 2712 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:40:35.0908 2712 [ 563ED845885C6A7C09A7715D8BD0585C ] C:\Windows\System32\MPSSVC.dll
20:40:35.0908 2712 C:\Windows\System32\MPSSVC.dll - ok
20:40:35.0912 2712 [ 1D8828B98EE309D65E006F0829E280E5 ] C:\Windows\System32\drivers\mrxdav.sys
20:40:35.0913 2712 C:\Windows\System32\drivers\mrxdav.sys - ok
20:40:35.0917 2712 [ 529B64F9735D27FEF1B8EA1678F8C79E ] C:\Windows\System32\drivers\mrxsmb.sys
20:40:35.0917 2712 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:40:35.0921 2712 [ 2BBD3970018270D2C6A0B069F568154E ] C:\Windows\System32\drivers\mrxsmb10.sys
20:40:35.0921 2712 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:40:35.0925 2712 [ 30A67C7D8B80281028916DED6A64AEC9 ] C:\Windows\System32\drivers\mrxsmb20.sys
20:40:35.0925 2712 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:40:35.0929 2712 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] C:\Windows\System32\drivers\srv2.sys
20:40:35.0929 2712 C:\Windows\System32\drivers\srv2.sys - ok
20:40:35.0933 2712 [ C962E98179E54B769028C025C7E470A5 ] C:\Windows\System32\drivers\srv.sys
20:40:35.0933 2712 C:\Windows\System32\drivers\srv.sys - ok
20:40:35.0937 2712 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
20:40:35.0937 2712 C:\Windows\System32\netmsg.dll - ok
20:40:35.0940 2712 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
20:40:35.0940 2712 C:\Windows\System32\sscore.dll - ok
20:40:35.0944 2712 [ 9FB0C935D2FC55EC1DC648D6A085E66C ] C:\Windows\System32\clusapi.dll
20:40:35.0944 2712 C:\Windows\System32\clusapi.dll - ok
20:40:35.0948 2712 [ A9CB04FABBB885C98EC3620E0540ED47 ] C:\Windows\System32\activeds.dll
20:40:35.0948 2712 C:\Windows\System32\activeds.dll - ok
20:40:35.0951 2712 [ B86BE8E7D6709018C73E4B5E1C070F65 ] C:\Windows\System32\adsldpc.dll
20:40:35.0951 2712 C:\Windows\System32\adsldpc.dll - ok
20:40:35.0955 2712 [ 4A448F53FEA2AF8DC606827BCB2B703A ] C:\Windows\System32\wfapigp.dll
20:40:35.0955 2712 C:\Windows\System32\wfapigp.dll - ok
20:40:35.0958 2712 [ 6A6E9935532F74A074BDD7C3D84A4376 ] C:\Windows\System32\credui.dll
20:40:35.0959 2712 C:\Windows\System32\credui.dll - ok
20:40:35.0964 2712 [ BA767B42633E32719018F0D02AC01C59 ] C:\Windows\System32\resutils.dll
20:40:35.0964 2712 C:\Windows\System32\resutils.dll - ok
20:40:35.0968 2712 [ 6CFCA2A5B71C1CB908049DBC6BF6C6D1 ] C:\Windows\System32\mscms.dll
20:40:35.0968 2712 C:\Windows\System32\mscms.dll - ok
20:40:35.0971 2712 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe
20:40:35.0972 2712 C:\Windows\System32\plasrv.exe - ok
20:40:35.0975 2712 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys
20:40:35.0975 2712 C:\Windows\System32\drivers\parport.sys - ok
20:40:35.0980 2712 [ 3DEBBECF665DCDDE3A95D9B902010817 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:40:35.0980 2712 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:40:35.0984 2712 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
20:40:35.0984 2712 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
20:40:35.0988 2712 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
20:40:35.0988 2712 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
20:40:35.0993 2712 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
20:40:35.0993 2712 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
20:40:35.0998 2712 [ 2503287BD19AE52E36E9DE42834A2AC0 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
20:40:35.0998 2712 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
20:40:36.0002 2712 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
20:40:36.0002 2712 C:\Windows\System32\dllhost.exe - ok
20:40:36.0006 2712 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
20:40:36.0006 2712 C:\Windows\System32\shimeng.dll - ok
20:40:36.0011 2712 [ 6FE3E3A215E55C76A811B9B56A5AEB09 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:40:36.0011 2712 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:40:36.0015 2712 [ 75CA4D4A08973D08C10163736A4AFB27 ] C:\Windows\System32\KBDJPN.DLL
20:40:36.0015 2712 C:\Windows\System32\KBDJPN.DLL - ok
20:40:36.0019 2712 [ 00B95FF7A132BA97B4EC6D1E686F679E ] C:\Windows\System32\kbd101.dll
20:40:36.0019 2712 C:\Windows\System32\kbd101.dll - ok
20:40:36.0021 2712 [ 92B98FEE829620FD36943B3187D0F408 ] C:\Windows\System32\kbd106.dll
20:40:36.0021 2712 C:\Windows\System32\kbd106.dll - ok
20:40:36.0024 2712 [ 64566AE19E8656D3E6A526024381F05E ] C:\Windows\System32\kbdnec.dll
20:40:36.0024 2712 C:\Windows\System32\kbdnec.dll - ok
20:40:36.0029 2712 [ 89AE93A81985A65BFA55071DAA8C7CD0 ] C:\Windows\System32\AtBroker.exe
20:40:36.0029 2712 C:\Windows\System32\AtBroker.exe - ok
20:40:36.0032 2712 [ 22027835939F86C3E47AD8E3FBDE3D11 ] C:\Windows\System32\userinit.exe
20:40:36.0032 2712 C:\Windows\System32\userinit.exe - ok
20:40:36.0036 2712 [ 8AB84CD4DF5591D7E59667BF90943372 ] C:\Windows\System32\dwmredir.dll
20:40:36.0036 2712 C:\Windows\System32\dwmredir.dll - ok
20:40:36.0040 2712 [ 77958E07E2A98C7DB5F98C04DE3440B6 ] C:\Windows\System32\milcore.dll
20:40:36.0040 2712 C:\Windows\System32\milcore.dll - ok
20:40:36.0044 2712 [ 0D75A1CFD1215875C8DD0BB9AFF4695C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:40:36.0044 2712 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:40:36.0048 2712 [ 7870FB37A74418E55B0A7DE4776D9E75 ] C:\Windows\System32\wsock32.dll
20:40:36.0048 2712 C:\Windows\System32\wsock32.dll - ok
20:40:36.0052 2712 [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
20:40:36.0053 2712 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
20:40:36.0057 2712 [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
20:40:36.0057 2712 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:40:36.0062 2712 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
20:40:36.0062 2712 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
20:40:36.0066 2712 [ 1226E9FAE5B8508801EC974E3C9D9C14 ] C:\Windows\System32\taskeng.exe
20:40:36.0066 2712 C:\Windows\System32\taskeng.exe - ok
20:40:36.0071 2712 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
20:40:36.0071 2712 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
20:40:36.0075 2712 [ FF78B8E67EDCE9FEED651D7858D77A04 ] C:\Windows\System32\winrnr.dll
20:40:36.0075 2712 C:\Windows\System32\winrnr.dll - ok
20:40:36.0079 2712 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
20:40:36.0079 2712 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
20:40:36.0083 2712 [ 5230CEAFFA943BB7F0436353A6567092 ] C:\Windows\System32\TabbtnEx.dll
20:40:36.0083 2712 C:\Windows\System32\TabbtnEx.dll - ok
20:40:36.0087 2712 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
20:40:36.0087 2712 C:\Windows\System32\rasadhlp.dll - ok
20:40:36.0091 2712 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
20:40:36.0091 2712 C:\Windows\System32\TSChannel.dll - ok
20:40:36.0095 2712 [ 50F69B362FA8C08E7D447842DBEDAD99 ] C:\Windows\System32\HotStartUserAgent.dll
20:40:36.0095 2712 C:\Windows\System32\HotStartUserAgent.dll - ok
20:40:36.0098 2712 [ 5ED1BC5287C8F8A3DA10403152E7BD8B ] C:\Windows\System32\PlaySndSrv.dll
20:40:36.0098 2712 C:\Windows\System32\PlaySndSrv.dll - ok
20:40:36.0102 2712 [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
20:40:36.0102 2712 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:40:36.0106 2712 [ 1224BC6DE919F8CD8C1C945280E63852 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:40:36.0106 2712 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:40:36.0110 2712 [ 38CCE934026691EA652C9955BB8AA04A ] C:\Windows\System32\vssapi.dll
20:40:36.0110 2712 C:\Windows\System32\vssapi.dll - ok
20:40:36.0115 2712 [ A0B584C33F55545D56F9E71FB4E203AC ] C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
20:40:36.0115 2712 C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe - ok
20:40:36.0119 2712 [ AF5EE37A862936A727A766466A1D4586 ] C:\Windows\System32\taskschd.dll
20:40:36.0119 2712 C:\Windows\System32\taskschd.dll - ok
20:40:36.0124 2712 [ 905B5BF5BE0A86E8412801BF20357195 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
20:40:36.0124 2712 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
20:40:36.0129 2712 [ 444913C1ED26EEAD3F84E11D47AE88AE ] C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\NMSMC.dll
20:40:36.0129 2712 C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\NMSMC.dll - ok
20:40:36.0133 2712 [ B25DBC371CDE14C9CBCCB6329C46E7E8 ] C:\Windows\System32\WSDApi.dll
20:40:36.0133 2712 C:\Windows\System32\WSDApi.dll - ok
20:40:36.0137 2712 [ ED627F91528C9829AA1C248ACCD1AC7A ] C:\Windows\System32\wdscore.dll
20:40:36.0137 2712 C:\Windows\System32\wdscore.dll - ok
20:40:36.0141 2712 [ C33A926D97B79DE701CF9B227F4A555A ] C:\Windows\System32\httpapi.dll
20:40:36.0141 2712 C:\Windows\System32\httpapi.dll - ok
20:40:36.0145 2712 [ 0E99592E68DD44610B473B7A024FA32D ] C:\Windows\System32\fundisc.dll
20:40:36.0145 2712 C:\Windows\System32\fundisc.dll - ok
20:40:36.0149 2712 [ D72F2A013ADA9E2DDA417887A8DFD217 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
20:40:36.0149 2712 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
20:40:36.0153 2712 [ CE5AF42679DD85947D2D287594F22CE0 ] C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe
20:40:36.0153 2712 C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe - ok
20:40:36.0157 2712 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\System32\msvcr71.dll
20:40:36.0157 2712 C:\Windows\System32\msvcr71.dll - ok
20:40:36.0161 2712 [ C72DC4848F94A84BDBAE3B1080086316 ] C:\Windows\System32\msxml3.dll
20:40:36.0161 2712 C:\Windows\System32\msxml3.dll - ok
20:40:36.0165 2712 [ B750537F8C6BDF578D39281460EA7468 ] C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHReconfSvc.exe
20:40:36.0165 2712 C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHReconfSvc.exe - ok
20:40:36.0170 2712 [ 793FF718477345CD5D232C50BED1E452 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:40:36.0170 2712 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
20:40:36.0174 2712 [ D358B1A8F68E9A387DB2E2C216CFE2A5 ] C:\Windows\System32\msvbvm60.dll
20:40:36.0174 2712 C:\Windows\System32\msvbvm60.dll - ok
20:40:36.0178 2712 [ D7EB32B51B7472FBEE86BFA47B3C4BC5 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
20:40:36.0178 2712 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
20:40:36.0182 2712 [ 0EE266A90D43E82A07CF33755D6DE1CC ] C:\Program Files\Common Files\LightScribe\LSLog.dll
20:40:36.0182 2712 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
20:40:36.0186 2712 [ 28B257AE1B63699A3415CBC80E26F7E1 ] C:\Windows\System32\vsstrace.dll
20:40:36.0186 2712 C:\Windows\System32\vsstrace.dll - ok
20:40:36.0190 2712 [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:40:36.0190 2712 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
20:40:36.0194 2712 [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
20:40:36.0194 2712 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
20:40:36.0198 2712 [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
20:40:36.0198 2712 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
20:40:36.0201 2712 [ E72A22DCF0733AC06695ACD2268F6EB3 ] C:\Windows\System32\d3d9.dll
20:40:36.0201 2712 C:\Windows\System32\d3d9.dll - ok
20:40:36.0205 2712 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
20:40:36.0205 2712 C:\Windows\System32\d3d8thk.dll - ok
20:40:36.0209 2712 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:40:36.0209 2712 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
20:40:36.0213 2712 [ BB05618F2FDC188AFC904941D110735A ] C:\Windows\System32\aticfx32.dll
20:40:36.0213 2712 C:\Windows\System32\aticfx32.dll - ok
20:40:36.0216 2712 [ B710F24DE8FDDC8720A8EAC0748B3FD5 ] C:\Windows\System32\atiu9pag.dll
20:40:36.0216 2712 C:\Windows\System32\atiu9pag.dll - ok
20:40:36.0220 2712 [ 24A936EC6DD913A2F946EED4E215157E ] C:\Windows\System32\atiumdag.dll
20:40:36.0220 2712 C:\Windows\System32\atiumdag.dll - ok
20:40:36.0223 2712 [ 37440D09DEAE0B672A04DCCF7ABF06BE ] C:\Windows\explorer.exe
20:40:36.0223 2712 C:\Windows\explorer.exe - ok
20:40:36.0227 2712 [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
20:40:36.0227 2712 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
20:40:36.0231 2712 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys
20:40:36.0231 2712 C:\Windows\System32\drivers\mdmxsdk.sys - ok
20:40:36.0235 2712 [ D7174549A3B550501C96B49DDF9EDF88 ] C:\Windows\System32\mfevtps.exe
20:40:36.0235 2712 C:\Windows\System32\mfevtps.exe - ok
20:40:36.0239 2712 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
20:40:36.0239 2712 C:\Windows\System32\sfc.dll - ok
20:40:36.0242 2712 [ 4DB158BC772FD434036487DCB7825625 ] C:\Windows\System32\sfc_os.dll
20:40:36.0242 2712 C:\Windows\System32\sfc_os.dll - ok
20:40:36.0246 2712 [ BD71AA430743613803FE92DE14137347 ] C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
20:40:36.0246 2712 C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe - ok
20:40:36.0250 2712 [ 85508A59E3B0D12D4737184A11C5F8E2 ] C:\Windows\System32\ncsi.dll
20:40:36.0250 2712 C:\Windows\System32\ncsi.dll - ok
20:40:36.0253 2712 [ 447108589F2074FFCD3FCFB690E43026 ] C:\Windows\System32\NLSSRV32.EXE
20:40:36.0253 2712 C:\Windows\System32\NLSSRV32.EXE - ok
20:40:36.0258 2712 [ E42320B5A0B23BCB2F324286D0572D68 ] C:\Windows\System32\winspool.drv
20:40:36.0258 2712 C:\Windows\System32\winspool.drv - ok
20:40:36.0263 2712 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
20:40:36.0263 2712 C:\Windows\System32\drivers\PEAuth.sys - ok
20:40:36.0267 2712 [ A4B7D7F3675B7C4490C066A4829CB26D ] C:\Windows\System32\shdocvw.dll
20:40:36.0267 2712 C:\Windows\System32\shdocvw.dll - ok
20:40:36.0269 2712 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] C:\Windows\System32\IPSECSVC.DLL
20:40:36.0269 2712 C:\Windows\System32\IPSECSVC.DLL - ok
20:40:36.0276 2712 [ F115AF58ABE5605D7D709CBFBD83F418 ] C:\Windows\System32\PSIService.exe
20:40:36.0276 2712 C:\Windows\System32\PSIService.exe - ok
20:40:36.0280 2712 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
20:40:36.0280 2712 C:\Windows\System32\ssdpapi.dll - ok
20:40:36.0284 2712 [ 8FDA02E3E944E203E118F3DABA7C026D ] C:\Windows\System32\PSIKey.dll
20:40:36.0284 2712 C:\Windows\System32\PSIKey.dll - ok
20:40:36.0288 2712 [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
20:40:36.0288 2712 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
20:40:36.0292 2712 [ A5D1DE63B11448213BF34E14FEA6F117 ] C:\Windows\System32\FwRemoteSvr.dll
20:40:36.0292 2712 C:\Windows\System32\FwRemoteSvr.dll - ok
20:40:36.0296 2712 [ E37137CB0031440061EB3BF14EC6AC74 ] C:\Windows\System32\localspl.dll
20:40:36.0296 2712 C:\Windows\System32\localspl.dll - ok
20:40:36.0300 2712 [ B886D818B9265518A1A6D4AEE43C8159 ] C:\Windows\System32\umb.dll
20:40:36.0300 2712 C:\Windows\System32\umb.dll - ok
20:40:36.0304 2712 [ A38E6C61CD7F4D393DB30992D9F603C8 ] C:\Windows\System32\nitrolocalmon2.dll
20:40:36.0304 2712 C:\Windows\System32\nitrolocalmon2.dll - ok
20:40:36.0308 2712 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
20:40:36.0308 2712 C:\Windows\System32\drivers\secdrv.sys - ok
20:40:36.0311 2712 [ EC4A360BA892320DA05BA504EA7390BC ] C:\Windows\System32\browseui.dll
20:40:36.0311 2712 C:\Windows\System32\browseui.dll - ok
20:40:36.0315 2712 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
20:40:36.0315 2712 C:\Windows\System32\wiatrace.dll - ok
20:40:36.0319 2712 [ 5C112CB49B85449C418814BDFD537379 ] C:\Windows\System32\Primomonnt.dll
20:40:36.0319 2712 C:\Windows\System32\Primomonnt.dll - ok
20:40:36.0323 2712 [ CCAF246004F719F858E841A2BA12C308 ] C:\Windows\System32\wsdchngr.dll
20:40:36.0323 2712 C:\Windows\System32\wsdchngr.dll - ok
20:40:36.0327 2712 [ 8A55C033F2D2C9318AA8F85F80117BA8 ] C:\Windows\System32\msonpmon.dll
20:40:36.0327 2712 C:\Windows\System32\msonpmon.dll - ok
20:40:36.0330 2712 [ A68164A7BD62ADEE8ABDB3B88561E2C9 ] C:\Windows\System32\msi.dll
20:40:36.0330 2712 C:\Windows\System32\msi.dll - ok
20:40:36.0334 2712 [ 8F58544719E1C435BC36A8B207096581 ] C:\Windows\System32\verclsid.exe
20:40:36.0334 2712 C:\Windows\System32\verclsid.exe - ok
20:40:36.0338 2712 [ 930349946FF183F06FC78351E11B7A9A ] C:\Windows\System32\cfgmgr32.dll
20:40:36.0338 2712 C:\Windows\System32\cfgmgr32.dll - ok
20:40:36.0342 2712 [ 0DE9ACF3287002C3D982CA80BE2289A5 ] C:\Windows\System32\xrwcscd.dll
20:40:36.0342 2712 C:\Windows\System32\xrwcscd.dll - ok
20:40:36.0345 2712 [ BA9D96EF2999EF216B18C70B574D8746 ] C:\Windows\System32\Wacom_Tablet.exe
20:40:36.0345 2712 C:\Windows\System32\Wacom_Tablet.exe - ok
20:40:36.0350 2712 [ 28804418C0109F94CC700050678CA437 ] C:\Windows\System32\xrwc4ppb.dll
20:40:36.0350 2712 C:\Windows\System32\xrwc4ppb.dll - ok
20:40:36.0356 2712 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
20:40:36.0356 2712 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
20:40:36.0361 2712 [ 5D76C8CC87D0EFBE0B4A3BEF6B67EBF0 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
20:40:36.0361 2712 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
20:40:36.0368 2712 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
20:40:36.0368 2712 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
20:40:36.0373 2712 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
20:40:36.0373 2712 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
20:40:36.0377 2712 [ 079FDC65148018E64DFCCEA671E8308C ] C:\Windows\System32\tcpmon.dll
20:40:36.0377 2712 C:\Windows\System32\tcpmon.dll - ok
20:40:36.0381 2712 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
20:40:36.0381 2712 C:\Windows\System32\snmpapi.dll - ok
20:40:36.0385 2712 [ F891E412E27C3375257E3D5BD6E17431 ] C:\Windows\System32\wsnmp32.dll
20:40:36.0385 2712 C:\Windows\System32\wsnmp32.dll - ok
20:40:36.0389 2712 [ 473DF61261C234A4A4C577F3631B9327 ] C:\Windows\System32\msxml6.dll
20:40:36.0389 2712 C:\Windows\System32\msxml6.dll - ok
20:40:36.0392 2712 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
20:40:36.0392 2712 C:\Windows\System32\mgmtapi.dll - ok
20:40:36.0396 2712 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
20:40:36.0396 2712 C:\Windows\System32\tcpmib.dll - ok
20:40:36.0399 2712 [ 2E3166B370D65D61C05B2E3A662F6EEF ] C:\Windows\System32\usbmon.dll
20:40:36.0400 2712 C:\Windows\System32\usbmon.dll - ok
20:40:36.0403 2712 [ AC5C0C85F248DD2D4BA9805FE2635AEA ] C:\Windows\System32\WSDMon.dll
20:40:36.0403 2712 C:\Windows\System32\WSDMon.dll - ok
20:40:36.0407 2712 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
20:40:36.0407 2712 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
20:40:36.0411 2712 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] C:\Windows\System32\drivers\tcpipreg.sys
20:40:36.0411 2712 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:40:36.0415 2712 [ 04A677AE406EF88E4AFE0FC0EE3F2908 ] C:\Windows\System32\icaapi.dll
20:40:36.0415 2712 C:\Windows\System32\icaapi.dll - ok
20:40:36.0419 2712 [ 75468777EE7CB712E984E27001BF07C2 ] C:\Windows\System32\TsService.exe
20:40:36.0419 2712 C:\Windows\System32\TsService.exe - ok
20:40:36.0422 2712 [ 9B0C6B58F6ED75BB793B6E536DDB6A3D ] C:\Windows\System32\TptmLib.dll
20:40:36.0422 2712 C:\Windows\System32\TptmLib.dll - ok
20:40:36.0426 2712 [ 9AD8D54807B34897E41F68C6FF27F3CC ] C:\Windows\System32\win32spl.dll
20:40:36.0426 2712 C:\Windows\System32\win32spl.dll - ok
20:40:36.0431 2712 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
20:40:36.0431 2712 C:\Windows\System32\netrap.dll - ok
20:40:36.0434 2712 [ D37ED6C2721764E3D08C975DD977A5EE ] C:\Windows\System32\printcom.dll
20:40:36.0434 2712 C:\Windows\System32\printcom.dll - ok
20:40:36.0438 2712 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
20:40:36.0438 2712 C:\Windows\System32\SensApi.dll - ok
20:40:36.0442 2712 [ 38A7B89DE4E3417C122317949667FDD8 ] C:\Windows\System32\wbem\WMIsvc.dll
20:40:36.0442 2712 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:40:36.0446 2712 [ 0F0C15A3D8F98A9CAE53235CDFA9A695 ] C:\Windows\System32\inetpp.dll
20:40:36.0446 2712 C:\Windows\System32\inetpp.dll - ok
20:40:36.0450 2712 [ C5BFC12E10AFA0C80C8912BA6BBFE44C ] C:\Windows\System32\PortableDeviceApi.dll
20:40:36.0450 2712 C:\Windows\System32\PortableDeviceApi.dll - ok
20:40:36.0453 2712 [ F806DA1E15896659E3A1E00F3A9FC8BF ] C:\Windows\System32\tquery.dll
20:40:36.0453 2712 C:\Windows\System32\tquery.dll - ok
20:40:36.0457 2712 [ D024930AE4DFFCFCE97481A77D485FBB ] C:\Windows\System32\wbem\wbemcomn.dll
20:40:36.0457 2712 C:\Windows\System32\wbem\wbemcomn.dll - ok
20:40:36.0461 2712 [ 373BB8D77133CBB854B039F23D474C46 ] C:\Windows\System32\Query.dll
20:40:36.0461 2712 C:\Windows\System32\Query.dll - ok
20:40:36.0465 2712 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
20:40:36.0465 2712 C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:40:36.0468 2712 [ 2F15BE6B5C7F2FF7FE3656F6B1858DE4 ] C:\Windows\System32\msstrc.dll
20:40:36.0468 2712 C:\Windows\System32\msstrc.dll - ok
20:40:36.0472 2712 [ CD5F291A1161F15896D1A4D63DAFF5DF ] C:\Windows\System32\drivers\XAudio.exe
20:40:36.0472 2712 C:\Windows\System32\drivers\XAudio.exe - ok
20:40:36.0476 2712 [ DAB33CFA9DD24251AAA389FF36B64D4B ] C:\Windows\System32\drivers\XAudio.sys
20:40:36.0476 2712 C:\Windows\System32\drivers\XAudio.sys - ok
20:40:36.0480 2712 [ 43C8CCD4F24A245379116592BEF9E70F ] C:\Windows\System32\mssrch.dll
20:40:36.0480 2712 C:\Windows\System32\mssrch.dll - ok
20:40:36.0484 2712 [ 25B2065B6EE1B9DA77899CE8BAC251A2 ] C:\Windows\System32\WTablet\Wacom_TabletUser.exe
20:40:36.0484 2712 C:\Windows\System32\WTablet\Wacom_TabletUser.exe - ok
20:40:36.0487 2712 [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Windows\System32\sqmapi.dll
20:40:36.0487 2712 C:\Windows\System32\sqmapi.dll - ok
20:40:36.0491 2712 [ FDE35AE1E3A1F21AE1E31674295F31E9 ] C:\Windows\System32\netcfgx.dll
20:40:36.0491 2712 C:\Windows\System32\netcfgx.dll - ok
20:40:36.0494 2712 [ AAA5518DEE99D976A6FE6BE691F64BD0 ] C:\Windows\System32\dbghelp.dll
20:40:36.0495 2712 C:\Windows\System32\dbghelp.dll - ok
20:40:36.0498 2712 [ 312BA286EB3BE9EAE82DA427ED2C0284 ] C:\Windows\System32\hnetcfg.dll
20:40:36.0498 2712 C:\Windows\System32\hnetcfg.dll - ok
20:40:36.0502 2712 [ B8A559FDF98DD186AB84898E7DD191DC ] C:\Windows\System32\wbem\wbemprox.dll
20:40:36.0502 2712 C:\Windows\System32\wbem\wbemprox.dll - ok
20:40:36.0506 2712 [ A5AAD78A599FDD93D87745439FF37DA9 ] C:\Windows\System32\msidle.dll
20:40:36.0506 2712 C:\Windows\System32\msidle.dll - ok
20:40:36.0510 2712 [ C96A5DBA9FEA24D6C5C4BA77ED851CA7 ] C:\Windows\System32\propdefs.dll
20:40:36.0510 2712 C:\Windows\System32\propdefs.dll - ok
20:40:36.0514 2712 [ 47D89DC720723845900D483C7D80B00F ] C:\Windows\System32\wbem\wbemcore.dll
20:40:36.0514 2712 C:\Windows\System32\wbem\wbemcore.dll - ok
20:40:36.0518 2712 [ F83F25652D6B91F15630541429A216B4 ] C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
20:40:36.0518 2712 C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe - ok
20:40:36.0521 2712 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
20:40:36.0521 2712 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll - ok
20:40:36.0526 2712 [ C3BAC3F95F2FB22BA903928B68B107CC ] C:\Windows\System32\wbem\esscli.dll
20:40:36.0526 2712 C:\Windows\System32\wbem\esscli.dll - ok
20:40:36.0533 2712 [ 798FD364677DA5278266102371B96F4B ] C:\Windows\System32\wbem\fastprox.dll
20:40:36.0533 2712 C:\Windows\System32\wbem\fastprox.dll - ok
20:40:36.0537 2712 [ 4297615D968B294D8E95270EA7FC6A65 ] C:\Windows\System32\wbem\wbemsvc.dll
20:40:36.0537 2712 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:40:36.0542 2712 [ EB6F35234AD9D628184B6AFAD129B23A ] C:\Windows\System32\en-US\tquery.dll.mui
20:40:36.0542 2712 C:\Windows\System32\en-US\tquery.dll.mui - ok
20:40:36.0546 2712 [ 0F751202DD25E725CB9556A8A1257B9B ] C:\Windows\System32\wbem\wmiutils.dll
20:40:36.0546 2712 C:\Windows\System32\wbem\wmiutils.dll - ok
20:40:36.0550 2712 [ 1692212E48CFA7E3B4647ECCE6308B46 ] C:\Windows\System32\esent.dll
20:40:36.0550 2712 C:\Windows\System32\esent.dll - ok
20:40:36.0553 2712 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
20:40:36.0553 2712 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll - ok
20:40:36.0558 2712 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
20:40:36.0558 2712 C:\Windows\System32\imageres.dll - ok
20:40:36.0562 2712 [ CCA209EB7B096D2BAB66A4DBD500C088 ] C:\Windows\System32\wbem\repdrvfs.dll
20:40:36.0562 2712 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:40:36.0566 2712 [ E046D89F1872801602DFE94E97F7409E ] C:\Windows\System32\msscb.dll
20:40:36.0566 2712 C:\Windows\System32\msscb.dll - ok
20:40:36.0570 2712 [ EF1AF4F31EB84958F9B592184572D861 ] C:\Program Files\Common Files\Mcafee\AMCore\quarantine.dll
20:40:36.0570 2712 C:\Program Files\Common Files\Mcafee\AMCore\quarantine.dll - ok
20:40:36.0574 2712 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
20:40:36.0574 2712 C:\Windows\System32\shfolder.dll - ok
20:40:36.0578 2712 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
20:40:36.0578 2712 C:\Windows\System32\IconCodecService.dll - ok
20:40:36.0583 2712 [ E9D9072F3856B22E2EA05BECA7AA568B ] C:\Program Files\Common Files\Mcafee\AMCore\mfezip.dll
20:40:36.0583 2712 C:\Program Files\Common Files\Mcafee\AMCore\mfezip.dll - ok
20:40:36.0589 2712 [ D24CEF0216E5AED59AFF4BA11F37274E ] C:\Windows\System32\runonce.exe
20:40:36.0589 2712 C:\Windows\System32\runonce.exe - ok
20:40:36.0594 2712 [ E6E2DA076B902C99E40BD202A2936949 ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:40:36.0594 2712 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:40:36.0598 2712 [ FB1419A8A18CA522AFA8FA2A8236165E ] C:\Program Files\Common Files\Mcafee\AMCore\mfeunzip.dll
20:40:36.0598 2712 C:\Program Files\Common Files\Mcafee\AMCore\mfeunzip.dll - ok
20:40:36.0603 2712 [ 4C3384D6231167CA29C36A6B003710C5 ] C:\Program Files\Common Files\Mcafee\AMCore\MFE_DS.dll
20:40:36.0603 2712 C:\Program Files\Common Files\Mcafee\AMCore\MFE_DS.dll - ok
20:40:36.0607 2712 [ 9721E7EDB7F47CD9F8D02C9369052630 ] C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
20:40:36.0608 2712 C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe - ok
20:40:36.0612 2712 [ 159E7989598A708CD8FF210DA9BA503D ] C:\Program Files\Common Files\Mcafee\SystemCore\mfehida.dll
20:40:36.0612 2712 C:\Program Files\Common Files\Mcafee\SystemCore\mfehida.dll - ok
20:40:36.0616 2712 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] C:\Windows\System32\netprofm.dll
20:40:36.0616 2712 C:\Windows\System32\netprofm.dll - ok
20:40:36.0620 2712 [ CBA7C7E2149FE81ED352D80DAE63728E ] C:\Program Files\Common Files\Mcafee\AMCore\lua_lib.dll
20:40:36.0620 2712 C:\Program Files\Common Files\Mcafee\AMCore\lua_lib.dll - ok
20:40:36.0625 2712 [ 349CD4318E6E351C9BB72EE13B7CA807 ] C:\Windows\System32\cmd.exe
20:40:36.0625 2712 C:\Windows\System32\cmd.exe - ok
20:40:36.0629 2712 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
20:40:36.0629 2712 C:\Windows\System32\npmproxy.dll - ok
20:40:36.0633 2712 [ BD1D1FD2AC8579F94D97D976D498BECA ] C:\Windows\System32\wbem\wbemess.dll
20:40:36.0633 2712 C:\Windows\System32\wbem\wbemess.dll - ok
20:40:36.0637 2712 [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
20:40:36.0637 2712 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe - ok
20:40:36.0642 2712 [ CAF3FFAFF5E0B022A5A01764056F2BC8 ] C:\Program Files\Common Files\Mcafee\AMCore\MFE_CS.dll
20:40:36.0643 2712 C:\Program Files\Common Files\Mcafee\AMCore\MFE_CS.dll - ok
20:40:36.0646 2712 [ DB2315CF9E9B593568DC60141772B2AB ] C:\Windows\System32\ieframe.dll
20:40:36.0647 2712 C:\Windows\System32\ieframe.dll - ok
20:40:36.0651 2712 [ AB4CFB445F6BCE158E752D830C9DE9A8 ] C:\Program Files\Common Files\Mcafee\AMCore\ncapi.dll
20:40:36.0651 2712 C:\Program Files\Common Files\Mcafee\AMCore\ncapi.dll - ok
20:40:36.0655 2712 [ E6F5751B85299DC1544FDE05730E00A5 ] C:\Program Files\Common Files\Mcafee\AMCore\EMMain.dll
20:40:36.0655 2712 C:\Program Files\Common Files\Mcafee\AMCore\EMMain.dll - ok
20:40:36.0660 2712 [ E6406A6BBB052B6CC47DFCE847F88408 ] C:\Windows\System32\wer.dll
20:40:36.0661 2712 C:\Windows\System32\wer.dll - ok
20:40:36.0665 2712 [ AEA13CDEB45B92235B07B36DB22EE09F ] C:\Windows\System32\Faultrep.dll
20:40:36.0665 2712 C:\Windows\System32\Faultrep.dll - ok
20:40:36.0669 2712 [ 009758CC06B7F55B4A4D16A66E243C24 ] C:\Windows\System32\wuapi.dll
20:40:36.0669 2712 C:\Windows\System32\wuapi.dll - ok
20:40:36.0673 2712 [ B8A77A513C9FF5C0D54611495CA41902 ] C:\Windows\System32\wbem\NCProv.dll
20:40:36.0673 2712 C:\Windows\System32\wbem\NCProv.dll - ok
20:40:36.0677 2712 [ 1D326842006C4BE77ECD848CF89F01AB ] C:\Windows\System32\wups.dll
20:40:36.0677 2712 C:\Windows\System32\wups.dll - ok
20:40:36.0680 2712 [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files\Spybot - Search & Destroy\SDMain.exe
20:40:36.0680 2712 C:\Program Files\Spybot - Search & Destroy\SDMain.exe - ok
20:40:36.0684 2712 [ A80B05F3BAC9E79419E35F70A31F5033 ] C:\Windows\System32\wbem\wbemdisp.dll
20:40:36.0684 2712 C:\Windows\System32\wbem\wbemdisp.dll - ok
20:40:36.0689 2712 [ C966B6448B935E7E025E00561BC47743 ] C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
20:40:36.0689 2712 C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe - ok
20:40:36.0694 2712 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\System32\msvcr100.dll
20:40:36.0694 2712 C:\Windows\System32\msvcr100.dll - ok
20:40:36.0697 2712 [ 05CB3DA78A4BBD9B799A5957F9D101CC ] C:\Windows\System32\conime.exe
20:40:36.0697 2712 C:\Windows\System32\conime.exe - ok
20:40:36.0701 2712 [ FE2BE6CF0565D752FF9871BC3A64DB41 ] C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\LogCntrl.dll
20:40:36.0701 2712 C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\LogCntrl.dll - ok
20:40:36.0705 2712 [ 013D35A80B9EEFA3241A015F029318CC ] C:\PROGRA~1\McAfee\MPF\MpfSvc.dll
20:40:36.0705 2712 C:\PROGRA~1\McAfee\MPF\MpfSvc.dll - ok
20:40:36.0710 2712 [ 4C0987C59ED3E26632674D4AE5D881D9 ] C:\Program Files\Common Files\Mcafee\AMContent\scanners\x86\avengine\5600.1067\mcscan32.dat
20:40:36.0710 2712 C:\Program Files\Common Files\Mcafee\AMContent\scanners\x86\avengine\5600.1067\mcscan32.dat - ok
20:40:36.0715 2712 [ 00D2C06A552F782C1F16ACF77DB765A5 ] C:\Windows\System32\atl100.dll
20:40:36.0715 2712 C:\Windows\System32\atl100.dll - ok
20:40:36.0718 2712 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\System32\msvcp100.dll
20:40:36.0727 2712 C:\Windows\System32\msvcp100.dll - ok
20:40:36.0730 2712 [ 19C2247EB006ABD8CAAF6A7DB0BD61AE ] C:\Program Files\Common Files\Mcafee\McProxy\McProxy.dll
20:40:36.0730 2712 C:\Program Files\Common Files\Mcafee\McProxy\McProxy.dll - ok
20:40:36.0734 2712 [ 484E9E359CE1DEECF33A2462CF8DEF57 ] C:\PROGRA~1\McAfee\MSK\msksrvr.dll
20:40:36.0734 2712 C:\PROGRA~1\McAfee\MSK\msksrvr.dll - ok
20:40:36.0739 2712 [ 4602F17C29CC2C32D38FED7F1E25B67C ] C:\Program Files\Common Files\Mcafee\SystemCore\mfefwctl.dll
20:40:36.0739 2712 C:\Program Files\Common Files\Mcafee\SystemCore\mfefwctl.dll - ok
20:40:36.0743 2712 [ D351DFCAF085B4771580E3F256F8F6E0 ] C:\Windows\System32\cryptnet.dll
20:40:36.0743 2712 C:\Windows\System32\cryptnet.dll - ok
20:40:36.0747 2712 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\saicoink\AppData\Local\Temp\4E163366-B234-4630-8956-987967841DA0.exe
20:40:36.0747 2712 C:\Users\saicoink\AppData\Local\Temp\4E163366-B234-4630-8956-987967841DA0.exe - ok
20:40:36.0751 2712 [ A691D2AA5F058B127D197898ECBCC723 ] C:\Program Files\Common Files\Mcafee\Platform\McRTMui.dll
20:40:36.0751 2712 C:\Program Files\Common Files\Mcafee\Platform\McRTMui.dll - ok
20:40:36.0756 2712 [ 44438B7159564443E6E06A1D4D9CED9D ] C:\Program Files\Common Files\Mcafee\Platform\LangSel.dll
20:40:36.0756 2712 C:\Program Files\Common Files\Mcafee\Platform\LangSel.dll - ok
20:40:36.0760 2712 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\System32\msxml4.dll
20:40:36.0760 2712 C:\Windows\System32\msxml4.dll - ok
20:40:36.0764 2712 [ 905FFD5EAF157D183166B606087AEA3B ] C:\PROGRA~1\McAfee\MSK\mskengn.dll
20:40:36.0764 2712 C:\PROGRA~1\McAfee\MSK\mskengn.dll - ok
20:40:36.0769 2712 [ CD077A23FBC623CA8C7D8EFD085FDA6F ] C:\PROGRA~1\McAfee\MSK\mskupd.dll
20:40:36.0769 2712 C:\PROGRA~1\McAfee\MSK\mskupd.dll - ok
20:40:36.0771 2712 [ 2E1C50A9875D38E7A92147B00AA82F0D ] C:\PROGRA~1\McAfee\MSC\mclwapi.dll
20:40:36.0771 2712 C:\PROGRA~1\McAfee\MSC\mclwapi.dll - ok
20:40:36.0776 2712 [ 6ACC4CEA2B1812A045C6A335982083F1 ] C:\PROGRA~1\COMMON~1\Mcafee\Platform\mcutil.dll
20:40:36.0776 2712 C:\PROGRA~1\COMMON~1\Mcafee\Platform\mcutil.dll - ok
20:40:36.0780 2712 [ 9CEF8E7A38E597343139B9640D78FAC8 ] C:\PROGRA~1\McAfee\MPF\MpfEvt.dll
20:40:36.0780 2712 C:\PROGRA~1\McAfee\MPF\MpfEvt.dll - ok
20:40:36.0785 2712 [ C9B052E1064CB8A527B810573E02E270 ] C:\PROGRA~1\McAfee\MSK\mskwm.dll
20:40:36.0785 2712 C:\PROGRA~1\McAfee\MSK\mskwm.dll - ok
20:40:36.0790 2712 [ A9D6C851E2E56D3239C0022E4B1A95BB ] C:\Windows\System32\IME\IMEJP10\IMJPTIP.DLL
20:40:36.0790 2712 C:\Windows\System32\IME\IMEJP10\IMJPTIP.DLL - ok
20:40:36.0794 2712 [ 9A2B06DA913A3BA33B5EAB5F86304719 ] C:\PROGRA~1\COMMON~1\Mcafee\HACKER~1\HWAPI.dll
20:40:36.0794 2712 C:\PROGRA~1\COMMON~1\Mcafee\HACKER~1\HWAPI.dll - ok
20:40:36.0798 2712 [ 256617CB03274F7D6462B16467B4DAE3 ] C:\Windows\System32\IMJP10K.DLL
20:40:36.0798 2712 C:\Windows\System32\IMJP10K.DLL - ok
20:40:36.0803 2712 [ F56C9F28416964F47300D28FAE023BE8 ] C:\PROGRA~1\COMMON~1\Mcafee\Platform\Core\McEvtBrk.dll
20:40:36.0803 2712 C:\PROGRA~1\COMMON~1\Mcafee\Platform\Core\McEvtBrk.dll - ok
20:40:36.0807 2712 [ 40C8AFF7678E9CD389856B48E85E9C15 ] C:\Windows\System32\IME\shared\IMETIP.DLL
20:40:36.0807 2712 C:\Windows\System32\IME\shared\IMETIP.DLL - ok
20:40:36.0811 2712 [ 6044BF643B24AEEB76B1E0141344100C ] C:\Program Files\Common Files\Mcafee\VSCore\Lockdown.dll
20:40:36.0812 2712 C:\Program Files\Common Files\Mcafee\VSCore\Lockdown.dll - ok
20:40:36.0816 2712 [ 6840AE00563C680FBB740909B024569A ] C:\PROGRA~1\McAfee\MSK\mskxaif.dll
20:40:36.0816 2712 C:\PROGRA~1\McAfee\MSK\mskxaif.dll - ok
20:40:36.0820 2712 [ 090C0FF4A0D1591431AAB27BE8048112 ] C:\Windows\System32\IME\shared\imecfm.dll
20:40:36.0820 2712 C:\Windows\System32\IME\shared\imecfm.dll - ok
20:40:36.0825 2712 [ C3CF3CF719B1A8D80DFD7DABD27530A2 ] C:\Windows\System32\IME\IMEJP10\IMJPAPI.DLL
20:40:36.0825 2712 C:\Windows\System32\IME\IMEJP10\IMJPAPI.DLL - ok
20:40:36.0830 2712 [ CFF0FE253201122FBDCC45876614CE28 ] C:\Program Files\Common Files\Mcafee\AMContent\content\amcore\normal\1.1.226.5\x86\MCNormalizer.dat
20:40:36.0830 2712 C:\Program Files\Common Files\Mcafee\AMContent\content\amcore\normal\1.1.226.5\x86\MCNormalizer.dat - ok
20:40:36.0837 2712 [ 52FAFA0CFB5700DBB3869FC0594FB4C6 ] C:\Windows\System32\IME\shared\IMJKAPI.DLL
20:40:36.0837 2712 C:\Windows\System32\IME\shared\IMJKAPI.DLL - ok
20:40:36.0842 2712 [ BA174723B7998BC2332D657DE720A9D3 ] C:\Windows\System32\timedate.cpl
20:40:36.0842 2712 C:\Windows\System32\timedate.cpl - ok
20:40:36.0847 2712 [ 97EB7B5A935B3A65214772090DFE4165 ] C:\Program Files\Common Files\Mcafee\SystemCore\mfevtpa.dll
20:40:36.0847 2712 C:\Program Files\Common Files\Mcafee\SystemCore\mfevtpa.dll - ok
20:40:36.0851 2712 [ 3D80328AA84D9FE130D869CF83923D74 ] C:\Windows\System32\drivers\WUDFPf.sys
20:40:36.0851 2712 C:\Windows\System32\drivers\WUDFPf.sys - ok
20:40:36.0855 2712 [ A2AAFCC8A204736296D937C7C545B53F ] C:\Windows\System32\drivers\WUDFRd.sys
20:40:36.0855 2712 C:\Windows\System32\drivers\WUDFRd.sys - ok
20:40:36.0859 2712 [ DF0A32CC2F2AF3C88A5C7FC426FF8FBC ] C:\Windows\System32\lsmproxy.dll
20:40:36.0859 2712 C:\Windows\System32\lsmproxy.dll - ok
20:40:36.0863 2712 [ 990B4C7B63E5CCE829F504ADF891103E ] C:\Windows\System32\diagperf.dll
20:40:36.0863 2712 C:\Windows\System32\diagperf.dll - ok
20:40:36.0867 2712 [ 0066EB51C3E53E026D5CC65422809341 ] C:\Windows\System32\pcadm.dll
20:40:36.0867 2712 C:\Windows\System32\pcadm.dll - ok
20:40:36.0871 2712 [ 0F04702C1599E632EB9C6E5AA7352F77 ] C:\Windows\System32\MsCtfMonitor.dll
20:40:36.0871 2712 C:\Windows\System32\MsCtfMonitor.dll - ok
20:40:36.0874 2712 [ 2D547CFD0C798EE94AC56300D6176AC1 ] C:\Windows\System32\regapi.dll
20:40:36.0874 2712 C:\Windows\System32\regapi.dll - ok
20:40:36.0877 2712 [ AD306E253C5593B55564AE4B3BA5FEBA ] C:\Windows\System32\msutb.dll
20:40:36.0877 2712 C:\Windows\System32\msutb.dll - ok
20:40:36.0881 2712 [ 56DE7AEB7435FEE1EDB8A83030026884 ] C:\Windows\System32\QAGENT.DLL
20:40:36.0881 2712 C:\Windows\System32\QAGENT.DLL - ok
20:40:36.0885 2712 [ 5B5B284354E02E81FFED24FFB0DF3204 ] C:\Windows\System32\rdpwsx.dll
20:40:36.0885 2712 C:\Windows\System32\rdpwsx.dll - ok
20:40:36.0888 2712 [ 409F5D96AD20EFABDFA9C8FA52A2D69B ] C:\Windows\System32\QUTIL.DLL
20:40:36.0888 2712 C:\Windows\System32\QUTIL.DLL - ok
20:40:36.0892 2712 [ 8D5DE07842A2B50D8B20EA1CD44AC97F ] C:\Windows\System32\WUDFHost.exe
20:40:36.0892 2712 C:\Windows\System32\WUDFHost.exe - ok
20:40:36.0895 2712 [ 4F9B04D546C23A295F3F0AE015BE51DB ] C:\Program Files\Internet Explorer\iexplore.exe
20:40:36.0895 2712 C:\Program Files\Internet Explorer\iexplore.exe - ok
20:40:36.0899 2712 [ AE0038B9CAF5DF6043C099C7871A0F99 ] C:\Windows\System32\mstlsapi.dll
20:40:36.0899 2712 C:\Windows\System32\mstlsapi.dll - ok
20:40:36.0903 2712 [ 8339E480B3D4740404D8EE50D415935B ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:40:36.0903 2712 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:40:36.0907 2712 [ F41F8B01EEDF74B99C06B0BE2D002AA9 ] C:\Windows\System32\TMM.dll
20:40:36.0907 2712 C:\Windows\System32\TMM.dll - ok
20:40:36.0910 2712 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\66335283.sys
20:40:36.0910 2712 C:\Windows\System32\drivers\66335283.sys - ok
20:40:36.0915 2712 [ 07472441A6C6F655786A3BCC3EE30F38 ] C:\Windows\System32\pnpts.dll
20:40:36.0915 2712 C:\Windows\System32\pnpts.dll - ok
20:40:36.0919 2712 [ 84F0E74299ADBF93588F03B4DE225425 ] C:\Program Files\McAfee\MPF\L10N.dll
20:40:36.0919 2712 C:\Program Files\McAfee\MPF\L10N.dll - ok
20:40:36.0923 2712 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] C:\Windows\System32\drivers\tdtcp.sys
20:40:36.0923 2712 C:\Windows\System32\drivers\tdtcp.sys - ok
20:40:36.0927 2712 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] C:\Windows\System32\drivers\tssecsrv.sys
20:40:36.0927 2712 C:\Windows\System32\drivers\tssecsrv.sys - ok
20:40:36.0931 2712 [ F78E7DE3BC14CB841FB5223A419D4F39 ] C:\Windows\System32\wbem\cimwin32.dll
20:40:36.0931 2712 C:\Windows\System32\wbem\cimwin32.dll - ok
20:40:36.0935 2712 [ 8830E790A74A96605FABA74F9665BB3C ] C:\Windows\System32\drivers\rdpwd.sys
20:40:36.0935 2712 C:\Windows\System32\drivers\rdpwd.sys - ok
20:40:36.0939 2712 [ E28354FEEA5EF4A20A8E4D7FE6EB0297 ] C:\Windows\System32\WUDFx.dll
20:40:36.0939 2712 C:\Windows\System32\WUDFx.dll - ok
20:40:36.0943 2712 [ 0E928D62F1E907214C613D4A470BA036 ] C:\Windows\System32\wbem\framedynos.dll
20:40:36.0943 2712 C:\Windows\System32\wbem\framedynos.dll - ok
20:40:36.0948 2712 [ 466E13539D9920C5AD84F3132ACF9EF5 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
20:40:36.0948 2712 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
20:40:36.0951 2712 [ D9AB631DFE5B28815838FC38F632B6C1 ] C:\Windows\System32\WMVCORE.DLL
20:40:36.0951 2712 C:\Windows\System32\WMVCORE.DLL - ok
20:40:36.0955 2712 [ B9D6F987566F13E99E10AE0E0C680A2B ] C:\Windows\System32\msshsq.dll
20:40:36.0955 2712 C:\Windows\System32\msshsq.dll - ok
20:40:36.0959 2712 [ AB26EB32F91D3F04E14101B62EB47589 ] C:\Windows\System32\NaturalLanguage6.dll
20:40:36.0959 2712 C:\Windows\System32\NaturalLanguage6.dll - ok
20:40:36.0963 2712 [ 27510C2A5AE198C71DAE113E4AF64F61 ] C:\Windows\System32\atiumdva.dll
20:40:36.0963 2712 C:\Windows\System32\atiumdva.dll - ok
20:40:36.0967 2712 [ 29ADC97527E30540944F1735B2795C3D ] C:\Windows\System32\NlsData0009.dll
20:40:36.0967 2712 C:\Windows\System32\NlsData0009.dll - ok
20:40:36.0970 2712 [ 64B7373D5DD4995C57A9AFCE45FE9586 ] C:\Windows\System32\WMASF.DLL
20:40:36.0970 2712 C:\Windows\System32\WMASF.DLL - ok
20:40:36.0975 2712 [ 5AB4C4205AD35964E0EFA21EA5201BEB ] C:\Windows\System32\PortableDeviceClassExtension.dll
20:40:36.0975 2712 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
20:40:36.0980 2712 [ D05DC087ABAE3927CEE384AF9FE184E9 ] C:\Windows\System32\PortableDeviceTypes.dll
20:40:36.0980 2712 C:\Windows\System32\PortableDeviceTypes.dll - ok
20:40:36.0984 2712 [ 1311AAAC5A27B445FE51400C6F41CEE3 ] C:\Windows\System32\drivers\cfwids.sys
20:40:36.0984 2712 C:\Windows\System32\drivers\cfwids.sys - ok
20:40:36.0988 2712 [ 64601B4CE490015850049CFAC1EA965B ] C:\Windows\System32\msra.exe
20:40:36.0988 2712 C:\Windows\System32\msra.exe - ok
20:40:36.0992 2712 [ D47BF880D1EF0676E3F57571BA5167ED ] C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll
20:40:36.0992 2712 C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll - ok
20:40:36.0996 2712 [ 6FF840FD20A787CA99E1460468E164D7 ] C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateServiceWin32Resources.dll
20:40:36.0996 2712 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateServiceWin32Resources.dll - ok
20:40:37.0001 2712 [ 2E860EAB64273A9B0F51560353CFF4FD ] C:\Windows\System32\atitmpxx.dll
20:40:37.0001 2712 C:\Windows\System32\atitmpxx.dll - ok
20:40:37.0004 2712 [ FD7B6F48B20D9A29D5811BA50051509A ] C:\Windows\System32\NlsLexicons0009.dll
20:40:37.0004 2712 C:\Windows\System32\NlsLexicons0009.dll - ok
20:40:37.0008 2712 [ 4FF455520B17D15E9191C5BC7D8148FE ] C:\Windows\System32\riched20.dll
20:40:37.0008 2712 C:\Windows\System32\riched20.dll - ok
20:40:37.0012 2712 [ 78F9800FA0E89DA51747AEEAC8B422DB ] C:\Windows\System32\SyncCenter.dll
20:40:37.0012 2712 C:\Windows\System32\SyncCenter.dll - ok
20:40:37.0016 2712 [ 9C632DC0F1B6D79B05F46A4A5349CEF4 ] C:\Windows\System32\mobsync.exe
20:40:37.0016 2712 C:\Windows\System32\mobsync.exe - ok
20:40:37.0019 2712 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
20:40:37.0019 2712 C:\Windows\System32\linkinfo.dll - ok
20:40:37.0021 2712 [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll
20:40:37.0021 2712 C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok
20:40:37.0026 2712 [ E25400EEFC06AF3AC25E0FD64135A607 ] C:\Windows\System32\wmp.dll
20:40:37.0026 2712 C:\Windows\System32\wmp.dll - ok
20:40:37.0029 2712 [ 810AE8B27B91240252D7223A536BB95E ] C:\Windows\System32\networkexplorer.dll
20:40:37.0029 2712 C:\Windows\System32\networkexplorer.dll - ok
20:40:37.0033 2712 [ 3825DD182B601896B9914D29EC9C43B1 ] C:\Program Files\Adobe\Adobe Help Center\ahc.exe
20:40:37.0033 2712 C:\Program Files\Adobe\Adobe Help Center\ahc.exe - ok
20:40:37.0037 2712 [ E42185D8F30CC76B2900EE2C6162A005 ] C:\Windows\System32\wbem\stdprov.dll
20:40:37.0037 2712 C:\Windows\System32\wbem\stdprov.dll - ok
20:40:37.0041 2712 [ 85B8925F1A477DF7AEC93CABBEB04F1F ] C:\hp\support\hpsysdrv.exe
20:40:37.0041 2712 C:\hp\support\hpsysdrv.exe - ok
20:40:37.0045 2712 [ B1361669BDC6ED612C35B7C67ADA2240 ] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
20:40:37.0045 2712 C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe - ok
20:40:37.0050 2712 [ 518FC0F6AFBF9F15F8AB4F3A15022CBC ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
20:40:37.0050 2712 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
20:40:37.0054 2712 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
20:40:37.0054 2712 C:\Windows\System32\rundll32.exe - ok
20:40:37.0060 2712 [ F3B864BF39CDB3A71F2774DD02FC1090 ] C:\Windows\RtHDVCpl.exe
20:40:37.0060 2712 C:\Windows\RtHDVCpl.exe - ok
20:40:37.0065 2712 [ 821F73B833C4DAEBC33C1A9A4B16BB5A ] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
20:40:37.0065 2712 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe - ok
20:40:37.0069 2712 [ 8BD486709AB92CACE407950096C323C3 ] C:\Windows\System32\msvfw32.dll
20:40:37.0069 2712 C:\Windows\System32\msvfw32.dll - ok
20:40:37.0072 2712 [ A702A2ED07645100C2CAD8E0ADB87E9D ] C:\Windows\System32\thumbcache.dll
20:40:37.0072 2712 C:\Windows\System32\thumbcache.dll - ok
20:40:37.0077 2712 [ D8BD6F93954E68D565A7AECE3273F42D ] C:\Program Files\McAfee.com\Agent\mcagent.exe
20:40:37.0077 2712 C:\Program Files\McAfee.com\Agent\mcagent.exe - ok
20:40:37.0080 2712 [ 1526D7379131A1CDD039FFCF13641371 ] C:\Windows\System32\wmploc.DLL
20:40:37.0080 2712 C:\Windows\System32\wmploc.DLL - ok
20:40:37.0084 2712 [ 9253C752DC9B5CEEAA7747E165B75EEB ] C:\Windows\System32\stobject.dll
20:40:37.0084 2712 C:\Windows\System32\stobject.dll - ok
20:40:37.0088 2712 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
20:40:37.0088 2712 C:\Windows\System32\batmeter.dll - ok
20:40:37.0092 2712 [ 05145613C47BF084976C2C762CD19A61 ] C:\Windows\System32\ntshrui.dll
20:40:37.0092 2712 C:\Windows\System32\ntshrui.dll - ok
20:40:37.0096 2712 [ D7787D202FB15B2AE6B08A1AF57F91DD ] C:\Windows\System32\cscapi.dll
20:40:37.0096 2712 C:\Windows\System32\cscapi.dll - ok
20:40:37.0099 2712 [ D517ACAF8252713960AA0E0BB41614D1 ] C:\Windows\System32\ExplorerFrame.dll
20:40:37.0099 2712 C:\Windows\System32\ExplorerFrame.dll - ok
20:40:37.0103 2712 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
20:40:37.0103 2712 C:\Windows\System32\SndVolSSO.dll - ok
20:40:37.0107 2712 [ AA83361E1505A5AEC46FA0A2AAF18181 ] C:\Windows\ehome\ehSSO.dll
20:40:37.0107 2712 C:\Windows\ehome\ehSSO.dll - ok
20:40:37.0110 2712 [ 9AD9E2FB2811123DA13DE84CC154AB77 ] C:\Program Files\Windows Defender\MSASCui.exe
20:40:37.0110 2712 C:\Program Files\Windows Defender\MSASCui.exe - ok
20:40:37.0114 2712 [ F4FF57BE16BED8A8BD45D0DB14E6125D ] C:\Windows\System32\netshell.dll
20:40:37.0114 2712 C:\Windows\System32\netshell.dll - ok
20:40:37.0117 2712 [ E0D3D6A9D8446D07C9413E9911CE6993 ] C:\Windows\System32\UIHub.dll
20:40:37.0117 2712 C:\Windows\System32\UIHub.dll - ok
20:40:37.0121 2712 [ BE37415BBEB27A0797088868C498ED54 ] C:\Windows\System32\pnidui.dll
20:40:37.0121 2712 C:\Windows\System32\pnidui.dll - ok
20:40:37.0125 2712 [ 5A175C291F7C9EC48321A540CA3550D3 ] C:\Program Files\Windows Media Player\wmplayer.exe
20:40:37.0125 2712 C:\Program Files\Windows Media Player\wmplayer.exe - ok
20:40:37.0130 2712 [ 40B40803C82A15CE3EA8DCA4324292F1 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
20:40:37.0130 2712 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
20:40:37.0135 2712 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
20:40:37.0135 2712 C:\Windows\System32\wlanutil.dll - ok
20:40:37.0139 2712 [ 5AEF652E978418E7554C09C6706B1FE1 ] C:\Windows\AppPatch\AcLayers.dll
20:40:37.0139 2712 C:\Windows\AppPatch\AcLayers.dll - ok
20:40:37.0143 2712 [ 68AC082734363E6BA813E7EAA353DB13 ] C:\Windows\System32\dsound.dll
20:40:37.0143 2712 C:\Windows\System32\dsound.dll - ok
20:40:37.0146 2712 [ B7BF68E1FEE5FBC360FABDF8C4F4540A ] C:\Windows\System32\fdProxy.dll
20:40:37.0146 2712 C:\Windows\System32\fdProxy.dll - ok
20:40:37.0150 2712 [ 0F1DFFD4332D2BE588B66964EF029A4E ] C:\Program Files\Adobe\Adobe Illustrator CS2\Support Files\Contents\Windows\Illustrator.exe
20:40:37.0150 2712 C:\Program Files\Adobe\Adobe Illustrator CS2\Support Files\Contents\Windows\Illustrator.exe - ok
20:40:37.0155 2712 [ 23297F03831577EBBBFB151576300982 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll
20:40:37.0155 2712 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok
20:40:37.0159 2712 [ 4B555106290BD117334E9A08761C035A ] C:\ProgramData\rundll32.exe
20:40:37.0159 2712 C:\ProgramData\rundll32.exe - ok
20:40:37.0163 2712 [ 8A85C434926A3BE1663205CD9C9E57D5 ] C:\Program Files\Adobe\Adobe Illustrator CS2\Support Files\Contents\Windows\AdobeUpdater.dll
20:40:37.0163 2712 C:\Program Files\Adobe\Adobe Illustrator CS2\Support Files\Contents\Windows\AdobeUpdater.dll - ok
20:40:37.0168 2712 [ 494F99A5D968E6997A35B528648F74B9 ] C:\Windows\System32\fdWSD.dll
20:40:37.0168 2712 C:\Windows\System32\fdWSD.dll - ok
20:40:37.0172 2712 [ C53CA84BF1C9E20AA1B0A8D7D5E28426 ] C:\Windows\System32\mlang.dll
20:40:37.0172 2712 C:\Windows\System32\mlang.dll - ok
20:40:37.0176 2712 [ C2FF17734176CD15221C10044EF0BA1A ] C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
20:40:37.0176 2712 C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - ok
20:40:37.0180 2712 [ 6613680DAA6844EB2AB204AC6EAAA1E7 ] C:\Windows\System32\fdSSDP.dll
20:40:37.0180 2712 C:\Windows\System32\fdSSDP.dll - ok
20:40:37.0184 2712 [ 339D9FFAC1B74C1F244D5D05310AC9D2 ] C:\Program Files\Adobe\Adobe Photoshop CS2\ImageReady.exe
20:40:37.0184 2712 C:\Program Files\Adobe\Adobe Photoshop CS2\ImageReady.exe - ok
20:40:37.0189 2712 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
20:40:37.0189 2712 C:\Windows\System32\control.exe - ok
20:40:37.0193 2712 [ A933966768A7EEB9C570EF26318BC7A1 ] C:\Windows\System32\nvcpl.dll
20:40:37.0193 2712 C:\Windows\System32\nvcpl.dll - ok
20:40:37.0196 2712 [ DA20A42F514ADDD91F0E4D1533CB6AA0 ] C:\Windows\System32\rasdlg.dll
20:40:37.0196 2712 C:\Windows\System32\rasdlg.dll - ok
20:40:37.0200 2712 [ C45D74C22D4EFC3F86C9CABF9D98611F ] C:\Program Files\Online Services\eBay\WizLink.exe
20:40:37.0200 2712 C:\Program Files\Online Services\eBay\WizLink.exe - ok
20:40:37.0204 2712 [ F85650181A48E957E43E8E4A253C72FF ] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
20:40:37.0204 2712 C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe - ok
20:40:37.0210 2712 [ 2600A4854B435D3C15A28369CCD0B1F3 ] C:\Windows\System32\mprapi.dll
20:40:37.0210 2712 C:\Windows\System32\mprapi.dll - ok
20:40:37.0214 2712 [ B4CCC8237AD3DA324B7F04491741C483 ] C:\Windows\System32\nvsvc.dll
20:40:37.0214 2712 C:\Windows\System32\nvsvc.dll - ok
20:40:37.0217 2712 [ 5607B5FBA62A238D68CD1B5B0383728C ] C:\Windows\System32\oledlg.dll
20:40:37.0217 2712 C:\Windows\System32\oledlg.dll - ok
20:40:37.0221 2712 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
20:40:37.0221 2712 C:\Windows\System32\AltTab.dll - ok
20:40:37.0225 2712 [ DE55F0A8D2F7DF728E796509C846A17E ] C:\Windows\System32\WPDShServiceObj.dll
20:40:37.0225 2712 C:\Windows\System32\WPDShServiceObj.dll - ok
20:40:37.0229 2712 [ EDF5249A8DC8B453D54033E6A98807BF ] C:\Windows\System32\srchadmin.dll
20:40:37.0229 2712 C:\Windows\System32\srchadmin.dll - ok
20:40:37.0233 2712 [ 21221CD7C7C844F6F0E0B7BC69CBA36B ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
20:40:37.0233 2712 C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok
20:40:37.0237 2712 [ 4FD45F2A2C445359482CA3F34EAB1A4D ] C:\Windows\System32\webcheck.dll
20:40:37.0237 2712 C:\Windows\System32\webcheck.dll - ok
20:40:37.0241 2712 [ B3EAFDBF7DECF6BC290F98761D26A366 ] C:\Windows\System32\mssprxy.dll
20:40:37.0241 2712 C:\Windows\System32\mssprxy.dll - ok
20:40:37.0245 2712 [ 57201DFB464DF1E1AB47BAB1B2AE66B7 ] C:\Windows\System32\wscntfy.dll
20:40:37.0245 2712 C:\Windows\System32\wscntfy.dll - ok
20:40:37.0248 2712 [ F45BC6A78A7A732330949E4DE1EF84A8 ] C:\Windows\System32\jscript.dll
20:40:37.0248 2712 C:\Windows\System32\jscript.dll - ok
20:40:37.0253 2712 [ 8149E826AAFA94823D3EFC0674CF7FA1 ] C:\Windows\System32\wscapi.dll
20:40:37.0253 2712 C:\Windows\System32\wscapi.dll - ok
20:40:37.0256 2712 [ 6E30D310BC7D1684B1CE7407F9A1638D ] C:\Windows\System32\imapi2.dll
20:40:37.0256 2712 C:\Windows\System32\imapi2.dll - ok
20:40:37.0260 2712 [ 267398F636881C34EE6E852308530C95 ] C:\Windows\System32\bthprops.cpl
20:40:37.0260 2712 C:\Windows\System32\bthprops.cpl - ok
20:40:37.0264 2712 [ C8EB460F03AD239FA54A81BFE3C852FA ] C:\Program Files\Intel\IntelDH\bin\IntelDH.dll
20:40:37.0264 2712 C:\Program Files\Intel\IntelDH\bin\IntelDH.dll - ok
20:40:37.0269 2712 [ 0CADE166293FC566B4B9D477A3A9D650 ] C:\Program Files\Windows Media Player\mpvis.DLL
20:40:37.0269 2712 C:\Program Files\Windows Media Player\mpvis.DLL - ok
20:40:37.0271 2712 [ 26DE50A7F668F541B8130A0E26EFF3D8 ] C:\Program Files\Microsoft Works\MSWorks.exe
20:40:37.0271 2712 C:\Program Files\Microsoft Works\MSWorks.exe - ok
20:40:37.0275 2712 [ C37571F7C79C3972D641804F1DF7C0F5 ] C:\Program Files\Microsoft Works\wksdb.exe
20:40:37.0276 2712 C:\Program Files\Microsoft Works\wksdb.exe - ok
20:40:37.0279 2712 [ 1EDEB2982D305451E689755DC4BCB7A2 ] C:\Program Files\Windows Calendar\WinCal.exe
20:40:37.0279 2712 C:\Program Files\Windows Calendar\WinCal.exe - ok
20:40:37.0283 2712 [ A440FC668C66F1B893FA5BEB2414FFCB ] C:\Windows\System32\nvmctray.dll
20:40:37.0283 2712 C:\Windows\System32\nvmctray.dll - ok
20:40:37.0287 2712 [ 02EA06DD2318BC0EAEAE17206D052A44 ] C:\Program Files\Windows Mail\wab.exe
20:40:37.0287 2712 C:\Program Files\Windows Mail\wab.exe - ok
20:40:37.0291 2712 [ 7E9F9A33C7266E5D28B301ECED6888A2 ] C:\Program Files\Movie Maker\DVDMaker.exe
20:40:37.0291 2712 C:\Program Files\Movie Maker\DVDMaker.exe - ok
20:40:37.0294 2712 [ B7ED332A57FC78CA29E40D3619550225 ] C:\Windows\ehome\ehshell.exe
20:40:37.0294 2712 C:\Windows\ehome\ehshell.exe - ok
20:40:37.0298 2712 [ BDCEAB743D49B5657E629DD27F46B07D ] C:\Program Files\Movie Maker\MOVIEMK.exe
20:40:37.0298 2712 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
20:40:37.0302 2712 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
20:40:37.0302 2712 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
20:40:37.0306 2712 [ 1B3B627C8909E9FCD3F160E004159F43 ] C:\Windows\System32\mswmdm.dll
20:40:37.0306 2712 C:\Windows\System32\mswmdm.dll - ok
20:40:37.0309 2712 [ 8870208FCB90E11960D45ECC994D268F ] C:\Windows\System32\wuapp.exe
20:40:37.0309 2712 C:\Windows\System32\wuapp.exe - ok
20:40:37.0313 2712 [ 4BE546A6611F51F7165E9C718CE5B832 ] C:\Program Files\McAfee\MSK\MskSet.dll
20:40:37.0313 2712 C:\Program Files\McAfee\MSK\MskSet.dll - ok
20:40:37.0318 2712 [ 57A1D3FF7D7E0F127624A60B340001BD ] C:\Windows\System32\cewmdm.dll
20:40:37.0318 2712 C:\Windows\System32\cewmdm.dll - ok
20:40:37.0321 2712 [ C72D3E9282DFE01E1D363DDB5DC1A66C ] C:\Windows\System32\WPDSp.dll
20:40:37.0321 2712 C:\Windows\System32\WPDSp.dll - ok
20:40:37.0325 2712 [ 5088C107CEED276FFCE55F8BE549933B ] C:\Windows\System32\rasmontr.dll
20:40:37.0325 2712 C:\Windows\System32\rasmontr.dll - ok
20:40:37.0328 2712 [ A1AAC0D6828D2A69A952321AA9950A47 ] C:\Windows\System32\netsh.exe
20:40:37.0328 2712 C:\Windows\System32\netsh.exe - ok
20:40:37.0332 2712 [ 6A82BBD57C2DEDD4FB85DF87C8883243 ] C:\Windows\System32\mfc42u.dll
20:40:37.0332 2712 C:\Windows\System32\mfc42u.dll - ok
20:40:37.0336 2712 [ 3D9A5347126A306084B858C0C61090F5 ] C:\Windows\System32\odbc32.dll
20:40:37.0336 2712 C:\Windows\System32\odbc32.dll - ok
20:40:37.0339 2712 [ 9F1FAC04A274ADF9F65F9E1B851BDB1E ] C:\Windows\System32\wmdmps.dll
20:40:37.0339 2712 C:\Windows\System32\wmdmps.dll - ok
20:40:37.0343 2712 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
20:40:37.0343 2712 C:\Windows\System32\odbcint.dll - ok
20:40:37.0346 2712 [ 7818D574CB625D272BABDA8C5338E23A ] C:\Windows\System32\rastapi.dll
20:40:37.0346 2712 C:\Windows\System32\rastapi.dll - ok
20:40:37.0350 2712 [ 254836A3CA138824C1BA0FA544BF2B78 ] C:\Windows\System32\unimdm.tsp
20:40:37.0350 2712 C:\Windows\System32\unimdm.tsp - ok
20:40:37.0354 2712 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
20:40:37.0354 2712 C:\Windows\System32\uniplat.dll - ok
20:40:37.0358 2712 [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll
20:40:37.0358 2712 C:\Windows\System32\unimdmat.dll - ok
20:40:37.0361 2712 [ 60C518CC84C7D9887860AAF99C32566D ] C:\Windows\System32\modemui.dll
20:40:37.0361 2712 C:\Windows\System32\modemui.dll - ok
20:40:37.0366 2712 [ E051555F2157272CDEC7EAE174692770 ] C:\Windows\System32\kmddsp.tsp
20:40:37.0366 2712 C:\Windows\System32\kmddsp.tsp - ok
20:40:37.0371 2712 [ 1FDFC86E6EFFC8CFEE05105A1B757D54 ] C:\Windows\System32\ndptsp.tsp
20:40:37.0371 2712 C:\Windows\System32\ndptsp.tsp - ok
20:40:37.0375 2712 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
20:40:37.0375 2712 C:\Windows\System32\hidphone.tsp - ok
20:40:37.0379 2712 [ 81294812D4D6884CA4E2DEB5E0747D48 ] C:\Windows\System32\rasppp.dll
20:40:37.0379 2712 C:\Windows\System32\rasppp.dll - ok
20:40:37.0383 2712 [ 1CA27B5452B59AD895888D51C7C38E59 ] C:\Windows\System32\rasqec.dll
20:40:37.0383 2712 C:\Windows\System32\rasqec.dll - ok
20:40:37.0387 2712 [ 8F23A0C652C9205A919476D1E62D3C65 ] C:\Windows\System32\raschap.dll
20:40:37.0387 2712 C:\Windows\System32\raschap.dll - ok
20:40:37.0391 2712 [ 40F9FC39CCF5445F3075083380BD5421 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
20:40:37.0391 2712 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
20:40:37.0395 2712 [ ED1CE465D0D897889FABEAE3ED9215CF ] C:\Windows\System32\rastls.dll
20:40:37.0395 2712 C:\Windows\System32\rastls.dll - ok
20:40:37.0399 2712 [ 7C206778460F2ED59E81474A197458A7 ] C:\Windows\System32\cryptui.dll
20:40:37.0399 2712 C:\Windows\System32\cryptui.dll - ok
20:40:37.0403 2712 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll
20:40:37.0403 2712 C:\Windows\System32\wmpps.dll - ok
20:40:37.0406 2712 [ B41DD8277022E22CE64BDD97F248D29C ] C:\Windows\System32\upnp.dll
20:40:37.0406 2712 C:\Windows\System32\upnp.dll - ok
20:40:37.0410 2712 [ D55D43DD36DC3C5DDCC98582D72757B4 ] C:\Windows\System32\nvapi.dll
20:40:37.0410 2712 C:\Windows\System32\nvapi.dll - ok
20:40:37.0413 2712 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
20:40:37.0413 2712 C:\Windows\System32\msiltcfg.dll - ok
20:40:37.0417 2712 [ 73C14434B84F7768D7D07505749DF09A ] C:\Program Files\Scribus 1.3.3.12\qtconfig.exe
20:40:37.0417 2712 C:\Program Files\Scribus 1.3.3.12\qtconfig.exe - ok
20:40:37.0779 2712 [ 0DB40B007D7300B1C4C3C5FCCF12A682 ] C:\Program Files\ハートの国のアリス~ Wonderful Wonder World ~\Install.exe
20:40:37.0779 2712 C:\Program Files\ハートの国のアリス~ Wonderful Wonder World ~\Install.exe - ok
20:40:37.0816 2712 [ ECAF083FB3910A684CD2BB43673E7737 ] C:\PROGRA~2\gwdb.dat
20:40:37.0816 2712 C:\PROGRA~2\gwdb.dat - ok
20:40:37.0821 2712 [ 7FCE5C54F97A995F09B6D448CF51F834 ] C:\Windows\System32\ntlanman.dll
20:40:37.0821 2712 C:\Windows\System32\ntlanman.dll - ok
20:40:37.0826 2712 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
20:40:37.0826 2712 C:\Windows\System32\drprov.dll - ok
20:40:37.0832 2712 [ D306EA7436AC1587463A89BE29B456FB ] C:\Windows\System32\davclnt.dll
20:40:37.0832 2712 C:\Windows\System32\davclnt.dll - ok
20:40:37.0835 2712 ============================================================
20:40:37.0835 2712 Scan finished
20:40:37.0835 2712 ============================================================
20:40:37.0845 2732 Detected object count: 28
20:40:37.0845 2732 Actual detected object count: 28
20:41:13.0115 2732 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0115 2732 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0117 2732 AlertService ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0117 2732 AlertService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0118 2732 ASPI32 ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0118 2732 ASPI32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0120 2732 BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0120 2732 BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0121 2732 DQLWinService ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0121 2732 DQLWinService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0122 2732 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0122 2732 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0124 2732 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0124 2732 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0125 2732 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0125 2732 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0126 2732 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0126 2732 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0127 2732 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0127 2732 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0128 2732 ISSM ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0128 2732 ISSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0130 2732 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0130 2732 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0132 2732 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0132 2732 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0134 2732 M1 Server ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0134 2732 M1 Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0135 2732 MCLServiceATL ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0135 2732 MCLServiceATL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0136 2732 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0136 2732 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0137 2732 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0137 2732 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0138 2732 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0139 2732 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0140 2732 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0140 2732 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0141 2732 Remote UI Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0141 2732 Remote UI Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0142 2732 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0142 2732 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0143 2732 sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0144 2732 sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0145 2732 Sony Ericsson PCCompanion ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0145 2732 Sony Ericsson PCCompanion ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0146 2732 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0146 2732 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0147 2732 TrustedInstaller ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0147 2732 TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0165 2732 TsService ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0165 2732 TsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0166 2732 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:13.0166 2732 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:13.0167 2732 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:41:13.0167 2732 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:43:08.0713 3504 Deinitialize success
  • 0

#12
lillie_nemo

lillie_nemo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Can I restart or turn off the computer for now or should I leave it on?
  • 0

#13
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
You have a TDSS rootkit...it probably brought back the Ukash. Let's get rid of it.

Rerun TDSSKiller and this time select "Delete" for:

\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user


Do not delete any other entries. Please post the log again for me, along with a fresh OTL quick scan.


You will probably have to do this all in Safe Mode with Command Prompt. After I get a new OTL log, we can get rid of the Ukash again and you should be able to boot normally.


I will be signing off for tonight, so you can just shut down the computer for now after running these steps.
  • 0

#14
lillie_nemo

lillie_nemo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Just ran the TDSS and OTL programs in command prompt.
Thanks for the guidance today. I look forward to working again with you tomorrow.

TDSS log: 22:36:28.0534 1212 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:36:28.0565 1212 ============================================================
22:36:28.0565 1212 Current date / time: 2013/06/25 22:36:28.0565
22:36:28.0565 1212 SystemInfo:
22:36:28.0565 1212
22:36:28.0565 1212 OS Version: 6.0.6000 ServicePack: 0.0
22:36:28.0565 1212 Product type: Workstation
22:36:28.0565 1212 ComputerName: ENFLEUR
22:36:28.0565 1212 UserName: saicoink
22:36:28.0565 1212 Windows directory: C:\Windows
22:36:28.0565 1212 System windows directory: C:\Windows
22:36:28.0565 1212 Processor architecture: Intel x86
22:36:28.0565 1212 Number of processors: 4
22:36:28.0565 1212 Page size: 0x1000
22:36:28.0565 1212 Boot type: Safe boot
22:36:28.0565 1212 ============================================================
22:36:29.0158 1212 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:36:29.0174 1212 ============================================================
22:36:29.0174 1212 \Device\Harddisk0\DR0:
22:36:29.0174 1212 MBR partitions:
22:36:29.0174 1212 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2D75E835
22:36:29.0174 1212 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2D75E874, BlocksNum 0x11D944D
22:36:29.0174 1212 ============================================================
22:36:29.0189 1212 C: <-> \Device\Harddisk0\DR0\Partition1
22:36:29.0236 1212 D: <-> \Device\Harddisk0\DR0\Partition2
22:36:29.0236 1212 ============================================================
22:36:29.0236 1212 Initialize success
22:36:29.0236 1212 ============================================================
22:36:34.0041 0744 ============================================================
22:36:34.0041 0744 Scan started
22:36:34.0041 0744 Mode: Manual;
22:36:34.0041 0744 ============================================================
22:36:34.0212 0744 ================ Scan system memory ========================
22:36:34.0212 0744 System memory - ok
22:36:34.0212 0744 ================ Scan services =============================
22:36:34.0478 0744 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
22:36:34.0493 0744 ACPI - ok
22:36:34.0556 0744 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:36:34.0556 0744 Adobe LM Service - ok
22:36:34.0680 0744 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
22:36:34.0696 0744 AdobeActiveFileMonitor6.0 - ok
22:36:34.0758 0744 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:36:34.0758 0744 adp94xx - ok
22:36:34.0805 0744 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:36:34.0805 0744 adpahci - ok
22:36:34.0852 0744 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:36:34.0852 0744 adpu160m - ok
22:36:34.0899 0744 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:36:34.0899 0744 adpu320 - ok
22:36:34.0946 0744 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:36:34.0946 0744 AeLookupSvc - ok
22:36:34.0977 0744 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
22:36:34.0977 0744 AFD - ok
22:36:35.0008 0744 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:36:35.0024 0744 agp440 - ok
22:36:35.0055 0744 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:36:35.0055 0744 aic78xx - ok
22:36:35.0133 0744 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
22:36:35.0133 0744 AlertService - ok
22:36:35.0164 0744 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
22:36:35.0164 0744 ALG - ok
22:36:35.0195 0744 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
22:36:35.0195 0744 aliide - ok
22:36:35.0273 0744 [ 89DD6104E542552DAF25F42A30F75E08 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:36:35.0273 0744 AMD External Events Utility - ok
22:36:35.0304 0744 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:36:35.0304 0744 amdagp - ok
22:36:35.0351 0744 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
22:36:35.0351 0744 amdide - ok
22:36:35.0398 0744 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:36:35.0398 0744 AmdK7 - ok
22:36:35.0445 0744 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:36:35.0445 0744 AmdK8 - ok
22:36:35.0679 0744 [ 03AC6735672F15CEAAB502E4349286E0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:36:35.0882 0744 amdkmdag - ok
22:36:35.0960 0744 [ F566C90E4BBE387E905130B6E490DCCD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:36:35.0960 0744 amdkmdap - ok
22:36:36.0038 0744 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
22:36:36.0038 0744 Appinfo - ok
22:36:36.0147 0744 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:36:36.0162 0744 Apple Mobile Device - ok
22:36:36.0178 0744 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
22:36:36.0178 0744 arc - ok
22:36:36.0225 0744 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:36:36.0225 0744 arcsas - ok
22:36:36.0272 0744 [ B979979AB8027F7F53FB16EC4229B7DB ] ASPI32 C:\Windows\system32\drivers\ASPI32.sys
22:36:36.0272 0744 ASPI32 - ok
22:36:36.0287 0744 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:36:36.0287 0744 AsyncMac - ok
22:36:36.0318 0744 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\drivers\atapi.sys
22:36:36.0318 0744 atapi - ok
22:36:36.0350 0744 [ F71B6EE018EADF4CFD52F3C83847E5F6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
22:36:36.0365 0744 AtiHDAudioService - ok
22:36:36.0365 0744 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:36:36.0381 0744 AudioEndpointBuilder - ok
22:36:36.0396 0744 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:36:36.0396 0744 Audiosrv - ok
22:36:36.0521 0744 [ B5D974C1FD078A68C7536C561B031D39 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
22:36:36.0521 0744 Automatic LiveUpdate Scheduler - ok
22:36:36.0568 0744 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
22:36:36.0568 0744 Beep - ok
22:36:36.0599 0744 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
22:36:36.0599 0744 BFE - ok
22:36:36.0646 0744 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
22:36:36.0693 0744 BITS - ok
22:36:36.0693 0744 blbdrive - ok
22:36:36.0724 0744 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:36:36.0724 0744 bowser - ok
22:36:36.0740 0744 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:36:36.0740 0744 BrFiltLo - ok
22:36:36.0755 0744 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:36:36.0755 0744 BrFiltUp - ok
22:36:36.0771 0744 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
22:36:36.0771 0744 Browser - ok
22:36:36.0802 0744 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:36:36.0802 0744 Brserid - ok
22:36:36.0833 0744 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:36:36.0833 0744 BrSerWdm - ok
22:36:36.0849 0744 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:36:36.0849 0744 BrUsbMdm - ok
22:36:36.0849 0744 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:36:36.0849 0744 BrUsbSer - ok
22:36:36.0880 0744 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:36:36.0880 0744 BTHMODEM - ok
22:36:36.0896 0744 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:36:36.0896 0744 cdfs - ok
22:36:36.0896 0744 cdrom - ok
22:36:36.0927 0744 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
22:36:36.0927 0744 CertPropSvc - ok
22:36:36.0989 0744 [ 1311AAAC5A27B445FE51400C6F41CEE3 ] cfwids C:\Windows\system32\drivers\cfwids.sys
22:36:36.0989 0744 cfwids - ok
22:36:37.0020 0744 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
22:36:37.0020 0744 circlass - ok
22:36:37.0067 0744 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
22:36:37.0067 0744 CLFS - ok
22:36:37.0161 0744 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:36:37.0161 0744 clr_optimization_v2.0.50727_32 - ok
22:36:37.0176 0744 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:36:37.0176 0744 cmdide - ok
22:36:37.0192 0744 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:36:37.0192 0744 Compbatt - ok
22:36:37.0208 0744 COMSysApp - ok
22:36:37.0208 0744 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:36:37.0208 0744 crcdisk - ok
22:36:37.0223 0744 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:36:37.0223 0744 Crusoe - ok
22:36:37.0270 0744 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:36:37.0270 0744 CryptSvc - ok
22:36:37.0348 0744 [ F054744F67576A01139885173392502B ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfo.sys
22:36:37.0348 0744 CrystalSysInfo - ok
22:36:37.0395 0744 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
22:36:37.0410 0744 DcomLaunch - ok
22:36:37.0426 0744 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:36:37.0426 0744 DfsC - ok
22:36:37.0457 0744 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:36:37.0473 0744 Dhcp - ok
22:36:37.0488 0744 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
22:36:37.0488 0744 disk - ok
22:36:37.0520 0744 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:36:37.0520 0744 Dnscache - ok
22:36:37.0551 0744 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
22:36:37.0551 0744 dot3svc - ok
22:36:37.0582 0744 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
22:36:37.0582 0744 DPS - ok
22:36:37.0629 0744 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
22:36:37.0629 0744 DQLWinService - ok
22:36:37.0660 0744 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:36:37.0660 0744 drmkaud - ok
22:36:37.0707 0744 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:36:37.0707 0744 DXGKrnl - ok
22:36:37.0722 0744 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
22:36:37.0738 0744 e1express - ok
22:36:37.0754 0744 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:36:37.0769 0744 E1G60 - ok
22:36:37.0800 0744 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
22:36:37.0800 0744 EapHost - ok
22:36:37.0800 0744 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
22:36:37.0816 0744 Ecache - ok
22:36:37.0863 0744 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:36:37.0863 0744 ehRecvr - ok
22:36:37.0878 0744 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:36:37.0878 0744 ehSched - ok
22:36:37.0894 0744 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:36:37.0894 0744 ehstart - ok
22:36:37.0925 0744 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:36:37.0925 0744 elxstor - ok
22:36:37.0972 0744 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:36:37.0972 0744 EMDMgmt - ok
22:36:38.0034 0744 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
22:36:38.0034 0744 EventSystem - ok
22:36:38.0050 0744 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:36:38.0050 0744 fastfat - ok
22:36:38.0066 0744 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:36:38.0066 0744 fdc - ok
22:36:38.0097 0744 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
22:36:38.0097 0744 fdPHost - ok
22:36:38.0112 0744 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:36:38.0112 0744 FDResPub - ok
22:36:38.0144 0744 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:36:38.0144 0744 FileInfo - ok
22:36:38.0175 0744 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:36:38.0175 0744 Filetrace - ok
22:36:38.0222 0744 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:36:38.0237 0744 FLEXnet Licensing Service - ok
22:36:38.0253 0744 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:36:38.0268 0744 flpydisk - ok
22:36:38.0268 0744 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:36:38.0268 0744 FltMgr - ok
22:36:38.0346 0744 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:36:38.0362 0744 FontCache3.0.0.0 - ok
22:36:38.0393 0744 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:36:38.0393 0744 Fs_Rec - ok
22:36:38.0409 0744 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:36:38.0409 0744 gagp30kx - ok
22:36:38.0456 0744 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:36:38.0456 0744 GEARAspiWDM - ok
22:36:38.0518 0744 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
22:36:38.0534 0744 gpsvc - ok
22:36:38.0612 0744 [ 1D85AC0C6A8CF43B654695D7947C6823 ] hcw18bda C:\Windows\system32\drivers\hcw18bda.sys
22:36:38.0627 0744 hcw18bda - ok
22:36:38.0658 0744 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:36:38.0658 0744 HdAudAddService - ok
22:36:38.0690 0744 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:36:38.0690 0744 HDAudBus - ok
22:36:38.0705 0744 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:36:38.0705 0744 HidBth - ok
22:36:38.0721 0744 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:36:38.0721 0744 HidIr - ok
22:36:38.0736 0744 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
22:36:38.0736 0744 hidserv - ok
22:36:38.0752 0744 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:36:38.0752 0744 HidUsb - ok
22:36:38.0814 0744 [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:36:38.0830 0744 HipShieldK - ok
22:36:38.0861 0744 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
22:36:38.0861 0744 hkmsvc - ok
22:36:38.0986 0744 [ C966B6448B935E7E025E00561BC47743 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:36:38.0986 0744 HomeNetSvc - ok
22:36:39.0002 0744 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:36:39.0002 0744 HpCISSs - ok
22:36:39.0080 0744 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
22:36:39.0095 0744 HSF_DP - ok
22:36:39.0111 0744 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
22:36:39.0111 0744 HSXHWBS2 - ok
22:36:39.0158 0744 [ 5637078F2AB4E28F0E308A26089D9C92 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:36:39.0158 0744 HTTP - ok
22:36:39.0189 0744 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:36:39.0189 0744 i2omp - ok
22:36:39.0220 0744 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:36:39.0220 0744 i8042prt - ok
22:36:39.0267 0744 [ D72F2A013ADA9E2DDA417887A8DFD217 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
22:36:39.0267 0744 IAANTMON - ok
22:36:39.0298 0744 [ DE01BF14FFB150C779FD561BD0E3C5C5 ] iaStor C:\Windows\system32\drivers\iastor.sys
22:36:39.0298 0744 iaStor - ok
22:36:39.0314 0744 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:36:39.0329 0744 iaStorV - ok
22:36:39.0376 0744 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:36:39.0376 0744 IDriverT - ok
22:36:39.0470 0744 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:36:39.0485 0744 idsvc - ok
22:36:39.0516 0744 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:36:39.0516 0744 iirsp - ok
22:36:39.0548 0744 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
22:36:39.0563 0744 IKEEXT - ok
22:36:39.0626 0744 [ 4A705BF2A6F7972F2F2AD8A0D8079F95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:36:39.0672 0744 IntcAzAudAddService - ok
22:36:39.0704 0744 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
22:36:39.0704 0744 IntelDHSvcConf - ok
22:36:39.0735 0744 [ 988981C840084F480BA9E3319CEBDE1B ] intelide C:\Windows\system32\drivers\intelide.sys
22:36:39.0750 0744 intelide - ok
22:36:39.0750 0744 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:36:39.0750 0744 intelppm - ok
22:36:39.0813 0744 [ 7BDB4E00E1CB174B56E5B2C31DDE68A7 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
22:36:39.0813 0744 IntuitUpdateService - ok
22:36:39.0844 0744 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:36:39.0844 0744 IPBusEnum - ok
22:36:39.0875 0744 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:36:39.0875 0744 IpFilterDriver - ok
22:36:39.0906 0744 [ 637D942341DE63F91EED1A9847BA2471 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:36:39.0906 0744 iphlpsvc - ok
22:36:39.0906 0744 IpInIp - ok
22:36:39.0922 0744 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:36:39.0922 0744 IPMIDRV - ok
22:36:39.0938 0744 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:36:39.0953 0744 IPNAT - ok
22:36:40.0000 0744 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:36:40.0016 0744 iPod Service - ok
22:36:40.0047 0744 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:36:40.0047 0744 IRENUM - ok
22:36:40.0062 0744 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:36:40.0062 0744 isapnp - ok
22:36:40.0094 0744 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:36:40.0094 0744 iScsiPrt - ok
22:36:40.0140 0744 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
22:36:40.0172 0744 ISSM - ok
22:36:40.0187 0744 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:36:40.0203 0744 iteatapi - ok
22:36:40.0203 0744 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:36:40.0203 0744 iteraid - ok
22:36:40.0250 0744 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:36:40.0250 0744 kbdclass - ok
22:36:40.0296 0744 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:36:40.0296 0744 kbdhid - ok
22:36:40.0328 0744 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
22:36:40.0328 0744 KeyIso - ok
22:36:40.0359 0744 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:36:40.0359 0744 KSecDD - ok
22:36:40.0390 0744 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
22:36:40.0406 0744 KtmRm - ok
22:36:40.0452 0744 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
22:36:40.0468 0744 LanmanServer - ok
22:36:40.0515 0744 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:36:40.0530 0744 LanmanWorkstation - ok
22:36:40.0577 0744 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:36:40.0577 0744 LightScribeService - ok
22:36:40.0655 0744 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
22:36:40.0702 0744 LiveUpdate - ok
22:36:40.0733 0744 LiveUpdate Notice Ex - ok
22:36:40.0780 0744 [ DEB2A99C1AD9B9190C78E895AE60A745 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
22:36:40.0811 0744 LiveUpdate Notice Service - ok
22:36:40.0842 0744 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:36:40.0842 0744 lltdio - ok
22:36:40.0874 0744 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:36:40.0874 0744 lltdsvc - ok
22:36:40.0889 0744 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:36:40.0889 0744 lmhosts - ok
22:36:40.0905 0744 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:36:40.0905 0744 LSI_FC - ok
22:36:40.0920 0744 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:36:40.0920 0744 LSI_SAS - ok
22:36:40.0936 0744 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:36:40.0952 0744 LSI_SCSI - ok
22:36:40.0967 0744 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
22:36:40.0967 0744 luafv - ok
22:36:40.0983 0744 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
22:36:40.0983 0744 M1 Server - ok
22:36:41.0030 0744 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:36:41.0030 0744 MBAMProtector - ok
22:36:41.0108 0744 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:36:41.0123 0744 MBAMScheduler - ok
22:36:41.0170 0744 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:36:41.0186 0744 MBAMService - ok
22:36:41.0232 0744 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
22:36:41.0232 0744 MCLServiceATL - ok
22:36:41.0264 0744 [ C966B6448B935E7E025E00561BC47743 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:36:41.0264 0744 McMPFSvc - ok
22:36:41.0264 0744 [ C966B6448B935E7E025E00561BC47743 ] McNaiAnn C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:36:41.0264 0744 McNaiAnn - ok
22:36:41.0388 0744 [ 02A1B24273643B3F3542E73C12540599 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
22:36:41.0388 0744 McODS - ok
22:36:41.0404 0744 [ C966B6448B935E7E025E00561BC47743 ] mcpltsvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:36:41.0404 0744 mcpltsvc - ok
22:36:41.0420 0744 [ C966B6448B935E7E025E00561BC47743 ] McProxy C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:36:41.0420 0744 McProxy - ok
22:36:41.0451 0744 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:36:41.0466 0744 Mcx2Svc - ok
22:36:41.0513 0744 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:36:41.0513 0744 mdmxsdk - ok
22:36:41.0576 0744 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
22:36:41.0576 0744 megasas - ok
22:36:41.0622 0744 [ 0BF2E50CBA6123DDB20718E926031C3B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
22:36:41.0638 0744 mfeapfk - ok
22:36:41.0700 0744 [ 53B5197B7660B33DABDB17384450AD45 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
22:36:41.0716 0744 mfeavfk - ok
22:36:41.0763 0744 [ E13A1A37B5ED199333A0B1FFDBE009E2 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
22:36:41.0763 0744 mfebopk - ok
22:36:41.0841 0744 [ F83F25652D6B91F15630541429A216B4 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
22:36:41.0841 0744 mfecore - ok
22:36:41.0934 0744 [ 9721E7EDB7F47CD9F8D02C9369052630 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:36:41.0934 0744 mfefire - ok
22:36:41.0981 0744 [ B148A220460F3A4681585AAE0719B491 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
22:36:41.0981 0744 mfefirek - ok
22:36:42.0044 0744 [ A6CC801998A0FB33D47460D481A648BE ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
22:36:42.0059 0744 mfehidk - ok
22:36:42.0122 0744 [ 6B11AC33AF005FF8DF52B23B9491AB5A ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
22:36:42.0122 0744 mfencbdc - ok
22:36:42.0168 0744 [ 87DEB000657A1A0F81789B0154BF28AA ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
22:36:42.0168 0744 mfencrk - ok
22:36:42.0215 0744 [ 835F53753DD2A5B579EF22DA2B7B1923 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
22:36:42.0215 0744 mfenlfk - ok
22:36:42.0262 0744 [ B0CAF93E72327D7E7040C6C8DDB83876 ] mfetdi2k C:\Windows\system32\drivers\mfetdi2k.sys
22:36:42.0278 0744 mfetdi2k - ok
22:36:42.0324 0744 [ D7174549A3B550501C96B49DDF9EDF88 ] mfevtp C:\Windows\system32\mfevtps.exe
22:36:42.0324 0744 mfevtp - ok
22:36:42.0340 0744 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
22:36:42.0356 0744 MMCSS - ok
22:36:42.0371 0744 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
22:36:42.0371 0744 Modem - ok
22:36:42.0402 0744 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:36:42.0402 0744 monitor - ok
22:36:42.0434 0744 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:36:42.0434 0744 mouclass - ok
22:36:42.0480 0744 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:36:42.0480 0744 mouhid - ok
22:36:42.0496 0744 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:36:42.0496 0744 MountMgr - ok
22:36:42.0558 0744 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:36:42.0558 0744 MozillaMaintenance - ok
22:36:42.0590 0744 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
22:36:42.0590 0744 mpio - ok
22:36:42.0621 0744 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:36:42.0621 0744 mpsdrv - ok
22:36:42.0652 0744 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
22:36:42.0668 0744 MpsSvc - ok
22:36:42.0683 0744 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:36:42.0683 0744 Mraid35x - ok
22:36:42.0699 0744 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:36:42.0714 0744 MRxDAV - ok
22:36:42.0730 0744 [ 529B64F9735D27FEF1B8EA1678F8C79E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:36:42.0730 0744 mrxsmb - ok
22:36:42.0777 0744 [ 2BBD3970018270D2C6A0B069F568154E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:36:42.0777 0744 mrxsmb10 - ok
22:36:42.0792 0744 [ 30A67C7D8B80281028916DED6A64AEC9 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:36:42.0792 0744 mrxsmb20 - ok
22:36:42.0808 0744 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
22:36:42.0808 0744 msahci - ok
22:36:42.0886 0744 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
22:36:42.0902 0744 MSCSPTISRV - ok
22:36:42.0917 0744 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:36:42.0917 0744 msdsm - ok
22:36:42.0948 0744 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
22:36:42.0948 0744 MSDTC - ok
22:36:42.0980 0744 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:36:42.0980 0744 Msfs - ok
22:36:42.0995 0744 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:36:42.0995 0744 msisadrv - ok
22:36:43.0026 0744 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:36:43.0026 0744 MSiSCSI - ok
22:36:43.0026 0744 msiserver - ok
22:36:43.0058 0744 [ C966B6448B935E7E025E00561BC47743 ] MSK80Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:36:43.0058 0744 MSK80Service - ok
22:36:43.0089 0744 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:36:43.0089 0744 MSKSSRV - ok
22:36:43.0120 0744 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:36:43.0120 0744 MSPCLOCK - ok
22:36:43.0136 0744 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:36:43.0136 0744 MSPQM - ok
22:36:43.0151 0744 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:36:43.0151 0744 MsRPC - ok
22:36:43.0167 0744 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:36:43.0167 0744 mssmbios - ok
22:36:43.0182 0744 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:36:43.0182 0744 MSTEE - ok
22:36:43.0276 0744 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
22:36:43.0276 0744 Mup - ok
22:36:43.0292 0744 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
22:36:43.0307 0744 napagent - ok
22:36:43.0338 0744 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:36:43.0338 0744 NativeWifiP - ok
22:36:43.0370 0744 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
22:36:43.0385 0744 NDIS - ok
22:36:43.0432 0744 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:36:43.0432 0744 NdisTapi - ok
22:36:43.0448 0744 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:36:43.0448 0744 Ndisuio - ok
22:36:43.0463 0744 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:43.0463 0744 NdisWan - ok
22:36:43.0479 0744 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:36:43.0479 0744 NDProxy - ok
22:36:43.0510 0744 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:36:43.0510 0744 NetBIOS - ok
22:36:43.0526 0744 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:36:43.0526 0744 netbt - ok
22:36:43.0541 0744 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
22:36:43.0541 0744 Netlogon - ok
22:36:43.0572 0744 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
22:36:43.0572 0744 Netman - ok
22:36:43.0619 0744 [ 986ACDECE933131288F1957DC359865F ] NETMDUSB C:\Windows\system32\Drivers\NETMDUSB.sys
22:36:43.0619 0744 NETMDUSB - ok
22:36:43.0635 0744 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
22:36:43.0635 0744 netprofm - ok
22:36:43.0682 0744 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:36:43.0697 0744 NetTcpPortSharing - ok
22:36:43.0713 0744 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:36:43.0713 0744 nfrd960 - ok
22:36:43.0760 0744 [ BD71AA430743613803FE92DE14137347 ] NitroDriverReadSpool2 C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
22:36:43.0775 0744 NitroDriverReadSpool2 - ok
22:36:43.0791 0744 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
22:36:43.0791 0744 NlaSvc - ok
22:36:43.0806 0744 [ 447108589F2074FFCD3FCFB690E43026 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
22:36:43.0822 0744 nlsX86cc - ok
22:36:43.0822 0744 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:36:43.0838 0744 Npfs - ok
22:36:43.0869 0744 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
22:36:43.0869 0744 nsi - ok
22:36:43.0884 0744 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:36:43.0884 0744 nsiproxy - ok
22:36:43.0931 0744 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:36:43.0947 0744 Ntfs - ok
22:36:43.0978 0744 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:36:43.0978 0744 ntrigdigi - ok
22:36:43.0978 0744 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
22:36:43.0978 0744 Null - ok
22:36:44.0103 0744 [ 2D892BB73314ECA5549B96F783BB45E8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:36:44.0181 0744 nvlddmkm - ok
22:36:44.0212 0744 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:36:44.0212 0744 nvraid - ok
22:36:44.0228 0744 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:36:44.0228 0744 nvstor - ok
22:36:44.0243 0744 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:36:44.0243 0744 nv_agp - ok
22:36:44.0243 0744 NwlnkFlt - ok
22:36:44.0259 0744 NwlnkFwd - ok
22:36:44.0415 0744 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:36:44.0446 0744 odserv - ok
22:36:44.0462 0744 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:36:44.0462 0744 ohci1394 - ok
22:36:44.0555 0744 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:36:44.0555 0744 ose - ok
22:36:44.0586 0744 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:36:44.0618 0744 p2pimsvc - ok
22:36:44.0633 0744 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
22:36:44.0633 0744 p2psvc - ok
22:36:44.0711 0744 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
22:36:44.0758 0744 PACSPTISVR - ok
22:36:44.0805 0744 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:36:44.0852 0744 Parport - ok
22:36:44.0898 0744 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:36:44.0930 0744 partmgr - ok
22:36:44.0945 0744 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:36:44.0961 0744 Parvdm - ok
22:36:44.0992 0744 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:36:44.0992 0744 PcaSvc - ok
22:36:45.0039 0744 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
22:36:45.0086 0744 pci - ok
22:36:45.0117 0744 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
22:36:45.0117 0744 pciide - ok
22:36:45.0195 0744 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:36:45.0210 0744 pcmcia - ok
22:36:45.0351 0744 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:36:45.0382 0744 PEAUTH - ok
22:36:45.0444 0744 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
22:36:45.0476 0744 pla - ok
22:36:45.0507 0744 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:36:45.0507 0744 PlugPlay - ok
22:36:45.0522 0744 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:36:45.0522 0744 PNRPAutoReg - ok
22:36:45.0538 0744 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:36:45.0554 0744 PNRPsvc - ok
22:36:45.0600 0744 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:36:45.0600 0744 PolicyAgent - ok
22:36:45.0647 0744 portio - ok
22:36:45.0694 0744 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:36:45.0694 0744 PptpMiniport - ok
22:36:45.0710 0744 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
22:36:45.0710 0744 Processor - ok
22:36:45.0741 0744 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
22:36:45.0741 0744 ProfSvc - ok
22:36:45.0756 0744 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:36:45.0756 0744 ProtectedStorage - ok
22:36:45.0788 0744 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
22:36:45.0803 0744 ProtexisLicensing - ok
22:36:45.0819 0744 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
22:36:45.0819 0744 Ps2 - ok
22:36:45.0866 0744 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:36:45.0866 0744 PSched - ok
22:36:45.0881 0744 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:36:45.0881 0744 PxHelp20 - ok
22:36:45.0944 0744 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:36:45.0959 0744 ql2300 - ok
22:36:45.0990 0744 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:36:45.0990 0744 ql40xx - ok
22:36:46.0006 0744 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
22:36:46.0006 0744 QWAVE - ok
22:36:46.0022 0744 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:36:46.0022 0744 QWAVEdrv - ok
22:36:46.0053 0744 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:36:46.0053 0744 RasAcd - ok
22:36:46.0068 0744 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
22:36:46.0068 0744 RasAuto - ok
22:36:46.0084 0744 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:36:46.0084 0744 Rasl2tp - ok
22:36:46.0100 0744 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
22:36:46.0100 0744 RasMan - ok
22:36:46.0115 0744 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:36:46.0115 0744 RasPppoe - ok
22:36:46.0131 0744 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:36:46.0146 0744 rdbss - ok
22:36:46.0193 0744 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\[email protected]
22:36:46.0193 0744 RDPCDD - ok
22:36:46.0240 0744 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:36:46.0240 0744 rdpdr - ok
22:36:46.0240 0744 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:36:46.0240 0744 RDPENCDD - ok
22:36:46.0287 0744 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:36:46.0287 0744 RDPWD - ok
22:36:46.0318 0744 [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
22:36:46.0334 0744 Remote UI Service - ok
22:36:46.0365 0744 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
22:36:46.0365 0744 RemoteAccess - ok
22:36:46.0380 0744 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:36:46.0380 0744 RemoteRegistry - ok
22:36:46.0458 0744 [ 062D1268CFCF569BA5FBCFD1BEA88D2A ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
22:36:46.0474 0744 RoxMediaDB9 - ok
22:36:46.0490 0744 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:36:46.0490 0744 RpcLocator - ok
22:36:46.0521 0744 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
22:36:46.0521 0744 RpcSs - ok
22:36:46.0552 0744 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:36:46.0552 0744 rspndr - ok
22:36:46.0552 0744 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
22:36:46.0552 0744 SamSs - ok
22:36:46.0583 0744 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:36:46.0583 0744 sbp2port - ok
22:36:46.0646 0744 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
22:36:46.0661 0744 SBSDWSCService - ok
22:36:46.0692 0744 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:36:46.0692 0744 SCardSvr - ok
22:36:46.0724 0744 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
22:36:46.0739 0744 Schedule - ok
22:36:46.0755 0744 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:36:46.0755 0744 SCPolicySvc - ok
22:36:46.0770 0744 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:36:46.0786 0744 SDRSVC - ok
22:36:46.0802 0744 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:36:46.0802 0744 secdrv - ok
22:36:46.0817 0744 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
22:36:46.0817 0744 seclogon - ok
22:36:46.0833 0744 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
22:36:46.0848 0744 SENS - ok
22:36:46.0864 0744 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:36:46.0864 0744 Serenum - ok
22:36:46.0911 0744 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:36:46.0911 0744 Serial - ok
22:36:46.0926 0744 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:36:46.0926 0744 sermouse - ok
22:36:46.0958 0744 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
22:36:46.0958 0744 SessionEnv - ok
22:36:46.0989 0744 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:36:46.0989 0744 sffdisk - ok
22:36:46.0989 0744 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:36:46.0989 0744 sffp_mmc - ok
22:36:47.0004 0744 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:36:47.0004 0744 sffp_sd - ok
22:36:47.0036 0744 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:36:47.0036 0744 sfloppy - ok
22:36:47.0082 0744 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:36:47.0082 0744 SharedAccess - ok
22:36:47.0129 0744 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:36:47.0129 0744 ShellHWDetection - ok
22:36:47.0176 0744 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:36:47.0176 0744 sisagp - ok
22:36:47.0192 0744 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:36:47.0207 0744 SiSRaid2 - ok
22:36:47.0238 0744 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:36:47.0238 0744 SiSRaid4 - ok
22:36:47.0316 0744 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
22:36:47.0348 0744 slsvc - ok
22:36:47.0410 0744 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:36:47.0410 0744 SLUINotify - ok
22:36:47.0441 0744 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:36:47.0441 0744 Smb - ok
22:36:47.0488 0744 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:36:47.0488 0744 SNMPTRAP - ok
22:36:47.0504 0744 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
22:36:47.0504 0744 SonicStage Back-End Service - ok
22:36:47.0597 0744 [ 1A623F2B69E1F182F995F963C55DB935 ] Sony Ericsson PCCompanion C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
22:36:47.0597 0744 Sony Ericsson PCCompanion - ok
22:36:47.0628 0744 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
22:36:47.0628 0744 spldr - ok
22:36:47.0644 0744 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
22:36:47.0644 0744 Spooler - ok
22:36:47.0675 0744 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
22:36:47.0675 0744 SPTISRV - ok
22:36:47.0769 0744 [ C962E98179E54B769028C025C7E470A5 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:36:47.0769 0744 srv - ok
22:36:47.0800 0744 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:36:47.0800 0744 srv2 - ok
22:36:47.0831 0744 [ CD11A0767E82DD8B1A3A26D305DBEC0F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:36:47.0831 0744 srvnet - ok
22:36:47.0878 0744 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:36:47.0894 0744 SSDPSRV - ok
22:36:47.0925 0744 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
22:36:47.0925 0744 SSScsiSV - ok
22:36:47.0956 0744 [ 7A95B5DEB594616F1693486B8161411E ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
22:36:47.0956 0744 StillCam - ok
22:36:47.0987 0744 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
22:36:47.0987 0744 stisvc - ok
22:36:48.0065 0744 [ 4CFEB2BD9723489DA072B300940EA287 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:36:48.0065 0744 stllssvr - ok
22:36:48.0096 0744 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:36:48.0096 0744 swenum - ok
22:36:48.0112 0744 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
22:36:48.0128 0744 swprv - ok
22:36:48.0143 0744 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:36:48.0143 0744 Symc8xx - ok
22:36:48.0159 0744 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:36:48.0159 0744 Sym_hi - ok
22:36:48.0174 0744 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:36:48.0174 0744 Sym_u3 - ok
22:36:48.0221 0744 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
22:36:48.0221 0744 SysMain - ok
22:36:48.0252 0744 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:36:48.0252 0744 TabletInputService - ok
22:36:48.0362 0744 [ BA9D96EF2999EF216B18C70B574D8746 ] TabletServiceWacom C:\Windows\system32\Wacom_Tablet.exe
22:36:48.0408 0744 TabletServiceWacom - ok
22:36:48.0440 0744 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:36:48.0440 0744 TapiSrv - ok
22:36:48.0471 0744 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
22:36:48.0471 0744 TBS - ok
22:36:48.0502 0744 [ 300208927321066EA53761FDC98747C6 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:36:48.0518 0744 Tcpip - ok
22:36:48.0533 0744 [ 300208927321066EA53761FDC98747C6 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:36:48.0533 0744 Tcpip6 - ok
22:36:48.0564 0744 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:36:48.0564 0744 tcpipreg - ok
22:36:48.0580 0744 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:36:48.0580 0744 TDPIPE - ok
22:36:48.0596 0744 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:36:48.0596 0744 TDTCP - ok
22:36:48.0611 0744 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:36:48.0627 0744 tdx - ok
22:36:48.0642 0744 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:36:48.0642 0744 TermDD - ok
22:36:48.0674 0744 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
22:36:48.0674 0744 TermService - ok
22:36:48.0689 0744 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
22:36:48.0689 0744 Themes - ok
22:36:48.0705 0744 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
22:36:48.0705 0744 THREADORDER - ok
22:36:48.0720 0744 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
22:36:48.0720 0744 TrkWks - ok
22:36:48.0736 0744 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:36:48.0736 0744 TrustedInstaller - ok
22:36:48.0752 0744 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:36:48.0752 0744 tssecsrv - ok
22:36:48.0783 0744 [ 75468777EE7CB712E984E27001BF07C2 ] TsService C:\Windows\system32\TsService.exe
22:36:48.0783 0744 TsService - ok
22:36:48.0798 0744 [ A858917785681743C512950FDFA14DB7 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:36:48.0798 0744 tunmp - ok
22:36:48.0814 0744 [ 29F1D1D888EE61D20D5662E72AA34129 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:36:48.0814 0744 tunnel - ok
22:36:48.0845 0744 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:36:48.0845 0744 uagp35 - ok
22:36:48.0861 0744 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:36:48.0861 0744 udfs - ok
22:36:48.0876 0744 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:36:48.0892 0744 UI0Detect - ok
22:36:48.0908 0744 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:36:48.0908 0744 uliagpkx - ok
22:36:48.0939 0744 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:36:48.0939 0744 uliahci - ok
22:36:48.0970 0744 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:36:48.0970 0744 UlSata - ok
22:36:48.0986 0744 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:36:48.0986 0744 ulsata2 - ok
22:36:49.0001 0744 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:36:49.0001 0744 umbus - ok
22:36:49.0079 0744 [ 4847639D852763EE39415C929470F672 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
22:36:49.0095 0744 UnlockerDriver5 - ok
22:36:49.0110 0744 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
22:36:49.0110 0744 upnphost - ok
22:36:49.0142 0744 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
22:36:49.0142 0744 USBAAPL - ok
22:36:49.0157 0744 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
22:36:49.0173 0744 usbccgp - ok
22:36:49.0188 0744 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:36:49.0188 0744 usbcir - ok
22:36:49.0220 0744 [ FB50F987304F907A0103B14A5F2F2344 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:36:49.0220 0744 usbehci - ok
22:36:49.0251 0744 [ 16675AB7E199635086AB0556137371F5 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:36:49.0251 0744 usbhub - ok
22:36:49.0282 0744 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:36:49.0282 0744 usbohci - ok
22:36:49.0298 0744 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:36:49.0298 0744 usbprint - ok
22:36:49.0329 0744 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:36:49.0329 0744 usbscan - ok
22:36:49.0360 0744 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:36:49.0360 0744 USBSTOR - ok
22:36:49.0376 0744 [ 165BB1F0801118DC86AA3FC87D3D101C ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:36:49.0376 0744 usbuhci - ok
22:36:49.0391 0744 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
22:36:49.0391 0744 UxSms - ok
22:36:49.0422 0744 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
22:36:49.0422 0744 vds - ok
22:36:49.0438 0744 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:36:49.0438 0744 vga - ok
22:36:49.0469 0744 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:36:49.0469 0744 VgaSave - ok
22:36:49.0485 0744 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:36:49.0485 0744 viaagp - ok
22:36:49.0516 0744 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:36:49.0516 0744 ViaC7 - ok
22:36:49.0532 0744 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
22:36:49.0532 0744 viaide - ok
22:36:49.0547 0744 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:36:49.0547 0744 volmgr - ok
22:36:49.0563 0744 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:36:49.0563 0744 volmgrx - ok
22:36:49.0672 0744 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:36:49.0703 0744 volsnap - ok
22:36:49.0719 0744 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:36:49.0766 0744 vsmraid - ok
22:36:49.0812 0744 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
22:36:49.0828 0744 VSS - ok
22:36:49.0875 0744 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
22:36:49.0875 0744 W32Time - ok
22:36:49.0953 0744 w800bus - ok
22:36:50.0031 0744 [ 8724531219AE3F9E3729012B61DCE527 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
22:36:50.0062 0744 wacmoumonitor - ok
22:36:50.0093 0744 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
22:36:50.0093 0744 wacommousefilter - ok
22:36:50.0109 0744 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:36:50.0124 0744 WacomPen - ok
22:36:50.0124 0744 wacomrouterfilter - ok
22:36:50.0156 0744 [ 51D580F30D1A1F2EA4965AF6ABC2BCB2 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
22:36:50.0156 0744 wacomvhid - ok
22:36:50.0202 0744 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:36:50.0218 0744 Wanarp - ok
22:36:50.0218 0744 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:36:50.0218 0744 Wanarpv6 - ok
22:36:50.0280 0744 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:36:50.0296 0744 wcncsvc - ok
22:36:50.0312 0744 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:36:50.0312 0744 WcsPlugInService - ok
22:36:50.0374 0744 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
22:36:50.0405 0744 Wd - ok
22:36:50.0514 0744 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:36:50.0577 0744 Wdf01000 - ok
22:36:50.0608 0744 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:36:50.0639 0744 WdiServiceHost - ok
22:36:50.0655 0744 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:36:50.0655 0744 WdiSystemHost - ok
22:36:50.0764 0744 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
22:36:50.0780 0744 WebClient - ok
22:36:50.0811 0744 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
22:36:50.0842 0744 Wecsvc - ok
22:36:50.0873 0744 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:36:50.0889 0744 wercplsupport - ok
22:36:50.0936 0744 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
22:36:50.0951 0744 WerSvc - ok
22:36:51.0123 0744 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:36:51.0248 0744 winachsf - ok
22:36:51.0388 0744 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:36:51.0435 0744 WinDefend - ok
22:36:51.0435 0744 WinHttpAutoProxySvc - ok
22:36:51.0684 0744 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:36:51.0747 0744 Winmgmt - ok
22:36:51.0918 0744 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
22:36:52.0012 0744 WinRM - ok
22:36:52.0121 0744 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:36:52.0199 0744 Wlansvc - ok
22:36:52.0246 0744 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:36:52.0277 0744 WmiAcpi - ok
22:36:52.0355 0744 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:36:52.0355 0744 wmiApSrv - ok
22:36:52.0496 0744 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:36:52.0574 0744 WMPNetworkSvc - ok
22:36:52.0636 0744 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:36:52.0652 0744 WPCSvc - ok
22:36:52.0667 0744 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:36:52.0683 0744 WPDBusEnum - ok
22:36:52.0761 0744 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:36:52.0776 0744 WpdUsb - ok
22:36:52.0839 0744 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:36:52.0886 0744 ws2ifsl - ok
22:36:52.0932 0744 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
22:36:52.0948 0744 wscsvc - ok
22:36:52.0948 0744 WSearch - ok
22:36:53.0291 0744 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
22:36:53.0572 0744 wuauserv - ok
22:36:53.0619 0744 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:36:53.0650 0744 WUDFRd - ok
22:36:53.0681 0744 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:36:53.0697 0744 wudfsvc - ok
22:36:53.0744 0744 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
22:36:53.0806 0744 XAudio - ok
22:36:53.0868 0744 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
22:36:53.0946 0744 XAudioService - ok
22:36:53.0946 0744 ================ Scan global ===============================
22:36:54.0134 0744 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
22:36:54.0258 0744 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
22:36:54.0336 0744 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
22:36:54.0414 0744 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
22:36:54.0430 0744 [Global] - ok
22:36:54.0430 0744 ================ Scan MBR ==================================
22:36:54.0446 0744 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
22:36:57.0722 0744 \Device\Harddisk0\DR0 - ok
22:36:57.0722 0744 ================ Scan VBR ==================================
22:36:57.0737 0744 [ 0A5699119BF9E0198091AA677BAF6B12 ] \Device\Harddisk0\DR0\Partition1
22:36:57.0753 0744 \Device\Harddisk0\DR0\Partition1 - ok
22:36:57.0784 0744 [ D15113173991D850F29CF2D726FD035A ] \Device\Harddisk0\DR0\Partition2
22:36:57.0831 0744 \Device\Harddisk0\DR0\Partition2 - ok
22:36:57.0831 0744 ============================================================
22:36:57.0831 0744 Scan finished
22:36:57.0831 0744 ============================================================
22:36:57.0846 0580 Detected object count: 0
22:36:57.0846 0580 Actual detected object count: 0
22:37:09.0858 1336 ============================================================
22:37:09.0858 1336 Scan started
22:37:09.0858 1336 Mode: Manual; SigCheck; TDLFS;
22:37:09.0858 1336 ============================================================
22:37:09.0952 1336 ================ Scan system memory ========================
22:37:09.0952 1336 System memory - ok
22:37:09.0952 1336 ================ Scan services =============================
22:37:10.0108 1336 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
22:37:10.0186 1336 ACPI - ok
22:37:10.0248 1336 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:37:10.0311 1336 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
22:37:10.0311 1336 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
22:37:10.0420 1336 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
22:37:10.0436 1336 AdobeActiveFileMonitor6.0 - ok
22:37:10.0467 1336 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:37:10.0482 1336 adp94xx - ok
22:37:10.0514 1336 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:37:10.0514 1336 adpahci - ok
22:37:10.0560 1336 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:37:10.0560 1336 adpu160m - ok
22:37:10.0592 1336 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:37:10.0607 1336 adpu320 - ok
22:37:10.0638 1336 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:37:10.0763 1336 AeLookupSvc - ok
22:37:10.0794 1336 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
22:37:10.0950 1336 AFD - ok
22:37:10.0982 1336 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:37:10.0997 1336 agp440 - ok
22:37:11.0044 1336 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:37:11.0044 1336 aic78xx - ok
22:37:11.0106 1336 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
22:37:11.0138 1336 AlertService ( UnsignedFile.Multi.Generic ) - warning
22:37:11.0138 1336 AlertService - detected UnsignedFile.Multi.Generic (1)
22:37:11.0153 1336 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
22:37:11.0200 1336 ALG - ok
22:37:11.0216 1336 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
22:37:11.0231 1336 aliide - ok
22:37:11.0278 1336 [ 89DD6104E542552DAF25F42A30F75E08 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:37:11.0325 1336 AMD External Events Utility - ok
22:37:11.0340 1336 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:37:11.0356 1336 amdagp - ok
22:37:11.0372 1336 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
22:37:11.0387 1336 amdide - ok
22:37:11.0403 1336 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:37:11.0465 1336 AmdK7 - ok
22:37:11.0481 1336 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:37:11.0543 1336 AmdK8 - ok
22:37:11.0746 1336 [ 03AC6735672F15CEAAB502E4349286E0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:37:12.0089 1336 amdkmdag - ok
22:37:12.0136 1336 [ F566C90E4BBE387E905130B6E490DCCD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:37:12.0167 1336 amdkmdap - ok
22:37:12.0198 1336 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
22:37:12.0245 1336 Appinfo - ok
22:37:12.0339 1336 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:37:12.0339 1336 Apple Mobile Device - ok
22:37:12.0370 1336 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
22:37:12.0370 1336 arc - ok
22:37:12.0417 1336 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:37:12.0432 1336 arcsas - ok
22:37:12.0464 1336 [ B979979AB8027F7F53FB16EC4229B7DB ] ASPI32 C:\Windows\system32\drivers\ASPI32.sys
22:37:12.0495 1336 ASPI32 ( UnsignedFile.Multi.Generic ) - warning
22:37:12.0495 1336 ASPI32 - detected UnsignedFile.Multi.Generic (1)
22:37:12.0510 1336 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:37:12.0557 1336 AsyncMac - ok
22:37:12.0588 1336 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\drivers\atapi.sys
22:37:12.0588 1336 atapi - ok
22:37:12.0635 1336 [ F71B6EE018EADF4CFD52F3C83847E5F6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
22:37:12.0651 1336 AtiHDAudioService - ok
22:37:12.0666 1336 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:37:12.0713 1336 AudioEndpointBuilder - ok
22:37:12.0713 1336 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:37:12.0760 1336 Audiosrv - ok
22:37:12.0838 1336 [ B5D974C1FD078A68C7536C561B031D39 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
22:37:12.0854 1336 Automatic LiveUpdate Scheduler - ok
22:37:12.0885 1336 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
22:37:12.0947 1336 Beep - ok
22:37:12.0994 1336 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
22:37:13.0041 1336 BFE - ok
22:37:13.0088 1336 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
22:37:13.0150 1336 BITS - ok
22:37:13.0166 1336 blbdrive - ok
22:37:13.0181 1336 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:37:13.0228 1336 bowser - ok
22:37:13.0259 1336 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:37:13.0290 1336 BrFiltLo - ok
22:37:13.0322 1336 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:37:13.0353 1336 BrFiltUp - ok
22:37:13.0368 1336 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
22:37:13.0400 1336 Browser - ok
22:37:13.0431 1336 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:37:13.0462 1336 Brserid - ok
22:37:13.0478 1336 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:37:13.0478 1336 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
22:37:13.0478 1336 BrSerWdm - detected UnsignedFile.Multi.Generic (1)
22:37:13.0509 1336 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:37:13.0556 1336 BrUsbMdm - ok
22:37:13.0556 1336 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:37:13.0602 1336 BrUsbSer - ok
22:37:13.0634 1336 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:37:13.0680 1336 BTHMODEM - ok
22:37:13.0696 1336 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:37:13.0743 1336 cdfs - ok
22:37:13.0743 1336 cdrom - ok
22:37:13.0774 1336 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
22:37:13.0821 1336 CertPropSvc - ok
22:37:13.0868 1336 [ 1311AAAC5A27B445FE51400C6F41CEE3 ] cfwids C:\Windows\system32\drivers\cfwids.sys
22:37:13.0868 1336 cfwids - ok
22:37:13.0883 1336 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
22:37:13.0946 1336 circlass - ok
22:37:13.0977 1336 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
22:37:13.0977 1336 CLFS - ok
22:37:14.0070 1336 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:37:14.0070 1336 clr_optimization_v2.0.50727_32 - ok
22:37:14.0086 1336 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:37:14.0086 1336 cmdide - ok
22:37:14.0117 1336 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:37:14.0117 1336 Compbatt - ok
22:37:14.0117 1336 COMSysApp - ok
22:37:14.0148 1336 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:37:14.0148 1336 crcdisk - ok
22:37:14.0164 1336 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:37:14.0226 1336 Crusoe - ok
22:37:14.0258 1336 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:37:14.0304 1336 CryptSvc - ok
22:37:14.0367 1336 [ F054744F67576A01139885173392502B ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfo.sys
22:37:14.0382 1336 CrystalSysInfo - ok
22:37:14.0429 1336 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
22:37:14.0460 1336 DcomLaunch - ok
22:37:14.0476 1336 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:37:14.0523 1336 DfsC - ok
22:37:14.0554 1336 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:37:14.0585 1336 Dhcp - ok
22:37:14.0616 1336 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
22:37:14.0632 1336 disk - ok
22:37:14.0679 1336 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:37:14.0726 1336 Dnscache - ok
22:37:14.0757 1336 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
22:37:14.0804 1336 dot3svc - ok
22:37:14.0835 1336 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
22:37:14.0866 1336 DPS - ok
22:37:14.0913 1336 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
22:37:14.0928 1336 DQLWinService ( UnsignedFile.Multi.Generic ) - warning
22:37:14.0928 1336 DQLWinService - detected UnsignedFile.Multi.Generic (1)
22:37:14.0975 1336 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:37:15.0022 1336 drmkaud - ok
22:37:15.0053 1336 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:37:15.0084 1336 DXGKrnl - ok
22:37:15.0100 1336 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
22:37:15.0147 1336 e1express - ok
22:37:15.0178 1336 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:37:15.0225 1336 E1G60 - ok
22:37:15.0256 1336 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
22:37:15.0303 1336 EapHost - ok
22:37:15.0318 1336 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
22:37:15.0334 1336 Ecache - ok
22:37:15.0381 1336 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:37:15.0396 1336 ehRecvr - ok
22:37:15.0428 1336 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:37:15.0459 1336 ehSched - ok
22:37:15.0459 1336 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:37:15.0490 1336 ehstart - ok
22:37:15.0506 1336 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:37:15.0521 1336 elxstor - ok
22:37:15.0568 1336 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:37:15.0630 1336 EMDMgmt - ok
22:37:15.0677 1336 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
22:37:15.0708 1336 EventSystem - ok
22:37:15.0724 1336 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:37:15.0771 1336 fastfat - ok
22:37:15.0802 1336 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:37:15.0864 1336 fdc - ok
22:37:15.0896 1336 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
22:37:15.0927 1336 fdPHost - ok
22:37:15.0927 1336 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:37:15.0974 1336 FDResPub - ok
22:37:15.0989 1336 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:37:15.0989 1336 FileInfo - ok
22:37:16.0020 1336 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:37:16.0067 1336 Filetrace - ok
22:37:16.0114 1336 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:37:16.0161 1336 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:37:16.0161 1336 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:37:16.0176 1336 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:37:16.0223 1336 flpydisk - ok
22:37:16.0223 1336 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:37:16.0239 1336 FltMgr - ok
22:37:16.0317 1336 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:37:16.0332 1336 FontCache3.0.0.0 - ok
22:37:16.0348 1336 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:37:16.0379 1336 Fs_Rec - ok
22:37:16.0395 1336 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:37:16.0410 1336 gagp30kx - ok
22:37:16.0442 1336 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:37:16.0442 1336 GEARAspiWDM - ok
22:37:16.0473 1336 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
22:37:16.0535 1336 gpsvc - ok
22:37:16.0582 1336 [ 1D85AC0C6A8CF43B654695D7947C6823 ] hcw18bda C:\Windows\system32\drivers\hcw18bda.sys
22:37:16.0613 1336 hcw18bda - ok
22:37:16.0644 1336 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:37:16.0691 1336 HdAudAddService - ok
22:37:16.0707 1336 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:37:16.0738 1336 HDAudBus - ok
22:37:16.0754 1336 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:37:16.0785 1336 HidBth - ok
22:37:16.0800 1336 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:37:16.0847 1336 HidIr - ok
22:37:16.0863 1336 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
22:37:16.0910 1336 hidserv - ok
22:37:16.0925 1336 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:37:16.0956 1336 HidUsb - ok
22:37:17.0019 1336 [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:37:17.0019 1336 HipShieldK - ok
22:37:17.0066 1336 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
22:37:17.0112 1336 hkmsvc - ok
22:37:17.0222 1336 [ C966B6448B935E7E025E00561BC47743 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:37:17.0237 1336 HomeNetSvc - ok
22:37:17.0253 1336 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:37:17.0268 1336 HpCISSs - ok
22:37:17.0331 1336 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
22:37:17.0362 1336 HSF_DP - ok
22:37:17.0393 1336 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
22:37:17.0409 1336 HSXHWBS2 - ok
22:37:17.0440 1336 [ 5637078F2AB4E28F0E308A26089D9C92 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:37:17.0502 1336 HTTP - ok
22:37:17.0518 1336 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:37:17.0534 1336 i2omp - ok
22:37:17.0565 1336 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:37:17.0565 1336 i8042prt ( UnsignedFile.Multi.Generic ) - warning
22:37:17.0565 1336 i8042prt - detected UnsignedFile.Multi.Generic (1)
22:37:17.0612 1336 [ D72F2A013ADA9E2DDA417887A8DFD217 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
22:37:17.0612 1336 IAANTMON ( UnsignedFile.Multi.Generic ) - warning
22:37:17.0612 1336 IAANTMON - detected UnsignedFile.Multi.Generic (1)
22:37:17.0643 1336 [ DE01BF14FFB150C779FD561BD0E3C5C5 ] iaStor C:\Windows\system32\drivers\iastor.sys
22:37:17.0674 1336 iaStor - ok
22:37:17.0705 1336 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:37:17.0705 1336 iaStorV - ok
22:37:17.0783 1336 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:37:17.0783 1336 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:37:17.0783 1336 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:37:17.0861 1336 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:37:17.0892 1336 idsvc - ok
22:37:17.0908 1336 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:37:17.0908 1336 iirsp - ok
22:37:17.0955 1336 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
22:37:17.0986 1336 IKEEXT - ok
22:37:18.0048 1336 [ 4A705BF2A6F7972F2F2AD8A0D8079F95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:37:18.0095 1336 IntcAzAudAddService - ok
22:37:18.0142 1336 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
22:37:18.0158 1336 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - warning
22:37:18.0158 1336 IntelDHSvcConf - detected UnsignedFile.Multi.Generic (1)
22:37:18.0189 1336 [ 988981C840084F480BA9E3319CEBDE1B ] intelide C:\Windows\system32\drivers\intelide.sys
22:37:18.0189 1336 intelide - ok
22:37:18.0220 1336 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:37:18.0251 1336 intelppm - ok
22:37:18.0345 1336 [ 7BDB4E00E1CB174B56E5B2C31DDE68A7 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
22:37:18.0345 1336 IntuitUpdateService - ok
22:37:18.0376 1336 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:37:18.0407 1336 IPBusEnum - ok
22:37:18.0423 1336 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:37:18.0485 1336 IpFilterDriver - ok
22:37:18.0501 1336 [ 637D942341DE63F91EED1A9847BA2471 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:37:18.0532 1336 iphlpsvc - ok
22:37:18.0532 1336 IpInIp - ok
22:37:18.0548 1336 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:37:18.0579 1336 IPMIDRV - ok
22:37:18.0626 1336 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:37:18.0657 1336 IPNAT - ok
22:37:18.0719 1336 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:37:18.0735 1336 iPod Service - ok
22:37:18.0782 1336 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:37:18.0828 1336 IRENUM - ok
22:37:18.0844 1336 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:37:18.0844 1336 isapnp - ok
22:37:18.0875 1336 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:37:18.0875 1336 iScsiPrt - ok
22:37:18.0938 1336 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
22:37:18.0953 1336 ISSM ( UnsignedFile.Multi.Generic ) - warning
22:37:18.0953 1336 ISSM - detected UnsignedFile.Multi.Generic (1)
22:37:18.0969 1336 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:37:18.0969 1336 iteatapi - ok
22:37:18.0984 1336 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:37:18.0984 1336 iteraid - ok
22:37:19.0016 1336 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:37:19.0016 1336 kbdclass - ok
22:37:19.0062 1336 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:37:19.0078 1336 kbdhid ( UnsignedFile.Multi.Generic ) - warning
22:37:19.0078 1336 kbdhid - detected UnsignedFile.Multi.Generic (1)
22:37:19.0109 1336 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
22:37:19.0140 1336 KeyIso - ok
22:37:19.0172 1336 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:37:19.0187 1336 KSecDD - ok
22:37:19.0218 1336 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
22:37:19.0265 1336 KtmRm - ok
22:37:19.0296 1336 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
22:37:19.0343 1336 LanmanServer - ok
22:37:19.0390 1336 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:37:19.0437 1336 LanmanWorkstation - ok
22:37:19.0484 1336 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:37:19.0484 1336 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:37:19.0484 1336 LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:37:19.0562 1336 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
22:37:19.0640 1336 LiveUpdate - ok
22:37:19.0702 1336 LiveUpdate Notice Ex - ok
22:37:19.0764 1336 [ DEB2A99C1AD9B9190C78E895AE60A745 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
22:37:19.0780 1336 LiveUpdate Notice Service - ok
22:37:19.0811 1336 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:37:19.0842 1336 lltdio - ok
22:37:19.0874 1336 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:37:19.0905 1336 lltdsvc - ok
22:37:19.0920 1336 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:37:19.0967 1336 lmhosts - ok
22:37:19.0998 1336 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:37:19.0998 1336 LSI_FC - ok
22:37:20.0014 1336 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:37:20.0030 1336 LSI_SAS - ok
22:37:20.0045 1336 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:37:20.0045 1336 LSI_SCSI - ok
22:37:20.0061 1336 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
22:37:20.0123 1336 luafv - ok
22:37:20.0139 1336 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
22:37:20.0154 1336 M1 Server ( UnsignedFile.Multi.Generic ) - warning
22:37:20.0154 1336 M1 Server - detected UnsignedFile.Multi.Generic (1)
22:37:20.0186 1336 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:37:20.0201 1336 MBAMProtector - ok
22:37:20.0264 1336 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:37:20.0279 1336 MBAMScheduler - ok
22:37:20.0342 1336 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:37:20.0357 1336 MBAMService - ok
22:37:20.0404 1336 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
22:37:20.0420 1336 MCLServiceATL ( UnsignedFile.Multi.Generic ) - warning
22:37:20.0420 1336 MCLServiceATL - detected UnsignedFile.Multi.Generic (1)
22:37:20.0435 1336 [ C966B6448B935E7E025E00561BC47743 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:37:20.0451 1336 McMPFSvc - ok
22:37:20.0451 1336 [ C966B6448B935E7E025E00561BC47743 ] McNaiAnn C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:37:20.0451 1336 McNaiAnn - ok
22:37:20.0576 1336 [ 02A1B24273643B3F3542E73C12540599 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
22:37:20.0591 1336 McODS - ok
22:37:20.0591 1336 [ C966B6448B935E7E025E00561BC47743 ] mcpltsvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:37:20.0591 1336 mcpltsvc - ok
22:37:20.0607 1336 [ C966B6448B935E7E025E00561BC47743 ] McProxy C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:37:20.0607 1336 McProxy - ok
22:37:20.0638 1336 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:37:20.0669 1336 Mcx2Svc - ok
22:37:20.0685 1336 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:37:20.0700 1336 mdmxsdk - ok
22:37:20.0732 1336 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
22:37:20.0732 1336 megasas - ok
22:37:20.0778 1336 [ 0BF2E50CBA6123DDB20718E926031C3B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
22:37:20.0794 1336 mfeapfk - ok
22:37:20.0810 1336 [ 53B5197B7660B33DABDB17384450AD45 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
22:37:20.0825 1336 mfeavfk - ok
22:37:20.0872 1336 [ E13A1A37B5ED199333A0B1FFDBE009E2 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
22:37:20.0872 1336 mfebopk - ok
22:37:20.0934 1336 [ F83F25652D6B91F15630541429A216B4 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
22:37:20.0950 1336 mfecore - ok
22:37:21.0044 1336 [ 9721E7EDB7F47CD9F8D02C9369052630 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:37:21.0044 1336 mfefire - ok
22:37:21.0106 1336 [ B148A220460F3A4681585AAE0719B491 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
22:37:21.0122 1336 mfefirek - ok
22:37:21.0168 1336 [ A6CC801998A0FB33D47460D481A648BE ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
22:37:21.0184 1336 mfehidk - ok
22:37:21.0231 1336 [ 6B11AC33AF005FF8DF52B23B9491AB5A ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
22:37:21.0246 1336 mfencbdc - ok
22:37:21.0278 1336 [ 87DEB000657A1A0F81789B0154BF28AA ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
22:37:21.0293 1336 mfencrk - ok
22:37:21.0324 1336 [ 835F53753DD2A5B579EF22DA2B7B1923 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
22:37:21.0324 1336 mfenlfk - ok
22:37:21.0340 1336 [ B0CAF93E72327D7E7040C6C8DDB83876 ] mfetdi2k C:\Windows\system32\drivers\mfetdi2k.sys
22:37:21.0356 1336 mfetdi2k - ok
22:37:21.0387 1336 [ D7174549A3B550501C96B49DDF9EDF88 ] mfevtp C:\Windows\system32\mfevtps.exe
22:37:21.0387 1336 mfevtp - ok
22:37:21.0402 1336 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
22:37:21.0465 1336 MMCSS - ok
22:37:21.0496 1336 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
22:37:21.0543 1336 Modem - ok
22:37:21.0574 1336 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:37:21.0621 1336 monitor - ok
22:37:21.0652 1336 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:37:21.0668 1336 mouclass - ok
22:37:21.0699 1336 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:37:21.0714 1336 mouhid ( UnsignedFile.Multi.Generic ) - warning
22:37:21.0714 1336 mouhid - detected UnsignedFile.Multi.Generic (1)
22:37:21.0746 1336 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:37:21.0761 1336 MountMgr - ok
22:37:21.0808 1336 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:37:21.0808 1336 MozillaMaintenance - ok
22:37:21.0839 1336 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
22:37:21.0839 1336 mpio - ok
22:37:21.0870 1336 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:37:21.0886 1336 mpsdrv - ok
22:37:21.0917 1336 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
22:37:21.0933 1336 MpsSvc - ok
22:37:21.0948 1336 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:37:21.0964 1336 Mraid35x - ok
22:37:21.0995 1336 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:37:22.0026 1336 MRxDAV - ok
22:37:22.0042 1336 [ 529B64F9735D27FEF1B8EA1678F8C79E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:37:22.0089 1336 mrxsmb - ok
22:37:22.0120 1336 [ 2BBD3970018270D2C6A0B069F568154E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:37:22.0151 1336 mrxsmb10 - ok
22:37:22.0182 1336 [ 30A67C7D8B80281028916DED6A64AEC9 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:37:22.0198 1336 mrxsmb20 - ok
22:37:22.0214 1336 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
22:37:22.0214 1336 msahci - ok
22:37:22.0307 1336 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
22:37:22.0307 1336 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
22:37:22.0307 1336 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
22:37:22.0323 1336 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:37:22.0338 1336 msdsm - ok
22:37:22.0370 1336 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
22:37:22.0370 1336 MSDTC - ok
22:37:22.0385 1336 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:37:22.0416 1336 Msfs - ok
22:37:22.0432 1336 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:37:22.0432 1336 msisadrv - ok
22:37:22.0463 1336 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:37:22.0494 1336 MSiSCSI - ok
22:37:22.0494 1336 msiserver - ok
22:37:22.0526 1336 [ C966B6448B935E7E025E00561BC47743 ] MSK80Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:37:22.0541 1336 MSK80Service - ok
22:37:22.0557 1336 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:37:22.0604 1336 MSKSSRV - ok
22:37:22.0619 1336 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:37:22.0650 1336 MSPCLOCK - ok
22:37:22.0666 1336 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:37:22.0728 1336 MSPQM - ok
22:37:22.0744 1336 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:37:22.0760 1336 MsRPC - ok
22:37:22.0760 1336 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:37:22.0775 1336 mssmbios - ok
22:37:22.0791 1336 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:37:22.0838 1336 MSTEE - ok
22:37:22.0853 1336 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
22:37:22.0853 1336 Mup - ok
22:37:22.0884 1336 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
22:37:22.0931 1336 napagent - ok
22:37:22.0962 1336 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:37:22.0994 1336 NativeWifiP - ok
22:37:23.0025 1336 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
22:37:23.0025 1336 NDIS - ok
22:37:23.0056 1336 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:37:23.0072 1336 NdisTapi - ok
22:37:23.0087 1336 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:37:23.0134 1336 Ndisuio - ok
22:37:23.0150 1336 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:37:23.0181 1336 NdisWan - ok
22:37:23.0212 1336 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:37:23.0243 1336 NDProxy - ok
22:37:23.0259 1336 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:37:23.0290 1336 NetBIOS - ok
22:37:23.0306 1336 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:37:23.0352 1336 netbt - ok
22:37:23.0352 1336 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
22:37:23.0368 1336 Netlogon - ok
22:37:23.0399 1336 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
22:37:23.0446 1336 Netman - ok
22:37:23.0477 1336 [ 986ACDECE933131288F1957DC359865F ] NETMDUSB C:\Windows\system32\Drivers\NETMDUSB.sys
22:37:23.0508 1336 NETMDUSB - ok
22:37:23.0540 1336 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
22:37:23.0586 1336 netprofm - ok
22:37:23.0618 1336 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:37:23.0633 1336 NetTcpPortSharing - ok
22:37:23.0649 1336 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:37:23.0649 1336 nfrd960 - ok
22:37:23.0696 1336 [ BD71AA430743613803FE92DE14137347 ] NitroDriverReadSpool2 C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
22:37:23.0696 1336 NitroDriverReadSpool2 - ok
22:37:23.0727 1336 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
22:37:23.0774 1336 NlaSvc - ok
22:37:23.0805 1336 [ 447108589F2074FFCD3FCFB690E43026 ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
22:37:23.0805 1336 nlsX86cc - ok
22:37:23.0820 1336 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:37:23.0867 1336 Npfs - ok
22:37:23.0898 1336 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
22:37:23.0945 1336 nsi - ok
22:37:23.0961 1336 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:37:23.0992 1336 nsiproxy - ok
22:37:24.0039 1336 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:37:24.0070 1336 Ntfs - ok
22:37:24.0101 1336 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:37:24.0148 1336 ntrigdigi - ok
22:37:24.0148 1336 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
22:37:24.0179 1336 Null - ok
22:37:24.0304 1336 [ 2D892BB73314ECA5549B96F783BB45E8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:37:24.0507 1336 nvlddmkm - ok
22:37:24.0538 1336 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:37:24.0554 1336 nvraid - ok
22:37:24.0569 1336 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:37:24.0569 1336 nvstor - ok
22:37:24.0585 1336 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:37:24.0585 1336 nv_agp - ok
22:37:24.0585 1336 NwlnkFlt - ok
22:37:24.0600 1336 NwlnkFwd - ok
22:37:24.0678 1336 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:37:24.0694 1336 odserv - ok
22:37:24.0710 1336 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:37:24.0772 1336 ohci1394 - ok
22:37:24.0803 1336 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:37:24.0819 1336 ose - ok
22:37:24.0850 1336 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:37:24.0897 1336 p2pimsvc - ok
22:37:24.0897 1336 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
22:37:24.0928 1336 p2psvc - ok
22:37:24.0959 1336 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
22:37:24.0975 1336 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
22:37:24.0975 1336 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
22:37:25.0006 1336 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:37:25.0053 1336 Parport - ok
22:37:25.0068 1336 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:37:25.0084 1336 partmgr - ok
22:37:25.0100 1336 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:37:25.0146 1336 Parvdm - ok
22:37:25.0162 1336 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:37:25.0178 1336 PcaSvc - ok
22:37:25.0178 1336 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
22:37:25.0193 1336 pci - ok
22:37:25.0209 1336 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
22:37:25.0209 1336 pciide - ok
22:37:25.0224 1336 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:37:25.0240 1336 pcmcia - ok
22:37:25.0271 1336 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:37:25.0318 1336 PEAUTH - ok
22:37:25.0380 1336 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
22:37:25.0458 1336 pla - ok
22:37:25.0490 1336 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:37:25.0505 1336 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
22:37:25.0505 1336 PlugPlay - detected UnsignedFile.Multi.Generic (1)
22:37:25.0521 1336 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:37:25.0536 1336 PNRPAutoReg - ok
22:37:25.0552 1336 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:37:25.0568 1336 PNRPsvc - ok
22:37:25.0630 1336 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:37:25.0692 1336 PolicyAgent - ok
22:37:25.0739 1336 portio - ok
22:37:25.0755 1336 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:37:25.0802 1336 PptpMiniport - ok
22:37:25.0817 1336 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
22:37:25.0864 1336 Processor - ok
22:37:25.0911 1336 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
22:37:25.0942 1336 ProfSvc - ok
22:37:25.0958 1336 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:37:25.0958 1336 ProtectedStorage - ok
22:37:26.0004 1336 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
22:37:26.0020 1336 ProtexisLicensing - ok
22:37:26.0036 1336 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
22:37:26.0082 1336 Ps2 - ok
22:37:26.0129 1336 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:37:26.0145 1336 PSched - ok
22:37:26.0192 1336 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:37:26.0192 1336 PxHelp20 - ok
22:37:26.0238 1336 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:37:26.0270 1336 ql2300 - ok
22:37:26.0285 1336 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:37:26.0285 1336 ql40xx - ok
22:37:26.0316 1336 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
22:37:26.0348 1336 QWAVE - ok
22:37:26.0348 1336 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:37:26.0379 1336 QWAVEdrv - ok
22:37:26.0394 1336 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:37:26.0426 1336 RasAcd - ok
22:37:26.0441 1336 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
22:37:26.0472 1336 RasAuto - ok
22:37:26.0488 1336 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:37:26.0535 1336 Rasl2tp - ok
22:37:26.0550 1336 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
22:37:26.0613 1336 RasMan - ok
22:37:26.0628 1336 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:37:26.0660 1336 RasPppoe - ok
22:37:26.0675 1336 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:37:26.0722 1336 rdbss - ok
22:37:26.0769 1336 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\[email protected]
22:37:26.0816 1336 RDPCDD - ok
22:37:26.0847 1336 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:37:26.0878 1336 rdpdr - ok
22:37:26.0878 1336 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:37:26.0909 1336 RDPENCDD - ok
22:37:26.0940 1336 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:37:26.0972 1336 RDPWD - ok
22:37:27.0003 1336 [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
22:37:27.0018 1336 Remote UI Service ( UnsignedFile.Multi.Generic ) - warning
22:37:27.0018 1336 Remote UI Service - detected UnsignedFile.Multi.Generic (1)
22:37:27.0034 1336 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
22:37:27.0081 1336 RemoteAccess - ok
22:37:27.0112 1336 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:37:27.0143 1336 RemoteRegistry - ok
22:37:27.0221 1336 [ 062D1268CFCF569BA5FBCFD1BEA88D2A ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
22:37:27.0237 1336 RoxMediaDB9 - ok
22:37:27.0268 1336 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:37:27.0299 1336 RpcLocator - ok
22:37:27.0315 1336 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
22:37:27.0346 1336 RpcSs - ok
22:37:27.0362 1336 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:37:27.0393 1336 rspndr - ok
22:37:27.0408 1336 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
22:37:27.0424 1336 SamSs - ok
22:37:27.0440 1336 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:37:27.0455 1336 sbp2port - ok
22:37:27.0518 1336 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
22:37:27.0549 1336 SBSDWSCService - ok
22:37:27.0580 1336 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:37:27.0611 1336 SCardSvr - ok
22:37:27.0642 1336 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
22:37:27.0705 1336 Schedule ( UnsignedFile.Multi.Generic ) - warning
22:37:27.0705 1336 Schedule - detected UnsignedFile.Multi.Generic (1)
22:37:27.0705 1336 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:37:27.0752 1336 SCPolicySvc - ok
22:37:27.0752 1336 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:37:27.0783 1336 SDRSVC - ok
22:37:27.0814 1336 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:37:27.0861 1336 secdrv - ok
22:37:27.0876 1336 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
22:37:27.0923 1336 seclogon - ok
22:37:27.0954 1336 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
22:37:28.0001 1336 SENS - ok
22:37:28.0017 1336 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:37:28.0064 1336 Serenum - ok
22:37:28.0079 1336 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:37:28.0126 1336 Serial - ok
22:37:28.0157 1336 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:37:28.0157 1336 sermouse ( UnsignedFile.Multi.Generic ) - warning
22:37:28.0157 1336 sermouse - detected UnsignedFile.Multi.Generic (1)
22:37:28.0188 1336 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
22:37:28.0251 1336 SessionEnv - ok
22:37:28.0251 1336 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:37:28.0298 1336 sffdisk - ok
22:37:28.0298 1336 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:37:28.0344 1336 sffp_mmc - ok
22:37:28.0360 1336 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:37:28.0407 1336 sffp_sd - ok
22:37:28.0422 1336 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:37:28.0469 1336 sfloppy - ok
22:37:28.0516 1336 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:37:28.0547 1336 SharedAccess - ok
22:37:28.0563 1336 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:37:28.0594 1336 ShellHWDetection - ok
22:37:28.0610 1336 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:37:28.0625 1336 sisagp - ok
22:37:28.0641 1336 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:37:28.0641 1336 SiSRaid2 - ok
22:37:28.0656 1336 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:37:28.0672 1336 SiSRaid4 - ok
22:37:28.0750 1336 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
22:37:28.0844 1336 slsvc - ok
22:37:28.0875 1336 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:37:28.0890 1336 SLUINotify - ok
22:37:28.0906 1336 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:37:28.0937 1336 Smb - ok
22:37:28.0968 1336 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:37:28.0968 1336 SNMPTRAP - ok
22:37:29.0000 1336 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
22:37:29.0000 1336 SonicStage Back-End Service - ok
22:37:29.0078 1336 [ 1A623F2B69E1F182F995F963C55DB935 ] Sony Ericsson PCCompanion C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
22:37:29.0078 1336 Sony Ericsson PCCompanion ( UnsignedFile.Multi.Generic ) - warning
22:37:29.0078 1336 Sony Ericsson PCCompanion - detected UnsignedFile.Multi.Generic (1)
22:37:29.0109 1336 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
22:37:29.0124 1336 spldr - ok
22:37:29.0140 1336 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
22:37:29.0140 1336 Spooler - ok
22:37:29.0187 1336 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
22:37:29.0202 1336 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
22:37:29.0202 1336 SPTISRV - detected UnsignedFile.Multi.Generic (1)
22:37:29.0265 1336 [ C962E98179E54B769028C025C7E470A5 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:37:29.0312 1336 srv - ok
22:37:29.0343 1336 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:37:29.0374 1336 srv2 - ok
22:37:29.0421 1336 [ CD11A0767E82DD8B1A3A26D305DBEC0F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:37:29.0452 1336 srvnet - ok
22:37:29.0483 1336 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:37:29.0530 1336 SSDPSRV - ok
22:37:29.0577 1336 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
22:37:29.0577 1336 SSScsiSV - ok
22:37:29.0608 1336 [ 7A95B5DEB594616F1693486B8161411E ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
22:37:29.0639 1336 StillCam - ok
22:37:29.0670 1336 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
22:37:29.0686 1336 stisvc - ok
22:37:29.0764 1336 [ 4CFEB2BD9723489DA072B300940EA287 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:37:29.0780 1336 stllssvr - ok
22:37:29.0811 1336 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:37:29.0811 1336 swenum - ok
22:37:29.0826 1336 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
22:37:29.0873 1336 swprv - ok
22:37:29.0889 1336 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:37:29.0889 1336 Symc8xx - ok
22:37:29.0904 1336 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:37:29.0904 1336 Sym_hi - ok
22:37:29.0920 1336 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:37:29.0936 1336 Sym_u3 - ok
22:37:29.0967 1336 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
22:37:29.0998 1336 SysMain - ok
22:37:30.0029 1336 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:37:30.0092 1336 TabletInputService - ok
22:37:30.0185 1336 [ BA9D96EF2999EF216B18C70B574D8746 ] TabletServiceWacom C:\Windows\system32\Wacom_Tablet.exe
22:37:30.0294 1336 TabletServiceWacom - ok
22:37:30.0341 1336 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:37:30.0388 1336 TapiSrv - ok
22:37:30.0388 1336 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
22:37:30.0435 1336 TBS - ok
22:37:30.0482 1336 [ 300208927321066EA53761FDC98747C6 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:37:30.0513 1336 Tcpip - ok
22:37:30.0528 1336 [ 300208927321066EA53761FDC98747C6 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:37:30.0544 1336 Tcpip6 - ok
22:37:30.0575 1336 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:37:30.0606 1336 tcpipreg - ok
22:37:30.0622 1336 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:37:30.0653 1336 TDPIPE - ok
22:37:30.0669 1336 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:37:30.0716 1336 TDTCP - ok
22:37:30.0731 1336 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:37:30.0778 1336 tdx - ok
22:37:30.0794 1336 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:37:30.0794 1336 TermDD - ok
22:37:30.0825 1336 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
22:37:30.0903 1336 TermService - ok
22:37:30.0918 1336 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
22:37:30.0934 1336 Themes - ok
22:37:30.0950 1336 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
22:37:30.0981 1336 THREADORDER - ok
22:37:30.0996 1336 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
22:37:31.0028 1336 TrkWks - ok
22:37:31.0059 1336 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:37:31.0074 1336 TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
22:37:31.0074 1336 TrustedInstaller - detected UnsignedFile.Multi.Generic (1)
22:37:31.0090 1336 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:37:31.0121 1336 tssecsrv - ok
22:37:31.0152 1336 [ 75468777EE7CB712E984E27001BF07C2 ] TsService C:\Windows\system32\TsService.exe
22:37:31.0168 1336 TsService ( UnsignedFile.Multi.Generic ) - warning
22:37:31.0168 1336 TsService - detected UnsignedFile.Multi.Generic (1)
22:37:31.0199 1336 [ A858917785681743C512950FDFA14DB7 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:37:31.0215 1336 tunmp - ok
22:37:31.0230 1336 [ 29F1D1D888EE61D20D5662E72AA34129 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:37:31.0246 1336 tunnel - ok
22:37:31.0262 1336 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:37:31.0262 1336 uagp35 - ok
22:37:31.0293 1336 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:37:31.0324 1336 udfs - ok
22:37:31.0340 1336 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:37:31.0355 1336 UI0Detect - ok
22:37:31.0371 1336 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:37:31.0371 1336 uliagpkx - ok
22:37:31.0402 1336 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:37:31.0418 1336 uliahci - ok
22:37:31.0433 1336 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:37:31.0449 1336 UlSata - ok
22:37:31.0464 1336 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:37:31.0480 1336 ulsata2 - ok
22:37:31.0480 1336 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:37:31.0527 1336 umbus - ok
22:37:31.0605 1336 [ 4847639D852763EE39415C929470F672 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
22:37:31.0620 1336 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
22:37:31.0620 1336 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
22:37:31.0636 1336 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
22:37:31.0683 1336 upnphost - ok
22:37:31.0714 1336 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
22:37:31.0745 1336 USBAAPL - ok
22:37:31.0761 1336 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
22:37:31.0808 1336 usbccgp - ok
22:37:31.0839 1336 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:37:31.0870 1336 usbcir - ok
22:37:31.0901 1336 [ FB50F987304F907A0103B14A5F2F2344 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:37:31.0932 1336 usbehci - ok
22:37:31.0964 1336 [ 16675AB7E199635086AB0556137371F5 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:37:31.0964 1336 usbhub - ok
22:37:31.0995 1336 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:37:32.0026 1336 usbohci - ok
22:37:32.0042 1336 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:37:32.0073 1336 usbprint - ok
22:37:32.0104 1336 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:37:32.0135 1336 usbscan - ok
22:37:32.0166 1336 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:37:32.0198 1336 USBSTOR - ok
22:37:32.0213 1336 [ 165BB1F0801118DC86AA3FC87D3D101C ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:37:32.0244 1336 usbuhci - ok
22:37:32.0276 1336 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
22:37:32.0322 1336 UxSms - ok
22:37:32.0338 1336 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
22:37:32.0369 1336 vds - ok
22:37:32.0400 1336 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:37:32.0447 1336 vga - ok
22:37:32.0463 1336 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:37:32.0494 1336 VgaSave - ok
22:37:32.0510 1336 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:37:32.0525 1336 viaagp - ok
22:37:32.0541 1336 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:37:32.0572 1336 ViaC7 - ok
22:37:32.0588 1336 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
22:37:32.0603 1336 viaide - ok
22:37:32.0619 1336 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:37:32.0619 1336 volmgr - ok
22:37:32.0634 1336 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:37:32.0650 1336 volmgrx - ok
22:37:32.0681 1336 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:37:32.0697 1336 volsnap - ok
22:37:32.0712 1336 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:37:32.0728 1336 vsmraid - ok
22:37:32.0775 1336 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
22:37:32.0790 1336 VSS - ok
22:37:32.0822 1336 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
22:37:32.0868 1336 W32Time - ok
22:37:32.0868 1336 w800bus - ok
22:37:32.0900 1336 [ 8724531219AE3F9E3729012B61DCE527 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
22:37:32.0900 1336 wacmoumonitor - ok
22:37:32.0915 1336 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
22:37:32.0915 1336 wacommousefilter - ok
22:37:32.0931 1336 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:37:32.0978 1336 WacomPen - ok
22:37:32.0978 1336 wacomrouterfilter - ok
22:37:33.0009 1336 [ 51D580F30D1A1F2EA4965AF6ABC2BCB2 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
22:37:33.0009 1336 wacomvhid - ok
22:37:33.0024 1336 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:37:33.0056 1336 Wanarp - ok
22:37:33.0056 1336 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:37:33.0071 1336 Wanarpv6 - ok
22:37:33.0102 1336 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:37:33.0118 1336 wcncsvc - ok
22:37:33.0134 1336 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:37:33.0165 1336 WcsPlugInService - ok
22:37:33.0196 1336 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
22:37:33.0196 1336 Wd - ok
22:37:33.0243 1336 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:37:33.0258 1336 Wdf01000 - ok
22:37:33.0274 1336 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:37:33.0305 1336 WdiServiceHost - ok
22:37:33.0305 1336 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:37:33.0321 1336 WdiSystemHost - ok
22:37:33.0352 1336 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
22:37:33.0368 1336 WebClient - ok
22:37:33.0368 1336 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
22:37:33.0414 1336 Wecsvc - ok
22:37:33.0446 1336 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:37:33.0492 1336 wercplsupport - ok
22:37:33.0508 1336 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
22:37:33.0555 1336 WerSvc - ok
22:37:33.0617 1336 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:37:33.0633 1336 winachsf - ok
22:37:33.0680 1336 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:37:33.0695 1336 WinDefend - ok
22:37:33.0695 1336 WinHttpAutoProxySvc - ok
22:37:33.0742 1336 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:37:33.0804 1336 Winmgmt - ok
22:37:33.0836 1336 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
22:37:33.0898 1336 WinRM - ok
22:37:33.0945 1336 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:37:33.0992 1336 Wlansvc - ok
22:37:34.0023 1336 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:37:34.0070 1336 WmiAcpi - ok
22:37:34.0085 1336 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:37:34.0116 1336 wmiApSrv - ok
22:37:34.0210 1336 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:37:34.0257 1336 WMPNetworkSvc - ok
22:37:34.0272 1336 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:37:34.0304 1336 WPCSvc - ok
22:37:34.0319 1336 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:37:34.0335 1336 WPDBusEnum - ok
22:37:34.0366 1336 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:37:34.0397 1336 WpdUsb - ok
22:37:34.0444 1336 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:37:34.0475 1336 ws2ifsl - ok
22:37:34.0506 1336 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
22:37:34.0538 1336 wscsvc - ok
22:37:34.0538 1336 WSearch - ok
22:37:34.0600 1336 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
22:37:34.0647 1336 wuauserv - ok
22:37:34.0662 1336 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:37:34.0709 1336 WUDFRd - ok
22:37:34.0725 1336 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:37:34.0772 1336 wudfsvc - ok
22:37:34.0803 1336 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
22:37:34.0834 1336 XAudio - ok
22:37:34.0865 1336 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
22:37:34.0881 1336 XAudioService - ok
22:37:34.0881 1336 ================ Scan global ===============================
22:37:34.0959 1336 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
22:37:34.0990 1336 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
22:37:34.0990 1336 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
22:37:35.0037 1336 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
22:37:35.0037 1336 [Global] - ok
22:37:35.0037 1336 ================ Scan MBR ==================================
22:37:35.0052 1336 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
22:37:35.0364 1336 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:37:35.0364 1336 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:37:35.0364 1336 ================ Scan VBR ==================================
22:37:35.0380 1336 [ 0A5699119BF9E0198091AA677BAF6B12 ] \Device\Harddisk0\DR0\Partition1
22:37:35.0396 1336 \Device\Harddisk0\DR0\Partition1 - ok
22:37:35.0396 1336 [ D15113173991D850F29CF2D726FD035A ] \Device\Harddisk0\DR0\Partition2
22:37:35.0396 1336 \Device\Harddisk0\DR0\Partition2 - ok
22:37:35.0396 1336 ============================================================
22:37:35.0396 1336 Scan finished
22:37:35.0396 1336 ============================================================
22:37:35.0396 1340 Detected object count: 28
22:37:35.0396 1340 Actual detected object count: 28
22:38:03.0242 1340 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 AlertService ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 AlertService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 ASPI32 ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 ASPI32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 DQLWinService ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 DQLWinService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0242 1340 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0242 1340 IntelDHSvcConf ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 ISSM ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 ISSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 M1 Server ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 M1 Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 MCLServiceATL ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 MCLServiceATL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 Remote UI Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 Remote UI Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 Sony Ericsson PCCompanion ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 Sony Ericsson PCCompanion ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 TrustedInstaller ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 TsService ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 TsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0257 1340 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
22:38:03.0257 1340 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:38:03.0288 1340 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
22:38:03.0288 1340 \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
22:38:03.0304 1340 \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
22:38:03.0304 1340 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
22:38:03.0304 1340 \Device\Harddisk0\DR0\TDLFS - deleted
22:38:03.0304 1340 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
22:38:16.0034 0576 Deinitialize success


OTL log:
OTL logfile created on: 2013/06/25 22:39:40 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16945)
Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

1021.88 Mb Total Physical Memory | 629.88 Mb Available Physical Memory | 61.64% Memory free
2.23 Gb Paging File | 1.98 Gb Available in Paging File | 88.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 363.68 Gb Total Space | 67.56 Gb Free Space | 18.58% Space Free | Partition Type: NTFS
Drive D: | 8.92 Gb Total Space | 0.98 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 3.73 Gb Total Space | 1.83 Gb Free Space | 48.97% Space Free | Partition Type: FAT32

Computer Name: ENFLEUR | User Name: saicoink | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/25 04:46:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
PRC - [2012/10/07 03:12:36 | 000,252,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
PRC - [2006/11/02 05:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\besclient.dll -- (w800bus)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - File not found [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (LiveUpdate Notice Ex)
SRV - [2013/04/11 22:08:25 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/04/03 13:50:34 | 000,172,416 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2013/04/03 13:47:22 | 000,169,320 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2013/03/05 11:43:26 | 000,184,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV - [2013/03/01 09:06:56 | 000,287,752 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2013/02/28 09:46:46 | 000,638,976 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe -- (mfecore)
SRV - [2012/07/08 22:57:48 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Stopped] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/07/08 22:57:40 | 000,184,840 | ---- | M] (Nitro PDF Software) [Auto | Stopped] -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe -- (NitroDriverReadSpool2)
SRV - [2011/10/25 19:00:46 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/06/29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2009/10/06 14:53:54 | 004,463,400 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Windows\System32\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/03/19 15:03:32 | 000,167,936 | ---- | M] (Teruten Inc.) [Auto | Stopped] -- C:\Windows\System32\TsService.exe -- (TsService)
SRV - [2008/06/20 14:26:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/11/28 20:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/11/04 18:36:32 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 19:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/02/05 11:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 11:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2006/12/14 03:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 03:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 02:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/15 19:57:58 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2006/09/11 19:02:44 | 000,544,256 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/09/11 19:01:04 | 000,167,936 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/09/11 18:56:32 | 000,075,264 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/09/11 18:56:20 | 000,188,416 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/09/03 13:32:28 | 000,208,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 02:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/05/10 12:13:52 | 000,029,696 | R--- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Zinf\portio.sys -- (portio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\cdrom.sys -- (cdrom)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/04/03 13:53:24 | 000,060,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2013/04/03 13:50:14 | 000,091,640 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2013/04/03 13:48:22 | 000,566,656 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2013/04/03 13:47:52 | 000,066,888 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2013/04/03 13:47:32 | 000,363,432 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2013/04/03 13:47:10 | 000,065,928 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2013/04/03 13:46:52 | 000,235,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2013/04/03 13:46:22 | 000,133,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2013/02/18 07:46:38 | 000,080,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencrk.sys -- (mfencrk)
DRV - [2013/02/18 07:46:34 | 000,257,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencbdc.sys -- (mfencbdc)
DRV - [2012/05/28 10:28:04 | 000,147,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2011/10/25 20:03:48 | 008,853,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/10/25 18:21:36 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/06/06 15:06:42 | 000,081,936 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2009/08/27 16:06:32 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009/05/20 12:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/05/02 00:15:44 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/25 10:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007/03/12 16:37:00 | 004,465,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/01/15 03:43:28 | 000,354,432 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw18bda.sys -- (hcw18bda)
DRV - [2006/11/02 05:02:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\[email protected] -- (RDPCDD)
DRV - [2006/11/02 03:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2002/08/08 16:51:32 | 000,038,951 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETMDUSB.sys -- (NETMDUSB)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Aspi32.sys -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\..\SearchScopes,DefaultScope = {76F3D4AC-5E11-4F6F-9F7F-F3FB98FC089E}
IE - HKLM\..\SearchScopes\{76F3D4AC-5E11-4F6F-9F7F-F3FB98FC089E}: "URL" = http://ca.search.yah...ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{8CBE3FF8-BC71-4515-AC21-4B5338A96073}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\..\SearchScopes\{9227DF63-238D-48B7-AFFA-90916A8D4255}: "URL" = http://search.live.c...#38;FORM=HVDCS7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKCU\..\SearchScopes\{76F3D4AC-5E11-4F6F-9F7F-F3FB98FC089E}: "URL" = http://ca.search.yah...ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{8CBE3FF8-BC71-4515-AC21-4B5338A96073}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKCU\..\SearchScopes\{9227DF63-238D-48B7-AFFA-90916A8D4255}: "URL" = http://search.live.c...#38;FORM=HVDCS7
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://ca.search.yah...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: brief%40mozdev.org:1.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\saicoink\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\saicoink\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Auslogics\Auslogics Antivirus\bdaphffext\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/21 23:33:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/25 20:08:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/06/23 15:52:36 | 000,000,000 | ---D | M]

[2009/05/29 00:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saicoink\AppData\Roaming\Mozilla\Extensions
[2013/05/21 10:17:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saicoink\AppData\Roaming\Mozilla\Firefox\Profiles\vlxpr8g8.default-1366383230636\extensions
[2013/05/21 10:17:36 | 000,242,942 | ---- | M] () (No name found) -- C:\Users\saicoink\AppData\Roaming\Mozilla\Firefox\Profiles\vlxpr8g8.default-1366383230636\extensions\[email protected]
[2013/05/21 23:33:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/21 23:33:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/13 22:10:06 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2010/06/08 09:50:17 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\saicoink\AppData\Local\Google\Chrome\Application\10.0.648.205\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\saicoink\AppData\Local\Google\Chrome\Application\10.0.648.205\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\saicoink\AppData\Local\Google\Chrome\Application\10.0.648.205\gcswf32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\saicoink\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.30.150.1_0\McChPlg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\saicoink\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: TweetDeck = C:\Users\saicoink\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\2.0.2_0\

O1 HOSTS File: ([2013/06/25 03:05:10 | 000,449,750 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15443 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Adobe CSS5.1 Manager] C:\Users\saicoink\AppData\Local\6e526fb3-f185-47c6-afe5-140b57ec9c52ad\efbfcafebeccad.exe File not found
O4 - HKCU..\Run: [ctfmon32.exe] c:\ProgramData\gwdb.dat (Microsoft Corporation)
O4 - Startup: C:\Users\saicoink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 206.248.154.22 206.248.154.170
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B320FF9-9304-4A2E-ADD7-D4FC2BEBA624}: DhcpNameServer = 206.248.154.22 206.248.154.170
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\saicoink\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\saicoink\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/04 16:14:23 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{64b8653f-b1e0-11df-85c8-001bfcf8e1f2}\Shell - "" = AutoRun
O33 - MountPoints2\{64b8653f-b1e0-11df-85c8-001bfcf8e1f2}\Shell\AutoRun\command - "" = "K:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{bc6f828a-3bd6-11e2-bcf0-001bfcf8e1f2}\Shell\AutoRun\command - "" = E:\RunClubSanDisk.exe
O33 - MountPoints2\{f081b9ca-1043-11e0-a9f1-b4a0aaf81b7e}\Shell - "" = AutoRun
O33 - MountPoints2\{f081b9ca-1043-11e0-a9f1-b4a0aaf81b7e}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/25 22:38:03 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/06/25 22:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/06/25 20:43:22 | 000,355,927 | ---- | C] (Farbar) -- C:\Users\saicoink\Desktop\FSS.exe
[2013/06/25 20:33:02 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\saicoink\Desktop\tdsskiller.exe
[2013/06/25 20:14:46 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
[2013/06/25 07:55:36 | 000,000,000 | ---D | C] -- C:\Stinger_Quarantine
[2013/06/25 07:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2013/06/25 02:31:07 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/06/24 20:25:39 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\gwdb.dat
[2013/06/23 15:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/23 15:43:54 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/06/23 15:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/06/23 13:44:34 | 000,147,472 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2013/06/23 13:35:48 | 000,066,888 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2013/06/23 13:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2013/06/23 13:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2007/11/14 23:53:43 | 000,411,248 | ---- | C] (Applian Technologies Inc.) -- C:\Program Files\FLV PlayerRCSetup.exe
[14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/25 22:30:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/25 22:15:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D3B927D7-35BB-44E3-85A4-77E8C7A308A2}.job
[2013/06/25 22:00:00 | 000,000,340 | -H-- | M] () -- C:\Windows\tasks\{4538A45A-66C1-4743-98EC-EED8C1B8896C}.job
[2013/06/25 21:52:00 | 000,000,712 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-392368935-1018968332-2870084161-1001UA.job
[2013/06/25 21:34:53 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/25 21:34:53 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/25 21:13:03 | 095,023,320 | ---- | M] () -- C:\ProgramData\bdwg.pad
[2013/06/25 20:43:48 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/25 20:43:48 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/25 20:30:34 | 000,000,840 | ---- | M] () -- C:\Users\saicoink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
[2013/06/25 20:24:36 | 000,355,927 | ---- | M] (Farbar) -- C:\Users\saicoink\Desktop\FSS.exe
[2013/06/25 20:24:26 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\saicoink\Desktop\tdsskiller.exe
[2013/06/25 20:23:40 | 000,004,576 | ---- | M] () -- C:\Users\saicoink\Desktop\winmgmt.reg
[2013/06/25 20:15:03 | 000,000,800 | ---- | M] () -- C:\Windows\System32\regmonstd.lnk
[2013/06/25 20:14:58 | 000,002,635 | ---- | M] () -- C:\ProgramData\bdwg.js
[2013/06/25 04:08:00 | 014,909,286 | ---- | M] () -- C:\Users\saicoink\Documents\safe130622.reg
[2013/06/25 03:05:10 | 000,449,750 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/06/24 20:00:00 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - saicoink.job
[2013/06/23 16:28:59 | 002,523,136 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2013/06/23 16:28:59 | 000,081,920 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2013/06/23 16:28:59 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2013/06/23 16:03:41 | 000,001,356 | ---- | M] () -- C:\Users\saicoink\AppData\Local\d3d9caps.dat
[2013/06/23 15:44:02 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/21 15:52:00 | 000,000,660 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-392368935-1018968332-2870084161-1001Core.job
[2013/06/18 11:29:10 | 000,097,296 | ---- | M] () -- C:\Users\saicoink\Documents\An Nguyen-CV.pdf
[2013/06/18 11:28:34 | 000,006,499 | ---- | M] () -- C:\Users\saicoink\AppData\Roaming\PrimoPDFSet.xml
[2013/06/02 23:02:49 | 000,191,488 | ---- | M] () -- C:\Users\saicoink\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/25 20:33:04 | 000,004,576 | ---- | C] () -- C:\Users\saicoink\Desktop\winmgmt.reg
[2013/06/25 20:30:37 | 000,001,172 | ---- | C] () -- C:\Users\saicoink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2013/06/25 20:30:37 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2013/06/25 20:29:49 | 000,000,840 | ---- | C] () -- C:\Users\saicoink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
[2013/06/25 20:15:03 | 000,000,800 | ---- | C] () -- C:\Windows\System32\regmonstd.lnk
[2013/06/25 20:14:58 | 000,002,635 | ---- | C] () -- C:\ProgramData\bdwg.js
[2013/06/25 20:14:52 | 095,023,320 | ---- | C] () -- C:\ProgramData\bdwg.pad
[2013/06/25 04:07:59 | 014,909,286 | ---- | C] () -- C:\Users\saicoink\Documents\safe130622.reg
[2013/06/23 16:10:15 | 002,523,136 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2013/06/23 16:10:15 | 000,081,920 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2013/06/23 16:10:15 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2013/06/23 15:44:02 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/23 13:43:46 | 000,002,641 | ---- | C] () -- C:\Windows\System32\drivers\mfencrk.inf
[2013/06/23 13:43:44 | 000,002,951 | ---- | C] () -- C:\Windows\System32\drivers\mfencbdc.inf
[2013/06/18 11:29:10 | 000,097,296 | ---- | C] () -- C:\Users\saicoink\Documents\An Nguyen-CV.pdf
[2013/06/15 19:01:02 | 000,000,340 | -H-- | C] () -- C:\Windows\tasks\{4538A45A-66C1-4743-98EC-EED8C1B8896C}.job
[2012/08/21 03:30:47 | 000,014,244 | ---- | C] () -- C:\Windows\System32\Wacom_Tablet.dat
[2012/02/14 20:37:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/02/14 19:47:03 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2012/02/14 19:47:03 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012/02/14 19:46:59 | 000,239,869 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012/01/12 05:05:14 | 000,404,356 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/10/25 22:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
[2011/09/09 14:57:26 | 000,001,356 | ---- | C] () -- C:\Users\saicoink\AppData\Local\d3d9caps.dat
[2010/06/04 10:41:33 | 000,011,892 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2009/04/17 08:49:14 | 000,006,499 | ---- | C] () -- C:\Users\saicoink\AppData\Roaming\PrimoPDFSet.xml
[2008/07/15 10:23:26 | 000,000,247 | ---- | C] () -- C:\Users\saicoink\.jupload.properties
[2008/03/25 22:53:00 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007/11/05 14:01:06 | 000,191,488 | ---- | C] () -- C:\Users\saicoink\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/05 01:49:55 | 000,030,638 | ---- | C] () -- C:\Users\saicoink\AppData\Roaming\wklnhst.dat
[1999/07/06 20:00:00 | 000,000,006 | RHS- | C] () -- C:\ProgramData\D81EDBF9-D167-4011-B77D-211DF920EB80

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 08:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 00:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 05:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/07/09 23:44:24 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Ableton
[2008/08/30 22:54:40 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\acccore
[2011/10/30 15:38:05 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Audacity
[2010/02/18 13:02:39 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Auslogics
[2013/04/22 22:55:48 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\BHOK IT Consulting
[2013/03/06 02:42:14 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\BitTorrent
[2008/03/12 15:49:33 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\BitTorrent DNA
[2009/03/07 02:30:09 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Broad Intelligence
[2013/05/08 10:14:44 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Canon
[2010/08/24 22:10:12 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\CELSYS
[2010/06/19 18:28:26 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\DNA
[2012/07/12 14:57:00 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Downloaded Installations
[2012/02/25 03:21:36 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Dropbox
[2008/07/10 09:57:11 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\e frontier
[2013/01/14 22:40:10 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Feedreader
[2009/07/09 22:51:39 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Genie-Soft
[2009/03/07 02:22:52 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\GetRightToGo
[2010/07/09 23:25:02 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\MixVibes
[2009/03/07 02:09:32 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Moyea
[2012/02/25 11:45:23 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\muvee Technologies
[2013/06/18 03:03:21 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Nitro PDF
[2007/11/04 19:05:46 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Opera
[2012/01/22 13:40:59 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\RenPy
[2008/03/09 17:18:49 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Scientific Software
[2010/08/24 22:07:04 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Smith Micro
[2007/11/04 18:24:42 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Snapfish
[2011/12/19 23:23:30 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Sony
[2009/04/05 11:38:21 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\SYSTEMAX Software Development
[2007/11/05 01:50:01 | 000,000,000 | ---D | M] -- C:\Users\saicoink\AppData\Roaming\Template

========== Purity Check ==========



========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB53243$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences

< End of report >


Good night!
  • 0

#15
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Okay, here is another fix to run in OTL. After this (hopefully :)), you should be able to boot normally and run the scans that follow. Please don't connect to the internet just yet.

Attached File  fix.txt   851bytes   53 downloads



Step 1: Run FRST.


Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Step 2: Run adwCleaner.

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Step 3: Run aswMBR.

Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

Things I need in your next reply:
  • FRST log
  • adwCleaner log
  • aswMBR log
  • How is your computer running now?

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP