Jump to content

Shoshang

Members
 View Profile  See their activity

  • Posts

    17

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Shoshang

    MrCharlie thank you so much for your help in getting my husband's work laptop back in shape. I can't tell you how much we appreciate your help. His task tonight is to image that thing so we don't have to go through this again. Thank you, thank you, thank you!!!

  2. Shoshang
    Here are the results: Results of screen317's Security Check version 0.99.51 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee VirusScan Enterprise Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.0.1400 JavaFX 2.1.1 Java 7 Update 5 Java version out of Date! Adobe Flash Player 11.4.402.287 Adobe Reader X (10.1.4) Mozilla Firefox (15.0.1) Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 22.0.1229.92 Google Chrome 22.0.1229.94 ````````Process Check: objlist.exe by Laurent```````` McAfee VirusScan Enterprise VsTskMgr.exe McAfee VirusScan Enterprise mfeann.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  3. Shoshang
    I ran the quick scan and there were no malicious items detected. Wooo Hoo! Thank you soooo much!!! Is there anything else I should do?
  4. Shoshang
    It looks good. Should I run MalwareBytes again just to be sure it's completely clean?
  5. Shoshang
    I took off work early to get this fixed. I have run the batch file on my husband's laptop. At this point should I reboot the system into normal mode?
  6. Shoshang
    Thanks! I'll do it when I get home and post back.
  7. Shoshang
    McC - I will be home this afternoon to work on my husband's laptop. I advised him not to take it into work until we are sure we got all of the malware off of it. Please advise next steps. Thanks!
  8. Shoshang
    Went ahead and ran the combofix.exe. We weren't able to completely shut down the AV. It was all greyed out. The log is below: ComboFix 12-10-15.01 - 217216XX19948 10/15/2012 23:00:38.1.4 - x86 MINIMAL Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3241.2657 [GMT -5:00] Running from: c:\users\217216XX19948\Desktop\ComboFix.exe AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Rgy5JSmkHoCeFS.exe c:\windows\system32\instsrv.exe c:\windows\system32\logs c:\windows\system32\logs\ps_da.log . . ((((((((((((((((((((((((( Files Created from 2012-09-16 to 2012-10-16 ))))))))))))))))))))))))))))))) . . 2012-10-16 02:05 . 2012-10-16 02:05 -------- d-----w- C:\TDSSKiller_Quarantine 2012-10-15 23:59 . 2012-10-16 00:15 -------- d-----w- c:\program files\stinger 2012-10-15 23:38 . 2012-10-15 23:38 -------- d-----w- c:\users\217216XX19948\AppData\Roaming\Malwarebytes 2012-10-15 23:38 . 2012-10-15 23:38 -------- d-----w- c:\programdata\Malwarebytes 2012-10-15 23:38 . 2012-10-15 23:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-15 22:55 . 2012-10-15 23:58 802214 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2012-10-15 20:47 . 2012-10-15 21:00 -------- d-----w- C:\Quarantine 2012-10-02 13:03 . 2012-10-02 13:03 -------- d-----w- c:\users\217216XX19948\AppData\Local\ElevatedDiagnostics 2012-10-01 20:49 . 2012-10-01 20:49 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2042-04-02 05:14 . 2012-07-31 17:59 169256 ----a-w- c:\windows\system32\LoginFilter.dll 2012-10-16 00:00 . 2012-07-31 17:59 87656 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2012-10-16 00:00 . 2012-07-31 17:59 475704 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2012-10-16 00:00 . 2012-07-31 17:59 159608 ----a-w- c:\windows\system32\mfevtps.exe 2012-10-09 02:21 . 2012-06-06 22:07 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-09 02:21 . 2012-06-06 22:07 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-22 17:16 . 2012-09-15 17:00 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 17:16 . 2012-09-15 17:00 240496 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 17:16 . 2012-09-15 17:00 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-21 18:01 . 2012-09-13 14:55 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-08-21 18:01 . 2012-09-08 11:52 106928 ----a-w- c:\windows\system32\GEARAspi.dll 2012-08-06 20:29 . 2010-06-24 16:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-07-31 17:59 . 2012-07-31 17:59 162928 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2012-07-31 17:59 . 2012-07-31 17:59 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2012-07-31 17:59 . 2012-07-31 17:59 74848 ----a-w- c:\windows\system32\MfeOtlkAddin.dll 2012-07-31 17:59 . 2012-07-31 17:59 22816 ----a-w- c:\windows\system32\MFEOtlk.dll 2012-07-31 17:59 . 2012-07-31 17:59 58456 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2012-07-31 17:59 . 2012-07-31 17:59 171296 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2012-07-31 17:59 . 2012-07-31 17:59 116104 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2012-07-31 16:09 . 2012-07-31 16:09 0 ----a-w- c:\windows\invcol.tmp 2012-07-18 17:47 . 2012-08-27 17:11 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-10-01 20:49 . 2012-09-14 00:31 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay] @="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}" [HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}] 2011-05-27 22:38 120184 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay] @="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}" [HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}] 2011-05-27 22:38 120184 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 505720] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-01-25 536668] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-28 142616] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-28 177432] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-28 176408] "IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-23 1210640] "FreeFallProtection"="c:\program files\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 686704] "DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 6306712] "TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-05-27 214384] "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-12-16 462974] "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-01-12 215360] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-05-19 161088] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "F6AAB90E-FADC-4126-ADDB-C31F50DE9FB9"="start" [X] "64259242-C05A-4BD2-B983-3684C7200378"="start" [X] "DBRMTray"="c:\dell\DBRM\Reminder\TrayApp.exe" [2010-02-04 7168] "Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-09-07 766536] . c:\users\NEC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488] . c:\users\217216XX19948\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 840992] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2012-6-6 50688] VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico [2012-7-31 6144] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba] 2010-09-15 16:11 1971536 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp Authentication Packages REG_MULTI_SZ msv1_0 wvauth . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-728256362-3318835794-128800106-6121\Scripts\Logon\0\0] "Script"=NCARCMAP.VBS . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeDlpAgentService] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R1 hdlpflt;hdlpflt;c:\windows\system32\DRIVERS\hdlpflt.sys [x] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] R2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [x] R2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [x] R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [x] R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [x] R2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [x] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files\Intel\Services\IPT\jhi_service.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x] R2 O2SDIOAssist;O2SDIOAssist;c:\windows\system32\srvany.exe [x] R2 PSDA;Endpoint Security Device Agent;c:\program files\CheckPoint\Device Agent\psda.exe [x] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x] R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] R2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [x] R2 ZcfgSvc7;Intel® PROSet/Wireless ZeroConfig Service;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x] R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [x] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 hdlpctrl;hdlpctrl;c:\windows\system32\drivers\hdlpctrl.sys [x] R3 hdlpevnt;hdlpevnt;c:\windows\system32\drivers\hdlpevnt.sys [x] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [x] R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [x] R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7.sys [x] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x] R4 hdlpnetf;hdlpnetf;c:\windows\system32\drivers\hdlpnetf.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x] S2 McAfeeDLPAgentService;McAfee DLP Agent Service;c:\program files\McAfee\DLP\Agent\fcags.exe [x] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [x] S3 hdlpdbk;hdlpdbk;c:\windows\system32\drivers\hdlpdbk.sys [x] S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x] S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7.sys [x] S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 40090874 *NewlyCreated* - 64872125 *Deregistered* - 40090874 *Deregistered* - 64872125 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder . 2012-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-06 02:21] . 2012-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-08-22 00:58] . 2012-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-08-22 00:58] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\217216XX19948\AppData\Roaming\Mozilla\Firefox\Profiles\qkuqmw9w.default\ FF - ExtSQL: 2012-09-13 19:32; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\217216XX19948\AppData\Roaming\Mozilla\Firefox\Profiles\qkuqmw9w.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe SafeBoot-64872125.sys SafeBoot-87950899.sys . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'lsass.exe'(560) c:\windows\system32\wvauth.DLL . Completion time: 2012-10-15 23:07:07 ComboFix-quarantined-files.txt 2012-10-16 04:07 . Pre-Run: 252,793,937,920 bytes free Post-Run: 252,823,392,256 bytes free . - - End Of File - - 4039604CE4A723FFEA7F91DC35A0EBC0
  9. Shoshang
    Thank you so much for your help. I ran the TDSSKiller again, but these files are not shown in the results. If I run it without the Loaded Modules option, it doesn't display anything. Should I continue with the ComboFix.exe? 21:05:21.0457 2028 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 21:05:21.0457 2028 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  10. Shoshang
    21:06:22.0500 1172 spldr - ok 21:06:22.0531 1172 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe 21:06:22.0546 1172 Spooler - ok 21:06:22.0609 1172 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 21:06:22.0656 1172 sppsvc - ok 21:06:22.0671 1172 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:06:22.0687 1172 sppuinotify - ok 21:06:22.0718 1172 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:06:22.0734 1172 srv - ok 21:06:22.0749 1172 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:06:22.0765 1172 srv2 - ok 21:06:22.0780 1172 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:06:22.0780 1172 srvnet - ok 21:06:22.0796 1172 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:06:22.0827 1172 SSDPSRV - ok 21:06:22.0843 1172 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:06:22.0858 1172 SstpSvc - ok 21:06:22.0905 1172 [ A97FCA92BE4E62BC589371058CBC769E ] STacSV C:\Program Files\IDT\WDM\STacSV.exe 21:06:22.0921 1172 STacSV - ok 21:06:22.0936 1172 [ D8FC8D47FBFCB3852E40F5D5058ABC6A ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys 21:06:22.0936 1172 stdcfltn - ok 21:06:22.0983 1172 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:06:22.0983 1172 stexstor - ok 21:06:23.0014 1172 [ D5D73B49D53FCC47E2828D6805DFA0F6 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys 21:06:23.0030 1172 STHDA - ok 21:06:23.0077 1172 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 21:06:23.0092 1172 StiSvc - ok 21:06:23.0139 1172 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 21:06:23.0139 1172 stllssvr - ok 21:06:23.0170 1172 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll 21:06:23.0170 1172 StorSvc - ok 21:06:23.0202 1172 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys 21:06:23.0202 1172 storvsc - ok 21:06:23.0233 1172 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:06:23.0233 1172 swenum - ok 21:06:23.0280 1172 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 21:06:23.0295 1172 swprv - ok 21:06:23.0311 1172 [ 04990C25043705985F1EC40BF704AAAC ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys 21:06:23.0326 1172 SynthVid - ok 21:06:23.0358 1172 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 21:06:23.0373 1172 SysMain - ok 21:06:23.0389 1172 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:06:23.0404 1172 TabletInputService - ok 21:06:23.0420 1172 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 21:06:23.0451 1172 TapiSrv - ok 21:06:23.0451 1172 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 21:06:23.0467 1172 TBS - ok 21:06:23.0529 1172 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:06:23.0545 1172 Tcpip - ok 21:06:23.0576 1172 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:06:23.0607 1172 TCPIP6 - ok 21:06:23.0623 1172 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:06:23.0638 1172 tcpipreg - ok 21:06:23.0701 1172 [ 3D52B206D9F6F3ECFDB5D676614E47B6 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe 21:06:23.0716 1172 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning 21:06:23.0716 1172 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1) 21:06:23.0794 1172 [ 0BAD1BC9BA31218B682455182134537D ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe 21:06:23.0826 1172 TdmService - ok 21:06:23.0841 1172 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:06:23.0857 1172 TDPIPE - ok 21:06:23.0872 1172 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:06:23.0888 1172 TDTCP - ok 21:06:23.0935 1172 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:06:23.0950 1172 tdx - ok 21:06:23.0950 1172 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:06:23.0966 1172 TermDD - ok 21:06:23.0982 1172 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 21:06:24.0013 1172 TermService - ok 21:06:24.0028 1172 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 21:06:24.0044 1172 Themes - ok 21:06:24.0044 1172 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 21:06:24.0075 1172 THREADORDER - ok 21:06:24.0075 1172 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 21:06:24.0106 1172 TrkWks - ok 21:06:24.0153 1172 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:06:24.0169 1172 TrustedInstaller - ok 21:06:24.0200 1172 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:06:24.0216 1172 tssecsrv - ok 21:06:24.0278 1172 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:06:24.0278 1172 TsUsbFlt - ok 21:06:24.0309 1172 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:06:24.0309 1172 TsUsbGD - ok 21:06:24.0356 1172 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:06:24.0372 1172 tunnel - ok 21:06:24.0387 1172 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:06:24.0387 1172 uagp35 - ok 21:06:24.0387 1172 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:06:24.0418 1172 udfs - ok 21:06:24.0434 1172 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:06:24.0434 1172 UI0Detect - ok 21:06:24.0450 1172 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:06:24.0450 1172 uliagpkx - ok 21:06:24.0465 1172 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:06:24.0465 1172 umbus - ok 21:06:24.0465 1172 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys 21:06:24.0481 1172 UmPass - ok 21:06:24.0512 1172 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll 21:06:24.0512 1172 UmRdpService - ok 21:06:24.0621 1172 [ 30B67FBC4D170B1FB2AED6784FAE4AB4 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe 21:06:24.0652 1172 UNS - ok 21:06:24.0668 1172 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 21:06:24.0699 1172 upnphost - ok 21:06:24.0730 1172 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 21:06:24.0746 1172 USBAAPL - ok 21:06:24.0793 1172 [ 4663AD7F61519E88687393BFCB154E4C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:06:24.0793 1172 usbccgp - ok 21:06:24.0824 1172 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:06:24.0824 1172 usbcir - ok 21:06:24.0855 1172 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:06:24.0871 1172 usbehci - ok 21:06:24.0902 1172 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:06:24.0902 1172 usbhub - ok 21:06:24.0949 1172 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:06:24.0949 1172 usbohci - ok 21:06:24.0964 1172 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys 21:06:24.0980 1172 usbprint - ok 21:06:24.0996 1172 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:06:24.0996 1172 USBSTOR - ok 21:06:25.0027 1172 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:06:25.0027 1172 usbuhci - ok 21:06:25.0058 1172 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:06:25.0058 1172 usbvideo - ok 21:06:25.0105 1172 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 21:06:25.0120 1172 UxSms - ok 21:06:25.0136 1172 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 21:06:25.0136 1172 VaultSvc - ok 21:06:25.0183 1172 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:06:25.0198 1172 vdrvroot - ok 21:06:25.0214 1172 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 21:06:25.0230 1172 vds - ok 21:06:25.0245 1172 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:06:25.0245 1172 vga - ok 21:06:25.0261 1172 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 21:06:25.0276 1172 VgaSave - ok 21:06:25.0276 1172 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:06:25.0292 1172 vhdmp - ok 21:06:25.0292 1172 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 21:06:25.0292 1172 viaagp - ok 21:06:25.0323 1172 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys 21:06:25.0323 1172 ViaC7 - ok 21:06:25.0323 1172 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 21:06:25.0339 1172 viaide - ok 21:06:25.0370 1172 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys 21:06:25.0370 1172 VMBusHID - ok 21:06:25.0401 1172 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:06:25.0417 1172 volmgr - ok 21:06:25.0432 1172 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:06:25.0448 1172 volmgrx - ok 21:06:25.0464 1172 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:06:25.0479 1172 volsnap - ok 21:06:25.0479 1172 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:06:25.0495 1172 vsmraid - ok 21:06:25.0542 1172 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 21:06:25.0573 1172 VSS - ok 21:06:25.0588 1172 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:06:25.0588 1172 vwifibus - ok 21:06:25.0635 1172 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:06:25.0651 1172 vwififlt - ok 21:06:25.0666 1172 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 21:06:25.0698 1172 W32Time - ok 21:06:25.0698 1172 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:06:25.0713 1172 WacomPen - ok 21:06:25.0713 1172 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:06:25.0744 1172 WANARP - ok 21:06:25.0776 1172 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:06:25.0791 1172 Wanarpv6 - ok 21:06:25.0869 1172 [ 79E2E832DE566CFEDBF4E6DAFE73B959 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe 21:06:25.0885 1172 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - warning 21:06:25.0885 1172 Wave Authentication Manager Service - detected UnsignedFile.Multi.Generic (1) 21:06:25.0916 1172 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 21:06:25.0932 1172 wbengine - ok 21:06:25.0947 1172 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:06:25.0963 1172 WbioSrvc - ok 21:06:25.0978 1172 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:06:25.0994 1172 wcncsvc - ok 21:06:26.0010 1172 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:06:26.0025 1172 WcsPlugInService - ok 21:06:26.0041 1172 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys 21:06:26.0056 1172 Wd - ok 21:06:26.0088 1172 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys 21:06:26.0088 1172 WDC_SAM - ok 21:06:26.0134 1172 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:06:26.0150 1172 Wdf01000 - ok 21:06:26.0166 1172 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:06:26.0181 1172 WdiServiceHost - ok 21:06:26.0197 1172 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:06:26.0197 1172 WdiSystemHost - ok 21:06:26.0212 1172 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 21:06:26.0228 1172 WebClient - ok 21:06:26.0244 1172 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:06:26.0259 1172 Wecsvc - ok 21:06:26.0290 1172 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:06:26.0306 1172 wercplsupport - ok 21:06:26.0322 1172 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 21:06:26.0353 1172 WerSvc - ok 21:06:26.0400 1172 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:06:26.0415 1172 WfpLwf - ok 21:06:26.0446 1172 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:06:26.0462 1172 WIMMount - ok 21:06:26.0524 1172 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 21:06:26.0540 1172 WinDefend - ok 21:06:26.0540 1172 WinHttpAutoProxySvc - ok 21:06:26.0602 1172 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:06:26.0634 1172 Winmgmt - ok 21:06:26.0680 1172 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 21:06:26.0696 1172 WinRM - ok 21:06:26.0743 1172 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:06:26.0743 1172 WinUsb - ok 21:06:26.0805 1172 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:06:26.0821 1172 Wlansvc - ok 21:06:26.0883 1172 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:06:26.0883 1172 wlcrasvc - ok 21:06:26.0946 1172 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:06:26.0977 1172 wlidsvc - ok 21:06:27.0024 1172 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:06:27.0024 1172 WmiAcpi - ok 21:06:27.0055 1172 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:06:27.0070 1172 wmiApSrv - ok 21:06:27.0148 1172 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 21:06:27.0164 1172 WMPNetworkSvc - ok 21:06:27.0180 1172 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:06:27.0195 1172 WPCSvc - ok 21:06:27.0211 1172 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:06:27.0211 1172 WPDBusEnum - ok 21:06:27.0226 1172 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:06:27.0258 1172 ws2ifsl - ok 21:06:27.0273 1172 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll 21:06:27.0289 1172 wscsvc - ok 21:06:27.0289 1172 WSearch - ok 21:06:27.0351 1172 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 21:06:27.0382 1172 wuauserv - ok 21:06:27.0414 1172 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:06:27.0429 1172 WudfPf - ok 21:06:27.0460 1172 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:06:27.0476 1172 WUDFRd - ok 21:06:27.0476 1172 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:06:27.0507 1172 wudfsvc - ok 21:06:27.0523 1172 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 21:06:27.0538 1172 WwanSvc - ok 21:06:27.0601 1172 [ 4F5D56FF81B8C0294E22DCC62136F253 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe 21:06:27.0616 1172 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - warning 21:06:27.0616 1172 ZcfgSvc7 - detected UnsignedFile.Multi.Generic (1) 21:06:27.0632 1172 ================ Scan global =============================== 21:06:27.0694 1172 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 21:06:27.0726 1172 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll 21:06:27.0726 1172 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll 21:06:27.0757 1172 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 21:06:27.0788 1172 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 21:06:27.0788 1172 [Global] - ok 21:06:27.0788 1172 ================ Scan MBR ================================== 21:06:27.0804 1172 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 21:06:28.0194 1172 \Device\Harddisk0\DR0 - ok 21:06:28.0194 1172 ================ Scan VBR ================================== 21:06:28.0194 1172 [ 5672DDBF3F34A25020C02BA51121BE90 ] \Device\Harddisk0\DR0\Partition1 21:06:28.0194 1172 \Device\Harddisk0\DR0\Partition1 - ok 21:06:28.0225 1172 [ 1B2A8FA3707E83DDD373933C6F9B47B2 ] \Device\Harddisk0\DR0\Partition2 21:06:28.0225 1172 \Device\Harddisk0\DR0\Partition2 - ok 21:06:28.0225 1172 ================ Scan active images ======================== 21:06:28.0240 1172 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys 21:06:28.0240 1172 C:\Windows\System32\drivers\crashdmp.sys - ok 21:06:28.0256 1172 [ F4037A3FEDB92DD97C95F320766EA5C9 ] C:\Windows\System32\drivers\iaStor.sys 21:06:28.0256 1172 C:\Windows\System32\drivers\iaStor.sys - ok 21:06:28.0256 1172 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys 21:06:28.0256 1172 C:\Windows\System32\drivers\dumpfve.sys - ok 21:06:28.0256 1172 [ 7E0AB74553476622FB6AE36F73D97D35 ] C:\Windows\System32\drivers\fastfat.sys 21:06:28.0256 1172 C:\Windows\System32\drivers\fastfat.sys - ok 21:06:28.0256 1172 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys 21:06:28.0256 1172 C:\Windows\System32\drivers\beep.sys - ok 21:06:28.0256 1172 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys 21:06:28.0256 1172 C:\Windows\System32\drivers\null.sys - ok 21:06:28.0256 1172 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys 21:06:28.0256 1172 C:\Windows\System32\drivers\vga.sys - ok 21:06:28.0272 1172 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys 21:06:28.0272 1172 C:\Windows\System32\drivers\videoprt.sys - ok 21:06:28.0272 1172 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys 21:06:28.0272 1172 C:\Windows\System32\drivers\watchdog.sys - ok 21:06:28.0272 1172 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys 21:06:28.0272 1172 C:\Windows\System32\drivers\msfs.sys - ok 21:06:28.0272 1172 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys 21:06:28.0272 1172 C:\Windows\System32\drivers\npfs.sys - ok 21:06:28.0272 1172 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll 21:06:28.0272 1172 C:\Windows\System32\ntdll.dll - ok 21:06:28.0287 1172 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe 21:06:28.0287 1172 C:\Windows\System32\smss.exe - ok 21:06:28.0287 1172 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe 21:06:28.0287 1172 C:\Windows\System32\autochk.exe - ok 21:06:28.0287 1172 [ 34A6E8BABFF9A3F5342976B9EA0E4899 ] C:\Windows\System32\drivers\HECI.sys 21:06:28.0287 1172 C:\Windows\System32\drivers\HECI.sys - ok 21:06:28.0287 1172 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys 21:06:28.0287 1172 C:\Windows\System32\drivers\usbport.sys - ok 21:06:28.0287 1172 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys 21:06:28.0287 1172 C:\Windows\System32\drivers\hdaudbus.sys - ok 21:06:28.0287 1172 [ 14D0A0E7743F36AC26D730110FF9FBFF ] C:\Windows\System32\drivers\hdlpdbk.sys 21:06:28.0287 1172 C:\Windows\System32\drivers\hdlpdbk.sys - ok 21:06:28.0303 1172 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys 21:06:28.0303 1172 C:\Windows\System32\drivers\usbehci.sys - ok 21:06:28.0318 1172 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] C:\Windows\System32\drivers\1394ohci.sys 21:06:28.0318 1172 C:\Windows\System32\drivers\1394ohci.sys - ok 21:06:28.0318 1172 [ FDC901900D9B1B671B3388C3023BD2EA ] C:\Windows\System32\drivers\O2MDRw7.sys 21:06:28.0318 1172 C:\Windows\System32\drivers\O2MDRw7.sys - ok 21:06:28.0318 1172 [ D5A27C1ECD36564FED061EFB78BD0A62 ] C:\Windows\System32\drivers\o2sdjw7.sys 21:06:28.0318 1172 C:\Windows\System32\drivers\o2sdjw7.sys - ok 21:06:28.0318 1172 [ 099972E1FAF4950D3994FBAB9DD21253 ] C:\Windows\System32\drivers\scsiport.sys 21:06:28.0318 1172 C:\Windows\System32\drivers\scsiport.sys - ok 21:06:28.0318 1172 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys 21:06:28.0318 1172 C:\Windows\System32\drivers\i8042prt.sys - ok 21:06:28.0334 1172 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys 21:06:28.0334 1172 C:\Windows\System32\drivers\kbdclass.sys - ok 21:06:28.0334 1172 [ 476A6EFB2BB338D2854B3751367F8F71 ] C:\Windows\System32\drivers\Apfiltr.sys 21:06:28.0334 1172 C:\Windows\System32\drivers\Apfiltr.sys - ok 21:06:28.0334 1172 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys 21:06:28.0334 1172 C:\Windows\System32\drivers\cdrom.sys - ok 21:06:28.0334 1172 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys 21:06:28.0334 1172 C:\Windows\System32\drivers\mouclass.sys - ok 21:06:28.0334 1172 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys 21:06:28.0334 1172 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok 21:06:28.0334 1172 [ EDC50031D6AB9180B3B3BD1C547C7D0A ] C:\Windows\System32\drivers\accelern.sys 21:06:28.0334 1172 C:\Windows\System32\drivers\accelern.sys - ok 21:06:28.0350 1172 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys 21:06:28.0350 1172 C:\Windows\System32\drivers\blbdrive.sys - ok 21:06:28.0350 1172 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys 21:06:28.0350 1172 C:\Windows\System32\drivers\CompositeBus.sys - ok 21:06:28.0350 1172 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys 21:06:28.0350 1172 C:\Windows\System32\drivers\mssmbios.sys - ok 21:06:28.0350 1172 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys 21:06:28.0350 1172 C:\Windows\System32\drivers\wmiacpi.sys - ok 21:06:28.0350 1172 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys 21:06:28.0350 1172 C:\Windows\System32\drivers\rdpbus.sys - ok 21:06:28.0350 1172 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys 21:06:28.0350 1172 C:\Windows\System32\drivers\termdd.sys - ok 21:06:28.0396 1172 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys 21:06:28.0396 1172 C:\Windows\System32\drivers\ks.sys - ok 21:06:28.0412 1172 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys 21:06:28.0412 1172 C:\Windows\System32\drivers\swenum.sys - ok 21:06:28.0412 1172 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys 21:06:28.0412 1172 C:\Windows\System32\drivers\umbus.sys - ok 21:06:28.0412 1172 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys 21:06:28.0412 1172 C:\Windows\System32\drivers\usbhub.sys - ok 21:06:28.0412 1172 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll 21:06:28.0412 1172 C:\Windows\System32\difxapi.dll - ok 21:06:28.0412 1172 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll 21:06:28.0412 1172 C:\Windows\System32\psapi.dll - ok 21:06:28.0412 1172 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys 21:06:28.0412 1172 C:\Windows\System32\drivers\usbd.sys - ok 21:06:28.0443 1172 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll 21:06:28.0443 1172 C:\Windows\System32\normaliz.dll - ok 21:06:28.0443 1172 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll 21:06:28.0443 1172 C:\Windows\System32\ws2_32.dll - ok 21:06:28.0443 1172 [ 4663AD7F61519E88687393BFCB154E4C ] C:\Windows\System32\drivers\usbccgp.sys 21:06:28.0443 1172 C:\Windows\System32\drivers\usbccgp.sys - ok 21:06:28.0443 1172 [ CC19A4AE696C2191E965A9835F1E6399 ] C:\Windows\System32\usp10.dll 21:06:28.0443 1172 C:\Windows\System32\usp10.dll - ok 21:06:28.0443 1172 [ 667981F2E7C26275F0694B58EEE303B9 ] C:\Windows\System32\urlmon.dll 21:06:28.0443 1172 C:\Windows\System32\urlmon.dll - ok 21:06:28.0443 1172 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll 21:06:28.0443 1172 C:\Windows\System32\lpk.dll - ok 21:06:28.0459 1172 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll 21:06:28.0459 1172 C:\Windows\System32\rpcrt4.dll - ok 21:06:28.0459 1172 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll 21:06:28.0459 1172 C:\Windows\System32\shlwapi.dll - ok 21:06:28.0459 1172 [ B17ADBBBDC97148D28F995F32C380F2E ] C:\Windows\System32\iertutil.dll 21:06:28.0459 1172 C:\Windows\System32\iertutil.dll - ok 21:06:28.0459 1172 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll 21:06:28.0459 1172 C:\Windows\System32\nsi.dll - ok 21:06:28.0459 1172 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll 21:06:28.0459 1172 C:\Windows\System32\sechost.dll - ok 21:06:28.0459 1172 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll 21:06:28.0459 1172 C:\Windows\System32\imagehlp.dll - ok 21:06:28.0474 1172 [ 75A97A2C060E72AB49E071E08C7DD2BA ] C:\Windows\System32\wininet.dll 21:06:28.0474 1172 C:\Windows\System32\wininet.dll - ok 21:06:28.0474 1172 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll 21:06:28.0474 1172 C:\Windows\System32\setupapi.dll - ok 21:06:28.0474 1172 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll 21:06:28.0474 1172 C:\Windows\System32\gdi32.dll - ok 21:06:28.0474 1172 [ E570CBD732848438EAC574EB3442A2A8 ] C:\Windows\System32\kernel32.dll 21:06:28.0474 1172 C:\Windows\System32\kernel32.dll - ok 21:06:28.0474 1172 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll 21:06:28.0474 1172 C:\Windows\System32\msvcrt.dll - ok 21:06:28.0474 1172 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll 21:06:28.0474 1172 C:\Windows\System32\user32.dll - ok 21:06:28.0490 1172 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll 21:06:28.0490 1172 C:\Windows\System32\oleaut32.dll - ok 21:06:28.0506 1172 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll 21:06:28.0506 1172 C:\Windows\System32\shell32.dll - ok 21:06:28.0506 1172 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll 21:06:28.0506 1172 C:\Windows\System32\ole32.dll - ok 21:06:28.0506 1172 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll 21:06:28.0506 1172 C:\Windows\System32\Wldap32.dll - ok 21:06:28.0506 1172 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll 21:06:28.0506 1172 C:\Windows\System32\advapi32.dll - ok 21:06:28.0506 1172 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll 21:06:28.0506 1172 C:\Windows\System32\comdlg32.dll - ok 21:06:28.0506 1172 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll 21:06:28.0521 1172 C:\Windows\System32\clbcatq.dll - ok 21:06:28.0521 1172 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll 21:06:28.0521 1172 C:\Windows\System32\imm32.dll - ok 21:06:28.0521 1172 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll 21:06:28.0521 1172 C:\Windows\System32\msctf.dll - ok 21:06:28.0521 1172 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll 21:06:28.0521 1172 C:\Windows\System32\comctl32.dll - ok 21:06:28.0521 1172 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\System32\wintrust.dll 21:06:28.0521 1172 C:\Windows\System32\wintrust.dll - ok 21:06:28.0521 1172 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\System32\crypt32.dll 21:06:28.0521 1172 C:\Windows\System32\crypt32.dll - ok 21:06:28.0537 1172 [ A9F8E23C1FC00190376B11FFAD9DE6C6 ] C:\Windows\System32\KernelBase.dll 21:06:28.0537 1172 C:\Windows\System32\KernelBase.dll - ok 21:06:28.0537 1172 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll 21:06:28.0537 1172 C:\Windows\System32\cfgmgr32.dll - ok 21:06:28.0537 1172 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll 21:06:28.0537 1172 C:\Windows\System32\devobj.dll - ok 21:06:28.0537 1172 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll 21:06:28.0537 1172 C:\Windows\System32\msasn1.dll - ok 21:06:28.0537 1172 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys 21:06:28.0537 1172 C:\Windows\System32\drivers\dxapi.sys - ok 21:06:28.0537 1172 [ A36F22FB7A78A0591DA3A6E0783825E7 ] C:\Windows\System32\win32k.sys 21:06:28.0537 1172 C:\Windows\System32\win32k.sys - ok 21:06:28.0568 1172 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll 21:06:28.0568 1172 C:\Windows\System32\csrsrv.dll - ok 21:06:28.0584 1172 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe 21:06:28.0584 1172 C:\Windows\System32\csrss.exe - ok 21:06:28.0584 1172 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll 21:06:28.0584 1172 C:\Windows\System32\basesrv.dll - ok 21:06:28.0584 1172 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\System32\winsrv.dll 21:06:28.0584 1172 C:\Windows\System32\winsrv.dll - ok 21:06:28.0584 1172 [ 1B6242B20CB56F85A158E67F09EE84FE ] C:\Windows\System32\drivers\dxg.sys 21:06:28.0584 1172 C:\Windows\System32\drivers\dxg.sys - ok 21:06:28.0584 1172 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll 21:06:28.0584 1172 C:\Windows\System32\tsddd.dll - ok 21:06:28.0584 1172 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll 21:06:28.0584 1172 C:\Windows\System32\sxssrv.dll - ok 21:06:28.0599 1172 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe 21:06:28.0599 1172 C:\Windows\System32\wininit.exe - ok 21:06:28.0599 1172 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll 21:06:28.0599 1172 C:\Windows\System32\profapi.dll - ok 21:06:28.0599 1172 [ FFF84D51E1EA6CE3E8AC74D17C0D4889 ] C:\Windows\System32\vga.dll 21:06:28.0599 1172 C:\Windows\System32\vga.dll - ok 21:06:28.0599 1172 [ 229A6606904638C5A4A3CBC5FEF1DCDC ] C:\Windows\System32\framebuf.dll 21:06:28.0599 1172 C:\Windows\System32\framebuf.dll - ok 21:06:28.0599 1172 [ B11BCD430977E5FBCB3A5804C675C5A0 ] C:\Windows\System32\vga256.dll 21:06:28.0599 1172 C:\Windows\System32\vga256.dll - ok 21:06:28.0599 1172 [ 7FFE091344E7939B3BAD6E8ADAD617B3 ] C:\Windows\System32\vga64k.dll 21:06:28.0599 1172 C:\Windows\System32\vga64k.dll - ok 21:06:28.0630 1172 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll 21:06:28.0630 1172 C:\Windows\System32\RpcRtRemote.dll - ok 21:06:28.0630 1172 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe 21:06:28.0630 1172 C:\Windows\System32\winlogon.exe - ok 21:06:28.0630 1172 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll 21:06:28.0630 1172 C:\Windows\System32\winsta.dll - ok 21:06:28.0630 1172 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL 21:06:28.0630 1172 C:\Windows\System32\KBDUS.DLL - ok 21:06:28.0630 1172 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll 21:06:28.0630 1172 C:\Windows\System32\WlS0WndH.dll - ok 21:06:28.0630 1172 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll 21:06:28.0630 1172 C:\Windows\System32\sxs.dll - ok 21:06:28.0646 1172 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll 21:06:28.0646 1172 C:\Windows\System32\cryptbase.dll - ok 21:06:28.0646 1172 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe 21:06:28.0646 1172 C:\Windows\System32\lsass.exe - ok 21:06:28.0646 1172 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe 21:06:28.0646 1172 C:\Windows\System32\services.exe - ok 21:06:28.0646 1172 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll 21:06:28.0646 1172 C:\Windows\System32\sspicli.dll - ok 21:06:28.0646 1172 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe 21:06:28.0646 1172 C:\Windows\System32\lsm.exe - ok 21:06:28.0646 1172 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll 21:06:28.0646 1172 C:\Windows\System32\sspisrv.dll - ok 21:06:28.0662 1172 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll 21:06:28.0662 1172 C:\Windows\System32\scesrv.dll - ok 21:06:28.0662 1172 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll 21:06:28.0662 1172 C:\Windows\System32\scext.dll - ok 21:06:28.0662 1172 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll 21:06:28.0662 1172 C:\Windows\System32\secur32.dll - ok 21:06:28.0662 1172 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll 21:06:28.0662 1172 C:\Windows\System32\srvcli.dll - ok 21:06:28.0662 1172 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll 21:06:28.0662 1172 C:\Windows\System32\lsasrv.dll - ok 21:06:28.0662 1172 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll 21:06:28.0662 1172 C:\Windows\System32\samsrv.dll - ok 21:06:28.0693 1172 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll 21:06:28.0693 1172 C:\Windows\System32\sysntfy.dll - ok 21:06:28.0708 1172 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll 21:06:28.0708 1172 C:\Windows\System32\wmsgapi.dll - ok 21:06:28.0708 1172 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll 21:06:28.0708 1172 C:\Windows\System32\cryptdll.dll - ok 21:06:28.0708 1172 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll 21:06:28.0708 1172 C:\Windows\System32\cngaudit.dll - ok 21:06:28.0708 1172 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll 21:06:28.0708 1172 C:\Windows\System32\wevtapi.dll - ok 21:06:28.0708 1172 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll 21:06:28.0708 1172 C:\Windows\System32\authz.dll - ok 21:06:28.0724 1172 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll 21:06:28.0724 1172 C:\Windows\System32\bcrypt.dll - ok 21:06:28.0724 1172 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\System32\ncrypt.dll 21:06:28.0724 1172 C:\Windows\System32\ncrypt.dll - ok 21:06:28.0724 1172 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll 21:06:28.0724 1172 C:\Windows\System32\msprivs.dll - ok 21:06:28.0724 1172 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll 21:06:28.0724 1172 C:\Windows\System32\netjoin.dll - ok 21:06:28.0724 1172 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll 21:06:28.0724 1172 C:\Windows\System32\negoexts.dll - ok 21:06:28.0724 1172 [ ED4649A28AFE0B3DB93C3198BA48E34E ] C:\Windows\System32\atmfd.dll 21:06:28.0724 1172 C:\Windows\System32\atmfd.dll - ok 21:06:28.0740 1172 [ 2F4348DC0D06A0EBA5F5C4CB435790C1 ] C:\Windows\System32\kerberos.dll 21:06:28.0740 1172 C:\Windows\System32\kerberos.dll - ok 21:06:28.0755 1172 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys 21:06:28.0755 1172 C:\Windows\System32\drivers\TsUsbFlt.sys - ok 21:06:28.0755 1172 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll 21:06:28.0755 1172 C:\Windows\System32\cryptsp.dll - ok 21:06:28.0755 1172 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll 21:06:28.0755 1172 C:\Windows\System32\msv1_0.dll - ok 21:06:28.0755 1172 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll 21:06:28.0755 1172 C:\Windows\System32\mswsock.dll - ok 21:06:28.0755 1172 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll 21:06:28.0755 1172 C:\Windows\System32\wship6.dll - ok 21:06:28.0771 1172 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL 21:06:28.0771 1172 C:\Windows\System32\WSHTCPIP.DLL - ok 21:06:28.0771 1172 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll 21:06:28.0771 1172 C:\Windows\System32\dnsapi.dll - ok 21:06:28.0771 1172 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll 21:06:28.0771 1172 C:\Windows\System32\logoncli.dll - ok 21:06:28.0771 1172 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll 21:06:28.0771 1172 C:\Windows\System32\netlogon.dll - ok 21:06:28.0771 1172 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll 21:06:28.0771 1172 C:\Windows\System32\schannel.dll - ok 21:06:28.0771 1172 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll 21:06:28.0771 1172 C:\Windows\System32\wdigest.dll - ok 21:06:28.0786 1172 [ 9EDE13F62E7BE92DBA561218EDDC4E21 ] C:\Windows\System32\LIVESSP.DLL 21:06:28.0786 1172 C:\Windows\System32\LIVESSP.DLL - ok 21:06:28.0786 1172 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll 21:06:28.0786 1172 C:\Windows\System32\pku2u.dll - ok 21:06:28.0786 1172 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll 21:06:28.0786 1172 C:\Windows\System32\rsaenh.dll - ok 21:06:28.0786 1172 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll 21:06:28.0786 1172 C:\Windows\System32\TSpkg.dll - ok 21:06:28.0786 1172 [ 7558F12AF69EFD8AE3B2996ADB5221D4 ] C:\Windows\System32\wvauth.dll 21:06:28.0786 1172 C:\Windows\System32\wvauth.dll - ok 21:06:28.0786 1172 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll 21:06:28.0786 1172 C:\Windows\System32\WinSCard.dll - ok 21:06:28.0802 1172 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\System32\activeds.dll 21:06:28.0802 1172 C:\Windows\System32\activeds.dll - ok 21:06:28.0833 1172 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll 21:06:28.0833 1172 C:\Windows\System32\netapi32.dll - ok 21:06:28.0849 1172 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll 21:06:28.0849 1172 C:\Windows\System32\netutils.dll - ok 21:06:28.0849 1172 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll 21:06:28.0849 1172 C:\Windows\System32\samcli.dll - ok 21:06:28.0849 1172 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll 21:06:28.0849 1172 C:\Windows\System32\userenv.dll - ok 21:06:28.0849 1172 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll 21:06:28.0849 1172 C:\Windows\System32\wkscli.dll - ok 21:06:28.0849 1172 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll 21:06:28.0849 1172 C:\Windows\System32\wsock32.dll - ok 21:06:28.0864 1172 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\System32\adsldpc.dll 21:06:28.0864 1172 C:\Windows\System32\adsldpc.dll - ok 21:06:28.0880 1172 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll 21:06:28.0880 1172 C:\Windows\System32\atl.dll - ok 21:06:28.0880 1172 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll 21:06:28.0880 1172 C:\Windows\System32\bcryptprimitives.dll - ok 21:06:28.0880 1172 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll 21:06:28.0880 1172 C:\Windows\System32\credssp.dll - ok 21:06:28.0880 1172 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll 21:06:28.0880 1172 C:\Windows\System32\efslsaext.dll - ok 21:06:28.0880 1172 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll 21:06:28.0880 1172 C:\Windows\System32\scecli.dll - ok 21:06:28.0880 1172 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe 21:06:28.0880 1172 C:\Windows\System32\svchost.exe - ok 21:06:28.0896 1172 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll 21:06:28.0896 1172 C:\Windows\System32\ubpm.dll - ok 21:06:28.0896 1172 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll 21:06:28.0896 1172 C:\Windows\System32\devrtl.dll - ok 21:06:28.0896 1172 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll 21:06:28.0896 1172 C:\Windows\System32\SPInf.dll - ok 21:06:28.0896 1172 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll 21:06:28.0896 1172 C:\Windows\System32\umpnpmgr.dll - ok 21:06:28.0896 1172 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll 21:06:28.0896 1172 C:\Windows\System32\gpapi.dll - ok 21:06:28.0896 1172 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll 21:06:28.0911 1172 C:\Windows\System32\pcwum.dll - ok 21:06:28.0911 1172 [ AC42F771CC29727BD1663F211E9AC507 ] C:\Windows\System32\umpo.dll 21:06:28.0911 1172 C:\Windows\System32\umpo.dll - ok 21:06:28.0911 1172 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll 21:06:28.0911 1172 C:\Windows\System32\powrprof.dll - ok 21:06:28.0911 1172 [ E714A1C0354636837E20CCBF00888EE7 ] C:\Windows\System32\drivers\WUDFPf.sys 21:06:28.0911 1172 C:\Windows\System32\drivers\WUDFPf.sys - ok 21:06:28.0911 1172 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll 21:06:28.0911 1172 C:\Windows\System32\rpcss.dll - ok 21:06:28.0911 1172 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll 21:06:28.0911 1172 C:\Windows\System32\RpcEpMap.dll - ok 21:06:28.0927 1172 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe 21:06:28.0927 1172 C:\Windows\System32\LogonUI.exe - ok 21:06:28.0942 1172 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll 21:06:28.0942 1172 C:\Windows\System32\wevtsvc.dll - ok 21:06:28.0942 1172 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll 21:06:28.0942 1172 C:\Windows\System32\authui.dll - ok 21:06:28.0942 1172 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll 21:06:28.0942 1172 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok 21:06:28.0942 1172 [ 43CA4CCC22D52FB58E8988F0198851D0 ] C:\Windows\System32\profsvc.dll 21:06:28.0942 1172 C:\Windows\System32\profsvc.dll - ok 21:06:28.0942 1172 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] C:\Windows\System32\WUDFSvc.dll 21:06:28.0942 1172 C:\Windows\System32\WUDFSvc.dll - ok 21:06:28.0942 1172 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll 21:06:28.0942 1172 C:\Windows\System32\adtschema.dll - ok 21:06:28.0958 1172 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys 21:06:28.0958 1172 C:\Windows\System32\drivers\fltMgr.sys - ok 21:06:28.0958 1172 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL 21:06:28.0958 1172 C:\Windows\System32\PSHED.DLL - ok 21:06:28.0958 1172 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll 21:06:28.0958 1172 C:\Windows\System32\version.dll - ok 21:06:28.0958 1172 [ 9FBCFD7E88A7ACE0E94456504895DD7F ] C:\Windows\System32\WUDFPlatform.dll 21:06:28.0958 1172 C:\Windows\System32\WUDFPlatform.dll - ok 21:06:28.0958 1172 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll 21:06:28.0958 1172 C:\Windows\System32\cryptui.dll - ok 21:06:28.0974 1172 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 21:06:28.0974 1172 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok 21:06:28.0974 1172 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll 21:06:28.0974 1172 C:\Windows\System32\uxtheme.dll - ok 21:06:28.0974 1172 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll 21:06:28.0974 1172 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok 21:06:28.0974 1172 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll 21:06:28.0974 1172 C:\Windows\System32\dui70.dll - ok 21:06:28.0974 1172 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll 21:06:28.0974 1172 C:\Windows\System32\duser.dll - ok 21:06:28.0974 1172 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll 21:06:28.0974 1172 C:\Windows\System32\SndVolSSO.dll - ok 21:06:28.0989 1172 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll 21:06:28.0989 1172 C:\Windows\System32\hid.dll - ok 21:06:29.0005 1172 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll 21:06:29.0005 1172 C:\Windows\System32\MMDevAPI.dll - ok 21:06:29.0005 1172 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll 21:06:29.0005 1172 C:\Windows\System32\propsys.dll - ok 21:06:29.0005 1172 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll 21:06:29.0005 1172 C:\Windows\System32\dwmapi.dll - ok 21:06:29.0005 1172 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll 21:06:29.0005 1172 C:\Windows\System32\xmllite.dll - ok 21:06:29.0005 1172 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll 21:06:29.0005 1172 C:\Windows\System32\WindowsCodecs.dll - ok 21:06:29.0020 1172 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll 21:06:29.0020 1172 C:\Windows\System32\winbrand.dll - ok 21:06:29.0020 1172 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll 21:06:29.0020 1172 C:\Windows\System32\wtsapi32.dll - ok 21:06:29.0020 1172 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll 21:06:29.0020 1172 C:\Windows\System32\UXInit.dll - ok 21:06:29.0020 1172 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll 21:06:29.0020 1172 C:\Windows\System32\wbem\WMIsvc.dll - ok 21:06:29.0020 1172 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll 21:06:29.0020 1172 C:\Windows\System32\keyiso.dll - ok 21:06:29.0020 1172 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll 21:06:29.0020 1172 C:\Windows\System32\ntmarta.dll - ok 21:06:29.0036 1172 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll 21:06:29.0036 1172 C:\Windows\System32\wbemcomn.dll - ok 21:06:29.0036 1172 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll 21:06:29.0036 1172 C:\Windows\System32\wbem\WinMgmtR.dll - ok 21:06:29.0036 1172 [ B799D9FDB26111737F58288D8DC172D9 ] C:\Windows\System32\tbssvc.dll 21:06:29.0036 1172 C:\Windows\System32\tbssvc.dll - ok 21:06:29.0036 1172 [ 06E771AA596B8761107AB57E99F128D7 ] C:\Windows\System32\cryptsvc.dll 21:06:29.0036 1172 C:\Windows\System32\cryptsvc.dll - ok 21:06:29.0036 1172 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\System32\cryptnet.dll 21:06:29.0036 1172 C:\Windows\System32\cryptnet.dll - ok 21:06:29.0036 1172 [ BEE1AF0731BD490B5CE1F3CC102F9DAA ] C:\Program Files\McAfee\DLP\Agent\fcags.exe 21:06:29.0036 1172 C:\Program Files\McAfee\DLP\Agent\fcags.exe - ok 21:06:29.0067 1172 [ 0EF7C7EB7D925A1FCD24C531A9941A83 ] C:\Program Files\McAfee\DLP\Agent\fcagsec.dll 21:06:29.0067 1172 C:\Program Files\McAfee\DLP\Agent\fcagsec.dll - ok 21:06:29.0067 1172 [ DE80CB883B953400F6519BEC3327B576 ] C:\Program Files\McAfee\DLP\Agent\fcdrvins.dll 21:06:29.0067 1172 C:\Program Files\McAfee\DLP\Agent\fcdrvins.dll - ok 21:06:29.0067 1172 [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\System32\msi.dll 21:06:29.0067 1172 C:\Windows\System32\msi.dll - ok 21:06:29.0067 1172 [ EAE4280E82C866A9C71F654085DEC9B6 ] C:\Program Files\McAfee\DLP\Agent\cryptocme2.dll 21:06:29.0067 1172 C:\Program Files\McAfee\DLP\Agent\cryptocme2.dll - ok 21:06:29.0067 1172 [ 7CE8053C3306F407F2454A62F7BB123B ] C:\Program Files\McAfee\DLP\Agent\ccme_base.dll 21:06:29.0067 1172 C:\Program Files\McAfee\DLP\Agent\ccme_base.dll - ok 21:06:29.0067 1172 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll 21:06:29.0067 1172 C:\Windows\System32\wbem\WmiDcPrv.dll - ok 21:06:29.0083 1172 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll 21:06:29.0083 1172 C:\Windows\System32\wbem\fastprox.dll - ok 21:06:29.0083 1172 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll 21:06:29.0083 1172 C:\Windows\System32\ntdsapi.dll - ok 21:06:29.0083 1172 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll 21:06:29.0083 1172 C:\Windows\System32\wbem\wbemprox.dll - ok 21:06:29.0083 1172 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll 21:06:29.0083 1172 C:\Windows\System32\vssapi.dll - ok 21:06:29.0083 1172 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll 21:06:29.0083 1172 C:\Windows\System32\vsstrace.dll - ok 21:06:29.0083 1172 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll 21:06:29.0083 1172 C:\Windows\System32\wbem\wbemcore.dll - ok 21:06:29.0098 1172 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll 21:06:29.0098 1172 C:\Windows\System32\imageres.dll - ok 21:06:29.0098 1172 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll 21:06:29.0098 1172 C:\Windows\System32\samlib.dll - ok 21:06:29.0098 1172 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll 21:06:29.0098 1172 C:\Windows\System32\shacct.dll - ok 21:06:29.0098 1172 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll 21:06:29.0098 1172 C:\Windows\System32\wbem\esscli.dll - ok 21:06:29.0098 1172 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll 21:06:29.0098 1172 C:\Windows\System32\wbem\wbemsvc.dll - ok 21:06:29.0098 1172 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll 21:06:29.0098 1172 C:\Windows\System32\wbem\wmiutils.dll - ok 21:06:29.0145 1172 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll 21:06:29.0145 1172 C:\Windows\System32\wbem\repdrvfs.dll - ok 21:06:29.0161 1172 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll 21:06:29.0161 1172 C:\Windows\System32\wbem\WmiPrvSD.dll - ok 21:06:29.0161 1172 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll 21:06:29.0161 1172 C:\Windows\System32\ncobjapi.dll - ok 21:06:29.0161 1172 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll 21:06:29.0161 1172 C:\Windows\System32\wbem\wbemess.dll - ok 21:06:29.0161 1172 [ 1EA4930FC7EBFCB4116CE829754222A7 ] C:\Program Files\McAfee\DLP\Agent\mfesmfa.dll 21:06:29.0161 1172 C:\Program Files\McAfee\DLP\Agent\mfesmfa.dll - ok 21:06:29.0161 1172 [ 488470F15D737BBBFDA6E6733C2FEB2F ] C:\Program Files\McAfee\DLP\Agent\mfehida.dll 21:06:29.0161 1172 C:\Program Files\McAfee\DLP\Agent\mfehida.dll - ok 21:06:29.0161 1172 [ 0471608A2E0F2281DE8554067A6E91BE ] C:\Program Files\McAfee\DLP\Agent\fcagswd.exe 21:06:29.0161 1172 C:\Program Files\McAfee\DLP\Agent\fcagswd.exe - ok 21:06:29.0192 1172 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL 21:06:29.0192 1172 C:\Windows\System32\IPHLPAPI.DLL - ok 21:06:29.0192 1172 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll 21:06:29.0192 1172 C:\Windows\System32\winnsi.dll - ok 21:06:29.0192 1172 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll 21:06:29.0192 1172 C:\Windows\System32\slc.dll - ok 21:06:29.0192 1172 [ F35314802B20CE37AF5F700A252812DD ] C:\Windows\System32\mpnotify.exe 21:06:29.0192 1172 C:\Windows\System32\mpnotify.exe - ok 21:06:29.0192 1172 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll 21:06:29.0192 1172 C:\Windows\System32\mpr.dll - ok 21:06:29.0192 1172 [ 4A6A039BCDEF3ABCC3E4FCC5DFE73AC6 ] C:\Windows\System32\TdmNetworkProvider.dll 21:06:29.0192 1172 C:\Windows\System32\TdmNetworkProvider.dll - ok 21:06:29.0208 1172 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll 21:06:29.0208 1172 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok 21:06:29.0208 1172 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll 21:06:29.0208 1172 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok 21:06:29.0208 1172 [ DF5E18E5F2FB56A6700D77F769E3C7A4 ] C:\Windows\System32\LoginFilter.dll 21:06:29.0208 1172 C:\Windows\System32\LoginFilter.dll - ok 21:06:29.0208 1172 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll 21:06:29.0208 1172 C:\Windows\System32\msiltcfg.dll - ok 21:06:29.0208 1172 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll 21:06:29.0208 1172 C:\Windows\System32\sfc.dll - ok 21:06:29.0223 1172 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll 21:06:29.0223 1172 C:\Windows\System32\sfc_os.dll - ok 21:06:29.0223 1172 [ 370E6FB6F6FF1B3DAC7F1182AC493BB6 ] C:\Windows\System32\oleres.dll 21:06:29.0223 1172 C:\Windows\System32\oleres.dll - ok 21:06:29.0223 1172 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll 21:06:29.0223 1172 C:\Windows\System32\dsrole.dll - ok 21:06:29.0223 1172 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll 21:06:29.0223 1172 C:\Windows\System32\netprofm.dll - ok 21:06:29.0223 1172 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\System32\nlaapi.dll 21:06:29.0223 1172 C:\Windows\System32\nlaapi.dll - ok 21:06:29.0223 1172 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe 21:06:29.0223 1172 C:\Windows\System32\dllhost.exe - ok 21:06:29.0239 1172 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll 21:06:29.0239 1172 C:\Windows\System32\IDStore.dll - ok 21:06:29.0254 1172 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll 21:06:29.0254 1172 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok 21:06:29.0254 1172 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll 21:06:29.0254 1172 C:\Windows\System32\cscapi.dll - ok 21:06:29.0254 1172 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll 21:06:29.0254 1172 C:\Windows\System32\davclnt.dll - ok 21:06:29.0254 1172 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll 21:06:29.0254 1172 C:\Windows\System32\davhlpr.dll - ok 21:06:29.0254 1172 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll 21:06:29.0254 1172 C:\Windows\System32\drprov.dll - ok 21:06:29.0254 1172 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll 21:06:29.0254 1172 C:\Windows\System32\ntlanman.dll - ok 21:06:29.0270 1172 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll 21:06:29.0270 1172 C:\Windows\System32\winhttp.dll - ok 21:06:29.0270 1172 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll 21:06:29.0270 1172 C:\Windows\System32\webio.dll - ok 21:06:29.0270 1172 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll 21:06:29.0270 1172 C:\Program Files\Bonjour\mdnsNSP.dll - ok 21:06:29.0270 1172 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL 21:06:29.0270 1172 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok 21:06:29.0270 1172 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll 21:06:29.0270 1172 C:\Windows\System32\NapiNSP.dll - ok 21:06:29.0270 1172 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll 21:06:29.0270 1172 C:\Windows\System32\pnrpnsp.dll - ok 21:06:29.0301 1172 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll 21:06:29.0301 1172 C:\Windows\System32\winrnr.dll - ok 21:06:29.0317 1172 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\System32\wshbth.dll 21:06:29.0317 1172 C:\Windows\System32\wshbth.dll - ok 21:06:29.0317 1172 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll 21:06:29.0317 1172 C:\Windows\System32\wshqos.dll - ok 21:06:29.0317 1172 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe 21:06:29.0317 1172 C:\Windows\System32\userinit.exe - ok 21:06:29.0317 1172 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe 21:06:29.0317 1172 C:\Windows\explorer.exe - ok 21:06:29.0317 1172 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll 21:06:29.0317 1172 C:\Windows\System32\ExplorerFrame.dll - ok 21:06:29.0317 1172 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll 21:06:29.0317 1172 C:\Windows\System32\apphelp.dll - ok 21:06:29.0332 1172 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll 21:06:29.0332 1172 C:\Windows\System32\winmm.dll - ok 21:06:29.0332 1172 [ 4D8744C531386EAD6AB9837A37D47AF9 ] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll 21:06:29.0332 1172 C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll - ok 21:06:29.0332 1172 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll 21:06:29.0332 1172 C:\Windows\System32\EhStorShell.dll - ok 21:06:29.0332 1172 [ 78B62E4C13378F737603136975A07E1A ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll 21:06:29.0332 1172 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll - ok 21:06:29.0332 1172 [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll 21:06:29.0332 1172 C:\Windows\System32\cscui.dll - ok 21:06:29.0348 1172 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll 21:06:29.0348 1172 C:\Windows\System32\cscdll.dll - ok 21:06:29.0348 1172 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll 21:06:29.0348 1172 C:\Windows\System32\ntshrui.dll - ok 21:06:29.0348 1172 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll 21:06:29.0348 1172 C:\Windows\System32\IconCodecService.dll - ok 21:06:29.0348 1172 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe 21:06:29.0348 1172 C:\Windows\System32\runonce.exe - ok 21:06:29.0348 1172 [ 4A3CDCEF8ED41B221F3DBEF5792FB52D ] C:\Windows\System32\ctfmon.exe 21:06:29.0348 1172 C:\Windows\System32\ctfmon.exe - ok 21:06:29.0348 1172 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll 21:06:29.0348 1172 C:\Windows\System32\MsCtfMonitor.dll - ok 21:06:29.0379 1172 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll 21:06:29.0379 1172 C:\Windows\System32\msutb.dll - ok 21:06:29.0379 1172 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl 21:06:29.0379 1172 C:\Windows\System32\timedate.cpl - ok 21:06:29.0379 1172 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll 21:06:29.0379 1172 C:\Windows\System32\msftedit.dll - ok 21:06:29.0379 1172 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 21:06:29.0379 1172 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok 21:06:29.0379 1172 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll 21:06:29.0379 1172 C:\Windows\System32\msls31.dll - ok 21:06:29.0379 1172 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll 21:06:29.0379 1172 C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll - ok 21:06:29.0395 1172 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\System32\SearchFolder.dll 21:06:29.0395 1172 C:\Windows\System32\SearchFolder.dll - ok 21:06:29.0395 1172 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll 21:06:29.0395 1172 C:\Windows\System32\DeviceCenter.dll - ok 21:06:29.0395 1172 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll 21:06:29.0395 1172 C:\Windows\System32\linkinfo.dll - ok 21:06:29.0395 1172 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll 21:06:29.0395 1172 C:\Windows\System32\shdocvw.dll - ok 21:06:29.0395 1172 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll 21:06:29.0395 1172 C:\Windows\System32\thumbcache.dll - ok 21:06:29.0395 1172 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll 21:06:29.0395 1172 C:\Windows\System32\networkexplorer.dll - ok 21:06:29.0410 1172 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv 21:06:29.0410 1172 C:\Windows\System32\wdmaud.drv - ok 21:06:29.0410 1172 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll 21:06:29.0410 1172 C:\Windows\System32\avrt.dll - ok 21:06:29.0410 1172 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll 21:06:29.0410 1172 C:\Windows\System32\ksuser.dll - ok 21:06:29.0410 1172 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll 21:06:29.0410 1172 C:\Windows\System32\gameux.dll - ok 21:06:29.0410 1172 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll 21:06:29.0410 1172 C:\Windows\System32\wer.dll - ok 21:06:29.0410 1172 [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe 21:06:29.0410 1172 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - ok 21:06:29.0457 1172 [ 60B7C0FEAD45F2066E5B805A91F4F0FC ] C:\Windows\System32\calc.exe 21:06:29.0457 1172 C:\Windows\System32\calc.exe - ok 21:06:29.0473 1172 [ 0DE001A307741E2A41B00F2CEBAF6DCB ] C:\Users\217216XX19948\Desktop\ListParts.exe 21:06:29.0473 1172 C:\Users\217216XX19948\Desktop\ListParts.exe - ok 21:06:29.0473 1172 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe 21:06:29.0473 1172 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok 21:06:29.0473 1172 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe 21:06:29.0473 1172 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok 21:06:29.0473 1172 [ 85AB6C3089BEE58999B434E114E8A64C ] C:\Windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico 21:06:29.0473 1172 C:\Windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico - ok 21:06:29.0473 1172 [ B3DD214F23037E3D3C27D6C9447B40B5 ] C:\Program Files\Windows NT\Accessories\wordpad.exe 21:06:29.0473 1172 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok 21:06:29.0488 1172 [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe 21:06:29.0488 1172 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok 21:06:29.0504 1172 [ 173EC598CFD6E450E6B4FA7E5603B69E ] C:\ProgramData\Rgy5JSmkHoCeFS.exe 21:06:29.0504 1172 C:\ProgramData\Rgy5JSmkHoCeFS.exe - ok 21:06:29.0504 1172 [ A2F0B6A45EF5B68173AAA2A39690904E ] C:\Windows\System32\zipfldr.dll 21:06:29.0504 1172 C:\Windows\System32\zipfldr.dll - ok 21:06:29.0504 1172 [ 0079E7EE294AC629D57FB8259F5A803E ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll 21:06:29.0504 1172 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll - ok 21:06:29.0504 1172 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 21:06:29.0504 1172 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok 21:06:29.0504 1172 [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5 ] C:\Windows\System32\StikyNot.exe 21:06:29.0504 1172 C:\Windows\System32\StikyNot.exe - ok 21:06:29.0520 1172 [ 88854964DC147CC8448E261EC78B4FE4 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll 21:06:29.0520 1172 C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll - ok 21:06:29.0520 1172 [ D2033210D4DA9E9CE7670DFF45D7101B ] C:\Users\217216XX19948\Desktop\tdsskiller.exe 21:06:29.0520 1172 C:\Users\217216XX19948\Desktop\tdsskiller.exe - ok 21:06:29.0520 1172 [ A9CE22E1F0437825070BFFD52AF7E201 ] C:\Windows\Branding\ShellBrd\shellbrd.dll 21:06:29.0520 1172 C:\Windows\Branding\ShellBrd\shellbrd.dll - ok 21:06:29.0520 1172 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe 21:06:29.0520 1172 C:\Windows\System32\rundll32.exe - ok 21:06:29.0520 1172 [ 8437DB84BD56858CFA49A37D1EED247B ] C:\Users\217216XX19948\Desktop\RogueKiller.exe 21:06:29.0520 1172 C:\Users\217216XX19948\Desktop\RogueKiller.exe - ok 21:06:29.0520 1172 [ BA4E1A60BD20CA7978C76D79F19E37F0 ] C:\Windows\System32\DisplaySwitch.exe 21:06:29.0520 1172 C:\Windows\System32\DisplaySwitch.exe - ok 21:06:29.0535 1172 [ 4A70A9E1CE6CF4BCADE6C9977985DA95 ] C:\Users\217216XX19948\Desktop\unhide.exe 21:06:29.0535 1172 C:\Users\217216XX19948\Desktop\unhide.exe - ok 21:06:29.0535 1172 [ 33B0A618BA5F44E67757C561D0A935C1 ] C:\Windows\System32\WFS.exe 21:06:29.0535 1172 C:\Windows\System32\WFS.exe - ok 21:06:29.0535 1172 [ E49EF627A75C0BAD02180C97AC527C33 ] C:\Windows\System32\WFSR.dll 21:06:29.0535 1172 C:\Windows\System32\WFSR.dll - ok 21:06:29.0535 1172 [ 32BE4A1FAFCCD5CA9AB0CE772C43D5E2 ] C:\Windows\System32\SnippingTool.exe 21:06:29.0535 1172 C:\Windows\System32\SnippingTool.exe - ok 21:06:29.0535 1172 [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\System32\ieframe.dll 21:06:29.0535 1172 C:\Windows\System32\ieframe.dll - ok 21:06:29.0535 1172 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll 21:06:29.0535 1172 C:\Windows\System32\oleacc.dll - ok 21:06:29.0551 1172 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll 21:06:29.0551 1172 C:\Windows\System32\rasapi32.dll - ok 21:06:29.0582 1172 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll 21:06:29.0582 1172 C:\Windows\System32\rasman.dll - ok 21:06:29.0598 1172 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll 21:06:29.0598 1172 C:\Windows\System32\rtutils.dll - ok 21:06:29.0598 1172 [ 5E8E869E1342308752A37A2C90CCA79D ] C:\Windows\System32\mshtml.dll 21:06:29.0598 1172 C:\Windows\System32\mshtml.dll - ok 21:06:29.0598 1172 [ 9F179DA6BF972F2B8B7F90978D02D719 ] C:\Windows\System32\jscript9.dll 21:06:29.0598 1172 C:\Windows\System32\jscript9.dll - ok 21:06:29.0598 1172 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll 21:06:29.0598 1172 C:\Windows\System32\mlang.dll - ok 21:06:29.0598 1172 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll 21:06:29.0598 1172 C:\Windows\System32\msimtf.dll - ok 21:06:29.0598 1172 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll 21:06:29.0598 1172 C:\Windows\System32\d2d1.dll - ok 21:06:29.0629 1172 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll 21:06:29.0629 1172 C:\Windows\System32\DWrite.dll - ok 21:06:29.0629 1172 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll 21:06:29.0629 1172 C:\Windows\System32\dxgi.dll - ok 21:06:29.0629 1172 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll 21:06:29.0629 1172 C:\Windows\System32\d3d10_1.dll - ok 21:06:29.0629 1172 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll 21:06:29.0629 1172 C:\Windows\System32\d3d10_1core.dll - ok 21:06:29.0629 1172 [ F75BFDACAF4AD540444FFC31B49BDA99 ] C:\Windows\System32\d3d10level9.dll 21:06:29.0629 1172 C:\Windows\System32\d3d10level9.dll - ok 21:06:29.0629 1172 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\System32\d3d10warp.dll 21:06:29.0629 1172 C:\Windows\System32\d3d10warp.dll - ok 21:06:29.0644 1172 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll 21:06:29.0644 1172 C:\Windows\System32\batmeter.dll - ok 21:06:29.0644 1172 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll 21:06:29.0644 1172 C:\Windows\System32\stobject.dll - ok 21:06:29.0644 1172 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll 21:06:29.0644 1172 C:\Windows\System32\es.dll - ok 21:06:29.0644 1172 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll 21:06:29.0644 1172 C:\Windows\System32\prnfldr.dll - ok 21:06:29.0644 1172 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv 21:06:29.0644 1172 C:\Windows\System32\winspool.drv - ok 21:06:29.0644 1172 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll 21:06:29.0644 1172 C:\Windows\System32\DXP.dll - ok 21:06:29.0660 1172 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll 21:06:29.0660 1172 C:\Windows\System32\Syncreg.dll - ok 21:06:29.0660 1172 [ 6F6759407B843B99E0367036632EC798 ] C:\Windows\System32\HelpPaneProxy.dll 21:06:29.0660 1172 C:\Windows\System32\HelpPaneProxy.dll - ok 21:06:29.0660 1172 [ 2FF3A32F01DF61836FED59D441D8B9DF ] C:\Windows\HelpPane.exe 21:06:29.0660 1172 C:\Windows\HelpPane.exe - ok 21:06:29.0660 1172 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll 21:06:29.0660 1172 C:\Windows\System32\AltTab.dll - ok 21:06:29.0660 1172 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll 21:06:29.0660 1172 C:\Windows\System32\pnidui.dll - ok 21:06:29.0660 1172 [ 7D44EE5DBCC3A6E90EB60EDF72B66D99 ] C:\Windows\System32\apds.dll 21:06:29.0660 1172 C:\Windows\System32\apds.dll - ok 21:06:29.0691 1172 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL 21:06:29.0691 1172 C:\Windows\System32\QUTIL.DLL - ok 21:06:29.0691 1172 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL 21:06:29.0691 1172 C:\Windows\System32\FWPUCLNT.DLL - ok 21:06:29.0691 1172 [ 75EA62927355189876081EF863064982 ] C:\Windows\System32\ncsi.dll 21:06:29.0691 1172 C:\Windows\System32\ncsi.dll - ok 21:06:29.0691 1172 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll 21:06:29.0691 1172 C:\Windows\System32\wlanapi.dll - ok 21:06:29.0691 1172 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll 21:06:29.0691 1172 C:\Windows\System32\wlanutil.dll - ok 21:06:29.0691 1172 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll 21:06:29.0691 1172 C:\Windows\System32\WWanAPI.dll - ok 21:06:29.0722 1172 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll 21:06:29.0722 1172 C:\Windows\System32\wwapi.dll - ok 21:06:29.0754 1172 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL 21:06:29.0754 1172 C:\Windows\System32\QAGENT.DLL - ok 21:06:29.0754 1172 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll 21:06:29.0754 1172 C:\Windows\System32\UIAnimation.dll - ok 21:06:29.0754 1172 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll 21:06:29.0754 1172 C:\Windows\ehome\ehSSO.dll - ok 21:06:29.0754 1172 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl 21:06:29.0754 1172 C:\Windows\System32\bthprops.cpl - ok 21:06:29.0754 1172 [ 2E2C17DF779AD51A7209754685B010A1 ] C:\Windows\System32\apss.dll 21:06:29.0754 1172 C:\Windows\System32\apss.dll - ok 21:06:29.0754 1172 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll 21:06:29.0754 1172 C:\Windows\System32\netshell.dll - ok 21:06:29.0769 1172 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll 21:06:29.0769 1172 C:\Windows\System32\WPDShServiceObj.dll - ok 21:06:29.0769 1172 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll 21:06:29.0769 1172 C:\Windows\System32\PortableDeviceTypes.dll - ok 21:06:29.0769 1172 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll 21:06:29.0769 1172 C:\Windows\System32\msxml6.dll - ok 21:06:29.0769 1172 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll 21:06:29.0769 1172 C:\Windows\System32\PortableDeviceApi.dll - ok 21:06:29.0769 1172 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll 21:06:29.0769 1172 C:\Windows\System32\srchadmin.dll - ok 21:06:29.0769 1172 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll 21:06:29.0769 1172 C:\Windows\System32\ActionCenter.dll - ok 21:06:29.0785 1172 [ 8E626669938DD0E5B5B76601EE8F8232 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll 21:06:29.0785 1172 C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll - ok 21:06:29.0785 1172 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll 21:06:29.0785 1172 C:\Windows\System32\webcheck.dll - ok 21:06:29.0785 1172 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll 21:06:29.0785 1172 C:\Windows\System32\SyncCenter.dll - ok 21:06:29.0785 1172 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll 21:06:29.0785 1172 C:\Windows\System32\taskschd.dll - ok 21:06:29.0785 1172 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll 21:06:29.0785 1172 C:\Windows\System32\imapi2.dll - ok 21:06:29.0785 1172 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll 21:06:29.0785 1172 C:\Windows\System32\mstask.dll - ok 21:06:29.0800 1172 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll 21:06:29.0800 1172 C:\Windows\System32\hgcpl.dll - ok 21:06:29.0816 1172 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll 21:06:29.0816 1172 C:\Windows\System32\provsvc.dll - ok 21:06:29.0816 1172 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll 21:06:29.0816 1172 C:\Windows\System32\actxprxy.dll - ok 21:06:29.0816 1172 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll 21:06:29.0816 1172 C:\Windows\System32\FXSST.dll - ok 21:06:29.0816 1172 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll 21:06:29.0816 1172 C:\Windows\System32\FXSAPI.dll - ok 21:06:29.0816 1172 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll 21:06:29.0816 1172 C:\Windows\System32\FXSRESM.dll - ok 21:06:29.0816 1172 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe 21:06:29.0816 1172 C:\Windows\System32\FXSSVC.exe - ok 21:06:29.0832 1172 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll 21:06:29.0832 1172 C:\Windows\System32\d3d10.dll - ok 21:06:29.0832 1172 [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll 21:06:29.0832 1172 C:\Windows\System32\d3d10core.dll - ok 21:06:29.0832 1172 [ 545BF7EAA24A9E062857D0742EC0B28A ] C:\Windows\System32\taskmgr.exe 21:06:29.0832 1172 C:\Windows\System32\taskmgr.exe - ok 21:06:29.0832 1172 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll 21:06:29.0832 1172 C:\Windows\System32\credui.dll - ok 21:06:29.0832 1172 [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\System32\vdmdbg.dll 21:06:29.0832 1172 C:\Windows\System32\vdmdbg.dll - ok 21:06:29.0832 1172 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll 21:06:29.0832 1172 C:\Windows\System32\browcli.dll - ok 21:06:29.0847 1172 [ D25958B2A71EF488959272878EF934BE ] C:\Windows\System32\utildll.dll 21:06:29.0847 1172 C:\Windows\System32\utildll.dll - ok 21:06:29.0847 1172 [ 28F44480E411C3DDF04B63F6560E6EF4 ] C:\Windows\System32\ntoskrnl.exe 21:06:29.0847 1172 C:\Windows\System32\ntoskrnl.exe - ok 21:06:29.0847 1172 [ 20AA5135C856C44B08333365EBFA8087 ] C:\Program Files\Internet Explorer\ieproxy.dll 21:06:29.0847 1172 C:\Program Files\Internet Explorer\ieproxy.dll - ok 21:06:29.0847 1172 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\15668030.sys 21:06:29.0847 1172 C:\Windows\System32\drivers\15668030.sys - ok 21:06:29.0847 1172 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll 21:06:29.0847 1172 C:\Windows\System32\riched20.dll - ok 21:06:29.0878 1172 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll 21:06:29.0878 1172 C:\Windows\System32\esent.dll - ok 21:06:29.0894 1172 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll 21:06:29.0894 1172 C:\Windows\System32\wbem\NCProv.dll - ok 21:06:29.0894 1172 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll 21:06:29.0894 1172 C:\Windows\System32\SensApi.dll - ok 21:06:29.0894 1172 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll 21:06:29.0894 1172 C:\Windows\System32\wscapi.dll - ok 21:06:29.0894 1172 [ F175E53C7C3B25A9029A131FB578B155 ] C:\Windows\System32\wscinterop.dll 21:06:29.0894 1172 C:\Windows\System32\wscinterop.dll - ok 21:06:29.0894 1172 [ 7FD5532C142DB6C9CC47AA4DCF71FDEC ] C:\Windows\System32\wscui.cpl 21:06:29.0894 1172 C:\Windows\System32\wscui.cpl - ok 21:06:29.0894 1172 [ 1869BD251211FB6275067372A45682D6 ] C:\Windows\System32\werconcpl.dll 21:06:29.0894 1172 C:\Windows\System32\werconcpl.dll - ok 21:06:29.0910 1172 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll 21:06:29.0910 1172 C:\Windows\System32\framedynos.dll - ok 21:06:29.0910 1172 [ AC804569BB2364FB6017370258A4091B ] C:\Windows\System32\wercplsupport.dll 21:06:29.0910 1172 C:\Windows\System32\wercplsupport.dll - ok 21:06:29.0910 1172 [ 57CE9D8350B1DD76EEC596C423C3C0BC ] C:\Windows\System32\hcproviders.dll 21:06:29.0910 1172 C:\Windows\System32\hcproviders.dll - ok 21:06:29.0910 1172 [ 52799EAD792B0E9AE7FD4BA5BD18FE5C ] C:\Windows\System32\wbem\WMIADAP.exe 21:06:29.0910 1172 C:\Windows\System32\wbem\WMIADAP.exe - ok 21:06:29.0910 1172 [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\System32\loadperf.dll 21:06:29.0910 1172 C:\Windows\System32\loadperf.dll - ok 21:06:29.0910 1172 ============================================================ 21:06:29.0910 1172 Scan finished 21:06:29.0910 1172 ============================================================ 21:06:29.0941 1056 Detected object count: 7 21:06:29.0941 1056 Actual detected object count: 7 21:07:41.0873 1056 BrcmMgmtAgent ( UnsignedFile.Multi.Generic ) - skipped by user 21:07:41.0873 1056 BrcmMgmtAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:07:41.0873 1056 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user 21:07:41.0873 1056 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:07:41.0888 1056 MDM ( UnsignedFile.Multi.Generic ) - skipped by user 21:07:41.0888 1056 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:07:41.0904 1056 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - skipped by user 21:07:41.0904 1056 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:07:41.0919 1056 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user 21:07:41.0919 1056 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:07:41.0935 1056 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:07:41.0935 1056 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:07:41.0951 1056 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - skipped by user 21:07:41.0951 1056 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:10:06.0578 0576 Deinitialize success
  11. Shoshang
    21:05:58.0944 0712 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47 21:05:58.0959 0712 ============================================================ 21:05:58.0959 0712 Current date / time: 2012/10/15 21:05:58.0959 21:05:58.0959 0712 SystemInfo: 21:05:58.0959 0712 21:05:58.0959 0712 OS Version: 6.1.7601 ServicePack: 1.0 21:05:58.0959 0712 Product type: Workstation 21:05:58.0959 0712 ComputerName: WNCAISD237L 21:05:58.0959 0712 UserName: 217216XX19948 21:05:58.0959 0712 Windows directory: C:\Windows 21:05:58.0959 0712 System windows directory: C:\Windows 21:05:58.0959 0712 Processor architecture: Intel x86 21:05:58.0959 0712 Number of processors: 4 21:05:58.0959 0712 Page size: 0x1000 21:05:58.0959 0712 Boot type: Safe boot 21:05:58.0959 0712 ============================================================ 21:05:58.0959 0712 BG loaded 21:05:59.0209 0712 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 21:05:59.0209 0712 ============================================================ 21:05:59.0209 0712 \Device\Harddisk0\DR0: 21:05:59.0209 0712 MBR partitions: 21:05:59.0209 0712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1698000 21:05:59.0209 0712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16AC000, BlocksNum 0x23D7B2B0 21:05:59.0209 0712 ============================================================ 21:05:59.0271 0712 C: <-> \Device\Harddisk0\DR0\Partition2 21:05:59.0271 0712 ============================================================ 21:05:59.0271 0712 Initialize success 21:05:59.0271 0712 ============================================================ 21:06:05.0917 1172 ============================================================ 21:06:05.0917 1172 Scan started 21:06:05.0917 1172 Mode: Manual; SigCheck; TDLFS; 21:06:05.0917 1172 ============================================================ 21:06:06.0042 1172 ================ Scan system memory ======================== 21:06:06.0042 1172 System memory - ok 21:06:06.0042 1172 ================ Scan services ============================= 21:06:06.0260 1172 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 21:06:06.0307 1172 1394ohci - ok 21:06:06.0385 1172 [ 2A8681AEA24003040CA7D677BE9F1702 ] 64872125 C:\Windows\system32\drivers\68745474.sys 21:06:06.0432 1172 [ EDC50031D6AB9180B3B3BD1C547C7D0A ] Acceler C:\Windows\system32\DRIVERS\accelern.sys 21:06:06.0447 1172 Acceler - ok 21:06:06.0478 1172 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:06:06.0478 1172 ACPI - ok 21:06:06.0525 1172 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:06:06.0525 1172 AcpiPmi - ok 21:06:06.0619 1172 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 21:06:06.0619 1172 AdobeARMservice - ok 21:06:06.0666 1172 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 21:06:06.0681 1172 AdobeFlashPlayerUpdateSvc - ok 21:06:06.0712 1172 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:06:06.0728 1172 adp94xx - ok 21:06:06.0728 1172 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:06:06.0744 1172 adpahci - ok 21:06:06.0759 1172 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:06:06.0775 1172 adpu320 - ok 21:06:06.0837 1172 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:06:06.0853 1172 AeLookupSvc - ok 21:06:06.0915 1172 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Program Files\IDT\WDM\aestsrv.exe 21:06:06.0931 1172 AESTFilters - ok 21:06:06.0993 1172 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 21:06:07.0009 1172 AFD - ok 21:06:07.0024 1172 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 21:06:07.0024 1172 agp440 - ok 21:06:07.0056 1172 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys 21:06:07.0056 1172 aic78xx - ok 21:06:07.0087 1172 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 21:06:07.0087 1172 ALG - ok 21:06:07.0102 1172 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 21:06:07.0102 1172 aliide - ok 21:06:07.0102 1172 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 21:06:07.0118 1172 amdagp - ok 21:06:07.0118 1172 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 21:06:07.0118 1172 amdide - ok 21:06:07.0165 1172 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:06:07.0165 1172 AmdK8 - ok 21:06:07.0165 1172 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:06:07.0180 1172 AmdPPM - ok 21:06:07.0212 1172 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:06:07.0227 1172 amdsata - ok 21:06:07.0227 1172 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:06:07.0243 1172 amdsbs - ok 21:06:07.0274 1172 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:06:07.0290 1172 amdxata - ok 21:06:07.0321 1172 [ 476A6EFB2BB338D2854B3751367F8F71 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 21:06:07.0336 1172 ApfiltrService - ok 21:06:07.0352 1172 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 21:06:07.0368 1172 AppID - ok 21:06:07.0399 1172 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:06:07.0414 1172 AppIDSvc - ok 21:06:07.0430 1172 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 21:06:07.0446 1172 Appinfo - ok 21:06:07.0555 1172 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:06:07.0570 1172 Apple Mobile Device - ok 21:06:07.0617 1172 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll 21:06:07.0633 1172 AppMgmt - ok 21:06:07.0695 1172 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys 21:06:07.0695 1172 arc - ok 21:06:07.0726 1172 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:06:07.0726 1172 arcsas - ok 21:06:07.0836 1172 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 21:06:07.0851 1172 aspnet_state - ok 21:06:07.0882 1172 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:06:07.0898 1172 AsyncMac - ok 21:06:07.0960 1172 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 21:06:07.0976 1172 atapi - ok 21:06:08.0038 1172 [ FF270313C14FC180B6C49BB0B302E0FB ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe 21:06:08.0070 1172 ATService - ok 21:06:08.0179 1172 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:06:08.0194 1172 AudioEndpointBuilder - ok 21:06:08.0241 1172 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 21:06:08.0257 1172 Audiosrv - ok 21:06:08.0288 1172 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:06:08.0304 1172 AxInstSV - ok 21:06:08.0319 1172 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys 21:06:08.0335 1172 b06bdrv - ok 21:06:08.0366 1172 [ 68FB5AF4534AA98B364EA585703D2456 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 21:06:08.0382 1172 b57nd60x - ok 21:06:08.0444 1172 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE 21:06:08.0460 1172 BBSvc - ok 21:06:08.0522 1172 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE 21:06:08.0522 1172 BBUpdate - ok 21:06:08.0569 1172 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 21:06:08.0569 1172 BDESVC - ok 21:06:08.0631 1172 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 21:06:08.0647 1172 Beep - ok 21:06:08.0709 1172 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 21:06:08.0725 1172 BFE - ok 21:06:08.0803 1172 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 21:06:08.0818 1172 BITS - ok 21:06:08.0881 1172 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:06:08.0881 1172 blbdrive - ok 21:06:08.0928 1172 [ A1115D933E7E3588E6DD53B03219F808 ] Blfp C:\Windows\system32\DRIVERS\basp.sys 21:06:08.0943 1172 Blfp - ok 21:06:09.0021 1172 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:06:09.0037 1172 Bonjour Service - ok 21:06:09.0084 1172 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:06:09.0099 1172 bowser - ok 21:06:09.0130 1172 [ E7CA80FA5A7E82ED87E8140E0BDFA13B ] BrcmMgmtAgent C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe 21:06:09.0130 1172 BrcmMgmtAgent ( UnsignedFile.Multi.Generic ) - warning 21:06:09.0130 1172 BrcmMgmtAgent - detected UnsignedFile.Multi.Generic (1) 21:06:09.0146 1172 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:06:09.0162 1172 BrFiltLo - ok 21:06:09.0177 1172 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:06:09.0193 1172 BrFiltUp - ok 21:06:09.0224 1172 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 21:06:09.0240 1172 Browser - ok 21:06:09.0240 1172 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:06:09.0255 1172 Brserid - ok 21:06:09.0255 1172 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:06:09.0271 1172 BrSerWdm - ok 21:06:09.0286 1172 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:06:09.0286 1172 BrUsbMdm - ok 21:06:09.0286 1172 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:06:09.0302 1172 BrUsbSer - ok 21:06:09.0349 1172 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 21:06:09.0349 1172 BthEnum - ok 21:06:09.0364 1172 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:06:09.0364 1172 BTHMODEM - ok 21:06:09.0411 1172 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:06:09.0427 1172 BthPan - ok 21:06:09.0442 1172 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 21:06:09.0458 1172 BTHPORT - ok 21:06:09.0489 1172 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 21:06:09.0520 1172 bthserv - ok 21:06:09.0536 1172 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 21:06:09.0536 1172 BTHUSB - ok 21:06:09.0567 1172 [ 2A0DE6423D6BE95C96124FC66046176E ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys 21:06:09.0583 1172 BTWAMPFL - ok 21:06:09.0614 1172 [ CC0A5E69D19B5C1ECC6CF9BF3ACC3969 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 21:06:09.0614 1172 btwaudio - ok 21:06:09.0630 1172 [ 9ABEA4DC976E3F47DA2D4B169719CBAA ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys 21:06:09.0630 1172 btwavdt - ok 21:06:09.0708 1172 [ 2A6008A9511330B7864B30A8B455AD0A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 21:06:09.0723 1172 btwdins - ok 21:06:09.0739 1172 [ C2C9AEB3F9525CBA2670D1F2BEB32A0A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 21:06:09.0739 1172 btwl2cap - ok 21:06:09.0770 1172 [ 1E5468447E4D18FBEA5F01267D6495A5 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 21:06:09.0770 1172 btwrchid - ok 21:06:09.0864 1172 [ E4B94F8EDB3540D43A473D552C30D395 ] CcmExec C:\Windows\system32\CCM\CcmExec.exe 21:06:09.0879 1172 CcmExec - ok 21:06:09.0895 1172 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:06:09.0910 1172 cdfs - ok 21:06:09.0942 1172 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:06:09.0942 1172 cdrom - ok 21:06:09.0988 1172 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 21:06:10.0020 1172 CertPropSvc - ok 21:06:10.0020 1172 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys 21:06:10.0020 1172 circlass - ok 21:06:10.0051 1172 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 21:06:10.0066 1172 CLFS - ok 21:06:10.0129 1172 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:06:10.0129 1172 clr_optimization_v2.0.50727_32 - ok 21:06:10.0160 1172 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:06:10.0160 1172 clr_optimization_v4.0.30319_32 - ok 21:06:10.0207 1172 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:06:10.0222 1172 CmBatt - ok 21:06:10.0222 1172 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:06:10.0222 1172 cmdide - ok 21:06:10.0269 1172 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 21:06:10.0285 1172 CNG - ok 21:06:10.0300 1172 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:06:10.0316 1172 Compbatt - ok 21:06:10.0332 1172 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:06:10.0332 1172 CompositeBus - ok 21:06:10.0347 1172 COMSysApp - ok 21:06:10.0347 1172 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:06:10.0363 1172 crcdisk - ok 21:06:10.0394 1172 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:06:10.0410 1172 CryptSvc - ok 21:06:10.0456 1172 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys 21:06:10.0472 1172 CSC - ok 21:06:10.0472 1172 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll 21:06:10.0488 1172 CscService - ok 21:06:10.0519 1172 [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys 21:06:10.0534 1172 CtAudDrv - ok 21:06:10.0550 1172 [ 01725C2F2757B985CD171C0480AB86B0 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys 21:06:10.0566 1172 CtClsFlt - ok 21:06:10.0612 1172 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys 21:06:10.0612 1172 CVirtA - ok 21:06:10.0690 1172 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe 21:06:10.0706 1172 CVPND - ok 21:06:10.0768 1172 [ 18994842386FD3039279D7865740ABBD ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys 21:06:10.0768 1172 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning 21:06:10.0768 1172 CVPNDRVA - detected UnsignedFile.Multi.Generic (1) 21:06:10.0815 1172 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 21:06:10.0831 1172 DcomLaunch - ok 21:06:10.0862 1172 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 21:06:10.0878 1172 defragsvc - ok 21:06:10.0987 1172 [ 5953ED0990B6F10C9C4C36C7B80941FE ] DFEPService c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe 21:06:11.0018 1172 DFEPService - ok 21:06:11.0065 1172 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:06:11.0096 1172 DfsC - ok 21:06:11.0112 1172 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 21:06:11.0143 1172 Dhcp - ok 21:06:11.0190 1172 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 21:06:11.0205 1172 discache - ok 21:06:11.0236 1172 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys 21:06:11.0236 1172 Disk - ok 21:06:11.0268 1172 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 21:06:11.0268 1172 dmvsc - ok 21:06:11.0299 1172 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\Windows\system32\DRIVERS\dne2000.sys 21:06:11.0299 1172 DNE - ok 21:06:11.0346 1172 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:06:11.0346 1172 Dnscache - ok 21:06:11.0377 1172 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 21:06:11.0392 1172 dot3svc - ok 21:06:11.0439 1172 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 21:06:11.0455 1172 Dot4 - ok 21:06:11.0502 1172 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 21:06:11.0517 1172 Dot4Print - ok 21:06:11.0533 1172 [ 9F7DE667C505CE6500BECDD8E11644D7 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys 21:06:11.0548 1172 Dot4Scan - ok 21:06:11.0580 1172 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 21:06:11.0595 1172 dot4usb - ok 21:06:11.0611 1172 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 21:06:11.0626 1172 DPS - ok 21:06:11.0658 1172 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:06:11.0658 1172 drmkaud - ok 21:06:11.0704 1172 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:06:11.0720 1172 DXGKrnl - ok 21:06:11.0736 1172 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 21:06:11.0767 1172 EapHost - ok 21:06:11.0829 1172 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys 21:06:11.0876 1172 ebdrv - ok 21:06:11.0892 1172 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 21:06:11.0907 1172 EFS - ok 21:06:11.0970 1172 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:06:11.0985 1172 ehRecvr - ok 21:06:11.0985 1172 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 21:06:12.0001 1172 ehSched - ok 21:06:12.0016 1172 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:06:12.0032 1172 elxstor - ok 21:06:12.0032 1172 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:06:12.0032 1172 ErrDev - ok 21:06:12.0079 1172 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 21:06:12.0110 1172 EventSystem - ok 21:06:12.0204 1172 [ 816025E303A1DAE89E39D3D77CCBA2FB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 21:06:12.0235 1172 EvtEng - ok 21:06:12.0250 1172 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 21:06:12.0266 1172 exfat - ok 21:06:12.0313 1172 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:06:12.0328 1172 fastfat - ok 21:06:12.0360 1172 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 21:06:12.0360 1172 Fax - ok 21:06:12.0375 1172 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 21:06:12.0391 1172 fdc - ok 21:06:12.0406 1172 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 21:06:12.0422 1172 fdPHost - ok 21:06:12.0438 1172 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 21:06:12.0453 1172 FDResPub - ok 21:06:12.0469 1172 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:06:12.0469 1172 FileInfo - ok 21:06:12.0484 1172 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:06:12.0500 1172 Filetrace - ok 21:06:12.0516 1172 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 21:06:12.0531 1172 flpydisk - ok 21:06:12.0547 1172 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:06:12.0562 1172 FltMgr - ok 21:06:12.0594 1172 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll 21:06:12.0609 1172 FontCache - ok 21:06:12.0672 1172 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 21:06:12.0672 1172 FontCache3.0.0.0 - ok 21:06:12.0703 1172 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:06:12.0718 1172 FsDepends - ok 21:06:12.0734 1172 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:06:12.0750 1172 Fs_Rec - ok 21:06:12.0765 1172 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:06:12.0765 1172 fvevol - ok 21:06:12.0781 1172 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:06:12.0796 1172 gagp30kx - ok 21:06:12.0843 1172 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:06:12.0843 1172 GEARAspiWDM - ok 21:06:12.0890 1172 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 21:06:12.0906 1172 gpsvc - ok 21:06:12.0999 1172 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 21:06:13.0015 1172 gupdate - ok 21:06:13.0015 1172 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 21:06:13.0015 1172 gupdatem - ok 21:06:13.0046 1172 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 21:06:13.0062 1172 gusvc - ok 21:06:13.0093 1172 [ FCF70F44BBA64A2EB1B87D8A54101DCA ] HBtnKey C:\Windows\system32\drivers\HBtnKey.sys 21:06:13.0093 1172 HBtnKey - ok 21:06:13.0108 1172 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:06:13.0124 1172 hcw85cir - ok 21:06:13.0140 1172 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:06:13.0155 1172 HDAudBus - ok 21:06:13.0171 1172 [ 299BB213421B182002E1EFA7163FB7F2 ] hdlpctrl C:\Windows\system32\drivers\hdlpctrl.sys 21:06:13.0186 1172 hdlpctrl - ok 21:06:13.0186 1172 [ 14D0A0E7743F36AC26D730110FF9FBFF ] hdlpdbk C:\Windows\system32\drivers\hdlpdbk.sys 21:06:13.0186 1172 hdlpdbk - ok 21:06:13.0202 1172 [ 7580E8066586BFB2D5B153C56C809C7C ] hdlpevnt C:\Windows\system32\drivers\hdlpevnt.sys 21:06:13.0202 1172 hdlpevnt - ok 21:06:13.0233 1172 [ EC524B54C3B43389C03A040053552DF3 ] hdlpflt C:\Windows\system32\DRIVERS\hdlpflt.sys 21:06:13.0249 1172 hdlpflt - ok 21:06:13.0280 1172 [ 7C512CBF3FE3B6932C62E67C97FEC2F0 ] hdlpnetf C:\Windows\system32\drivers\hdlpnetf.sys 21:06:13.0280 1172 hdlpnetf - ok 21:06:13.0296 1172 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:06:13.0296 1172 HidBatt - ok 21:06:13.0296 1172 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:06:13.0311 1172 HidBth - ok 21:06:13.0311 1172 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys 21:06:13.0327 1172 HidIr - ok 21:06:13.0358 1172 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 21:06:13.0374 1172 hidserv - ok 21:06:13.0405 1172 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:06:13.0405 1172 HidUsb - ok 21:06:13.0436 1172 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:06:13.0452 1172 hkmsvc - ok 21:06:13.0467 1172 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:06:13.0483 1172 HomeGroupListener - ok 21:06:13.0514 1172 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:06:13.0530 1172 HomeGroupProvider - ok 21:06:13.0530 1172 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:06:13.0530 1172 HpSAMD - ok 21:06:13.0545 1172 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:06:13.0576 1172 HTTP - ok 21:06:13.0592 1172 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:06:13.0592 1172 hwpolicy - ok 21:06:13.0623 1172 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:06:13.0639 1172 i8042prt - ok 21:06:13.0670 1172 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys 21:06:13.0686 1172 iaStor - ok 21:06:13.0717 1172 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:06:13.0717 1172 iaStorV - ok 21:06:13.0779 1172 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:06:13.0795 1172 idsvc - ok 21:06:14.0013 1172 [ 721A8D48B2DC8C1C58C61CB948491EA8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 21:06:14.0122 1172 igfx - ok 21:06:14.0138 1172 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:06:14.0138 1172 iirsp - ok 21:06:14.0185 1172 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 21:06:14.0200 1172 IKEEXT - ok 21:06:14.0232 1172 [ E3C36AC5AE87EC970AE8EA2A93D59AE1 ] Impcd C:\Windows\system32\drivers\Impcd.sys 21:06:14.0247 1172 Impcd - ok 21:06:14.0263 1172 [ 5576AD2F0039D2BCCCA3567FC0BF981C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 21:06:14.0278 1172 IntcDAud - ok 21:06:14.0310 1172 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 21:06:14.0310 1172 intelide - ok 21:06:14.0341 1172 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:06:14.0341 1172 intelppm - ok 21:06:14.0356 1172 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:06:14.0372 1172 IPBusEnum - ok 21:06:14.0403 1172 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:06:14.0419 1172 IpFilterDriver - ok 21:06:14.0481 1172 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:06:14.0497 1172 iphlpsvc - ok 21:06:14.0497 1172 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:06:14.0512 1172 IPMIDRV - ok 21:06:14.0528 1172 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:06:14.0544 1172 IPNAT - ok 21:06:14.0590 1172 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:06:14.0606 1172 iPod Service - ok 21:06:14.0637 1172 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:06:14.0653 1172 IRENUM - ok 21:06:14.0653 1172 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:06:14.0653 1172 isapnp - ok 21:06:14.0668 1172 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:06:14.0684 1172 iScsiPrt - ok 21:06:14.0715 1172 [ 5A9894E80575647DC77A7D1954B05CE7 ] jhi_service C:\Program Files\Intel\Services\IPT\jhi_service.exe 21:06:14.0731 1172 jhi_service - ok 21:06:14.0762 1172 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:06:14.0778 1172 kbdclass - ok 21:06:14.0793 1172 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 21:06:14.0809 1172 kbdhid - ok 21:06:14.0824 1172 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 21:06:14.0840 1172 KeyIso - ok 21:06:14.0887 1172 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:06:14.0887 1172 KSecDD - ok 21:06:14.0934 1172 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:06:14.0949 1172 KSecPkg - ok 21:06:14.0996 1172 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 21:06:15.0012 1172 KtmRm - ok 21:06:15.0058 1172 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll 21:06:15.0074 1172 LanmanServer - ok 21:06:15.0105 1172 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:06:15.0121 1172 LanmanWorkstation - ok 21:06:15.0168 1172 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:06:15.0199 1172 lltdio - ok 21:06:15.0214 1172 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:06:15.0230 1172 lltdsvc - ok 21:06:15.0246 1172 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 21:06:15.0277 1172 lmhosts - ok 21:06:15.0308 1172 [ BD16CFC982ED578C9BC6C6764DE3CD77 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe 21:06:15.0308 1172 LMS - ok 21:06:15.0355 1172 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:06:15.0355 1172 LSI_FC - ok 21:06:15.0355 1172 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:06:15.0370 1172 LSI_SAS - ok 21:06:15.0370 1172 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:06:15.0370 1172 LSI_SAS2 - ok 21:06:15.0402 1172 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:06:15.0402 1172 LSI_SCSI - ok 21:06:15.0433 1172 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 21:06:15.0448 1172 luafv - ok 21:06:15.0526 1172 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 21:06:15.0542 1172 MBAMScheduler - ok 21:06:15.0682 1172 [ BEE1AF0731BD490B5CE1F3CC102F9DAA ] McAfeeDLPAgentService C:\Program Files\McAfee\DLP\Agent\fcags.exe 21:06:15.0760 1172 McAfeeDLPAgentService - ok 21:06:15.0807 1172 [ 5C46CADC89B1E9B01CE348842B0C2468 ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe 21:06:15.0823 1172 McAfeeFramework - ok 21:06:15.0901 1172 [ 50182E471B44C7A0F63B46E2DEF08B0F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 21:06:15.0916 1172 McShield - ok 21:06:15.0932 1172 [ B15BB3AEF59158B4E1DDA5328C842713 ] McTaskManager C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe 21:06:15.0948 1172 McTaskManager - ok 21:06:15.0994 1172 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:06:15.0994 1172 Mcx2Svc - ok 21:06:16.0088 1172 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe 21:06:16.0088 1172 MDM ( UnsignedFile.Multi.Generic ) - warning 21:06:16.0088 1172 MDM - detected UnsignedFile.Multi.Generic (1) 21:06:16.0104 1172 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys 21:06:16.0119 1172 megasas - ok 21:06:16.0119 1172 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:06:16.0135 1172 MegaSR - ok 21:06:16.0182 1172 [ 34A6E8BABFF9A3F5342976B9EA0E4899 ] MEI C:\Windows\system32\DRIVERS\HECI.sys 21:06:16.0182 1172 MEI - ok 21:06:16.0213 1172 [ C0D975D64C1AF8057F2D75B1297A6979 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys 21:06:16.0213 1172 mfeapfk - ok 21:06:16.0228 1172 [ C169326049A8A03D5F905B34F5A65F8C ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys 21:06:16.0244 1172 mfeavfk - ok 21:06:16.0260 1172 [ 50B0253B2484A306A20D8695C5AE5858 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys 21:06:16.0260 1172 mfebopk - ok 21:06:16.0338 1172 [ 37800FBB68D88E3C3E49BB9C97233E87 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys 21:06:16.0353 1172 mfehidk - ok 21:06:16.0384 1172 [ 47C91E229B129047F0138011DDF9F92F ] mferkdet C:\Windows\system32\drivers\mferkdet.sys 21:06:16.0384 1172 mferkdet - ok 21:06:16.0400 1172 [ 0C083212203531D413311ECEA7CFCC3F ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys 21:06:16.0416 1172 mfesmfk - ok 21:06:16.0431 1172 [ 9F09CAA8DC12FC1626F82A5C212F6F9C ] mfevtp C:\Windows\system32\mfevtps.exe 21:06:16.0447 1172 mfevtp - ok 21:06:16.0478 1172 [ 451B49F0E10D6058CED5B56852D82C8B ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys 21:06:16.0478 1172 mfewfpk - ok 21:06:16.0509 1172 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 21:06:16.0540 1172 MMCSS - ok 21:06:16.0556 1172 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 21:06:16.0572 1172 Modem - ok 21:06:16.0603 1172 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:06:16.0618 1172 monitor - ok 21:06:16.0618 1172 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:06:16.0634 1172 mouclass - ok 21:06:16.0665 1172 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:06:16.0681 1172 mouhid - ok 21:06:16.0696 1172 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:06:16.0712 1172 mountmgr - ok 21:06:16.0774 1172 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 21:06:16.0774 1172 MozillaMaintenance - ok 21:06:16.0790 1172 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 21:06:16.0790 1172 mpio - ok 21:06:16.0821 1172 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:06:16.0837 1172 mpsdrv - ok 21:06:16.0868 1172 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:06:16.0899 1172 MpsSvc - ok 21:06:16.0899 1172 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:06:16.0915 1172 MRxDAV - ok 21:06:16.0962 1172 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:06:16.0962 1172 mrxsmb - ok 21:06:16.0977 1172 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:06:16.0993 1172 mrxsmb10 - ok 21:06:17.0008 1172 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:06:17.0024 1172 mrxsmb20 - ok 21:06:17.0040 1172 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 21:06:17.0055 1172 msahci - ok 21:06:17.0071 1172 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:06:17.0071 1172 msdsm - ok 21:06:17.0102 1172 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 21:06:17.0102 1172 MSDTC - ok 21:06:17.0118 1172 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:06:17.0149 1172 Msfs - ok 21:06:17.0149 1172 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:06:17.0164 1172 mshidkmdf - ok 21:06:17.0196 1172 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:06:17.0196 1172 msisadrv - ok 21:06:17.0242 1172 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:06:17.0258 1172 MSiSCSI - ok 21:06:17.0274 1172 msiserver - ok 21:06:17.0274 1172 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:06:17.0289 1172 MSKSSRV - ok 21:06:17.0289 1172 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:06:17.0305 1172 MSPCLOCK - ok 21:06:17.0336 1172 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:06:17.0352 1172 MSPQM - ok 21:06:17.0367 1172 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:06:17.0383 1172 MsRPC - ok 21:06:17.0414 1172 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:06:17.0430 1172 mssmbios - ok 21:06:17.0430 1172 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:06:17.0445 1172 MSTEE - ok 21:06:17.0476 1172 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:06:17.0476 1172 MTConfig - ok 21:06:17.0492 1172 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 21:06:17.0492 1172 Mup - ok 21:06:17.0523 1172 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 21:06:17.0539 1172 napagent - ok 21:06:17.0554 1172 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:06:17.0554 1172 NativeWifiP - ok 21:06:17.0617 1172 [ 3723262737D90F58059CEDA7373B0387 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:06:17.0632 1172 NDIS - ok 21:06:17.0648 1172 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:06:17.0664 1172 NdisCap - ok 21:06:17.0710 1172 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:06:17.0726 1172 NdisTapi - ok 21:06:17.0742 1172 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:06:17.0757 1172 Ndisuio - ok 21:06:17.0788 1172 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:06:17.0804 1172 NdisWan - ok 21:06:17.0835 1172 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:06:17.0851 1172 NDProxy - ok 21:06:17.0866 1172 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:06:17.0882 1172 NetBIOS - ok 21:06:17.0898 1172 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:06:17.0913 1172 NetBT - ok 21:06:17.0929 1172 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 21:06:17.0929 1172 Netlogon - ok 21:06:17.0976 1172 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 21:06:18.0007 1172 Netman - ok 21:06:18.0038 1172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:06:18.0054 1172 NetMsmqActivator - ok 21:06:18.0054 1172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:06:18.0054 1172 NetPipeActivator - ok 21:06:18.0069 1172 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 21:06:18.0085 1172 netprofm - ok 21:06:18.0085 1172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:06:18.0100 1172 NetTcpActivator - ok 21:06:18.0100 1172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:06:18.0100 1172 NetTcpPortSharing - ok 21:06:18.0132 1172 [ 104BE93F0607C6AA0D85319581F96EC2 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys 21:06:18.0147 1172 netvsc - ok 21:06:18.0272 1172 [ 814596469BBE40EF99CCFD582A375B83 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys 21:06:18.0334 1172 NETwNs32 - ok 21:06:18.0366 1172 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:06:18.0381 1172 nfrd960 - ok 21:06:18.0412 1172 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:06:18.0428 1172 NlaSvc - ok 21:06:18.0444 1172 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:06:18.0459 1172 Npfs - ok 21:06:18.0490 1172 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 21:06:18.0522 1172 nsi - ok 21:06:18.0522 1172 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:06:18.0537 1172 nsiproxy - ok 21:06:18.0600 1172 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:06:18.0615 1172 Ntfs - ok 21:06:18.0631 1172 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 21:06:18.0646 1172 Null - ok 21:06:18.0662 1172 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:06:18.0678 1172 nvraid - ok 21:06:18.0693 1172 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:06:18.0709 1172 nvstor - ok 21:06:18.0724 1172 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:06:18.0724 1172 nv_agp - ok 21:06:18.0740 1172 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe 21:06:18.0756 1172 O2FLASH - ok 21:06:18.0787 1172 [ 5F63917FCC257ED11E828230BE594194 ] O2MDFRDR C:\Windows\system32\drivers\O2MDFw7.sys 21:06:18.0802 1172 O2MDFRDR - ok 21:06:18.0818 1172 [ FDC901900D9B1B671B3388C3023BD2EA ] O2MDRRDR C:\Windows\system32\DRIVERS\O2MDRw7.sys 21:06:18.0818 1172 O2MDRRDR - ok 21:06:18.0849 1172 [ 4635935FC972C582632BF45C26BFCB0E ] O2SDIOAssist c:\Windows\system32\srvany.exe 21:06:18.0849 1172 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - warning 21:06:18.0849 1172 O2SDIOAssist - detected UnsignedFile.Multi.Generic (1) 21:06:18.0865 1172 [ D5A27C1ECD36564FED061EFB78BD0A62 ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjw7.sys 21:06:18.0865 1172 O2SDJRDR - ok 21:06:18.0927 1172 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:06:18.0943 1172 odserv - ok 21:06:18.0958 1172 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:06:18.0974 1172 ohci1394 - ok 21:06:19.0005 1172 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:06:19.0021 1172 ose - ok 21:06:19.0052 1172 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:06:19.0068 1172 p2pimsvc - ok 21:06:19.0114 1172 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 21:06:19.0114 1172 p2psvc - ok 21:06:19.0146 1172 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 21:06:19.0161 1172 Parport - ok 21:06:19.0177 1172 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:06:19.0177 1172 partmgr - ok 21:06:19.0208 1172 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 21:06:19.0208 1172 Parvdm - ok 21:06:19.0239 1172 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys 21:06:19.0239 1172 PBADRV - ok 21:06:19.0255 1172 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:06:19.0270 1172 PcaSvc - ok 21:06:19.0302 1172 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 21:06:19.0317 1172 pci - ok 21:06:19.0333 1172 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 21:06:19.0348 1172 pciide - ok 21:06:19.0364 1172 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:06:19.0380 1172 pcmcia - ok 21:06:19.0395 1172 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 21:06:19.0411 1172 pcw - ok 21:06:19.0426 1172 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:06:19.0458 1172 PEAUTH - ok 21:06:19.0504 1172 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 21:06:19.0520 1172 PeerDistSvc - ok 21:06:19.0567 1172 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 21:06:19.0598 1172 pla - ok 21:06:19.0645 1172 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:06:19.0645 1172 PlugPlay - ok 21:06:19.0676 1172 [ 13FBE33E8AB8284C6A3C6CE86FA59EA0 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 21:06:19.0692 1172 Pml Driver HPZ12 - ok 21:06:19.0707 1172 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:06:19.0723 1172 PNRPAutoReg - ok 21:06:19.0738 1172 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:06:19.0738 1172 PNRPsvc - ok 21:06:19.0785 1172 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:06:19.0801 1172 PolicyAgent - ok 21:06:19.0832 1172 [ AC42F771CC29727BD1663F211E9AC507 ] Power C:\Windows\system32\umpo.dll 21:06:19.0832 1172 Power - ok 21:06:19.0848 1172 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:06:19.0879 1172 PptpMiniport - ok 21:06:19.0926 1172 [ 19505C4134F3181FC2203E087140C192 ] prepdrvr C:\Windows\system32\CCM\prepdrv.sys 21:06:19.0926 1172 prepdrvr - ok 21:06:19.0957 1172 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys 21:06:19.0972 1172 Processor - ok 21:06:20.0004 1172 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll 21:06:20.0019 1172 ProfSvc - ok 21:06:20.0035 1172 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:06:20.0050 1172 ProtectedStorage - ok 21:06:20.0050 1172 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:06:20.0082 1172 Psched - ok 21:06:20.0144 1172 [ 763F6B2737C5678C0781B173FF5C0C06 ] PSDA C:\Program Files\CheckPoint\Device Agent\psda.exe 21:06:20.0160 1172 PSDA - ok 21:06:20.0175 1172 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 21:06:20.0191 1172 PxHelp20 - ok 21:06:20.0253 1172 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:06:20.0269 1172 ql2300 - ok 21:06:20.0300 1172 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:06:20.0300 1172 ql40xx - ok 21:06:20.0331 1172 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 21:06:20.0331 1172 QWAVE - ok 21:06:20.0347 1172 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:06:20.0347 1172 QWAVEdrv - ok 21:06:20.0362 1172 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:06:20.0378 1172 RasAcd - ok 21:06:20.0394 1172 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:06:20.0425 1172 RasAgileVpn - ok 21:06:20.0440 1172 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 21:06:20.0456 1172 RasAuto - ok 21:06:20.0472 1172 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:06:20.0487 1172 Rasl2tp - ok 21:06:20.0518 1172 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 21:06:20.0534 1172 RasMan - ok 21:06:20.0550 1172 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:06:20.0565 1172 RasPppoe - ok 21:06:20.0581 1172 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:06:20.0596 1172 RasSstp - ok 21:06:20.0628 1172 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:06:20.0643 1172 rdbss - ok 21:06:20.0659 1172 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:06:20.0659 1172 rdpbus - ok 21:06:20.0674 1172 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:06:20.0690 1172 RDPCDD - ok 21:06:20.0721 1172 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 21:06:20.0737 1172 RDPDR - ok 21:06:20.0768 1172 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:06:20.0784 1172 RDPENCDD - ok 21:06:20.0784 1172 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:06:20.0799 1172 RDPREFMP - ok 21:06:20.0815 1172 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:06:20.0830 1172 RDPWD - ok 21:06:20.0862 1172 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:06:20.0862 1172 rdyboost - ok 21:06:20.0940 1172 [ B064FC671688A9A1C5F46AE06E87F70D ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 21:06:20.0955 1172 RegSrvc - ok 21:06:20.0971 1172 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 21:06:20.0986 1172 RemoteAccess - ok 21:06:21.0049 1172 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:06:21.0064 1172 RemoteRegistry - ok 21:06:21.0096 1172 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:06:21.0096 1172 RFCOMM - ok 21:06:21.0252 1172 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 21:06:21.0267 1172 RoxMediaDB12OEM - ok 21:06:21.0314 1172 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 21:06:21.0314 1172 RoxWatch12 - ok 21:06:21.0330 1172 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:06:21.0361 1172 RpcEptMapper - ok 21:06:21.0408 1172 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 21:06:21.0408 1172 RpcLocator - ok 21:06:21.0423 1172 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 21:06:21.0454 1172 RpcSs - ok 21:06:21.0486 1172 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:06:21.0501 1172 rspndr - ok 21:06:21.0532 1172 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys 21:06:21.0548 1172 s3cap - ok 21:06:21.0548 1172 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 21:06:21.0564 1172 SamSs - ok 21:06:21.0579 1172 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:06:21.0595 1172 sbp2port - ok 21:06:21.0610 1172 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:06:21.0626 1172 SCardSvr - ok 21:06:21.0642 1172 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:06:21.0673 1172 scfilter - ok 21:06:21.0688 1172 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 21:06:21.0720 1172 Schedule - ok 21:06:21.0735 1172 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:06:21.0766 1172 SCPolicySvc - ok 21:06:21.0782 1172 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:06:21.0798 1172 SDRSVC - ok 21:06:21.0813 1172 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:06:21.0829 1172 secdrv - ok 21:06:21.0844 1172 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 21:06:21.0860 1172 seclogon - ok 21:06:22.0000 1172 [ 889C97ACB58C78B9DB6F94FAEDA05B70 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe 21:06:22.0032 1172 SecureStorageService - ok 21:06:22.0047 1172 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 21:06:22.0063 1172 SENS - ok 21:06:22.0094 1172 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:06:22.0110 1172 SensrSvc - ok 21:06:22.0125 1172 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:06:22.0125 1172 Serenum - ok 21:06:22.0156 1172 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 21:06:22.0156 1172 Serial - ok 21:06:22.0156 1172 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:06:22.0172 1172 sermouse - ok 21:06:22.0188 1172 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 21:06:22.0203 1172 SessionEnv - ok 21:06:22.0219 1172 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:06:22.0219 1172 sffdisk - ok 21:06:22.0219 1172 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:06:22.0234 1172 sffp_mmc - ok 21:06:22.0234 1172 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:06:22.0250 1172 sffp_sd - ok 21:06:22.0281 1172 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:06:22.0281 1172 sfloppy - ok 21:06:22.0312 1172 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:06:22.0344 1172 SharedAccess - ok 21:06:22.0359 1172 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:06:22.0390 1172 ShellHWDetection - ok 21:06:22.0390 1172 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 21:06:22.0390 1172 sisagp - ok 21:06:22.0406 1172 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:06:22.0406 1172 SiSRaid2 - ok 21:06:22.0406 1172 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:06:22.0422 1172 SiSRaid4 - ok 21:06:22.0422 1172 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:06:22.0437 1172 Smb - ok 21:06:22.0468 1172 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:06:22.0484 1172 SNMPTRAP - ok 21:06:22.0500 1172 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
  12. Shoshang
    21:04:28.0682 2036 PptpMiniport - ok 21:04:28.0729 2036 [ 19505C4134F3181FC2203E087140C192 ] prepdrvr C:\Windows\system32\CCM\prepdrv.sys 21:04:28.0744 2036 prepdrvr - ok 21:04:28.0760 2036 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys 21:04:28.0775 2036 Processor - ok 21:04:28.0822 2036 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll 21:04:28.0838 2036 ProfSvc - ok 21:04:28.0853 2036 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:04:28.0869 2036 ProtectedStorage - ok 21:04:28.0869 2036 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:04:28.0900 2036 Psched - ok 21:04:28.0978 2036 [ 763F6B2737C5678C0781B173FF5C0C06 ] PSDA C:\Program Files\CheckPoint\Device Agent\psda.exe 21:04:28.0978 2036 PSDA - ok 21:04:29.0009 2036 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 21:04:29.0025 2036 PxHelp20 - ok 21:04:29.0072 2036 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:04:29.0134 2036 ql2300 - ok 21:04:29.0150 2036 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:04:29.0150 2036 ql40xx - ok 21:04:29.0181 2036 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 21:04:29.0197 2036 QWAVE - ok 21:04:29.0212 2036 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:04:29.0228 2036 QWAVEdrv - ok 21:04:29.0228 2036 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:04:29.0243 2036 RasAcd - ok 21:04:29.0290 2036 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:04:29.0321 2036 RasAgileVpn - ok 21:04:29.0337 2036 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 21:04:29.0368 2036 RasAuto - ok 21:04:29.0399 2036 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:04:29.0446 2036 Rasl2tp - ok 21:04:29.0462 2036 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 21:04:29.0509 2036 RasMan - ok 21:04:29.0524 2036 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:04:29.0540 2036 RasPppoe - ok 21:04:29.0555 2036 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:04:29.0587 2036 RasSstp - ok 21:04:29.0633 2036 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:04:29.0665 2036 rdbss - ok 21:04:29.0680 2036 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:04:29.0696 2036 rdpbus - ok 21:04:29.0696 2036 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:04:29.0743 2036 RDPCDD - ok 21:04:29.0774 2036 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 21:04:29.0789 2036 RDPDR - ok 21:04:29.0805 2036 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:04:29.0821 2036 RDPENCDD - ok 21:04:29.0821 2036 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:04:29.0836 2036 RDPREFMP - ok 21:04:29.0867 2036 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:04:29.0883 2036 RDPWD - ok 21:04:29.0914 2036 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:04:29.0914 2036 rdyboost - ok 21:04:29.0961 2036 [ B064FC671688A9A1C5F46AE06E87F70D ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 21:04:29.0977 2036 RegSrvc - ok 21:04:30.0008 2036 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 21:04:30.0023 2036 RemoteAccess - ok 21:04:30.0055 2036 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:04:30.0086 2036 RemoteRegistry - ok 21:04:30.0117 2036 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:04:30.0133 2036 RFCOMM - ok 21:04:30.0273 2036 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 21:04:30.0320 2036 RoxMediaDB12OEM - ok 21:04:30.0351 2036 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 21:04:30.0351 2036 RoxWatch12 - ok 21:04:30.0367 2036 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:04:30.0413 2036 RpcEptMapper - ok 21:04:30.0445 2036 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 21:04:30.0460 2036 RpcLocator - ok 21:04:30.0491 2036 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 21:04:30.0507 2036 RpcSs - ok 21:04:30.0554 2036 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:04:30.0585 2036 rspndr - ok 21:04:30.0616 2036 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys 21:04:30.0632 2036 s3cap - ok 21:04:30.0647 2036 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 21:04:30.0647 2036 SamSs - ok 21:04:30.0663 2036 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:04:30.0679 2036 sbp2port - ok 21:04:30.0694 2036 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:04:30.0725 2036 SCardSvr - ok 21:04:30.0725 2036 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:04:30.0772 2036 scfilter - ok 21:04:30.0803 2036 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 21:04:30.0835 2036 Schedule - ok 21:04:30.0866 2036 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:04:30.0881 2036 SCPolicySvc - ok 21:04:30.0897 2036 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:04:30.0928 2036 SDRSVC - ok 21:04:30.0928 2036 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:04:30.0975 2036 secdrv - ok 21:04:31.0006 2036 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 21:04:31.0037 2036 seclogon - ok 21:04:31.0147 2036 [ 889C97ACB58C78B9DB6F94FAEDA05B70 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe 21:04:31.0193 2036 SecureStorageService - ok 21:04:31.0209 2036 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 21:04:31.0240 2036 SENS - ok 21:04:31.0271 2036 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:04:31.0287 2036 SensrSvc - ok 21:04:31.0303 2036 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:04:31.0303 2036 Serenum - ok 21:04:31.0318 2036 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 21:04:31.0349 2036 Serial - ok 21:04:31.0349 2036 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:04:31.0349 2036 sermouse - ok 21:04:31.0381 2036 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 21:04:31.0412 2036 SessionEnv - ok 21:04:31.0412 2036 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:04:31.0427 2036 sffdisk - ok 21:04:31.0443 2036 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:04:31.0443 2036 sffp_mmc - ok 21:04:31.0443 2036 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:04:31.0459 2036 sffp_sd - ok 21:04:31.0474 2036 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:04:31.0474 2036 sfloppy - ok 21:04:31.0505 2036 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:04:31.0552 2036 SharedAccess - ok 21:04:31.0568 2036 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:04:31.0615 2036 ShellHWDetection - ok 21:04:31.0615 2036 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 21:04:31.0615 2036 sisagp - ok 21:04:31.0615 2036 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:04:31.0630 2036 SiSRaid2 - ok 21:04:31.0630 2036 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:04:31.0646 2036 SiSRaid4 - ok 21:04:31.0661 2036 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:04:31.0677 2036 Smb - ok 21:04:31.0693 2036 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:04:31.0693 2036 SNMPTRAP - ok 21:04:31.0724 2036 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 21:04:31.0724 2036 spldr - ok 21:04:31.0771 2036 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe 21:04:31.0802 2036 Spooler - ok 21:04:31.0958 2036 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 21:04:32.0036 2036 sppsvc - ok 21:04:32.0051 2036 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:04:32.0114 2036 sppuinotify - ok 21:04:32.0192 2036 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:04:32.0254 2036 srv - ok 21:04:32.0301 2036 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:04:32.0317 2036 srv2 - ok 21:04:32.0332 2036 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:04:32.0363 2036 srvnet - ok 21:04:32.0410 2036 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:04:32.0426 2036 SSDPSRV - ok 21:04:32.0441 2036 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:04:32.0488 2036 SstpSvc - ok 21:04:32.0535 2036 [ A97FCA92BE4E62BC589371058CBC769E ] STacSV C:\Program Files\IDT\WDM\STacSV.exe 21:04:32.0551 2036 STacSV - ok 21:04:32.0566 2036 [ D8FC8D47FBFCB3852E40F5D5058ABC6A ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys 21:04:32.0566 2036 stdcfltn - ok 21:04:32.0613 2036 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:04:32.0613 2036 stexstor - ok 21:04:32.0644 2036 [ D5D73B49D53FCC47E2828D6805DFA0F6 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys 21:04:32.0691 2036 STHDA - ok 21:04:32.0722 2036 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 21:04:32.0738 2036 StiSvc - ok 21:04:32.0785 2036 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 21:04:32.0800 2036 stllssvr - ok 21:04:32.0831 2036 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll 21:04:32.0863 2036 StorSvc - ok 21:04:32.0878 2036 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys 21:04:32.0894 2036 storvsc - ok 21:04:32.0925 2036 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:04:32.0941 2036 swenum - ok 21:04:32.0956 2036 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 21:04:33.0003 2036 swprv - ok 21:04:33.0003 2036 [ 04990C25043705985F1EC40BF704AAAC ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys 21:04:33.0019 2036 SynthVid - ok 21:04:33.0065 2036 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 21:04:33.0112 2036 SysMain - ok 21:04:33.0128 2036 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:04:33.0143 2036 TabletInputService - ok 21:04:33.0175 2036 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 21:04:33.0206 2036 TapiSrv - ok 21:04:33.0221 2036 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 21:04:33.0253 2036 TBS - ok 21:04:33.0315 2036 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:04:33.0362 2036 Tcpip - ok 21:04:33.0393 2036 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:04:33.0424 2036 TCPIP6 - ok 21:04:33.0440 2036 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:04:33.0455 2036 tcpipreg - ok 21:04:33.0549 2036 [ 3D52B206D9F6F3ECFDB5D676614E47B6 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe 21:04:33.0611 2036 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning 21:04:33.0611 2036 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1) 21:04:33.0689 2036 [ 0BAD1BC9BA31218B682455182134537D ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe 21:04:33.0752 2036 TdmService - ok 21:04:33.0783 2036 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:04:33.0799 2036 TDPIPE - ok 21:04:33.0845 2036 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:04:33.0845 2036 TDTCP - ok 21:04:33.0892 2036 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:04:33.0923 2036 tdx - ok 21:04:33.0939 2036 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:04:33.0939 2036 TermDD - ok 21:04:33.0986 2036 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 21:04:34.0017 2036 TermService - ok 21:04:34.0033 2036 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 21:04:34.0064 2036 Themes - ok 21:04:34.0079 2036 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 21:04:34.0111 2036 THREADORDER - ok 21:04:34.0111 2036 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 21:04:34.0142 2036 TrkWks - ok 21:04:34.0204 2036 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:04:34.0220 2036 TrustedInstaller - ok 21:04:34.0235 2036 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:04:34.0251 2036 tssecsrv - ok 21:04:34.0282 2036 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:04:34.0313 2036 TsUsbFlt - ok 21:04:34.0329 2036 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:04:34.0345 2036 TsUsbGD - ok 21:04:34.0376 2036 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:04:34.0407 2036 tunnel - ok 21:04:34.0407 2036 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:04:34.0407 2036 uagp35 - ok 21:04:34.0423 2036 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:04:34.0469 2036 udfs - ok 21:04:34.0501 2036 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:04:34.0516 2036 UI0Detect - ok 21:04:34.0532 2036 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:04:34.0532 2036 uliagpkx - ok 21:04:34.0547 2036 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:04:34.0547 2036 umbus - ok 21:04:34.0563 2036 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys 21:04:34.0579 2036 UmPass - ok 21:04:34.0610 2036 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll 21:04:34.0625 2036 UmRdpService - ok 21:04:34.0719 2036 [ 30B67FBC4D170B1FB2AED6784FAE4AB4 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe 21:04:34.0813 2036 UNS - ok 21:04:34.0844 2036 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 21:04:34.0875 2036 upnphost - ok 21:04:34.0922 2036 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 21:04:34.0937 2036 USBAAPL - ok 21:04:34.0984 2036 [ 4663AD7F61519E88687393BFCB154E4C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:04:35.0000 2036 usbccgp - ok 21:04:35.0031 2036 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:04:35.0031 2036 usbcir - ok 21:04:35.0062 2036 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:04:35.0062 2036 usbehci - ok 21:04:35.0109 2036 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:04:35.0109 2036 usbhub - ok 21:04:35.0156 2036 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:04:35.0171 2036 usbohci - ok 21:04:35.0187 2036 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys 21:04:35.0203 2036 usbprint - ok 21:04:35.0218 2036 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:04:35.0265 2036 USBSTOR - ok 21:04:35.0296 2036 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:04:35.0296 2036 usbuhci - ok 21:04:35.0327 2036 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:04:35.0343 2036 usbvideo - ok 21:04:35.0390 2036 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 21:04:35.0405 2036 UxSms - ok 21:04:35.0405 2036 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 21:04:35.0421 2036 VaultSvc - ok 21:04:35.0452 2036 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:04:35.0452 2036 vdrvroot - ok 21:04:35.0468 2036 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 21:04:35.0515 2036 vds - ok 21:04:35.0530 2036 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:04:35.0546 2036 vga - ok 21:04:35.0561 2036 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 21:04:35.0577 2036 VgaSave - ok 21:04:35.0593 2036 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:04:35.0593 2036 vhdmp - ok 21:04:35.0608 2036 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 21:04:35.0608 2036 viaagp - ok 21:04:35.0624 2036 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys 21:04:35.0639 2036 ViaC7 - ok 21:04:35.0655 2036 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 21:04:35.0655 2036 viaide - ok 21:04:35.0702 2036 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys 21:04:35.0717 2036 VMBusHID - ok 21:04:35.0717 2036 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:04:35.0733 2036 volmgr - ok 21:04:35.0749 2036 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:04:35.0764 2036 volmgrx - ok 21:04:35.0795 2036 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:04:35.0795 2036 volsnap - ok 21:04:35.0811 2036 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:04:35.0827 2036 vsmraid - ok 21:04:35.0889 2036 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 21:04:35.0936 2036 VSS - ok 21:04:35.0967 2036 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:04:35.0983 2036 vwifibus - ok 21:04:36.0014 2036 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:04:36.0029 2036 vwififlt - ok 21:04:36.0045 2036 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 21:04:36.0076 2036 W32Time - ok 21:04:36.0092 2036 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:04:36.0107 2036 WacomPen - ok 21:04:36.0123 2036 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:04:36.0139 2036 WANARP - ok 21:04:36.0154 2036 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:04:36.0170 2036 Wanarpv6 - ok 21:04:36.0232 2036 [ 79E2E832DE566CFEDBF4E6DAFE73B959 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe 21:04:36.0279 2036 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - warning 21:04:36.0279 2036 Wave Authentication Manager Service - detected UnsignedFile.Multi.Generic (1) 21:04:36.0326 2036 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 21:04:36.0357 2036 wbengine - ok 21:04:36.0373 2036 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:04:36.0388 2036 WbioSrvc - ok 21:04:36.0419 2036 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:04:36.0435 2036 wcncsvc - ok 21:04:36.0451 2036 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:04:36.0482 2036 WcsPlugInService - ok 21:04:36.0513 2036 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys 21:04:36.0513 2036 Wd - ok 21:04:36.0544 2036 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys 21:04:36.0575 2036 WDC_SAM - ok 21:04:36.0607 2036 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:04:36.0622 2036 Wdf01000 - ok 21:04:36.0622 2036 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:04:36.0669 2036 WdiServiceHost - ok 21:04:36.0669 2036 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:04:36.0685 2036 WdiSystemHost - ok 21:04:36.0700 2036 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 21:04:36.0731 2036 WebClient - ok 21:04:36.0763 2036 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:04:36.0778 2036 Wecsvc - ok 21:04:36.0794 2036 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:04:36.0809 2036 wercplsupport - ok 21:04:36.0825 2036 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 21:04:36.0856 2036 WerSvc - ok 21:04:36.0887 2036 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:04:36.0903 2036 WfpLwf - ok 21:04:36.0919 2036 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:04:36.0934 2036 WIMMount - ok 21:04:36.0997 2036 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 21:04:37.0043 2036 WinDefend - ok 21:04:37.0059 2036 WinHttpAutoProxySvc - ok 21:04:37.0121 2036 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:04:37.0153 2036 Winmgmt - ok 21:04:37.0184 2036 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 21:04:37.0262 2036 WinRM - ok 21:04:37.0293 2036 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:04:37.0324 2036 WinUsb - ok 21:04:37.0387 2036 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:04:37.0402 2036 Wlansvc - ok 21:04:37.0449 2036 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:04:37.0465 2036 wlcrasvc - ok 21:04:37.0527 2036 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:04:37.0574 2036 wlidsvc - ok 21:04:37.0605 2036 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:04:37.0636 2036 WmiAcpi - ok 21:04:37.0683 2036 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:04:37.0699 2036 wmiApSrv - ok 21:04:37.0777 2036 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 21:04:37.0808 2036 WMPNetworkSvc - ok 21:04:37.0839 2036 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:04:37.0870 2036 WPCSvc - ok 21:04:37.0886 2036 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:04:37.0917 2036 WPDBusEnum - ok 21:04:37.0933 2036 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:04:37.0964 2036 ws2ifsl - ok 21:04:37.0979 2036 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll 21:04:38.0011 2036 wscsvc - ok 21:04:38.0026 2036 WSearch - ok 21:04:38.0073 2036 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 21:04:38.0151 2036 wuauserv - ok 21:04:38.0198 2036 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:04:38.0229 2036 WudfPf - ok 21:04:38.0260 2036 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:04:38.0276 2036 WUDFRd - ok 21:04:38.0338 2036 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:04:38.0369 2036 wudfsvc - ok 21:04:38.0401 2036 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 21:04:38.0432 2036 WwanSvc - ok 21:04:38.0494 2036 [ 4F5D56FF81B8C0294E22DCC62136F253 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe 21:04:38.0510 2036 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - warning 21:04:38.0510 2036 ZcfgSvc7 - detected UnsignedFile.Multi.Generic (1) 21:04:38.0525 2036 ================ Scan global =============================== 21:04:38.0588 2036 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 21:04:38.0619 2036 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll 21:04:38.0619 2036 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll 21:04:38.0650 2036 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 21:04:38.0681 2036 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 21:04:38.0681 2036 [Global] - ok 21:04:38.0681 2036 ================ Scan MBR ================================== 21:04:38.0697 2036 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 21:04:38.0697 2036 Suspicious mbr (Forged): \Device\Harddisk0\DR0 21:04:38.0728 2036 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected 21:04:38.0728 2036 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0) 21:04:38.0837 2036 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 21:04:38.0837 2036 \Device\Harddisk0\DR0 - detected TDSS File System (1) 21:04:38.0837 2036 ================ Scan VBR ================================== 21:04:38.0869 2036 [ 5672DDBF3F34A25020C02BA51121BE90 ] \Device\Harddisk0\DR0\Partition1 21:04:38.0869 2036 \Device\Harddisk0\DR0\Partition1 - ok 21:04:38.0915 2036 [ 1B2A8FA3707E83DDD373933C6F9B47B2 ] \Device\Harddisk0\DR0\Partition2 21:04:38.0915 2036 \Device\Harddisk0\DR0\Partition2 - ok 21:04:38.0915 2036 ================ Scan active images ======================== 21:04:38.0915 2036 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys 21:04:38.0915 2036 C:\Windows\System32\drivers\crashdmp.sys - ok 21:04:38.0915 2036 [ F4037A3FEDB92DD97C95F320766EA5C9 ] C:\Windows\System32\drivers\iaStor.sys 21:04:38.0915 2036 C:\Windows\System32\drivers\iaStor.sys - ok 21:04:38.0915 2036 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys 21:04:38.0915 2036 C:\Windows\System32\drivers\dumpfve.sys - ok 21:04:38.0931 2036 [ 7E0AB74553476622FB6AE36F73D97D35 ] C:\Windows\System32\drivers\fastfat.sys 21:04:38.0931 2036 C:\Windows\System32\drivers\fastfat.sys - ok 21:04:38.0931 2036 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys 21:04:38.0931 2036 C:\Windows\System32\drivers\beep.sys - ok 21:04:38.0931 2036 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys 21:04:38.0931 2036 C:\Windows\System32\drivers\null.sys - ok 21:04:38.0931 2036 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys 21:04:38.0931 2036 C:\Windows\System32\drivers\vga.sys - ok 21:04:38.0931 2036 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys 21:04:38.0931 2036 C:\Windows\System32\drivers\videoprt.sys - ok 21:04:38.0947 2036 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys 21:04:38.0947 2036 C:\Windows\System32\drivers\watchdog.sys - ok 21:04:38.0962 2036 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys 21:04:38.0962 2036 C:\Windows\System32\drivers\msfs.sys - ok 21:04:38.0962 2036 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys 21:04:38.0962 2036 C:\Windows\System32\drivers\npfs.sys - ok 21:04:38.0962 2036 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll 21:04:38.0962 2036 C:\Windows\System32\ntdll.dll - ok 21:04:38.0962 2036 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe 21:04:38.0962 2036 C:\Windows\System32\smss.exe - ok 21:04:38.0962 2036 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe 21:04:38.0962 2036 C:\Windows\System32\autochk.exe - ok 21:04:38.0962 2036 [ 34A6E8BABFF9A3F5342976B9EA0E4899 ] C:\Windows\System32\drivers\HECI.sys 21:04:38.0978 2036 C:\Windows\System32\drivers\HECI.sys - ok 21:04:38.0978 2036 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys 21:04:38.0978 2036 C:\Windows\System32\drivers\usbport.sys - ok 21:04:38.0978 2036 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys 21:04:38.0978 2036 C:\Windows\System32\drivers\hdaudbus.sys - ok 21:04:38.0978 2036 [ 14D0A0E7743F36AC26D730110FF9FBFF ] C:\Windows\System32\drivers\hdlpdbk.sys 21:04:38.0978 2036 C:\Windows\System32\drivers\hdlpdbk.sys - ok 21:04:38.0978 2036 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys 21:04:38.0978 2036 C:\Windows\System32\drivers\usbehci.sys - ok 21:04:38.0978 2036 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] C:\Windows\System32\drivers\1394ohci.sys 21:04:38.0978 2036 C:\Windows\System32\drivers\1394ohci.sys - ok 21:04:38.0993 2036 [ FDC901900D9B1B671B3388C3023BD2EA ] C:\Windows\System32\drivers\O2MDRw7.sys 21:04:38.0993 2036 C:\Windows\System32\drivers\O2MDRw7.sys - ok 21:04:38.0993 2036 [ D5A27C1ECD36564FED061EFB78BD0A62 ] C:\Windows\System32\drivers\o2sdjw7.sys 21:04:38.0993 2036 C:\Windows\System32\drivers\o2sdjw7.sys - ok 21:04:38.0993 2036 [ 099972E1FAF4950D3994FBAB9DD21253 ] C:\Windows\System32\drivers\scsiport.sys 21:04:38.0993 2036 C:\Windows\System32\drivers\scsiport.sys - ok 21:04:38.0993 2036 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys 21:04:38.0993 2036 C:\Windows\System32\drivers\i8042prt.sys - ok 21:04:38.0993 2036 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys 21:04:38.0993 2036 C:\Windows\System32\drivers\kbdclass.sys - ok 21:04:38.0993 2036 [ 476A6EFB2BB338D2854B3751367F8F71 ] C:\Windows\System32\drivers\Apfiltr.sys 21:04:38.0993 2036 C:\Windows\System32\drivers\Apfiltr.sys - ok 21:04:39.0040 2036 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys 21:04:39.0040 2036 C:\Windows\System32\drivers\cdrom.sys - ok 21:04:39.0056 2036 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys 21:04:39.0056 2036 C:\Windows\System32\drivers\mouclass.sys - ok 21:04:39.0056 2036 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys 21:04:39.0056 2036 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok 21:04:39.0056 2036 [ EDC50031D6AB9180B3B3BD1C547C7D0A ] C:\Windows\System32\drivers\accelern.sys 21:04:39.0056 2036 C:\Windows\System32\drivers\accelern.sys - ok 21:04:39.0056 2036 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys 21:04:39.0056 2036 C:\Windows\System32\drivers\blbdrive.sys - ok 21:04:39.0056 2036 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys 21:04:39.0056 2036 C:\Windows\System32\drivers\CompositeBus.sys - ok 21:04:39.0056 2036 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys 21:04:39.0056 2036 C:\Windows\System32\drivers\mssmbios.sys - ok 21:04:39.0087 2036 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys 21:04:39.0087 2036 C:\Windows\System32\drivers\wmiacpi.sys - ok 21:04:39.0087 2036 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys 21:04:39.0087 2036 C:\Windows\System32\drivers\rdpbus.sys - ok 21:04:39.0087 2036 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys 21:04:39.0087 2036 C:\Windows\System32\drivers\termdd.sys - ok 21:04:39.0087 2036 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys 21:04:39.0087 2036 C:\Windows\System32\drivers\ks.sys - ok 21:04:39.0087 2036 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys 21:04:39.0087 2036 C:\Windows\System32\drivers\swenum.sys - ok 21:04:39.0087 2036 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys 21:04:39.0087 2036 C:\Windows\System32\drivers\umbus.sys - ok 21:04:39.0103 2036 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys 21:04:39.0103 2036 C:\Windows\System32\drivers\usbhub.sys - ok 21:04:39.0103 2036 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll 21:04:39.0103 2036 C:\Windows\System32\difxapi.dll - ok 21:04:39.0103 2036 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll 21:04:39.0103 2036 C:\Windows\System32\psapi.dll - ok 21:04:39.0103 2036 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys 21:04:39.0103 2036 C:\Windows\System32\drivers\usbd.sys - ok 21:04:39.0103 2036 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll 21:04:39.0103 2036 C:\Windows\System32\normaliz.dll - ok 21:04:39.0118 2036 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll 21:04:39.0118 2036 C:\Windows\System32\ws2_32.dll - ok 21:04:39.0118 2036 [ 4663AD7F61519E88687393BFCB154E4C ] C:\Windows\System32\drivers\usbccgp.sys 21:04:39.0118 2036 C:\Windows\System32\drivers\usbccgp.sys - ok 21:04:39.0118 2036 [ CC19A4AE696C2191E965A9835F1E6399 ] C:\Windows\System32\usp10.dll 21:04:39.0118 2036 C:\Windows\System32\usp10.dll - ok 21:04:39.0118 2036 [ 667981F2E7C26275F0694B58EEE303B9 ] C:\Windows\System32\urlmon.dll 21:04:39.0118 2036 C:\Windows\System32\urlmon.dll - ok 21:04:39.0118 2036 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll 21:04:39.0118 2036 C:\Windows\System32\lpk.dll - ok 21:04:39.0118 2036 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll 21:04:39.0118 2036 C:\Windows\System32\rpcrt4.dll - ok 21:04:39.0134 2036 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll 21:04:39.0134 2036 C:\Windows\System32\shlwapi.dll - ok 21:04:39.0149 2036 [ B17ADBBBDC97148D28F995F32C380F2E ] C:\Windows\System32\iertutil.dll 21:04:39.0149 2036 C:\Windows\System32\iertutil.dll - ok 21:04:39.0149 2036 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll 21:04:39.0149 2036 C:\Windows\System32\nsi.dll - ok 21:04:39.0149 2036 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll 21:04:39.0149 2036 C:\Windows\System32\sechost.dll - ok 21:04:39.0149 2036 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll 21:04:39.0149 2036 C:\Windows\System32\imagehlp.dll - ok 21:04:39.0149 2036 [ 75A97A2C060E72AB49E071E08C7DD2BA ] C:\Windows\System32\wininet.dll 21:04:39.0149 2036 C:\Windows\System32\wininet.dll - ok 21:04:39.0165 2036 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll 21:04:39.0165 2036 C:\Windows\System32\setupapi.dll - ok 21:04:39.0181 2036 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll 21:04:39.0181 2036 C:\Windows\System32\gdi32.dll - ok 21:04:39.0212 2036 [ E570CBD732848438EAC574EB3442A2A8 ] C:\Windows\System32\kernel32.dll 21:04:39.0212 2036 C:\Windows\System32\kernel32.dll - ok 21:04:39.0212 2036 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll 21:04:39.0212 2036 C:\Windows\System32\msvcrt.dll - ok 21:04:39.0212 2036 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll 21:04:39.0212 2036 C:\Windows\System32\user32.dll - ok 21:04:39.0212 2036 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll 21:04:39.0212 2036 C:\Windows\System32\oleaut32.dll - ok 21:04:39.0212 2036 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll 21:04:39.0212 2036 C:\Windows\System32\shell32.dll - ok 21:04:39.0212 2036 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll 21:04:39.0212 2036 C:\Windows\System32\ole32.dll - ok 21:04:39.0227 2036 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll 21:04:39.0227 2036 C:\Windows\System32\Wldap32.dll - ok 21:04:39.0227 2036 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll 21:04:39.0227 2036 C:\Windows\System32\advapi32.dll - ok 21:04:39.0227 2036 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll 21:04:39.0227 2036 C:\Windows\System32\comdlg32.dll - ok 21:04:39.0227 2036 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll 21:04:39.0227 2036 C:\Windows\System32\clbcatq.dll - ok 21:04:39.0227 2036 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll 21:04:39.0227 2036 C:\Windows\System32\imm32.dll - ok 21:04:39.0227 2036 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll 21:04:39.0227 2036 C:\Windows\System32\msctf.dll - ok 21:04:39.0243 2036 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll 21:04:39.0243 2036 C:\Windows\System32\comctl32.dll - ok 21:04:39.0243 2036 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\System32\wintrust.dll 21:04:39.0243 2036 C:\Windows\System32\wintrust.dll - ok 21:04:39.0243 2036 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\System32\crypt32.dll 21:04:39.0243 2036 C:\Windows\System32\crypt32.dll - ok 21:04:39.0243 2036 [ A9F8E23C1FC00190376B11FFAD9DE6C6 ] C:\Windows\System32\KernelBase.dll 21:04:39.0243 2036 C:\Windows\System32\KernelBase.dll - ok 21:04:39.0243 2036 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll 21:04:39.0243 2036 C:\Windows\System32\cfgmgr32.dll - ok 21:04:39.0243 2036 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll 21:04:39.0243 2036 C:\Windows\System32\devobj.dll - ok 21:04:39.0274 2036 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll 21:04:39.0274 2036 C:\Windows\System32\msasn1.dll - ok 21:04:39.0274 2036 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys 21:04:39.0274 2036 C:\Windows\System32\drivers\dxapi.sys - ok 21:04:39.0274 2036 [ A36F22FB7A78A0591DA3A6E0783825E7 ] C:\Windows\System32\win32k.sys 21:04:39.0274 2036 C:\Windows\System32\win32k.sys - ok 21:04:39.0274 2036 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll 21:04:39.0274 2036 C:\Windows\System32\csrsrv.dll - ok 21:04:39.0274 2036 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe 21:04:39.0274 2036 C:\Windows\System32\csrss.exe - ok 21:04:39.0274 2036 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll 21:04:39.0274 2036 C:\Windows\System32\basesrv.dll - ok 21:04:39.0305 2036 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\System32\winsrv.dll 21:04:39.0305 2036 C:\Windows\System32\winsrv.dll - ok 21:04:39.0321 2036 [ 1B6242B20CB56F85A158E67F09EE84FE ] C:\Windows\System32\drivers\dxg.sys 21:04:39.0321 2036 C:\Windows\System32\drivers\dxg.sys - ok 21:04:39.0337 2036 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll 21:04:39.0337 2036 C:\Windows\System32\tsddd.dll - ok 21:04:39.0337 2036 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll 21:04:39.0337 2036 C:\Windows\System32\sxssrv.dll - ok 21:04:39.0337 2036 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe 21:04:39.0337 2036 C:\Windows\System32\wininit.exe - ok 21:04:39.0337 2036 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll 21:04:39.0337 2036 C:\Windows\System32\profapi.dll - ok 21:04:39.0337 2036 [ FFF84D51E1EA6CE3E8AC74D17C0D4889 ] C:\Windows\System32\vga.dll 21:04:39.0337 2036 C:\Windows\System32\vga.dll - ok 21:04:39.0352 2036 [ 229A6606904638C5A4A3CBC5FEF1DCDC ] C:\Windows\System32\framebuf.dll 21:04:39.0352 2036 C:\Windows\System32\framebuf.dll - ok 21:04:39.0352 2036 [ B11BCD430977E5FBCB3A5804C675C5A0 ] C:\Windows\System32\vga256.dll 21:04:39.0352 2036 C:\Windows\System32\vga256.dll - ok 21:04:39.0352 2036 [ 7FFE091344E7939B3BAD6E8ADAD617B3 ] C:\Windows\System32\vga64k.dll 21:04:39.0352 2036 C:\Windows\System32\vga64k.dll - ok 21:04:39.0352 2036 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll 21:04:39.0352 2036 C:\Windows\System32\RpcRtRemote.dll - ok 21:04:39.0352 2036 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe 21:04:39.0352 2036 C:\Windows\System32\winlogon.exe - ok 21:04:39.0352 2036 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll 21:04:39.0352 2036 C:\Windows\System32\winsta.dll - ok 21:04:39.0368 2036 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL 21:04:39.0368 2036 C:\Windows\System32\KBDUS.DLL - ok 21:04:39.0368 2036 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll 21:04:39.0368 2036 C:\Windows\System32\WlS0WndH.dll - ok 21:04:39.0368 2036 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll 21:04:39.0368 2036 C:\Windows\System32\sxs.dll - ok 21:04:39.0368 2036 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll 21:04:39.0368 2036 C:\Windows\System32\cryptbase.dll - ok 21:04:39.0368 2036 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe 21:04:39.0368 2036 C:\Windows\System32\lsass.exe - ok 21:04:39.0368 2036 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe 21:04:39.0368 2036 C:\Windows\System32\services.exe - ok 21:04:39.0399 2036 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll 21:04:39.0399 2036 C:\Windows\System32\sspicli.dll - ok 21:04:39.0399 2036 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe 21:04:39.0399 2036 C:\Windows\System32\lsm.exe - ok 21:04:39.0399 2036 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll 21:04:39.0399 2036 C:\Windows\System32\sspisrv.dll - ok 21:04:39.0399 2036 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll 21:04:39.0399 2036 C:\Windows\System32\scesrv.dll - ok 21:04:39.0399 2036 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll 21:04:39.0399 2036 C:\Windows\System32\scext.dll - ok 21:04:39.0399 2036 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll 21:04:39.0399 2036 C:\Windows\System32\secur32.dll - ok 21:04:39.0415 2036 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll 21:04:39.0415 2036 C:\Windows\System32\srvcli.dll - ok 21:04:39.0415 2036 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll 21:04:39.0415 2036 C:\Windows\System32\lsasrv.dll - ok 21:04:39.0415 2036 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll 21:04:39.0415 2036 C:\Windows\System32\samsrv.dll - ok 21:04:39.0415 2036 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll 21:04:39.0415 2036 C:\Windows\System32\sysntfy.dll - ok 21:04:39.0415 2036 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll 21:04:39.0415 2036 C:\Windows\System32\wmsgapi.dll - ok 21:04:39.0415 2036 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll 21:04:39.0415 2036 C:\Windows\System32\cryptdll.dll - ok 21:04:39.0430 2036 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll 21:04:39.0430 2036 C:\Windows\System32\cngaudit.dll - ok 21:04:39.0430 2036 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll 21:04:39.0430 2036 C:\Windows\System32\wevtapi.dll - ok 21:04:39.0430 2036 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll 21:04:39.0430 2036 C:\Windows\System32\authz.dll - ok 21:04:39.0430 2036 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll 21:04:39.0430 2036 C:\Windows\System32\bcrypt.dll - ok 21:04:39.0430 2036 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\System32\ncrypt.dll 21:04:39.0430 2036 C:\Windows\System32\ncrypt.dll - ok 21:04:39.0430 2036 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll 21:04:39.0430 2036 C:\Windows\System32\msprivs.dll - ok 21:04:39.0446 2036 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll 21:04:39.0446 2036 C:\Windows\System32\netjoin.dll - ok 21:04:39.0477 2036 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll 21:04:39.0477 2036 C:\Windows\System32\negoexts.dll - ok 21:04:39.0493 2036 [ ED4649A28AFE0B3DB93C3198BA48E34E ] C:\Windows\System32\atmfd.dll 21:04:39.0493 2036 C:\Windows\System32\atmfd.dll - ok 21:04:39.0493 2036 [ 2F4348DC0D06A0EBA5F5C4CB435790C1 ] C:\Windows\System32\kerberos.dll 21:04:39.0493 2036 C:\Windows\System32\kerberos.dll - ok 21:04:39.0493 2036 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys 21:04:39.0493 2036 C:\Windows\System32\drivers\TsUsbFlt.sys - ok 21:04:39.0493 2036 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll 21:04:39.0493 2036 C:\Windows\System32\cryptsp.dll - ok 21:04:39.0493 2036 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll 21:04:39.0493 2036 C:\Windows\System32\msv1_0.dll - ok 21:04:39.0493 2036 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll 21:04:39.0493 2036 C:\Windows\System32\mswsock.dll - ok 21:04:39.0524 2036 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll 21:04:39.0524 2036 C:\Windows\System32\wship6.dll - ok 21:04:39.0524 2036 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL 21:04:39.0524 2036 C:\Windows\System32\WSHTCPIP.DLL - ok 21:04:39.0524 2036 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll 21:04:39.0524 2036 C:\Windows\System32\dnsapi.dll - ok 21:04:39.0524 2036 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll 21:04:39.0524 2036 C:\Windows\System32\logoncli.dll - ok 21:04:39.0524 2036 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll 21:04:39.0524 2036 C:\Windows\System32\netlogon.dll - ok 21:04:39.0524 2036 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll 21:04:39.0524 2036 C:\Windows\System32\schannel.dll - ok 21:04:39.0539 2036 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll 21:04:39.0539 2036 C:\Windows\System32\wdigest.dll - ok 21:04:39.0539 2036 [ 9EDE13F62E7BE92DBA561218EDDC4E21 ] C:\Windows\System32\LIVESSP.DLL 21:04:39.0539 2036 C:\Windows\System32\LIVESSP.DLL - ok 21:04:39.0539 2036 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll 21:04:39.0539 2036 C:\Windows\System32\pku2u.dll - ok 21:04:39.0539 2036 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll 21:04:39.0539 2036 C:\Windows\System32\rsaenh.dll - ok 21:04:39.0539 2036 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll 21:04:39.0539 2036 C:\Windows\System32\TSpkg.dll - ok 21:04:39.0539 2036 [ 7558F12AF69EFD8AE3B2996ADB5221D4 ] C:\Windows\System32\wvauth.dll 21:04:39.0539 2036 C:\Windows\System32\wvauth.dll - ok 21:04:39.0555 2036 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll 21:04:39.0555 2036 C:\Windows\System32\WinSCard.dll - ok 21:04:39.0555 2036 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\System32\activeds.dll 21:04:39.0555 2036 C:\Windows\System32\activeds.dll - ok 21:04:39.0555 2036 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll 21:04:39.0555 2036 C:\Windows\System32\netapi32.dll - ok 21:04:39.0555 2036 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll 21:04:39.0555 2036 C:\Windows\System32\netutils.dll - ok 21:04:39.0555 2036 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll 21:04:39.0555 2036 C:\Windows\System32\samcli.dll - ok 21:04:39.0555 2036 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll 21:04:39.0555 2036 C:\Windows\System32\userenv.dll - ok 21:04:39.0586 2036 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll 21:04:39.0586 2036 C:\Windows\System32\wkscli.dll - ok 21:04:39.0586 2036 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll 21:04:39.0586 2036 C:\Windows\System32\wsock32.dll - ok 21:04:39.0586 2036 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\System32\adsldpc.dll 21:04:39.0586 2036 C:\Windows\System32\adsldpc.dll - ok 21:04:39.0586 2036 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll 21:04:39.0586 2036 C:\Windows\System32\atl.dll - ok 21:04:39.0586 2036 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll 21:04:39.0586 2036 C:\Windows\System32\bcryptprimitives.dll - ok 21:04:39.0586 2036 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll 21:04:39.0586 2036 C:\Windows\System32\credssp.dll - ok 21:04:39.0617 2036 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll 21:04:39.0617 2036 C:\Windows\System32\efslsaext.dll - ok 21:04:39.0633 2036 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll 21:04:39.0649 2036 C:\Windows\System32\scecli.dll - ok 21:04:39.0649 2036 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe 21:04:39.0649 2036 C:\Windows\System32\svchost.exe - ok 21:04:39.0649 2036 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll 21:04:39.0649 2036 C:\Windows\System32\ubpm.dll - ok 21:04:39.0649 2036 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll 21:04:39.0649 2036 C:\Windows\System32\devrtl.dll - ok 21:04:39.0649 2036 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll 21:04:39.0649 2036 C:\Windows\System32\SPInf.dll - ok 21:04:39.0649 2036 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll 21:04:39.0649 2036 C:\Windows\System32\umpnpmgr.dll - ok 21:04:39.0664 2036 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll 21:04:39.0664 2036 C:\Windows\System32\gpapi.dll - ok 21:04:39.0664 2036 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll 21:04:39.0664 2036 C:\Windows\System32\pcwum.dll - ok 21:04:39.0664 2036 [ AC42F771CC29727BD1663F211E9AC507 ] C:\Windows\System32\umpo.dll 21:04:39.0664 2036 C:\Windows\System32\umpo.dll - ok 21:04:39.0664 2036 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll 21:04:39.0664 2036 C:\Windows\System32\powrprof.dll - ok 21:04:39.0664 2036 [ E714A1C0354636837E20CCBF00888EE7 ] C:\Windows\System32\drivers\WUDFPf.sys 21:04:39.0664 2036 C:\Windows\System32\drivers\WUDFPf.sys - ok 21:04:39.0664 2036 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll 21:04:39.0664 2036 C:\Windows\System32\rpcss.dll - ok 21:04:39.0680 2036 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll 21:04:39.0680 2036 C:\Windows\System32\RpcEpMap.dll - ok 21:04:39.0680 2036 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe 21:04:39.0680 2036 C:\Windows\System32\LogonUI.exe - ok 21:04:39.0680 2036 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll 21:04:39.0680 2036 C:\Windows\System32\wevtsvc.dll - ok 21:04:39.0680 2036 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll 21:04:39.0680 2036 C:\Windows\System32\authui.dll - ok 21:04:39.0680 2036 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll 21:04:39.0680 2036 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok 21:04:39.0680 2036 [ 43CA4CCC22D52FB58E8988F0198851D0 ] C:\Windows\System32\profsvc.dll 21:04:39.0680 2036 C:\Windows\System32\profsvc.dll - ok 21:04:39.0695 2036 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] C:\Windows\System32\WUDFSvc.dll 21:04:39.0695 2036 C:\Windows\System32\WUDFSvc.dll - ok 21:04:39.0711 2036 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll 21:04:39.0711 2036 C:\Windows\System32\adtschema.dll - ok 21:04:39.0711 2036 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys 21:04:39.0711 2036 C:\Windows\System32\drivers\fltMgr.sys - ok 21:04:39.0711 2036 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL 21:04:39.0711 2036 C:\Windows\System32\PSHED.DLL - ok 21:04:39.0711 2036 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll 21:04:39.0711 2036 C:\Windows\System32\version.dll - ok 21:04:39.0711 2036 [ 9FBCFD7E88A7ACE0E94456504895DD7F ] C:\Windows\System32\WUDFPlatform.dll 21:04:39.0711 2036 C:\Windows\System32\WUDFPlatform.dll - ok 21:04:39.0711 2036 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll 21:04:39.0711 2036 C:\Windows\System32\cryptui.dll - ok 21:04:39.0758 2036 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 21:04:39.0758 2036 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok 21:04:39.0773 2036 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll 21:04:39.0773 2036 C:\Windows\System32\uxtheme.dll - ok 21:04:39.0773 2036 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll 21:04:39.0773 2036 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok 21:04:39.0773 2036 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll 21:04:39.0773 2036 C:\Windows\System32\dui70.dll - ok 21:04:39.0773 2036 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll 21:04:39.0773 2036 C:\Windows\System32\duser.dll - ok 21:04:39.0773 2036 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll 21:04:39.0773 2036 C:\Windows\System32\SndVolSSO.dll - ok 21:04:39.0789 2036 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll 21:04:39.0789 2036 C:\Windows\System32\hid.dll - ok 21:04:39.0789 2036 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll 21:04:39.0789 2036 C:\Windows\System32\MMDevAPI.dll - ok 21:04:39.0789 2036 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll 21:04:39.0789 2036 C:\Windows\System32\propsys.dll - ok 21:04:39.0789 2036 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll 21:04:39.0789 2036 C:\Windows\System32\dwmapi.dll - ok 21:04:39.0789 2036 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll 21:04:39.0789 2036 C:\Windows\System32\xmllite.dll - ok 21:04:39.0789 2036 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll 21:04:39.0789 2036 C:\Windows\System32\WindowsCodecs.dll - ok 21:04:39.0805 2036 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll 21:04:39.0805 2036 C:\Windows\System32\winbrand.dll - ok 21:04:39.0805 2036 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll 21:04:39.0805 2036 C:\Windows\System32\wtsapi32.dll - ok 21:04:39.0805 2036 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll 21:04:39.0805 2036 C:\Windows\System32\UXInit.dll - ok 21:04:39.0805 2036 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll 21:04:39.0805 2036 C:\Windows\System32\wbem\WMIsvc.dll - ok 21:04:39.0805 2036 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll 21:04:39.0805 2036 C:\Windows\System32\keyiso.dll - ok 21:04:39.0805 2036 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll 21:04:39.0805 2036 C:\Windows\System32\ntmarta.dll - ok 21:04:39.0836 2036 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll 21:04:39.0836 2036 C:\Windows\System32\wbemcomn.dll - ok 21:04:39.0836 2036 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll 21:04:39.0836 2036 C:\Windows\System32\wbem\WinMgmtR.dll - ok 21:04:39.0836 2036 [ B799D9FDB26111737F58288D8DC172D9 ] C:\Windows\System32\tbssvc.dll 21:04:39.0836 2036 C:\Windows\System32\tbssvc.dll - ok 21:04:39.0836 2036 [ 06E771AA596B8761107AB57E99F128D7 ] C:\Windows\System32\cryptsvc.dll 21:04:39.0836 2036 C:\Windows\System32\cryptsvc.dll - ok 21:04:39.0836 2036 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\System32\cryptnet.dll 21:04:39.0836 2036 C:\Windows\System32\cryptnet.dll - ok 21:04:39.0836 2036 [ BEE1AF0731BD490B5CE1F3CC102F9DAA ] C:\Program Files\McAfee\DLP\Agent\fcags.exe 21:04:39.0836 2036 C:\Program Files\McAfee\DLP\Agent\fcags.exe - ok 21:04:39.0851 2036 [ 0EF7C7EB7D925A1FCD24C531A9941A83 ] C:\Program Files\McAfee\DLP\Agent\fcagsec.dll 21:04:39.0851 2036 C:\Program Files\McAfee\DLP\Agent\fcagsec.dll - ok 21:04:39.0851 2036 [ DE80CB883B953400F6519BEC3327B576 ] C:\Program Files\McAfee\DLP\Agent\fcdrvins.dll 21:04:39.0851 2036 C:\Program Files\McAfee\DLP\Agent\fcdrvins.dll - ok 21:04:39.0851 2036 [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\System32\msi.dll 21:04:39.0851 2036 C:\Windows\System32\msi.dll - ok 21:04:39.0851 2036 [ EAE4280E82C866A9C71F654085DEC9B6 ] C:\Program Files\McAfee\DLP\Agent\cryptocme2.dll 21:04:39.0851 2036 C:\Program Files\McAfee\DLP\Agent\cryptocme2.dll - ok 21:04:39.0851 2036 [ 7CE8053C3306F407F2454A62F7BB123B ] C:\Program Files\McAfee\DLP\Agent\ccme_base.dll 21:04:39.0851 2036 C:\Program Files\McAfee\DLP\Agent\ccme_base.dll - ok 21:04:39.0851 2036 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll 21:04:39.0851 2036 C:\Windows\System32\wbem\WmiDcPrv.dll - ok 21:04:39.0867 2036 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll 21:04:39.0867 2036 C:\Windows\System32\wbem\fastprox.dll - ok 21:04:39.0867 2036 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll 21:04:39.0867 2036 C:\Windows\System32\ntdsapi.dll - ok 21:04:39.0867 2036 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll 21:04:39.0867 2036 C:\Windows\System32\wbem\wbemprox.dll - ok 21:04:39.0867 2036 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll 21:04:39.0867 2036 C:\Windows\System32\vssapi.dll - ok 21:04:39.0867 2036 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll 21:04:39.0867 2036 C:\Windows\System32\vsstrace.dll - ok 21:04:39.0867 2036 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll 21:04:39.0867 2036 C:\Windows\System32\wbem\wbemcore.dll - ok 21:04:39.0914 2036 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll 21:04:39.0914 2036 C:\Windows\System32\imageres.dll - ok 21:04:39.0929 2036 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll 21:04:39.0929 2036 C:\Windows\System32\samlib.dll - ok 21:04:39.0929 2036 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll 21:04:39.0929 2036 C:\Windows\System32\shacct.dll - ok 21:04:39.0929 2036 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll 21:04:39.0929 2036 C:\Windows\System32\wbem\esscli.dll - ok 21:04:39.0929 2036 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll 21:04:39.0929 2036 C:\Windows\System32\wbem\wbemsvc.dll - ok 21:04:39.0929 2036 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll 21:04:39.0929 2036 C:\Windows\System32\wbem\wmiutils.dll - ok 21:04:39.0929 2036 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll 21:04:39.0929 2036 C:\Windows\System32\wbem\repdrvfs.dll - ok 21:04:39.0961 2036 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll 21:04:39.0961 2036 C:\Windows\System32\wbem\WmiPrvSD.dll - ok 21:04:39.0961 2036 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll 21:04:39.0961 2036 C:\Windows\System32\ncobjapi.dll - ok 21:04:39.0961 2036 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll 21:04:39.0961 2036 C:\Windows\System32\wbem\wbemess.dll - ok 21:04:39.0961 2036 [ 1EA4930FC7EBFCB4116CE829754222A7 ] C:\Program Files\McAfee\DLP\Agent\mfesmfa.dll 21:04:39.0961 2036 C:\Program Files\McAfee\DLP\Agent\mfesmfa.dll - ok 21:04:39.0961 2036 [ 488470F15D737BBBFDA6E6733C2FEB2F ] C:\Program Files\McAfee\DLP\Agent\mfehida.dll 21:04:39.0961 2036 C:\Program Files\McAfee\DLP\Agent\mfehida.dll - ok 21:04:39.0961 2036 [ 0471608A2E0F2281DE8554067A6E91BE ] C:\Program Files\McAfee\DLP\Agent\fcagswd.exe 21:04:39.0961 2036 C:\Program Files\McAfee\DLP\Agent\fcagswd.exe - ok 21:04:39.0976 2036 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL 21:04:39.0976 2036 C:\Windows\System32\IPHLPAPI.DLL - ok 21:04:39.0976 2036 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll 21:04:39.0976 2036 C:\Windows\System32\winnsi.dll - ok 21:04:39.0976 2036 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll 21:04:39.0976 2036 C:\Windows\System32\slc.dll - ok 21:04:39.0976 2036 [ F35314802B20CE37AF5F700A252812DD ] C:\Windows\System32\mpnotify.exe 21:04:39.0976 2036 C:\Windows\System32\mpnotify.exe - ok 21:04:39.0976 2036 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll 21:04:39.0976 2036 C:\Windows\System32\mpr.dll - ok 21:04:39.0976 2036 [ 4A6A039BCDEF3ABCC3E4FCC5DFE73AC6 ] C:\Windows\System32\TdmNetworkProvider.dll 21:04:39.0976 2036 C:\Windows\System32\TdmNetworkProvider.dll - ok 21:04:39.0992 2036 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll 21:04:39.0992 2036 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok 21:04:39.0992 2036 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll 21:04:39.0992 2036 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok 21:04:39.0992 2036 [ DF5E18E5F2FB56A6700D77F769E3C7A4 ] C:\Windows\System32\LoginFilter.dll 21:04:39.0992 2036 C:\Windows\System32\LoginFilter.dll - ok 21:04:39.0992 2036 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll 21:04:39.0992 2036 C:\Windows\System32\msiltcfg.dll - ok 21:04:39.0992 2036 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll 21:04:39.0992 2036 C:\Windows\System32\sfc.dll - ok 21:04:40.0007 2036 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll 21:04:40.0007 2036 C:\Windows\System32\sfc_os.dll - ok 21:04:40.0023 2036 [ 370E6FB6F6FF1B3DAC7F1182AC493BB6 ] C:\Windows\System32\oleres.dll 21:04:40.0023 2036 C:\Windows\System32\oleres.dll - ok 21:04:40.0023 2036 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll 21:04:40.0023 2036 C:\Windows\System32\dsrole.dll - ok 21:04:40.0023 2036 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll 21:04:40.0023 2036 C:\Windows\System32\netprofm.dll - ok 21:04:40.0023 2036 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\System32\nlaapi.dll 21:04:40.0023 2036 C:\Windows\System32\nlaapi.dll - ok 21:04:40.0023 2036 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe 21:04:40.0023 2036 C:\Windows\System32\dllhost.exe - ok 21:04:40.0023 2036 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll 21:04:40.0023 2036 C:\Windows\System32\IDStore.dll - ok 21:04:40.0054 2036 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll 21:04:40.0054 2036 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok 21:04:40.0085 2036 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll 21:04:40.0085 2036 C:\Windows\System32\cscapi.dll - ok 21:04:40.0085 2036 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll 21:04:40.0085 2036 C:\Windows\System32\davclnt.dll - ok 21:04:40.0085 2036 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll 21:04:40.0085 2036 C:\Windows\System32\davhlpr.dll - ok 21:04:40.0085 2036 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll 21:04:40.0085 2036 C:\Windows\System32\drprov.dll - ok 21:04:40.0085 2036 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll 21:04:40.0085 2036 C:\Windows\System32\ntlanman.dll - ok 21:04:40.0085 2036 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll 21:04:40.0085 2036 C:\Windows\System32\winhttp.dll - ok 21:04:40.0101 2036 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll 21:04:40.0101 2036 C:\Windows\System32\webio.dll - ok 21:04:40.0101 2036 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll 21:04:40.0101 2036 C:\Program Files\Bonjour\mdnsNSP.dll - ok 21:04:40.0101 2036 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL 21:04:40.0101 2036 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok 21:04:40.0101 2036 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll 21:04:40.0101 2036 C:\Windows\System32\NapiNSP.dll - ok 21:04:40.0101 2036 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll 21:04:40.0101 2036 C:\Windows\System32\pnrpnsp.dll - ok 21:04:40.0101 2036 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll 21:04:40.0101 2036 C:\Windows\System32\winrnr.dll - ok 21:04:40.0117 2036 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\System32\wshbth.dll 21:04:40.0117 2036 C:\Windows\System32\wshbth.dll - ok 21:04:40.0117 2036 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll 21:04:40.0117 2036 C:\Windows\System32\wshqos.dll - ok 21:04:40.0117 2036 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe 21:04:40.0117 2036 C:\Windows\System32\userinit.exe - ok 21:04:40.0117 2036 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe 21:04:40.0117 2036 C:\Windows\explorer.exe - ok 21:04:40.0117 2036 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll 21:04:40.0117 2036 C:\Windows\System32\ExplorerFrame.dll - ok 21:04:40.0132 2036 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll 21:04:40.0132 2036 C:\Windows\System32\apphelp.dll - ok 21:04:40.0148 2036 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll 21:04:40.0148 2036 C:\Windows\System32\winmm.dll - ok 21:04:40.0148 2036 [ 4D8744C531386EAD6AB9837A37D47AF9 ] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll 21:04:40.0148 2036 C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll - ok 21:04:40.0148 2036 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll 21:04:40.0148 2036 C:\Windows\System32\EhStorShell.dll - ok 21:04:40.0148 2036 [ 78B62E4C13378F737603136975A07E1A ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll 21:04:40.0148 2036 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll - ok 21:04:40.0148 2036 [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll 21:04:40.0148 2036 C:\Windows\System32\cscui.dll - ok 21:04:40.0163 2036 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll 21:04:40.0163 2036 C:\Windows\System32\cscdll.dll - ok 21:04:40.0163 2036 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll 21:04:40.0163 2036 C:\Windows\System32\ntshrui.dll - ok 21:04:40.0163 2036 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll 21:04:40.0163 2036 C:\Windows\System32\IconCodecService.dll - ok 21:04:40.0163 2036 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe 21:04:40.0163 2036 C:\Windows\System32\runonce.exe - ok 21:04:40.0163 2036 [ 4A3CDCEF8ED41B221F3DBEF5792FB52D ] C:\Windows\System32\ctfmon.exe 21:04:40.0163 2036 C:\Windows\System32\ctfmon.exe - ok 21:04:40.0163 2036 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll 21:04:40.0163 2036 C:\Windows\System32\MsCtfMonitor.dll - ok 21:04:40.0179 2036 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll 21:04:40.0179 2036 C:\Windows\System32\msutb.dll - ok 21:04:40.0179 2036 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl 21:04:40.0179 2036 C:\Windows\System32\timedate.cpl - ok 21:04:40.0179 2036 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll 21:04:40.0179 2036 C:\Windows\System32\msftedit.dll - ok 21:04:40.0179 2036 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 21:04:40.0179 2036 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok 21:04:40.0179 2036 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll 21:04:40.0179 2036 C:\Windows\System32\msls31.dll - ok 21:04:40.0179 2036 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll 21:04:40.0179 2036 C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll - ok 21:04:40.0210 2036 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\System32\SearchFolder.dll 21:04:40.0210 2036 C:\Windows\System32\SearchFolder.dll - ok 21:04:40.0226 2036 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll 21:04:40.0226 2036 C:\Windows\System32\DeviceCenter.dll - ok 21:04:40.0226 2036 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll 21:04:40.0226 2036 C:\Windows\System32\linkinfo.dll - ok 21:04:40.0226 2036 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll 21:04:40.0226 2036 C:\Windows\System32\shdocvw.dll - ok 21:04:40.0226 2036 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll 21:04:40.0226 2036 C:\Windows\System32\thumbcache.dll - ok 21:04:40.0226 2036 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll 21:04:40.0226 2036 C:\Windows\System32\networkexplorer.dll - ok 21:04:40.0241 2036 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv 21:04:40.0241 2036 C:\Windows\System32\wdmaud.drv - ok 21:04:40.0241 2036 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll 21:04:40.0241 2036 C:\Windows\System32\avrt.dll - ok 21:04:40.0241 2036 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll 21:04:40.0241 2036 C:\Windows\System32\ksuser.dll - ok 21:04:40.0241 2036 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll 21:04:40.0241 2036 C:\Windows\System32\gameux.dll - ok 21:04:40.0241 2036 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll 21:04:40.0241 2036 C:\Windows\System32\wer.dll - ok 21:04:40.0241 2036 [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe 21:04:40.0241 2036 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - ok 21:04:40.0241 2036 [ 60B7C0FEAD45F2066E5B805A91F4F0FC ] C:\Windows\System32\calc.exe 21:04:40.0241 2036 C:\Windows\System32\calc.exe - ok 21:04:40.0273 2036 [ 0DE001A307741E2A41B00F2CEBAF6DCB ] C:\Users\217216XX19948\Desktop\ListParts.exe 21:04:40.0273 2036 C:\Users\217216XX19948\Desktop\ListParts.exe - ok 21:04:40.0273 2036 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe 21:04:40.0273 2036 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok 21:04:40.0273 2036 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe 21:04:40.0273 2036 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok 21:04:40.0273 2036 [ 85AB6C3089BEE58999B434E114E8A64C ] C:\Windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico 21:04:40.0273 2036 C:\Windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico - ok 21:04:40.0273 2036 [ B3DD214F23037E3D3C27D6C9447B40B5 ] C:\Program Files\Windows NT\Accessories\wordpad.exe 21:04:40.0273 2036 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok 21:04:40.0288 2036 [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe 21:04:40.0288 2036 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok 21:04:40.0288 2036 [ 173EC598CFD6E450E6B4FA7E5603B69E ] C:\ProgramData\Rgy5JSmkHoCeFS.exe 21:04:40.0288 2036 C:\ProgramData\Rgy5JSmkHoCeFS.exe - ok 21:04:40.0288 2036 [ A2F0B6A45EF5B68173AAA2A39690904E ] C:\Windows\System32\zipfldr.dll 21:04:40.0288 2036 C:\Windows\System32\zipfldr.dll - ok 21:04:40.0288 2036 [ 0079E7EE294AC629D57FB8259F5A803E ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll 21:04:40.0288 2036 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll - ok 21:04:40.0288 2036 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 21:04:40.0288 2036 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok 21:04:40.0288 2036 [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5 ] C:\Windows\System32\StikyNot.exe 21:04:40.0288 2036 C:\Windows\System32\StikyNot.exe - ok 21:04:40.0304 2036 [ 88854964DC147CC8448E261EC78B4FE4 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll 21:04:40.0304 2036 C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll - ok 21:04:40.0304 2036 [ D2033210D4DA9E9CE7670DFF45D7101B ] C:\Users\217216XX19948\Desktop\tdsskiller.exe 21:04:40.0304 2036 C:\Users\217216XX19948\Desktop\tdsskiller.exe - ok 21:04:40.0304 2036 [ A9CE22E1F0437825070BFFD52AF7E201 ] C:\Windows\Branding\ShellBrd\shellbrd.dll 21:04:40.0304 2036 C:\Windows\Branding\ShellBrd\shellbrd.dll - ok 21:04:40.0304 2036 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe 21:04:40.0304 2036 C:\Windows\System32\rundll32.exe - ok 21:04:40.0304 2036 [ 8437DB84BD56858CFA49A37D1EED247B ] C:\Users\217216XX19948\Desktop\RogueKiller.exe 21:04:40.0304 2036 C:\Users\217216XX19948\Desktop\RogueKiller.exe - ok 21:04:40.0319 2036 [ BA4E1A60BD20CA7978C76D79F19E37F0 ] C:\Windows\System32\DisplaySwitch.exe 21:04:40.0319 2036 C:\Windows\System32\DisplaySwitch.exe - ok 21:04:40.0351 2036 [ 4A70A9E1CE6CF4BCADE6C9977985DA95 ] C:\Users\217216XX19948\Desktop\unhide.exe 21:04:40.0351 2036 C:\Users\217216XX19948\Desktop\unhide.exe - ok 21:04:40.0366 2036 [ 33B0A618BA5F44E67757C561D0A935C1 ] C:\Windows\System32\WFS.exe 21:04:40.0366 2036 C:\Windows\System32\WFS.exe - ok 21:04:40.0366 2036 [ E49EF627A75C0BAD02180C97AC527C33 ] C:\Windows\System32\WFSR.dll 21:04:40.0366 2036 C:\Windows\System32\WFSR.dll - ok 21:04:40.0366 2036 [ 32BE4A1FAFCCD5CA9AB0CE772C43D5E2 ] C:\Windows\System32\SnippingTool.exe 21:04:40.0366 2036 C:\Windows\System32\SnippingTool.exe - ok 21:04:40.0366 2036 [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\System32\ieframe.dll 21:04:40.0366 2036 C:\Windows\System32\ieframe.dll - ok 21:04:40.0366 2036 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll 21:04:40.0366 2036 C:\Windows\System32\oleacc.dll - ok 21:04:40.0382 2036 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll 21:04:40.0382 2036 C:\Windows\System32\rasapi32.dll - ok 21:04:40.0397 2036 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll 21:04:40.0397 2036 C:\Windows\System32\rasman.dll - ok 21:04:40.0397 2036 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll 21:04:40.0397 2036 C:\Windows\System32\rtutils.dll - ok 21:04:40.0397 2036 [ 5E8E869E1342308752A37A2C90CCA79D ] C:\Windows\System32\mshtml.dll 21:04:40.0397 2036 C:\Windows\System32\mshtml.dll - ok 21:04:40.0397 2036 [ 9F179DA6BF972F2B8B7F90978D02D719 ] C:\Windows\System32\jscript9.dll 21:04:40.0397 2036 C:\Windows\System32\jscript9.dll - ok 21:04:40.0397 2036 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll 21:04:40.0397 2036 C:\Windows\System32\mlang.dll - ok 21:04:40.0397 2036 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll 21:04:40.0397 2036 C:\Windows\System32\msimtf.dll - ok 21:04:40.0413 2036 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll 21:04:40.0413 2036 C:\Windows\System32\d2d1.dll - ok 21:04:40.0413 2036 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll 21:04:40.0413 2036 C:\Windows\System32\DWrite.dll - ok 21:04:40.0413 2036 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll 21:04:40.0413 2036 C:\Windows\System32\dxgi.dll - ok 21:04:40.0413 2036 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll 21:04:40.0413 2036 C:\Windows\System32\d3d10_1.dll - ok 21:04:40.0413 2036 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll 21:04:40.0413 2036 C:\Windows\System32\d3d10_1core.dll - ok 21:04:40.0429 2036 [ F75BFDACAF4AD540444FFC31B49BDA99 ] C:\Windows\System32\d3d10level9.dll 21:04:40.0429 2036 C:\Windows\System32\d3d10level9.dll - ok 21:04:40.0429 2036 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\System32\d3d10warp.dll 21:04:40.0429 2036 C:\Windows\System32\d3d10warp.dll - ok 21:04:40.0429 2036 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll 21:04:40.0429 2036 C:\Windows\System32\batmeter.dll - ok 21:04:40.0429 2036 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll 21:04:40.0429 2036 C:\Windows\System32\stobject.dll - ok 21:04:40.0429 2036 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll 21:04:40.0429 2036 C:\Windows\System32\es.dll - ok 21:04:40.0429 2036 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll 21:04:40.0429 2036 C:\Windows\System32\prnfldr.dll - ok 21:04:40.0444 2036 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv 21:04:40.0444 2036 C:\Windows\System32\winspool.drv - ok 21:04:40.0460 2036 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll 21:04:40.0460 2036 C:\Windows\System32\DXP.dll - ok 21:04:40.0460 2036 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll 21:04:40.0460 2036 C:\Windows\System32\Syncreg.dll - ok 21:04:40.0460 2036 [ 6F6759407B843B99E0367036632EC798 ] C:\Windows\System32\HelpPaneProxy.dll 21:04:40.0460 2036 C:\Windows\System32\HelpPaneProxy.dll - ok 21:04:40.0460 2036 [ 2FF3A32F01DF61836FED59D441D8B9DF ] C:\Windows\HelpPane.exe 21:04:40.0460 2036 C:\Windows\HelpPane.exe - ok 21:04:40.0460 2036 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll 21:04:40.0460 2036 C:\Windows\System32\AltTab.dll - ok 21:04:40.0460 2036 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll 21:04:40.0460 2036 C:\Windows\System32\pnidui.dll - ok 21:04:40.0491 2036 [ 7D44EE5DBCC3A6E90EB60EDF72B66D99 ] C:\Windows\System32\apds.dll 21:04:40.0491 2036 C:\Windows\System32\apds.dll - ok 21:04:40.0522 2036 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL 21:04:40.0522 2036 C:\Windows\System32\QUTIL.DLL - ok 21:04:40.0522 2036 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL 21:04:40.0522 2036 C:\Windows\System32\FWPUCLNT.DLL - ok 21:04:40.0522 2036 [ 75EA62927355189876081EF863064982 ] C:\Windows\System32\ncsi.dll 21:04:40.0522 2036 C:\Windows\System32\ncsi.dll - ok 21:04:40.0522 2036 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll 21:04:40.0522 2036 C:\Windows\System32\wlanapi.dll - ok 21:04:40.0522 2036 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll 21:04:40.0522 2036 C:\Windows\System32\wlanutil.dll - ok 21:04:40.0522 2036 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll 21:04:40.0522 2036 C:\Windows\System32\WWanAPI.dll - ok 21:04:40.0538 2036 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll 21:04:40.0538 2036 C:\Windows\System32\wwapi.dll - ok 21:04:40.0538 2036 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL 21:04:40.0538 2036 C:\Windows\System32\QAGENT.DLL - ok 21:04:40.0538 2036 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll 21:04:40.0538 2036 C:\Windows\System32\UIAnimation.dll - ok 21:04:40.0538 2036 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll 21:04:40.0538 2036 C:\Windows\ehome\ehSSO.dll - ok 21:04:40.0538 2036 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl 21:04:40.0538 2036 C:\Windows\System32\bthprops.cpl - ok 21:04:40.0538 2036 [ 2E2C17DF779AD51A7209754685B010A1 ] C:\Windows\System32\apss.dll 21:04:40.0538 2036 C:\Windows\System32\apss.dll - ok 21:04:40.0553 2036 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll 21:04:40.0553 2036 C:\Windows\System32\netshell.dll - ok 21:04:40.0553 2036 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll 21:04:40.0553 2036 C:\Windows\System32\WPDShServiceObj.dll - ok 21:04:40.0553 2036 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll 21:04:40.0553 2036 C:\Windows\System32\PortableDeviceTypes.dll - ok 21:04:40.0553 2036 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll 21:04:40.0553 2036 C:\Windows\System32\msxml6.dll - ok 21:04:40.0553 2036 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll 21:04:40.0553 2036 C:\Windows\System32\PortableDeviceApi.dll - ok 21:04:40.0553 2036 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll 21:04:40.0553 2036 C:\Windows\System32\srchadmin.dll - ok 21:04:40.0585 2036 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll 21:04:40.0585 2036 C:\Windows\System32\ActionCenter.dll - ok 21:04:40.0585 2036 [ 8E626669938DD0E5B5B76601EE8F8232 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll 21:04:40.0585 2036 C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll - ok 21:04:40.0585 2036 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll 21:04:40.0585 2036 C:\Windows\System32\webcheck.dll - ok 21:04:40.0585 2036 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll 21:04:40.0585 2036 C:\Windows\System32\SyncCenter.dll - ok 21:04:40.0585 2036 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll 21:04:40.0585 2036 C:\Windows\System32\taskschd.dll - ok 21:04:40.0585 2036 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll 21:04:40.0585 2036 C:\Windows\System32\imapi2.dll - ok 21:04:40.0600 2036 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll 21:04:40.0600 2036 C:\Windows\System32\mstask.dll - ok 21:04:40.0600 2036 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll 21:04:40.0600 2036 C:\Windows\System32\hgcpl.dll - ok 21:04:40.0600 2036 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll 21:04:40.0600 2036 C:\Windows\System32\provsvc.dll - ok 21:04:40.0600 2036 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll 21:04:40.0600 2036 C:\Windows\System32\actxprxy.dll - ok 21:04:40.0600 2036 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll 21:04:40.0600 2036 C:\Windows\System32\FXSST.dll - ok 21:04:40.0600 2036 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll 21:04:40.0600 2036 C:\Windows\System32\FXSAPI.dll - ok 21:04:40.0616 2036 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll 21:04:40.0616 2036 C:\Windows\System32\FXSRESM.dll - ok 21:04:40.0616 2036 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe 21:04:40.0616 2036 C:\Windows\System32\FXSSVC.exe - ok 21:04:40.0616 2036 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll 21:04:40.0616 2036 C:\Windows\System32\d3d10.dll - ok 21:04:40.0616 2036 [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll 21:04:40.0616 2036 C:\Windows\System32\d3d10core.dll - ok 21:04:40.0616 2036 [ 545BF7EAA24A9E062857D0742EC0B28A ] C:\Windows\System32\taskmgr.exe 21:04:40.0616 2036 C:\Windows\System32\taskmgr.exe - ok 21:04:40.0616 2036 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll 21:04:40.0616 2036 C:\Windows\System32\credui.dll - ok 21:04:40.0663 2036 [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\System32\vdmdbg.dll 21:04:40.0663 2036 C:\Windows\System32\vdmdbg.dll - ok 21:04:40.0678 2036 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll 21:04:40.0678 2036 C:\Windows\System32\browcli.dll - ok 21:04:40.0678 2036 [ D25958B2A71EF488959272878EF934BE ] C:\Windows\System32\utildll.dll 21:04:40.0678 2036 C:\Windows\System32\utildll.dll - ok 21:04:40.0678 2036 [ 28F44480E411C3DDF04B63F6560E6EF4 ] C:\Windows\System32\ntoskrnl.exe 21:04:40.0678 2036 C:\Windows\System32\ntoskrnl.exe - ok 21:04:40.0678 2036 [ 20AA5135C856C44B08333365EBFA8087 ] C:\Program Files\Internet Explorer\ieproxy.dll 21:04:40.0678 2036 C:\Program Files\Internet Explorer\ieproxy.dll - ok 21:04:40.0678 2036 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\15668030.sys 21:04:40.0678 2036 C:\Windows\System32\drivers\15668030.sys - ok 21:04:40.0678 2036 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll 21:04:40.0678 2036 C:\Windows\System32\riched20.dll - ok 21:04:40.0709 2036 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll 21:04:40.0709 2036 C:\Windows\System32\esent.dll - ok 21:04:40.0709 2036 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll 21:04:40.0709 2036 C:\Windows\System32\wbem\NCProv.dll - ok 21:04:40.0709 2036 ============================================================ 21:04:40.0709 2036 Scan finished 21:04:40.0709 2036 ============================================================ 21:04:40.0709 2028 Detected object count: 9 21:04:40.0709 2028 Actual detected object count: 9 21:05:20.0021 2028 BrcmMgmtAgent ( UnsignedFile.Multi.Generic ) - skipped by user 21:05:20.0021 2028 BrcmMgmtAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:05:20.0021 2028 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user 21:05:20.0021 2028 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:05:20.0037 2028 MDM ( UnsignedFile.Multi.Generic ) - skipped by user 21:05:20.0037 2028 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:05:20.0053 2028 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - skipped by user 21:05:20.0053 2028 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:05:20.0068 2028 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user 21:05:20.0068 2028 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:05:20.0084 2028 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:05:20.0084 2028 Wave Authentication Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:05:20.0099 2028 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - skipped by user 21:05:20.0099 2028 ZcfgSvc7 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:05:20.0645 2028 \Device\Harddisk0\DR0\# - copied to quarantine 21:05:20.0661 2028 \Device\Harddisk0\DR0 - copied to quarantine 21:05:20.0723 2028 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine 21:05:20.0723 2028 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine 21:05:20.0739 2028 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine 21:05:20.0739 2028 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine 21:05:20.0739 2028 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine 21:05:20.0739 2028 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine 21:05:20.0739 2028 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine 21:05:20.0739 2028 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine 21:05:20.0786 2028 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine 21:05:20.0817 2028 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 21:05:20.0817 2028 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 21:05:20.0817 2028 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 21:05:20.0817 2028 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 21:05:20.0817 2028 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine 21:05:20.0817 2028 \Device\Harddisk0\DR0\TDLFS\tdi32 - copied to quarantine 21:05:20.0833 2028 \Device\Harddisk0\DR0\TDLFS\tdi64 - copied to quarantine 21:05:20.0833 2028 \Device\Harddisk0\DR0\TDLFS\main1 - copied to quarantine 21:05:20.0879 2028 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine 21:05:20.0926 2028 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine 21:05:20.0926 2028 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine 21:05:20.0926 2028 \Device\Harddisk0\DR0\TDLFS\com32 - copied to quarantine 21:05:20.0989 2028 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine 21:05:21.0020 2028 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine 21:05:21.0020 2028 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine 21:05:21.0301 2028 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine 21:05:21.0301 2028 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot 21:05:21.0363 2028 \Device\Harddisk0\DR0 - ok 21:05:21.0457 2028 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure 21:05:21.0457 2028 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 21:05:21.0457 2028 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 21:05:56.0448 1908 Deinitialize success
  13. Shoshang
    21:03:32.0272 1912 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47 21:03:32.0288 1912 ============================================================ 21:03:32.0288 1912 Current date / time: 2012/10/15 21:03:32.0288 21:03:32.0288 1912 SystemInfo: 21:03:32.0288 1912 21:03:32.0288 1912 OS Version: 6.1.7601 ServicePack: 1.0 21:03:32.0288 1912 Product type: Workstation 21:03:32.0288 1912 ComputerName: WNCAISD237L 21:03:32.0288 1912 UserName: 217216XX19948 21:03:32.0288 1912 Windows directory: C:\Windows 21:03:32.0288 1912 System windows directory: C:\Windows 21:03:32.0288 1912 Processor architecture: Intel x86 21:03:32.0288 1912 Number of processors: 4 21:03:32.0288 1912 Page size: 0x1000 21:03:32.0288 1912 Boot type: Safe boot 21:03:32.0288 1912 ============================================================ 21:03:32.0334 1912 BG loaded 21:03:32.0693 1912 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 21:03:32.0693 1912 ============================================================ 21:03:32.0693 1912 \Device\Harddisk0\DR0: 21:03:32.0693 1912 MBR partitions: 21:03:32.0693 1912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1698000 21:03:32.0693 1912 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16AC000, BlocksNum 0x23D7B2B0 21:03:32.0693 1912 ============================================================ 21:03:32.0724 1912 C: <-> \Device\Harddisk0\DR0\Partition2 21:03:32.0724 1912 ============================================================ 21:03:32.0724 1912 Initialize success 21:03:32.0724 1912 ============================================================ 21:04:11.0600 2036 ============================================================ 21:04:11.0600 2036 Scan started 21:04:11.0600 2036 Mode: Manual; SigCheck; TDLFS; 21:04:11.0600 2036 ============================================================ 21:04:11.0818 2036 ================ Scan system memory ======================== 21:04:11.0818 2036 System memory - ok 21:04:11.0818 2036 ================ Scan services ============================= 21:04:12.0083 2036 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 21:04:12.0193 2036 1394ohci - ok 21:04:12.0255 2036 [ EDC50031D6AB9180B3B3BD1C547C7D0A ] Acceler C:\Windows\system32\DRIVERS\accelern.sys 21:04:12.0255 2036 Acceler - ok 21:04:12.0286 2036 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:04:12.0302 2036 ACPI - ok 21:04:12.0349 2036 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:04:12.0395 2036 AcpiPmi - ok 21:04:12.0489 2036 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 21:04:12.0505 2036 AdobeARMservice - ok 21:04:12.0551 2036 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 21:04:12.0567 2036 AdobeFlashPlayerUpdateSvc - ok 21:04:12.0598 2036 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:04:12.0614 2036 adp94xx - ok 21:04:12.0645 2036 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:04:12.0661 2036 adpahci - ok 21:04:12.0661 2036 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:04:12.0676 2036 adpu320 - ok 21:04:12.0739 2036 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:04:12.0848 2036 AeLookupSvc - ok 21:04:12.0895 2036 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Program Files\IDT\WDM\aestsrv.exe 21:04:12.0926 2036 AESTFilters - ok 21:04:13.0004 2036 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 21:04:13.0051 2036 AFD - ok 21:04:13.0082 2036 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 21:04:13.0097 2036 agp440 - ok 21:04:13.0113 2036 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys 21:04:13.0113 2036 aic78xx - ok 21:04:13.0144 2036 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 21:04:13.0207 2036 ALG - ok 21:04:13.0207 2036 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 21:04:13.0222 2036 aliide - ok 21:04:13.0222 2036 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 21:04:13.0238 2036 amdagp - ok 21:04:13.0253 2036 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 21:04:13.0253 2036 amdide - ok 21:04:13.0285 2036 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:04:13.0300 2036 AmdK8 - ok 21:04:13.0316 2036 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:04:13.0331 2036 AmdPPM - ok 21:04:13.0363 2036 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:04:13.0378 2036 amdsata - ok 21:04:13.0378 2036 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:04:13.0394 2036 amdsbs - ok 21:04:13.0425 2036 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:04:13.0425 2036 amdxata - ok 21:04:13.0472 2036 [ 476A6EFB2BB338D2854B3751367F8F71 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 21:04:13.0487 2036 ApfiltrService - ok 21:04:13.0503 2036 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 21:04:13.0550 2036 AppID - ok 21:04:13.0581 2036 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:04:13.0628 2036 AppIDSvc - ok 21:04:13.0628 2036 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 21:04:13.0690 2036 Appinfo - ok 21:04:13.0768 2036 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:04:13.0784 2036 Apple Mobile Device - ok 21:04:13.0831 2036 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll 21:04:13.0862 2036 AppMgmt - ok 21:04:13.0893 2036 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys 21:04:13.0909 2036 arc - ok 21:04:13.0909 2036 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:04:13.0924 2036 arcsas - ok 21:04:14.0049 2036 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 21:04:14.0096 2036 aspnet_state - ok 21:04:14.0127 2036 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:04:14.0221 2036 AsyncMac - ok 21:04:14.0267 2036 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 21:04:14.0283 2036 atapi - ok 21:04:14.0377 2036 [ FF270313C14FC180B6C49BB0B302E0FB ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe 21:04:14.0423 2036 ATService - ok 21:04:14.0486 2036 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:04:14.0548 2036 AudioEndpointBuilder - ok 21:04:14.0564 2036 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 21:04:14.0579 2036 Audiosrv - ok 21:04:14.0626 2036 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:04:14.0673 2036 AxInstSV - ok 21:04:14.0704 2036 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys 21:04:14.0751 2036 b06bdrv - ok 21:04:14.0798 2036 [ 68FB5AF4534AA98B364EA585703D2456 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 21:04:14.0798 2036 b57nd60x - ok 21:04:14.0860 2036 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE 21:04:14.0860 2036 BBSvc - ok 21:04:14.0907 2036 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE 21:04:14.0907 2036 BBUpdate - ok 21:04:14.0938 2036 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 21:04:14.0985 2036 BDESVC - ok 21:04:15.0016 2036 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 21:04:15.0047 2036 Beep - ok 21:04:15.0110 2036 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 21:04:15.0172 2036 BFE - ok 21:04:15.0219 2036 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 21:04:15.0250 2036 BITS - ok 21:04:15.0313 2036 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:04:15.0344 2036 blbdrive - ok 21:04:15.0375 2036 [ A1115D933E7E3588E6DD53B03219F808 ] Blfp C:\Windows\system32\DRIVERS\basp.sys 21:04:15.0391 2036 Blfp - ok 21:04:15.0531 2036 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:04:15.0531 2036 Bonjour Service - ok 21:04:15.0578 2036 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:04:15.0609 2036 bowser - ok 21:04:15.0671 2036 [ E7CA80FA5A7E82ED87E8140E0BDFA13B ] BrcmMgmtAgent C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe 21:04:15.0687 2036 BrcmMgmtAgent ( UnsignedFile.Multi.Generic ) - warning 21:04:15.0687 2036 BrcmMgmtAgent - detected UnsignedFile.Multi.Generic (1) 21:04:15.0718 2036 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:04:15.0765 2036 BrFiltLo - ok 21:04:15.0765 2036 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:04:15.0781 2036 BrFiltUp - ok 21:04:15.0827 2036 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 21:04:15.0859 2036 Browser - ok 21:04:15.0874 2036 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:04:15.0890 2036 Brserid - ok 21:04:15.0921 2036 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:04:15.0937 2036 BrSerWdm - ok 21:04:15.0937 2036 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:04:15.0952 2036 BrUsbMdm - ok 21:04:15.0952 2036 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:04:15.0968 2036 BrUsbSer - ok 21:04:16.0015 2036 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 21:04:16.0046 2036 BthEnum - ok 21:04:16.0061 2036 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:04:16.0077 2036 BTHMODEM - ok 21:04:16.0124 2036 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:04:16.0139 2036 BthPan - ok 21:04:16.0155 2036 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 21:04:16.0186 2036 BTHPORT - ok 21:04:16.0217 2036 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 21:04:16.0249 2036 bthserv - ok 21:04:16.0264 2036 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 21:04:16.0264 2036 BTHUSB - ok 21:04:16.0295 2036 [ 2A0DE6423D6BE95C96124FC66046176E ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys 21:04:16.0311 2036 BTWAMPFL - ok 21:04:16.0342 2036 [ CC0A5E69D19B5C1ECC6CF9BF3ACC3969 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 21:04:16.0342 2036 btwaudio - ok 21:04:16.0358 2036 [ 9ABEA4DC976E3F47DA2D4B169719CBAA ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys 21:04:16.0358 2036 btwavdt - ok 21:04:16.0405 2036 [ 2A6008A9511330B7864B30A8B455AD0A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 21:04:16.0420 2036 btwdins - ok 21:04:16.0436 2036 [ C2C9AEB3F9525CBA2670D1F2BEB32A0A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 21:04:16.0436 2036 btwl2cap - ok 21:04:16.0451 2036 [ 1E5468447E4D18FBEA5F01267D6495A5 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 21:04:16.0467 2036 btwrchid - ok 21:04:16.0561 2036 [ E4B94F8EDB3540D43A473D552C30D395 ] CcmExec C:\Windows\system32\CCM\CcmExec.exe 21:04:16.0576 2036 CcmExec - ok 21:04:16.0592 2036 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:04:16.0623 2036 cdfs - ok 21:04:16.0685 2036 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:04:16.0717 2036 cdrom - ok 21:04:16.0732 2036 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 21:04:16.0779 2036 CertPropSvc - ok 21:04:16.0779 2036 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys 21:04:16.0779 2036 circlass - ok 21:04:16.0810 2036 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 21:04:16.0826 2036 CLFS - ok 21:04:16.0888 2036 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:04:16.0904 2036 clr_optimization_v2.0.50727_32 - ok 21:04:16.0919 2036 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:04:16.0982 2036 clr_optimization_v4.0.30319_32 - ok 21:04:17.0029 2036 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:04:17.0044 2036 CmBatt - ok 21:04:17.0060 2036 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:04:17.0075 2036 cmdide - ok 21:04:17.0107 2036 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 21:04:17.0122 2036 CNG - ok 21:04:17.0153 2036 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:04:17.0153 2036 Compbatt - ok 21:04:17.0169 2036 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:04:17.0185 2036 CompositeBus - ok 21:04:17.0185 2036 COMSysApp - ok 21:04:17.0200 2036 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:04:17.0200 2036 crcdisk - ok 21:04:17.0247 2036 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:04:17.0263 2036 CryptSvc - ok 21:04:17.0325 2036 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys 21:04:17.0356 2036 CSC - ok 21:04:17.0387 2036 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll 21:04:17.0403 2036 CscService - ok 21:04:17.0450 2036 [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys 21:04:17.0481 2036 CtAudDrv - ok 21:04:17.0512 2036 [ 01725C2F2757B985CD171C0480AB86B0 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys 21:04:17.0528 2036 CtClsFlt - ok 21:04:17.0575 2036 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys 21:04:17.0606 2036 CVirtA - ok 21:04:17.0668 2036 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe 21:04:17.0715 2036 CVPND - ok 21:04:17.0762 2036 [ 18994842386FD3039279D7865740ABBD ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys 21:04:17.0777 2036 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning 21:04:17.0777 2036 CVPNDRVA - detected UnsignedFile.Multi.Generic (1) 21:04:17.0809 2036 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 21:04:17.0824 2036 DcomLaunch - ok 21:04:17.0855 2036 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 21:04:17.0887 2036 defragsvc - ok 21:04:17.0980 2036 [ 5953ED0990B6F10C9C4C36C7B80941FE ] DFEPService c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe 21:04:18.0043 2036 DFEPService - ok 21:04:18.0089 2036 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:04:18.0121 2036 DfsC - ok 21:04:18.0152 2036 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 21:04:18.0199 2036 Dhcp - ok 21:04:18.0230 2036 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 21:04:18.0261 2036 discache - ok 21:04:18.0277 2036 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys 21:04:18.0292 2036 Disk - ok 21:04:18.0323 2036 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 21:04:18.0355 2036 dmvsc - ok 21:04:18.0386 2036 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\Windows\system32\DRIVERS\dne2000.sys 21:04:18.0386 2036 DNE - ok 21:04:18.0448 2036 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:04:18.0479 2036 Dnscache - ok 21:04:18.0511 2036 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 21:04:18.0542 2036 dot3svc - ok 21:04:18.0589 2036 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 21:04:18.0620 2036 Dot4 - ok 21:04:18.0651 2036 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 21:04:18.0667 2036 Dot4Print - ok 21:04:18.0682 2036 [ 9F7DE667C505CE6500BECDD8E11644D7 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys 21:04:18.0713 2036 Dot4Scan - ok 21:04:18.0745 2036 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 21:04:18.0760 2036 dot4usb - ok 21:04:18.0791 2036 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 21:04:18.0823 2036 DPS - ok 21:04:18.0854 2036 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:04:18.0869 2036 drmkaud - ok 21:04:18.0916 2036 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:04:18.0932 2036 DXGKrnl - ok 21:04:18.0963 2036 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 21:04:19.0010 2036 EapHost - ok 21:04:19.0072 2036 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys 21:04:19.0166 2036 ebdrv - ok 21:04:19.0197 2036 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 21:04:19.0228 2036 EFS - ok 21:04:19.0291 2036 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:04:19.0322 2036 ehRecvr - ok 21:04:19.0322 2036 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 21:04:19.0353 2036 ehSched - ok 21:04:19.0384 2036 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:04:19.0400 2036 elxstor - ok 21:04:19.0400 2036 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:04:19.0431 2036 ErrDev - ok 21:04:19.0478 2036 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 21:04:19.0509 2036 EventSystem - ok 21:04:19.0603 2036 [ 816025E303A1DAE89E39D3D77CCBA2FB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 21:04:19.0618 2036 EvtEng - ok 21:04:19.0649 2036 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 21:04:19.0665 2036 exfat - ok 21:04:19.0696 2036 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:04:19.0743 2036 fastfat - ok 21:04:19.0790 2036 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 21:04:19.0821 2036 Fax - ok 21:04:19.0837 2036 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 21:04:19.0852 2036 fdc - ok 21:04:19.0868 2036 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 21:04:19.0899 2036 fdPHost - ok 21:04:19.0915 2036 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 21:04:19.0946 2036 FDResPub - ok 21:04:19.0946 2036 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:04:19.0961 2036 FileInfo - ok 21:04:19.0961 2036 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:04:20.0008 2036 Filetrace - ok 21:04:20.0008 2036 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 21:04:20.0024 2036 flpydisk - ok 21:04:20.0039 2036 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:04:20.0039 2036 FltMgr - ok 21:04:20.0086 2036 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll 21:04:20.0117 2036 FontCache - ok 21:04:20.0180 2036 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 21:04:20.0180 2036 FontCache3.0.0.0 - ok 21:04:20.0211 2036 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:04:20.0227 2036 FsDepends - ok 21:04:20.0273 2036 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:04:20.0273 2036 Fs_Rec - ok 21:04:20.0289 2036 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:04:20.0305 2036 fvevol - ok 21:04:20.0320 2036 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:04:20.0320 2036 gagp30kx - ok 21:04:20.0367 2036 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:04:20.0367 2036 GEARAspiWDM - ok 21:04:20.0398 2036 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 21:04:20.0445 2036 gpsvc - ok 21:04:20.0554 2036 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 21:04:20.0554 2036 gupdate - ok 21:04:20.0570 2036 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 21:04:20.0570 2036 gupdatem - ok 21:04:20.0601 2036 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 21:04:20.0617 2036 gusvc - ok 21:04:20.0632 2036 [ FCF70F44BBA64A2EB1B87D8A54101DCA ] HBtnKey C:\Windows\system32\drivers\HBtnKey.sys 21:04:20.0663 2036 HBtnKey - ok 21:04:20.0695 2036 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:04:20.0710 2036 hcw85cir - ok 21:04:20.0726 2036 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:04:20.0773 2036 HDAudBus - ok 21:04:20.0819 2036 [ 299BB213421B182002E1EFA7163FB7F2 ] hdlpctrl C:\Windows\system32\drivers\hdlpctrl.sys 21:04:20.0819 2036 hdlpctrl - ok 21:04:20.0819 2036 [ 14D0A0E7743F36AC26D730110FF9FBFF ] hdlpdbk C:\Windows\system32\drivers\hdlpdbk.sys 21:04:20.0835 2036 hdlpdbk - ok 21:04:20.0835 2036 [ 7580E8066586BFB2D5B153C56C809C7C ] hdlpevnt C:\Windows\system32\drivers\hdlpevnt.sys 21:04:20.0835 2036 hdlpevnt - ok 21:04:20.0882 2036 [ EC524B54C3B43389C03A040053552DF3 ] hdlpflt C:\Windows\system32\DRIVERS\hdlpflt.sys 21:04:20.0882 2036 hdlpflt - ok 21:04:20.0897 2036 [ 7C512CBF3FE3B6932C62E67C97FEC2F0 ] hdlpnetf C:\Windows\system32\drivers\hdlpnetf.sys 21:04:20.0897 2036 hdlpnetf - ok 21:04:20.0944 2036 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:04:20.0960 2036 HidBatt - ok 21:04:20.0991 2036 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:04:21.0007 2036 HidBth - ok 21:04:21.0007 2036 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys 21:04:21.0022 2036 HidIr - ok 21:04:21.0053 2036 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 21:04:21.0085 2036 hidserv - ok 21:04:21.0100 2036 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:04:21.0131 2036 HidUsb - ok 21:04:21.0147 2036 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:04:21.0163 2036 hkmsvc - ok 21:04:21.0178 2036 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:04:21.0209 2036 HomeGroupListener - ok 21:04:21.0241 2036 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:04:21.0287 2036 HomeGroupProvider - ok 21:04:21.0303 2036 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:04:21.0303 2036 HpSAMD - ok 21:04:21.0319 2036 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:04:21.0350 2036 HTTP - ok 21:04:21.0365 2036 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:04:21.0365 2036 hwpolicy - ok 21:04:21.0397 2036 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:04:21.0412 2036 i8042prt - ok 21:04:21.0443 2036 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys 21:04:21.0459 2036 iaStor - ok 21:04:21.0490 2036 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:04:21.0490 2036 iaStorV - ok 21:04:21.0553 2036 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:04:21.0568 2036 idsvc - ok 21:04:21.0787 2036 [ 721A8D48B2DC8C1C58C61CB948491EA8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 21:04:22.0067 2036 igfx - ok 21:04:22.0083 2036 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:04:22.0083 2036 iirsp - ok 21:04:22.0114 2036 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 21:04:22.0161 2036 IKEEXT - ok 21:04:22.0192 2036 [ E3C36AC5AE87EC970AE8EA2A93D59AE1 ] Impcd C:\Windows\system32\drivers\Impcd.sys 21:04:22.0223 2036 Impcd - ok 21:04:22.0255 2036 [ 5576AD2F0039D2BCCCA3567FC0BF981C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 21:04:22.0286 2036 IntcDAud - ok 21:04:22.0317 2036 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 21:04:22.0333 2036 intelide - ok 21:04:22.0379 2036 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:04:22.0379 2036 intelppm - ok 21:04:22.0395 2036 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:04:22.0411 2036 IPBusEnum - ok 21:04:22.0442 2036 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:04:22.0457 2036 IpFilterDriver - ok 21:04:22.0489 2036 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:04:22.0520 2036 iphlpsvc - ok 21:04:22.0520 2036 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:04:22.0535 2036 IPMIDRV - ok 21:04:22.0551 2036 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:04:22.0582 2036 IPNAT - ok 21:04:22.0645 2036 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:04:22.0660 2036 iPod Service - ok 21:04:22.0676 2036 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:04:22.0707 2036 IRENUM - ok 21:04:22.0707 2036 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:04:22.0707 2036 isapnp - ok 21:04:22.0723 2036 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:04:22.0738 2036 iScsiPrt - ok 21:04:22.0769 2036 [ 5A9894E80575647DC77A7D1954B05CE7 ] jhi_service C:\Program Files\Intel\Services\IPT\jhi_service.exe 21:04:22.0785 2036 jhi_service - ok 21:04:22.0816 2036 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:04:22.0832 2036 kbdclass - ok 21:04:22.0847 2036 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 21:04:22.0863 2036 kbdhid - ok 21:04:22.0863 2036 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 21:04:22.0879 2036 KeyIso - ok 21:04:22.0925 2036 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:04:22.0941 2036 KSecDD - ok 21:04:22.0972 2036 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:04:22.0988 2036 KSecPkg - ok 21:04:23.0019 2036 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 21:04:23.0050 2036 KtmRm - ok 21:04:23.0081 2036 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll 21:04:23.0128 2036 LanmanServer - ok 21:04:23.0159 2036 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:04:23.0175 2036 LanmanWorkstation - ok 21:04:23.0222 2036 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:04:23.0253 2036 lltdio - ok 21:04:23.0269 2036 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:04:23.0300 2036 lltdsvc - ok 21:04:23.0315 2036 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 21:04:23.0347 2036 lmhosts - ok 21:04:23.0393 2036 [ BD16CFC982ED578C9BC6C6764DE3CD77 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe 21:04:23.0409 2036 LMS - ok 21:04:23.0425 2036 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:04:23.0440 2036 LSI_FC - ok 21:04:23.0440 2036 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:04:23.0456 2036 LSI_SAS - ok 21:04:23.0456 2036 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:04:23.0471 2036 LSI_SAS2 - ok 21:04:23.0487 2036 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:04:23.0487 2036 LSI_SCSI - ok 21:04:23.0518 2036 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 21:04:23.0549 2036 luafv - ok 21:04:23.0659 2036 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 21:04:23.0659 2036 MBAMScheduler - ok 21:04:23.0799 2036 [ BEE1AF0731BD490B5CE1F3CC102F9DAA ] McAfeeDLPAgentService C:\Program Files\McAfee\DLP\Agent\fcags.exe 21:04:23.0877 2036 McAfeeDLPAgentService - ok 21:04:23.0924 2036 [ 5C46CADC89B1E9B01CE348842B0C2468 ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe 21:04:23.0924 2036 McAfeeFramework - ok 21:04:24.0002 2036 [ 50182E471B44C7A0F63B46E2DEF08B0F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 21:04:24.0002 2036 McShield - ok 21:04:24.0033 2036 [ B15BB3AEF59158B4E1DDA5328C842713 ] McTaskManager C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe 21:04:24.0033 2036 McTaskManager - ok 21:04:24.0064 2036 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:04:24.0080 2036 Mcx2Svc - ok 21:04:24.0158 2036 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe 21:04:24.0189 2036 MDM ( UnsignedFile.Multi.Generic ) - warning 21:04:24.0189 2036 MDM - detected UnsignedFile.Multi.Generic (1) 21:04:24.0220 2036 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys 21:04:24.0220 2036 megasas - ok 21:04:24.0236 2036 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:04:24.0251 2036 MegaSR - ok 21:04:24.0283 2036 [ 34A6E8BABFF9A3F5342976B9EA0E4899 ] MEI C:\Windows\system32\DRIVERS\HECI.sys 21:04:24.0314 2036 MEI - ok 21:04:24.0345 2036 [ C0D975D64C1AF8057F2D75B1297A6979 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys 21:04:24.0361 2036 mfeapfk - ok 21:04:24.0376 2036 [ C169326049A8A03D5F905B34F5A65F8C ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys 21:04:24.0376 2036 mfeavfk - ok 21:04:24.0392 2036 [ 50B0253B2484A306A20D8695C5AE5858 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys 21:04:24.0392 2036 mfebopk - ok 21:04:24.0470 2036 [ 37800FBB68D88E3C3E49BB9C97233E87 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys 21:04:24.0485 2036 mfehidk - ok 21:04:24.0517 2036 [ 47C91E229B129047F0138011DDF9F92F ] mferkdet C:\Windows\system32\drivers\mferkdet.sys 21:04:24.0517 2036 mferkdet - ok 21:04:24.0532 2036 [ 0C083212203531D413311ECEA7CFCC3F ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys 21:04:24.0548 2036 mfesmfk - ok 21:04:24.0563 2036 [ 9F09CAA8DC12FC1626F82A5C212F6F9C ] mfevtp C:\Windows\system32\mfevtps.exe 21:04:24.0563 2036 mfevtp - ok 21:04:24.0595 2036 [ 451B49F0E10D6058CED5B56852D82C8B ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys 21:04:24.0610 2036 mfewfpk - ok 21:04:24.0626 2036 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 21:04:24.0657 2036 MMCSS - ok 21:04:24.0673 2036 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 21:04:24.0719 2036 Modem - ok 21:04:24.0766 2036 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:04:24.0782 2036 monitor - ok 21:04:24.0797 2036 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:04:24.0813 2036 mouclass - ok 21:04:24.0844 2036 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:04:24.0860 2036 mouhid - ok 21:04:24.0891 2036 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:04:24.0907 2036 mountmgr - ok 21:04:24.0969 2036 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 21:04:24.0985 2036 MozillaMaintenance - ok 21:04:25.0000 2036 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 21:04:25.0016 2036 mpio - ok 21:04:25.0047 2036 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:04:25.0063 2036 mpsdrv - ok 21:04:25.0109 2036 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:04:25.0125 2036 MpsSvc - ok 21:04:25.0141 2036 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:04:25.0156 2036 MRxDAV - ok 21:04:25.0187 2036 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:04:25.0203 2036 mrxsmb - ok 21:04:25.0219 2036 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:04:25.0234 2036 mrxsmb10 - ok 21:04:25.0250 2036 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:04:25.0265 2036 mrxsmb20 - ok 21:04:25.0281 2036 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 21:04:25.0297 2036 msahci - ok 21:04:25.0312 2036 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:04:25.0312 2036 msdsm - ok 21:04:25.0343 2036 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 21:04:25.0359 2036 MSDTC - ok 21:04:25.0375 2036 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:04:25.0390 2036 Msfs - ok 21:04:25.0406 2036 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:04:25.0421 2036 mshidkmdf - ok 21:04:25.0421 2036 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:04:25.0437 2036 msisadrv - ok 21:04:25.0468 2036 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:04:25.0499 2036 MSiSCSI - ok 21:04:25.0499 2036 msiserver - ok 21:04:25.0499 2036 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:04:25.0531 2036 MSKSSRV - ok 21:04:25.0546 2036 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:04:25.0562 2036 MSPCLOCK - ok 21:04:25.0562 2036 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:04:25.0593 2036 MSPQM - ok 21:04:25.0624 2036 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:04:25.0624 2036 MsRPC - ok 21:04:25.0655 2036 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:04:25.0655 2036 mssmbios - ok 21:04:25.0671 2036 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:04:25.0687 2036 MSTEE - ok 21:04:25.0687 2036 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:04:25.0702 2036 MTConfig - ok 21:04:25.0733 2036 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 21:04:25.0749 2036 Mup - ok 21:04:25.0765 2036 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 21:04:25.0796 2036 napagent - ok 21:04:25.0811 2036 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:04:25.0827 2036 NativeWifiP - ok 21:04:25.0858 2036 [ 3723262737D90F58059CEDA7373B0387 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:04:25.0874 2036 NDIS - ok 21:04:25.0889 2036 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:04:25.0921 2036 NdisCap - ok 21:04:25.0952 2036 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:04:25.0967 2036 NdisTapi - ok 21:04:25.0983 2036 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:04:25.0999 2036 Ndisuio - ok 21:04:26.0014 2036 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:04:26.0045 2036 NdisWan - ok 21:04:26.0077 2036 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:04:26.0092 2036 NDProxy - ok 21:04:26.0108 2036 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:04:26.0155 2036 NetBIOS - ok 21:04:26.0201 2036 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:04:26.0217 2036 NetBT - ok 21:04:26.0264 2036 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 21:04:26.0264 2036 Netlogon - ok 21:04:26.0295 2036 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 21:04:26.0326 2036 Netman - ok 21:04:26.0342 2036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:04:26.0420 2036 NetMsmqActivator - ok 21:04:26.0420 2036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:04:26.0435 2036 NetPipeActivator - ok 21:04:26.0435 2036 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 21:04:26.0482 2036 netprofm - ok 21:04:26.0482 2036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:04:26.0498 2036 NetTcpActivator - ok 21:04:26.0498 2036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:04:26.0498 2036 NetTcpPortSharing - ok 21:04:26.0529 2036 [ 104BE93F0607C6AA0D85319581F96EC2 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys 21:04:26.0545 2036 netvsc - ok 21:04:26.0669 2036 [ 814596469BBE40EF99CCFD582A375B83 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys 21:04:26.0872 2036 NETwNs32 - ok 21:04:26.0888 2036 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:04:26.0888 2036 nfrd960 - ok 21:04:26.0919 2036 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:04:26.0950 2036 NlaSvc - ok 21:04:26.0966 2036 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:04:26.0997 2036 Npfs - ok 21:04:26.0997 2036 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 21:04:27.0013 2036 nsi - ok 21:04:27.0044 2036 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:04:27.0075 2036 nsiproxy - ok 21:04:27.0122 2036 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:04:27.0169 2036 Ntfs - ok 21:04:27.0184 2036 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 21:04:27.0200 2036 Null - ok 21:04:27.0215 2036 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:04:27.0215 2036 nvraid - ok 21:04:27.0247 2036 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:04:27.0262 2036 nvstor - ok 21:04:27.0278 2036 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:04:27.0278 2036 nv_agp - ok 21:04:27.0293 2036 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe 21:04:27.0309 2036 O2FLASH - ok 21:04:27.0340 2036 [ 5F63917FCC257ED11E828230BE594194 ] O2MDFRDR C:\Windows\system32\drivers\O2MDFw7.sys 21:04:27.0340 2036 O2MDFRDR - ok 21:04:27.0356 2036 [ FDC901900D9B1B671B3388C3023BD2EA ] O2MDRRDR C:\Windows\system32\DRIVERS\O2MDRw7.sys 21:04:27.0371 2036 O2MDRRDR - ok 21:04:27.0387 2036 [ 4635935FC972C582632BF45C26BFCB0E ] O2SDIOAssist c:\Windows\system32\srvany.exe 21:04:27.0387 2036 O2SDIOAssist ( UnsignedFile.Multi.Generic ) - warning 21:04:27.0387 2036 O2SDIOAssist - detected UnsignedFile.Multi.Generic (1) 21:04:27.0403 2036 [ D5A27C1ECD36564FED061EFB78BD0A62 ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjw7.sys 21:04:27.0403 2036 O2SDJRDR - ok 21:04:27.0465 2036 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:04:27.0481 2036 odserv - ok 21:04:27.0496 2036 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:04:27.0512 2036 ohci1394 - ok 21:04:27.0543 2036 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:04:27.0559 2036 ose - ok 21:04:27.0605 2036 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:04:27.0637 2036 p2pimsvc - ok 21:04:27.0668 2036 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 21:04:27.0683 2036 p2psvc - ok 21:04:27.0715 2036 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 21:04:27.0715 2036 Parport - ok 21:04:27.0746 2036 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:04:27.0746 2036 partmgr - ok 21:04:27.0761 2036 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 21:04:27.0793 2036 Parvdm - ok 21:04:27.0824 2036 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys 21:04:27.0824 2036 PBADRV - ok 21:04:27.0839 2036 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:04:27.0855 2036 PcaSvc - ok 21:04:27.0886 2036 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 21:04:27.0902 2036 pci - ok 21:04:27.0917 2036 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 21:04:27.0933 2036 pciide - ok 21:04:27.0949 2036 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:04:27.0964 2036 pcmcia - ok 21:04:27.0980 2036 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 21:04:27.0995 2036 pcw - ok 21:04:28.0011 2036 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:04:28.0058 2036 PEAUTH - ok 21:04:28.0089 2036 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 21:04:28.0151 2036 PeerDistSvc - ok 21:04:28.0198 2036 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 21:04:28.0276 2036 pla - ok 21:04:28.0292 2036 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:04:28.0339 2036 PlugPlay - ok 21:04:28.0370 2036 [ 13FBE33E8AB8284C6A3C6CE86FA59EA0 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 21:04:28.0401 2036 Pml Driver HPZ12 - ok 21:04:28.0432 2036 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:04:28.0448 2036 PNRPAutoReg - ok 21:04:28.0495 2036 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:04:28.0510 2036 PNRPsvc - ok 21:04:28.0541 2036 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:04:28.0573 2036 PolicyAgent - ok 21:04:28.0619 2036 [ AC42F771CC29727BD1663F211E9AC507 ] Power C:\Windows\system32\umpo.dll 21:04:28.0635 2036 Power - ok 21:04:28.0651 2036 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
  14. Shoshang
    TDSSKiller Logs: 21:00:27.0810 1020 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47 21:00:27.0826 1020 ============================================================ 21:00:27.0826 1020 Current date / time: 2012/10/15 21:00:27.0826 21:00:27.0826 1020 SystemInfo: 21:00:27.0826 1020 21:00:27.0826 1020 OS Version: 6.1.7601 ServicePack: 1.0 21:00:27.0826 1020 Product type: Workstation 21:00:27.0826 1020 ComputerName: WNCAISD237L 21:00:27.0826 1020 UserName: 217216XX19948 21:00:27.0826 1020 Windows directory: C:\Windows 21:00:27.0826 1020 System windows directory: C:\Windows 21:00:27.0826 1020 Processor architecture: Intel x86 21:00:27.0826 1020 Number of processors: 4 21:00:27.0826 1020 Page size: 0x1000 21:00:27.0826 1020 Boot type: Safe boot 21:00:27.0826 1020 ============================================================ 21:00:28.0184 1020 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 21:00:28.0200 1020 ============================================================ 21:00:28.0200 1020 \Device\Harddisk0\DR0: 21:00:28.0200 1020 MBR partitions: 21:00:28.0200 1020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1698000 21:00:28.0200 1020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16AC000, BlocksNum 0x23D7B2B0 21:00:28.0200 1020 ============================================================ 21:00:28.0216 1020 C: <-> \Device\Harddisk0\DR0\Partition2 21:00:28.0216 1020 ============================================================ 21:00:28.0216 1020 Initialize success 21:00:28.0216 1020 ============================================================ 21:01:13.0518 1652 Deinitialize success
  15. Shoshang
    Listpart log: ListParts by Farbar Version: 15-10-2012 Ran by 217216XX19948 (administrator) on 15-10-2012 at 20:50:28 Windows 7 (X86) Running From: C:\Users\217216XX19948\Desktop Language: 0409 ************************************************************ ========================= Memory info ====================== Percentage of memory in use: 20% Total physical RAM: 3240.93 MB Available physical RAM: 2580.22 MB Total Pagefile: 6480.15 MB Available Pagefile: 6062.69 MB Total Virtual: 2047.88 MB Available Virtual: 1965.74 MB ======================= Partitions ========================= 1 Drive c: (OS) (Fixed) (Total:286.74 GB) (Free:235.75 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 298 GB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 39 MB 31 KB Partition 2 Primary 11 GB 40 MB Partition 3 Primary 286 GB 11 GB Partition 4 Primary 10 MB 298 GB ====================================================================================================== Disk: 0 Partition 1 Type : DE Hidden: Yes Active: No There is no volume associated with this partition. ====================================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 RECOVERY NTFS Partition 11 GB Healthy System (partition with boot components) ====================================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C OS NTFS Partition 286 GB Healthy Boot ====================================================================================================== Disk: 0 Partition 4 Type : 17 (Suspicious Type) Hidden: Yes Active: Yes There is no volume associated with this partition. ====================================================================================================== ****** End Of Log ******
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.