Jump to content

Booktkit/Rootkit. I can't get rid of it.


Recommended Posts

Hello everyone,

 

I started my thread with info here: https://forums.malwarebytes.org/index.php?showtopic=135584

 

I've done everything as suggested here: https://forums.malwarebytes.org/index.php?showtopic=9573

 

The dds.txt and Attach.txt are as follows:

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720
Run by Z220 at 14:55:22 on 2013-10-28
Microsoft Windows 7 Professional   6.1.7601.1.1252.61.1033.18.16329.11727 [GMT 11:00]
.
AV: Total Defense Anti-Virus *Disabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}
SP: Total Defense Anti-Virus *Disabled/Updated* {ECD425A9-8C8F-D447-4EAB-6F599E267857}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Total Defense Personal Firewall *Enabled* {6F8E4568-E0DA-DA91-5F44-FD1E1B727591}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe
C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe
C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe
C:\Windows\sysWow64\CtHdaSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\cfgmig32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Total Defense\Internet Security Suite\ccEvtMgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Total Defense\Internet Security Suite\casc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe
C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Total Defense\Internet Security Suite\ccprovep.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbengine.exe
C:\Windows\System32\vds.exe
C:\Windows\System32\msdtc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\vssvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

BHO: Total Defense Anti-Phishing Toolbar Helper: {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Total Defense Anti-Phishing Toolbar: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll
TB: Total Defense Anti-Phishing Toolbar: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll
uRun: [AnyDVD] "C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe"
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.

TCP: NameServer = 198.142.0.51 211.29.132.12 198.142.235.14
TCP: Interfaces\{2FD68308-1EEF-416B-A893-8FC49DB397F2} : DHCPNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Notify: PFW - UmxWnp.Dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Total Defense Anti-Phishing Toolbar Helper: {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Total Defense Anti-Phishing Toolbar: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dll
x64-Run: [HPSYSDRV] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
x64-Run: [cctray] "C:\Program Files\Total Defense\Internet Security Suite\casc.exe"
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: PFW - <no file>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-6-9 19264]
R0 KmxAMRT;KmxAMRT;C:\Windows\System32\drivers\KmxAMRT.sys [2011-10-27 182352]
R0 KmxFw;KmxFw;C:\Windows\System32\drivers\KmxFw.sys [2011-9-6 143824]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-10-23 46368]
R1 KmxAgent;KmxAgent;C:\Windows\System32\drivers\KmxAgent.sys [2011-10-26 113744]
R1 KmxCfg;KmxCfg;C:\Windows\System32\drivers\KmxCfg.sys [2011-9-6 365136]
R1 KmxFile;KmxFile;C:\Windows\System32\drivers\KmxFile.sys [2011-9-6 87120]
R1 KmxFilter;HIPS Core Filter Driver;C:\Windows\System32\drivers\KmxFilter.sys [2011-9-6 99024]
R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-8-14 43624]
R2 CAAMSvc;CAAMSvc;C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe [2013-10-17 313040]
R2 CAISafe;CAISafe;C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe [2013-10-17 314448]
R2 ccSchedulerSVC;CA Common Scheduler Service;C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe [2013-10-17 288776]
R2 CtHdaSvc;Sound Blaster Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2013-2-14 103424]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-8-29 92160]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-7 629984]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-10-12 127320]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-1-3 183200]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-10-12 164184]
R2 KmxCF;KmxCF;C:\Windows\System32\drivers\KmxCF.sys [2011-9-6 201936]
R2 KmxSbx;KmxSbx;C:\Windows\System32\drivers\KmxSbx.sys [2011-9-6 81488]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-23 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-23 701512]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-10-12 1134624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-5-14 383776]
R2 UmxEngine;TM Engine;C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe [2011-4-4 920656]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-10-12 362840]
R2 WinSvchostManagerSrv;WinSvchostManagerSrv;C:\Windows\SysWOW64\cfgmig32.exe [2013-10-17 265736]
R3 cthda;Sound Blaster HDAudio;C:\Windows\System32\drivers\cthda.sys [2013-2-14 1044760]
R3 cthdb;SB Recon3D PCIe Audio Bus Filter;C:\Windows\System32\drivers\cthdb.sys [2013-2-14 28440]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-6-9 357184]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-6-9 789824]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-23 25928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update --> C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-13 19456]
S3 rspSanity;rspSanity;C:\Windows\System32\drivers\rspSanity64.sys [2013-10-25 29752]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-10-13 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-10-13 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-13 1255736]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2013-10-27 06:24:52 -------- d-----w- C:\ProgramData\Recovery
2013-10-26 11:49:08 -------- d-sh--w- C:\$RECYCLE.BIN
2013-10-26 07:43:09 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2013-10-26 07:33:21 -------- d-----w- C:\ProgramData\HitmanPro
2013-10-26 02:00:55 -------- d-----w- C:\ProgramData\Kingsoft
2013-10-26 01:34:45 -------- d-----w- C:\ProgramData\SysReveal
2013-10-26 01:23:51 25088 ----a-w- C:\Windows\SysWow64\drivers\dvqGGvc.sys
2013-10-26 01:12:50 35712 ----a-w- C:\Windows\SysWow64\drivers\Lpc0GR7b.sys
2013-10-26 00:55:10 -------- d-----w- C:\Users\Z220\AppData\Local\CrashDumps
2013-10-25 10:12:26 -------- d-----w- C:\Users\Z220\AppData\Local\NPE
2013-10-25 10:12:26 -------- d-----w- C:\ProgramData\Norton
2013-10-25 10:08:04 56832 ----a-w- C:\Windows\SysWow64\drivers\RKD.sys
2013-10-25 09:43:13 29752 ----a-w- C:\Windows\System32\drivers\rspSanity64.sys
2013-10-25 06:16:51 -------- d-----w- C:\Users\Z220\AppData\Local\Sony
2013-10-25 06:16:51 -------- d-----w- C:\Program Files (x86)\Sony
2013-10-24 08:14:24 -------- d-----w- C:\Program Files (x86)\MSECache
2013-10-23 10:26:19 -------- d-----w- C:\Users\Z220\AppData\Local\lptmp1862916188
2013-10-23 10:18:23 -------- d-----w- C:\Users\Z220\AppData\Local\AVG SafeGuard toolbar
2013-10-23 10:18:11 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-10-23 10:18:06 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2013-10-23 04:53:20 -------- d-----w- C:\Users\Z220\Pavark
2013-10-23 04:12:10 -------- d-----w- C:\Windows\ERUNT
2013-10-23 04:11:14 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2013-10-23 03:40:08 116440 ----a-w- C:\Windows\System32\drivers\48230029.sys
2013-10-23 03:39:50 91352 ----a-w- C:\Windows\System32\drivers\3E5D0FD8.sys
2013-10-23 03:17:09 -------- d-----w- C:\Users\Z220\AppData\Roaming\Malwarebytes
2013-10-23 03:16:58 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-10-23 03:16:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-23 01:55:02 743248 ----a-w- C:\Windows\SysWow64\msvcp100d.dll
2013-10-23 01:55:02 1858896 ----a-w- C:\Windows\System32\msvcr100d.dll
2013-10-23 01:55:02 1498960 ----a-w- C:\Windows\SysWow64\msvcr100d.dll
2013-10-23 01:55:02 1014096 ----a-w- C:\Windows\System32\msvcp100d.dll
2013-10-23 01:55:02 -------- d-----w- C:\Program Files\Malwarebytes Anti-Exploit
2013-10-22 07:17:46 -------- d-----w- C:\Program Files(x86)
2013-10-22 06:53:19 -------- d-----w- C:\Users\Z220\AppData\Local\Easy CD-DA Extractor
2013-10-22 06:53:13 -------- d-----w- C:\ProgramData\Easy CD-DA Extractor
2013-10-22 06:53:12 -------- d-----w- C:\Program Files\Easy CD-DA Extractor 15
2013-10-21 06:39:25 -------- d-----w- C:\ProgramData\vsosdk
2013-10-21 02:44:22 -------- d-----w- C:\Program Files (x86)\Convert AVI to MP4
2013-10-21 02:39:43 -------- d-----w- C:\ProgramData\VSO
2013-10-21 02:39:43 -------- d-----w- C:\Program Files (x86)\VSO
2013-10-21 02:11:26 696832 ----a-w- C:\Windows\System32\xvidcore.dll
2013-10-21 02:11:26 645632 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2013-10-21 02:11:26 255488 ----a-w- C:\Windows\System32\xvidvfw.dll
2013-10-21 02:11:26 240640 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2013-10-21 02:11:26 173568 ----a-w- C:\Windows\System32\xvid.ax
2013-10-21 02:11:26 153088 ----a-w- C:\Windows\SysWow64\xvid.ax
2013-10-21 02:11:25 -------- d-----w- C:\Program Files (x86)\Xvid
2013-10-21 02:10:16 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2013-10-21 02:09:38 -------- d-----w- C:\Program Files (x86)\AVI ReComp
2013-10-21 01:06:06 -------- d-----w- C:\Users\Z220\AppData\Roaming\NVIDIA
2013-10-21 00:57:42 -------- d-----w- C:\Users\Z220\AppData\Roaming\HandBrake
2013-10-21 00:57:24 -------- d-----w- C:\Program Files\Handbrake
2013-10-21 00:40:33 -------- d-----w- C:\ProgramData\ArcSoft
2013-10-21 00:40:32 -------- d-----w- C:\Users\Z220\AppData\Local\ArcSoft
2013-10-21 00:37:44 -------- d-----w- C:\Users\Z220\AppData\Roaming\log
2013-10-21 00:35:05 -------- d-----w- C:\Users\Z220\AppData\Local\Aiseesoft Studio
2013-10-21 00:34:38 -------- d-----w- C:\ProgramData\Aiseesoft Studio
2013-10-21 00:34:38 -------- d-----w- C:\Program Files (x86)\Aiseesoft Studio
2013-10-21 00:25:58 -------- d-----w- C:\Program Files (x86)\SlySoft
2013-10-20 09:54:42 -------- d-----w- C:\Users\Z220\AppData\Local\Diagnostics
2013-10-18 12:41:02 -------- d-----w- C:\Users\Z220\AppData\Roaming\uTorrent
2013-10-17 14:03:00 10280728 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2013-10-17 11:02:42 -------- d-----w- C:\Users\Z220\AppData\Local\Qurb4
2013-10-17 05:26:03 -------- d-----w- C:\P&Plus
2013-10-17 04:21:36 265736 ----a-w- C:\Windows\SysWow64\cfgmig32.exe
2013-10-17 04:21:36 1424904 ----a-w- C:\Windows\SysWow64\cfgmig32.dll
2013-10-17 04:21:36 1424904 ----a-w- C:\Windows\System32\cfgmig32.dll
2013-10-17 04:21:32 3213712 ----a-w- C:\Windows\SysWow64\mdmcls32.exe
2013-10-17 04:21:32 3213712 ----a-w- C:\Windows\System32\mdmcls32.exe
2013-10-17 04:21:32 2992528 ----a-w- C:\Windows\SysWow64\winsflte.dll
2013-10-17 00:22:34 -------- d-----w- C:\ProgramData\EPSON
2013-10-17 00:20:31 -------- d-----w- C:\Users\Z220\AppData\Local\ElevatedDiagnostics
2013-10-16 15:12:14 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
2013-10-16 15:04:37 3989504 ----a-w- C:\Users\Z220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\apps\pc\___rootkit removal tools\RogueKillerX64.exe
2013-10-16 09:52:18 -------- d-----w- C:\ProgramData\Sophos
2013-10-15 06:16:15 -------- d-----w- C:\Program Files\CCleaner
2013-10-15 00:48:41 -------- d-----w- C:\Users\Z220\AppData\Roaming\QuickScan
2013-10-15 00:48:23 -------- d-----w- C:\Program Files (x86)\Defender Pro Quick Scanner
2013-10-14 23:07:46 -------- d-----w- C:\Program Files\Enigma Software Group
2013-10-14 23:06:50 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-10-14 10:22:44 -------- d-----w- C:\ProgramData\Malwarebytes
2013-10-14 10:22:42 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-14 10:19:34 980992 ----a-w- C:\Users\Z220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\apps\pc\WIGI\WIGI.exe
2013-10-14 10:19:34 77824 ----a-w- C:\Users\Z220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\apps\pc\WIGI\fr\WhyIGotInfected.resources.dll
2013-10-13 09:21:50 -------- d-----w- C:\Program Files\MPC-HC
2013-10-13 06:16:20 -------- d-----w- C:\Windows\PCHEALTH
2013-10-13 06:15:32 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-10-13 06:15:13 -------- d-----w- C:\Users\Z220\AppData\Local\Microsoft Help
2013-10-12 21:31:58 -------- d-----w- C:\Windows\SysWow64\Wat
2013-10-12 21:31:58 -------- d-----w- C:\Windows\System32\Wat
2013-10-12 21:10:52 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-10-12 12:50:53 73032 ----a-w- C:\Windows\System32\e1cmsg.dll
2013-10-12 12:50:53 495888 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2013-10-12 12:50:53 101224 ----a-w- C:\Windows\System32\NicInstC.dll
2013-10-12 12:50:27 316736 ----a-w- C:\Windows\System32\PRONtObj.dll
2013-10-12 12:50:27 163400 ----a-w- C:\Windows\System32\drivers\iANSW60e.sys
2013-10-12 12:07:16 -------- d-----w- C:\ProgramData\{A5CCDB92-FA53-47D1-89E6-32B82D86621A}
2013-10-12 11:59:41 -------- d-----w- C:\Windows\System32\appmgmt
2013-10-12 10:03:05 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-10-12 10:02:56 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-12 10:02:34 -------- d-----w- C:\Users\Z220\AppData\Local\Programs
2013-10-12 09:22:17 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-10-12 09:20:44 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-12 08:51:43 -------- d-----w- C:\Users\Z220\AppData\Roaming\BitTorrent
2013-10-12 07:55:35 377856 ----a-w- C:\Users\Z220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\apps\pc\___rootkit removal tools\x6cm00gv.exe
2013-10-12 06:25:47 -------- d-----w- C:\Windows\pss
2013-10-12 04:48:35 -------- d-----r- C:\Program Files (x86)\Online Services
2013-10-12 04:48:31 21008 ----a-w- C:\Windows\System32\pdfc_port.dll
2013-10-12 04:48:30 -------- d-----w- C:\Program Files (x86)\PDF Complete
2013-10-12 04:48:21 -------- d-----w- C:\ProgramData\PDFC
2013-10-12 04:48:05 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-10-12 04:47:49 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2013-10-12 04:45:37 552760 ----a-w- C:\Windows\System32\PROUnstl.exe
2013-10-12 04:45:20 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2013-10-12 04:45:19 -------- d-----w- C:\Intel
2013-10-12 04:45:14 117248 ----a-w- C:\Windows\System32\HPMUIDir.exe
2013-10-12 04:38:08 96768 ----a-w- C:\Windows\System32\fsutil.exe
2013-10-12 04:38:08 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2013-10-12 04:38:08 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2013-10-12 04:38:08 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2013-10-12 04:38:08 2565632 ----a-w- C:\Windows\System32\esent.dll
2013-10-12 04:38:08 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2013-10-12 04:38:08 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2013-10-12 04:38:08 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2013-10-12 04:38:08 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2013-10-12 04:38:08 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2013-10-12 04:37:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-10-12 04:37:33 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-10-12 04:37:33 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-10-12 04:36:51 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-10-12 04:36:51 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-10-12 04:36:43 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2013-10-12 04:36:43 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2013-10-12 04:36:28 956928 ----a-w- C:\Windows\System32\localspl.dll
2013-10-12 04:36:13 209920 ----a-w- C:\Windows\System32\profsvc.dll
2013-10-12 04:34:54 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-10-12 04:34:39 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-10-12 04:34:03 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2013-10-12 04:34:03 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2013-10-12 04:34:03 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2013-10-12 04:32:37 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2013-10-12 04:32:37 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2013-10-12 04:32:16 1572864 ----a-w- C:\Windows\System32\quartz.dll
2013-10-12 04:32:16 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2013-10-12 04:32:02 723456 ----a-w- C:\Windows\System32\EncDec.dll
2013-10-12 04:32:02 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2013-10-12 04:30:58 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2013-10-12 04:29:44 2871808 ----a-w- C:\Windows\explorer.exe
2013-10-12 04:28:46 7680 ----a-w- C:\Windows\System32\KBDINTAM.DLL
2013-10-11 18:00:32 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-10-11 17:44:02 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-10-11 17:44:02 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-10-11 17:44:02 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-10-11 17:44:02 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-10-11 17:44:01 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-10-11 17:44:01 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-10-11 17:44:01 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-10-11 17:26:48 -------- d-----w- C:\Users\Z220\AppData\Roaming\hpqLog
2013-10-11 17:04:54 -------- d-----w- C:\HP_TOOLS_mountHPSF
2013-10-11 17:04:54 -------- d-----w- C:\HP_RECOVERY_mountHPSF
2013-10-11 15:54:18 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-11 15:54:18 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2013-10-11 15:54:11 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2013-10-11 15:54:11 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2013-10-11 15:54:11 142336 ----a-w- C:\Windows\System32\poqexec.exe
2013-10-11 15:54:11 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-10-11 15:54:09 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-10-11 15:54:09 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-10-11 15:54:09 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-10-11 15:54:09 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-10-11 15:52:50 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2013-10-11 15:51:42 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-10-11 15:44:46 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-10-11 15:44:46 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-10-11 15:44:46 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-10-11 15:41:56 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-10-11 15:41:53 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-10-11 15:41:52 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-10-11 15:41:52 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-10-11 11:29:36 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-11 11:29:36 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-11 11:29:18 -------- d-----w- C:\Users\Z220\AppData\Local\Adobe
2013-10-11 11:22:15 77320 ----a-w- C:\BackupProductRes.dll
2013-10-11 11:22:15 438280 ----a-w- C:\DNABonesProxy.dll
2013-10-11 11:22:15 364040 ----a-w- C:\BackupProduct.exe
2013-10-11 11:22:15 2706952 ----a-w- C:\BonesResource.dll
2013-10-11 11:22:15 1461768 ----a-w- C:\DNABones.dll
2013-10-11 11:15:12 97360 ----a-w- C:\Windows\SysWow64\Vetredir.dll
2013-10-11 11:15:12 259664 ----a-w- C:\Windows\System32\isafprod64.dll
2013-10-11 11:15:12 207952 ----a-w- C:\Windows\SysWow64\Isafprod.dll
2013-10-11 11:15:12 142928 ----a-w- C:\Windows\System32\Isafeif64.dll
2013-10-11 11:15:12 130128 ----a-w- C:\Windows\SysWow64\Isafeif.dll
2013-10-11 11:15:12 105552 ----a-w- C:\Windows\System32\Vetredir64.dll
2013-10-11 11:15:06 -------- d-----w- C:\Program Files\CA
2013-10-11 11:15:01 289296 ----a-w- C:\Windows\System32\winsfinst.exe
2013-10-11 11:15:00 -------- d-----w- C:\Windows\rnapxs
2013-10-11 11:11:20 -------- d-----w- C:\Users\Z220\AppData\Local\Hewlett-Packard
2013-10-11 10:43:12 -------- d-----w- C:\Users\Z220\AppData\Local\Apps
2013-10-11 10:31:45 -------- d-----w- C:\ProgramData\TotalDefense
2013-09-30 23:38:16 97176 ----a-w- C:\Windows\SysWow64\ElbyCDIO.dll
.
==================== Find3M  ====================
.
2013-10-12 09:20:44 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-12 04:35:50 59392 ----a-w- C:\Windows\System32\browcli.dll
2013-10-12 04:35:50 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2013-10-12 04:35:50 136704 ----a-w- C:\Windows\System32\browser.dll
2013-10-12 04:35:23 3216384 ----a-w- C:\Windows\System32\msi.dll
2013-10-12 04:35:23 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2013-10-12 04:35:15 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2013-10-12 04:35:15 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2013-10-12 04:31:48 229888 ----a-w- C:\Windows\System32\drivers\1394ohci.sys
2013-10-12 04:31:41 77312 ----a-w- C:\Windows\System32\packager.dll
2013-10-12 04:31:41 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-10-12 04:31:34 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2013-10-12 04:31:34 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2013-10-12 04:31:34 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2013-10-12 04:31:34 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2013-10-12 04:31:12 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2013-10-12 04:31:12 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2013-10-12 04:31:12 331776 ----a-w- C:\Windows\System32\oleacc.dll
2013-10-12 04:31:12 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2013-10-12 04:29:44 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2013-10-12 04:28:46 7680 ----a-w- C:\Windows\System32\KBDINMAL.DLL
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-09-03 12:09:34 2763152 ----a-w- C:\Windows\SysWow64\svcprs32.exe
2013-09-03 12:05:26 291728 ----a-w- C:\Windows\SysWow64\winsfinst_x64.exe
2013-09-03 12:05:14 100752 ----a-w- C:\Windows\SysWow64\winsfinst.exe
2013-09-03 12:03:50 4110736 ----a-w- C:\Windows\SysWow64\win32cpr.dll
2013-09-03 03:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-07-31 11:23:57 139352 ----a-w- C:\Windows\SysWow64\drivers\AnyDVD.sys
2013-07-31 11:23:57 139352 ----a-w- C:\Windows\System32\drivers\AnyDVD.sys
.
============= FINISH: 14:55:44.13 ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/10/2013 10:07:12 PM
System Uptime: 28/10/2013 1:13:35 PM (1 hours ago)
.
Motherboard: Hewlett-Packard |  | 1790
Processor: Intel® Xeon® CPU E3-1245 V2 @ 3.40GHz | SOCKET 0 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 217 GiB total, 158.888 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 626.761 GiB free.
E: is FIXED (NTFS) - 1863 GiB total, 339.373 GiB free.
G: is CDROM ()
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP40: 28/10/2013 2:54:41 PM - system checkpoint
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 3 (SP3)
Adobe Flash Player 11 ActiveX
Aiseesoft Blu-ray Ripper Ultimate 6.3.80
Anti-Virus
AnyDVD
APH placeholder
ArcSoft MediaConverter 8
AVI ReComp 1.5.5
AviSynth 2.5
CCleaner
CloneCD
Convert AVI to MP4
DNAMigrator
Easy CD-DA Extractor 15
HandBrake 0.9.9.1
Hewlett-Packard ACLM.NET v1.2.2.3
HIPS
HP Customer Experience Enhancements
HP Odometer
HP Performance Advisor
HP Support Assistant
HP Support Information
Intel® Control Center
Intel® Management Engine Components
Intel® Network Connections 18.1.59.0
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Internet Explorer (Enable DEP)
Malwarebytes Anti-Exploit version 0.09.3.1000
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works 6-9 Converter
mIRC
MPC-HC 1.7.0 (64-bit)
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA 3D Vision Driver 311.66
NVIDIA Control Panel 311.66
NVIDIA Graphics Driver 311.66
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA nView 140.54
NVIDIA Stereoscopic 3D Driver
PDF Complete Corporate Edition
Realtek High Definition Audio Driver
Recovery Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Sound Forge Audio Studio 10.0
Total Defense Internet Security Suite
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VobSub 2.23
VSO Blu-ray Converter Ultimate 2
VSO ConvertXToDVD
WinRAR 5.00 (64-bit)
Xvid Video Codec
.
==== Event Viewer Messages From Past Week ========
.
28/10/2013 2:44:15 PM, Error: Service Control Manager [7023]  - The Windows Defender service terminated with the following error:  The specified module could not be found.
28/10/2013 1:16:17 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
28/10/2013 1:16:17 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
28/10/2013 1:16:17 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
28/10/2013 1:15:53 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
28/10/2013 1:15:53 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
28/10/2013 1:15:45 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:
28/10/2013 1:15:44 PM, Error: Service Control Manager [7023]  - The IP Helper service terminated with the following error:  Access is denied.
28/10/2013 1:15:37 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Network List Service service which failed to start because of the following error:  After starting, the service hung in a start-pending state.
28/10/2013 1:15:27 PM, Error: Service Control Manager [7022]  - The WinSvchostManagerSrv service hung on starting.
28/10/2013 1:15:17 PM, Error: Service Control Manager [7022]  - The Network List Service service hung on starting.
28/10/2013 1:15:06 PM, Error: Service Control Manager [7022]  - The IP Helper service hung on starting.
28/10/2013 1:14:19 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
28/10/2013 1:13:44 PM, Error: Service Control Manager [7000]  - The HOSTS Anti-PUPs service failed to start due to the following error:  The system cannot find the file specified.
28/10/2013 1:13:38 PM, Error: Application Popup [1060]  - \SystemRoot\SysWow64\DRIVERS\1UnHooker.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
27/10/2013 8:42:42 PM, Error: Service Control Manager [7034]  - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).
26/10/2013 11:08:08 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.
26/10/2013 11:08:08 PM, Error: Service Control Manager [7000]  - The HOSTS Anti-PUPs service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
26/10/2013 10:19:14 PM, Error: Service Control Manager [7023]  - The Server service terminated with the following error:  The service has not been started.
26/10/2013 10:19:10 PM, Error: Service Control Manager [7023]  - The Peer Name Resolution Protocol service terminated with the following error:  A system shutdown is in progress.
26/10/2013 10:19:10 PM, Error: Service Control Manager [7001]  - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:  A system shutdown is in progress.
1UnHooker
1UnHooker
1UnHooker
1UnHooker
1UnHooker
1UnHooker
1UnHooker
1UnHooker
1UnHooker
1UnHooker
.
==== End Of File ===========================

 

For what it might be worth, catchme.exe found modifications in the NTDLL code... as follows:

 

detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error

 

 

 

It's all way beyond me at this point. I could really do with some help here.

 

Many thanks,

 

chooki

 

 

p.s. I still have on the desktop the file which I caused myself all this trouble with. Many anti-rootkit apps consider it ok, including Malwarebytes, but is certainly isn't okay.

 

If someone at Malwarebytes would like me to upload the file so they can maybe dissect it and hopefully prevent other pc users from being infected, I'll gladly do that.

 

 


 

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

 

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )

    [*]Leave everything else as it is. [*]Close all other running programs as well as your Browser. [*]Click the Scan button & wait for it to finish. [*]Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. [*]Save it where you can easily find it, such as your desktop. [*]Please post the content of the ark.txt here.


**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

 

 

 

Please upload the malicious file here:

 

www.bleepingcomputer.com/submit-malware.php?channel=156

Link to post
Share on other sites

Hello Marius,

 

I've followed your instructions carefully, the results of the scans are below:

 

======================================================================================

 

05:53:08.0514 3244  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
05:53:09.0840 3244  ============================================================
05:53:09.0840 3244  Current date / time: 2013/10/29 05:53:09.0840
05:53:09.0840 3244  SystemInfo:
05:53:09.0840 3244 
05:53:09.0840 3244  OS Version: 6.1.7601 ServicePack: 1.0
05:53:09.0840 3244  Product type: Workstation
05:53:09.0840 3244  ComputerName: HPX
05:53:09.0840 3244  UserName: Z220
05:53:09.0840 3244  Windows directory: C:\Windows
05:53:09.0840 3244  System windows directory: C:\Windows
05:53:09.0840 3244  Running under WOW64
05:53:09.0840 3244  Processor architecture: Intel x64
05:53:09.0840 3244  Number of processors: 8
05:53:09.0840 3244  Page size: 0x1000
05:53:09.0840 3244  Boot type: Normal boot
05:53:09.0840 3244  ============================================================
05:53:10.0074 3244  BG loaded
05:53:10.0293 3244  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:53:10.0293 3244  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:53:10.0293 3244  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:53:10.0293 3244  ============================================================
05:53:10.0293 3244  \Device\Harddisk0\DR0:
05:53:10.0293 3244  MBR partitions:
05:53:10.0293 3244  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x190000
05:53:10.0293 3244  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x190800, BlocksNum 0x1B12E800
05:53:10.0293 3244  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B2BF000, BlocksNum 0xC32800
05:53:10.0293 3244  \Device\Harddisk1\DR1:
05:53:10.0293 3244  MBR partitions:
05:53:10.0293 3244  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
05:53:10.0293 3244  \Device\Harddisk2\DR2:
05:53:10.0293 3244  MBR partitions:
05:53:10.0293 3244  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
05:53:10.0293 3244  ============================================================
05:53:10.0293 3244  C: <-> \Device\Harddisk0\DR0\Partition2
05:53:10.0308 3244  D: <-> \Device\Harddisk1\DR1\Partition1
05:53:10.0324 3244  E: <-> \Device\Harddisk2\DR2\Partition1
05:53:10.0324 3244  ============================================================
05:53:10.0324 3244  Initialize success
05:53:10.0324 3244  ============================================================
05:53:23.0802 6188  ============================================================
05:53:23.0802 6188  Scan started
05:53:23.0802 6188  Mode: Manual; SigCheck; TDLFS;
05:53:23.0802 6188  ============================================================
05:53:23.0896 6188  ================ Scan system memory ========================
05:53:23.0896 6188  System memory - ok
05:53:23.0896 6188  ================ Scan services =============================
05:53:23.0912 6188  [ AE1CCB9C48647833683D3579D105A615 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
05:53:24.0005 6188  1394ohci - ok
05:53:24.0005 6188  1UnHooker - ok
05:53:24.0005 6188  A2DDA - ok
05:53:24.0021 6188  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
05:53:24.0036 6188  ACPI - ok
05:53:24.0036 6188  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
05:53:24.0052 6188  AcpiPmi - ok
05:53:24.0068 6188  [ C330710CF95587DCB7806BB6A22CF044 ] ADExchange      C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
05:53:24.0083 6188  ADExchange - ok
05:53:24.0083 6188  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
05:53:24.0114 6188  adp94xx - ok
05:53:24.0114 6188  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
05:53:24.0130 6188  adpahci - ok
05:53:24.0146 6188  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
05:53:24.0161 6188  adpu320 - ok
05:53:24.0161 6188  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
05:53:24.0208 6188  AeLookupSvc - ok
05:53:24.0208 6188  [ 314C17917AC8523EC77A710215012A65 ] AFD             C:\Windows\system32\drivers\afd.sys
05:53:24.0239 6188  AFD - ok
05:53:24.0239 6188  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
05:53:24.0255 6188  agp440 - ok
05:53:24.0255 6188  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
05:53:24.0270 6188  ALG - ok
05:53:24.0286 6188  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
05:53:24.0302 6188  aliide - ok
05:53:24.0302 6188  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
05:53:24.0317 6188  amdide - ok
05:53:24.0317 6188  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
05:53:24.0333 6188  AmdK8 - ok
05:53:24.0333 6188  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
05:53:24.0348 6188  AmdPPM - ok
05:53:24.0364 6188  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
05:53:24.0380 6188  amdsata - ok
05:53:24.0380 6188  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
05:53:24.0395 6188  amdsbs - ok
05:53:24.0395 6188  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
05:53:24.0411 6188  amdxata - ok
05:53:24.0411 6188  [ CF24100CF607F0B8C1F3794540AE1D19 ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
05:53:24.0426 6188  AnyDVD - ok
05:53:24.0442 6188  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
05:53:24.0489 6188  AppID - ok
05:53:24.0489 6188  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
05:53:24.0520 6188  AppIDSvc - ok
05:53:24.0520 6188  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
05:53:24.0551 6188  Appinfo - ok
05:53:24.0551 6188  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
05:53:24.0567 6188  AppMgmt - ok
05:53:24.0567 6188  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
05:53:24.0582 6188  arc - ok
05:53:24.0582 6188  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
05:53:24.0598 6188  arcsas - ok
05:53:24.0614 6188  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:53:24.0629 6188  aspnet_state - ok
05:53:24.0629 6188  aswArKrn - ok
05:53:24.0629 6188  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
05:53:24.0660 6188  AsyncMac - ok
05:53:24.0660 6188  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
05:53:24.0676 6188  atapi - ok
05:53:24.0692 6188  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
05:53:24.0723 6188  AudioEndpointBuilder - ok
05:53:24.0723 6188  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
05:53:24.0754 6188  AudioSrv - ok
05:53:24.0754 6188  [ A1F53D2A00E64679A1D81B61D2333D06 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
05:53:24.0770 6188  avgtp - ok
05:53:24.0785 6188  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
05:53:24.0801 6188  AxInstSV - ok
05:53:24.0816 6188  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
05:53:24.0832 6188  b06bdrv - ok
05:53:24.0832 6188  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
05:53:24.0863 6188  b57nd60a - ok
05:53:24.0863 6188  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
05:53:24.0879 6188  BDESVC - ok
05:53:24.0894 6188  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
05:53:24.0910 6188  Beep - ok
05:53:24.0926 6188  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
05:53:24.0957 6188  BFE - ok
05:53:24.0957 6188  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
05:53:25.0035 6188  BITS - ok
05:53:25.0035 6188  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
05:53:25.0050 6188  blbdrive - ok
05:53:25.0066 6188  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
05:53:25.0082 6188  bowser - ok
05:53:25.0082 6188  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
05:53:25.0097 6188  BrFiltLo - ok
05:53:25.0097 6188  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
05:53:25.0113 6188  BrFiltUp - ok
05:53:25.0128 6188  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
05:53:25.0144 6188  Browser - ok
05:53:25.0144 6188  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
05:53:25.0160 6188  Brserid - ok
05:53:25.0175 6188  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
05:53:25.0191 6188  BrSerWdm - ok
05:53:25.0191 6188  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
05:53:25.0206 6188  BrUsbMdm - ok
05:53:25.0222 6188  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
05:53:25.0238 6188  BrUsbSer - ok
05:53:25.0238 6188  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
05:53:25.0253 6188  BTHMODEM - ok
05:53:25.0253 6188  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
05:53:25.0300 6188  bthserv - ok
05:53:25.0300 6188  [ 2FD15E765E209E3DAC193D3D528C4518 ] CAAMSvc         C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe
05:53:25.0316 6188  CAAMSvc - ok
05:53:25.0316 6188  [ 1E4B20432D6CB47A219A9049000F5E09 ] CaCCProvSP      C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe
05:53:25.0331 6188  CaCCProvSP - ok
05:53:25.0331 6188  [ EAE7BA27BBD8CC4E0319F29777A23EC2 ] CAISafe         C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe
05:53:25.0347 6188  CAISafe - ok
05:53:25.0347 6188  [ 8E7265421B80D8597BBA3F3B9E6DD314 ] ccSchedulerSVC  C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe
05:53:25.0362 6188  ccSchedulerSVC - ok
05:53:25.0362 6188  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
05:53:25.0394 6188  cdfs - ok
05:53:25.0394 6188  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
05:53:25.0409 6188  cdrom - ok
05:53:25.0425 6188  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
05:53:25.0456 6188  CertPropSvc - ok
05:53:25.0456 6188  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
05:53:25.0472 6188  circlass - ok
05:53:25.0472 6188  cleanhlp - ok
05:53:25.0472 6188  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
05:53:25.0503 6188  CLFS - ok
05:53:25.0503 6188  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:53:25.0518 6188  clr_optimization_v2.0.50727_32 - ok
05:53:25.0518 6188  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:53:25.0534 6188  clr_optimization_v2.0.50727_64 - ok
05:53:25.0550 6188  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:53:25.0565 6188  clr_optimization_v4.0.30319_32 - ok
05:53:25.0565 6188  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:53:25.0581 6188  clr_optimization_v4.0.30319_64 - ok
05:53:25.0581 6188  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
05:53:25.0596 6188  CmBatt - ok
05:53:25.0596 6188  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
05:53:25.0612 6188  cmdide - ok
05:53:25.0628 6188  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
05:53:25.0643 6188  CNG - ok
05:53:25.0643 6188  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
05:53:25.0674 6188  Compbatt - ok
05:53:25.0674 6188  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
05:53:25.0690 6188  CompositeBus - ok
05:53:25.0690 6188  COMSysApp - ok
05:53:25.0690 6188  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
05:53:25.0706 6188  crcdisk - ok
05:53:25.0721 6188  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
05:53:25.0737 6188  CryptSvc - ok
05:53:25.0737 6188  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
05:53:25.0768 6188  CSC - ok
05:53:25.0768 6188  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
05:53:25.0799 6188  CscService - ok
05:53:25.0799 6188  [ CBACE8DFA420B78DD2225CAEA798612D ] cthda           C:\Windows\system32\drivers\cthda.sys
05:53:25.0830 6188  cthda - ok
05:53:25.0846 6188  [ 3E43F0C5456ECA8A3F083804FAD1C405 ] CtHdaSvc        C:\Windows\sysWow64\CtHdaSvc.exe
05:53:25.0862 6188  CtHdaSvc - ok
05:53:25.0862 6188  [ C461EED35EF738AC38417EC4021FF4C7 ] cthdb           C:\Windows\system32\DRIVERS\cthdb.sys
05:53:25.0877 6188  cthdb - ok
05:53:25.0877 6188  DarkSpy - ok
05:53:25.0893 6188  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
05:53:25.0955 6188  DcomLaunch - ok
05:53:25.0971 6188  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
05:53:26.0002 6188  defragsvc - ok
05:53:26.0002 6188  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
05:53:26.0033 6188  DfsC - ok
05:53:26.0033 6188  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
05:53:26.0064 6188  Dhcp - ok
05:53:26.0064 6188  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
05:53:26.0096 6188  discache - ok
05:53:26.0096 6188  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
05:53:26.0111 6188  Disk - ok
05:53:26.0127 6188  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
05:53:26.0142 6188  dmvsc - ok
05:53:26.0142 6188  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
05:53:26.0174 6188  Dnscache - ok
05:53:26.0174 6188  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
05:53:26.0220 6188  dot3svc - ok
05:53:26.0220 6188  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
05:53:26.0267 6188  DPS - ok
05:53:26.0267 6188  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
05:53:26.0283 6188  drmkaud - ok
05:53:26.0298 6188  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
05:53:26.0314 6188  DXGKrnl - ok
05:53:26.0330 6188  [ BA01A130D2B850CA87483CE6AC1A2BBA ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
05:53:26.0345 6188  e1cexpress - ok
05:53:26.0345 6188  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
05:53:26.0392 6188  EapHost - ok
05:53:26.0408 6188  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
05:53:26.0454 6188  ebdrv - ok
05:53:26.0454 6188  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
05:53:26.0501 6188  EFS - ok
05:53:26.0501 6188  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
05:53:26.0532 6188  ehRecvr - ok
05:53:26.0532 6188  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
05:53:26.0548 6188  ehSched - ok
05:53:26.0548 6188  [ 9387A484D31209D7FC3F795A787294DB ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
05:53:26.0564 6188  ElbyCDFL - ok
05:53:26.0579 6188  [ BE2902E13CA69383F449B6BF927844FB ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
05:53:26.0595 6188  ElbyCDIO - ok
05:53:26.0595 6188  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
05:53:26.0610 6188  elxstor - ok
05:53:26.0626 6188  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
05:53:26.0642 6188  ErrDev - ok
05:53:26.0642 6188  esgiguard - ok
05:53:26.0642 6188  [ 0571E626B1FDB6A83F67F11ACC65D2C0 ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys
05:53:26.0657 6188  ESProtectionDriver - ok
05:53:26.0673 6188  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
05:53:26.0704 6188  EventSystem - ok
05:53:26.0704 6188  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
05:53:26.0751 6188  exfat - ok
05:53:26.0751 6188  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
05:53:26.0782 6188  fastfat - ok
05:53:26.0782 6188  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
05:53:26.0813 6188  Fax - ok
05:53:26.0813 6188  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
05:53:26.0844 6188  fdc - ok
05:53:26.0844 6188  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
05:53:26.0876 6188  fdPHost - ok
05:53:26.0891 6188  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
05:53:26.0922 6188  FDResPub - ok
05:53:26.0922 6188  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
05:53:26.0938 6188  FileInfo - ok
05:53:26.0954 6188  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
05:53:26.0985 6188  Filetrace - ok
05:53:26.0985 6188  FilterMon - ok
05:53:26.0985 6188  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
05:53:27.0000 6188  flpydisk - ok
05:53:27.0016 6188  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
05:53:27.0016 6188  FltMgr - ok
05:53:27.0032 6188  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
05:53:27.0063 6188  FontCache - ok
05:53:27.0078 6188  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:53:27.0094 6188  FontCache3.0.0.0 - ok
05:53:27.0094 6188  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
05:53:27.0110 6188  FsDepends - ok
05:53:27.0110 6188  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
05:53:27.0125 6188  Fs_Rec - ok
05:53:27.0125 6188  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
05:53:27.0156 6188  fvevol - ok
05:53:27.0156 6188  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
05:53:27.0172 6188  gagp30kx - ok
05:53:27.0172 6188  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
05:53:27.0219 6188  gpsvc - ok
05:53:27.0219 6188  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
05:53:27.0250 6188  hcw85cir - ok
05:53:27.0250 6188  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
05:53:27.0281 6188  HdAudAddService - ok
05:53:27.0281 6188  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
05:53:27.0297 6188  HDAudBus - ok
05:53:27.0297 6188  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
05:53:27.0312 6188  HidBatt - ok
05:53:27.0312 6188  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
05:53:27.0344 6188  HidBth - ok
05:53:27.0344 6188  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
05:53:27.0359 6188  HidIr - ok
05:53:27.0375 6188  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
05:53:27.0422 6188  hidserv - ok
05:53:27.0422 6188  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
05:53:27.0437 6188  HidUsb - ok
05:53:27.0437 6188  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
05:53:27.0500 6188  hkmsvc - ok
05:53:27.0500 6188  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
05:53:27.0546 6188  HomeGroupListener - ok
05:53:27.0546 6188  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
05:53:27.0609 6188  HomeGroupProvider - ok
05:53:27.0609 6188  HOSTS Anti-PUPs - ok
05:53:27.0609 6188  [ 9C9943220F8F94B917D8C4C9618074CC ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
05:53:27.0609 6188  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
05:53:27.0609 6188  HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
05:53:27.0624 6188  [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
05:53:27.0656 6188  hpqwmiex - ok
05:53:27.0656 6188  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
05:53:27.0671 6188  HpSAMD - ok
05:53:27.0671 6188  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
05:53:27.0718 6188  HTTP - ok
05:53:27.0718 6188  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
05:53:27.0734 6188  hwpolicy - ok
05:53:27.0734 6188  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
05:53:27.0749 6188  i8042prt - ok
05:53:27.0765 6188  [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
05:53:27.0780 6188  iaStor - ok
05:53:27.0780 6188  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
05:53:27.0796 6188  iaStorV - ok
05:53:27.0812 6188  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:53:27.0843 6188  idsvc - ok
05:53:27.0843 6188  IFCoEMP - ok
05:53:27.0843 6188  IFCoEVB - ok
05:53:27.0874 6188  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
05:53:27.0952 6188  igfx - ok
05:53:27.0952 6188  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
05:53:27.0968 6188  iirsp - ok
05:53:27.0968 6188  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
05:53:28.0030 6188  IKEEXT - ok
05:53:28.0061 6188  [ 059DDDEDBE5701DC3B779D32798108AC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
05:53:28.0108 6188  IntcAzAudAddService - ok
05:53:28.0124 6188  [ 0043EC20C06FD9FE339B5D37474B731E ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
05:53:28.0139 6188  Intel® Capability Licensing Service Interface - ok
05:53:28.0139 6188  [ DDA324215F71243786A9A4D1C5027BEB ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
05:53:28.0139 6188  Intel® ME Service - ok
05:53:28.0155 6188  [ EA83415296F905D11651B9AF26FB7EBD ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
05:53:28.0186 6188  Intel® PROSet Monitoring Service - ok
05:53:28.0186 6188  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
05:53:28.0202 6188  intelide - ok
05:53:28.0202 6188  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
05:53:28.0217 6188  intelppm - ok
05:53:28.0233 6188  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
05:53:28.0280 6188  IPBusEnum - ok
05:53:28.0280 6188  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:53:28.0311 6188  IpFilterDriver - ok
05:53:28.0311 6188  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
05:53:28.0358 6188  iphlpsvc - ok
05:53:28.0358 6188  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
05:53:28.0373 6188  IPMIDRV - ok
05:53:28.0373 6188  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
05:53:28.0420 6188  IPNAT - ok
05:53:28.0420 6188  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
05:53:28.0436 6188  IRENUM - ok
05:53:28.0436 6188  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
05:53:28.0451 6188  isapnp - ok
05:53:28.0467 6188  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
05:53:28.0482 6188  iScsiPrt - ok
05:53:28.0482 6188  [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
05:53:28.0498 6188  iusb3hcs - ok
05:53:28.0514 6188  [ 023896E23B61543A15A230EED996D911 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
05:53:28.0529 6188  iusb3hub - ok
05:53:28.0529 6188  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
05:53:28.0560 6188  iusb3xhc - ok
05:53:28.0560 6188  [ 2A51697D0F14970843F3A4189E49B695 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
05:53:28.0576 6188  jhi_service - ok
05:53:28.0576 6188  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
05:53:28.0592 6188  kbdclass - ok
05:53:28.0592 6188  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
05:53:28.0607 6188  kbdhid - ok
05:53:28.0607 6188  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
05:53:28.0654 6188  KeyIso - ok
05:53:28.0654 6188  [ 77481D3753F6DCB0A499C3A01460DC00 ] KmxAgent        C:\Windows\system32\DRIVERS\kmxagent.sys
05:53:28.0670 6188  KmxAgent - ok
05:53:28.0670 6188  [ C30A499E4A05FA7C1B2B1325953F12D4 ] KmxAMRT         C:\Windows\system32\DRIVERS\KmxAMRT.sys
05:53:28.0685 6188  KmxAMRT - ok
05:53:28.0701 6188  [ 2896919A9E5A4DC267A2D916F75D2346 ] KmxCF           C:\Windows\system32\DRIVERS\KmxCF.sys
05:53:28.0701 6188  KmxCF - ok
05:53:28.0716 6188  [ 2FA4CB9DCA3ED83583659670F3B40916 ] KmxCfg          C:\Windows\system32\DRIVERS\kmxcfg.sys
05:53:28.0732 6188  KmxCfg - ok
05:53:28.0732 6188  [ EB0576050B2A618563CAA3ECBF19F2EF ] KmxFile         C:\Windows\system32\DRIVERS\KmxFile.sys
05:53:28.0748 6188  KmxFile - ok
05:53:28.0748 6188  [ 87DA5AFC8950EC34D0CDDF3438370727 ] KmxFilter       C:\Windows\system32\DRIVERS\KmxFilter.sys
05:53:28.0763 6188  KmxFilter - ok
05:53:28.0763 6188  [ 15260D1B5BB6BA8E5079E758FCE88207 ] KmxFw           C:\Windows\system32\DRIVERS\kmxfw.sys
05:53:28.0794 6188  KmxFw - ok
05:53:28.0794 6188  [ EEF33889A80990C70595457A5C97EE09 ] KmxSbx          C:\Windows\system32\DRIVERS\KmxSbx.sys
05:53:28.0810 6188  KmxSbx - ok
05:53:28.0810 6188  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
05:53:28.0826 6188  KSecDD - ok
05:53:28.0826 6188  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
05:53:28.0841 6188  KSecPkg - ok
05:53:28.0857 6188  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
05:53:28.0888 6188  ksthunk - ok
05:53:28.0888 6188  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
05:53:28.0950 6188  KtmRm - ok
05:53:28.0950 6188  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
05:53:29.0028 6188  LanmanServer - ok
05:53:29.0028 6188  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
05:53:29.0122 6188  LanmanWorkstation - ok
05:53:29.0122 6188  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
05:53:29.0153 6188  lltdio - ok
05:53:29.0153 6188  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
05:53:29.0216 6188  lltdsvc - ok
05:53:29.0216 6188  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
05:53:29.0262 6188  lmhosts - ok
05:53:29.0278 6188  [ 107F19308A07F27CEA7B317BDF67756F ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
05:53:29.0278 6188  LMS - ok
05:53:29.0278 6188  Lpc0GR7b - ok
05:53:29.0294 6188  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
05:53:29.0309 6188  LSI_FC - ok
05:53:29.0309 6188  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
05:53:29.0325 6188  LSI_SAS - ok
05:53:29.0325 6188  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
05:53:29.0356 6188  LSI_SAS2 - ok
05:53:29.0356 6188  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
05:53:29.0372 6188  LSI_SCSI - ok
05:53:29.0372 6188  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
05:53:29.0403 6188  luafv - ok
05:53:29.0403 6188  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
05:53:29.0418 6188  MBAMProtector - ok
05:53:29.0418 6188  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:53:29.0434 6188  MBAMScheduler - ok
05:53:29.0450 6188  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:53:29.0450 6188  MBAMService - ok
05:53:29.0465 6188  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
05:53:29.0512 6188  Mcx2Svc - ok
05:53:29.0512 6188  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
05:53:29.0528 6188  megasas - ok
05:53:29.0528 6188  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
05:53:29.0559 6188  MegaSR - ok
05:53:29.0559 6188  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
05:53:29.0574 6188  MEIx64 - ok
05:53:29.0574 6188  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
05:53:29.0590 6188  Microsoft Office Groove Audit Service - ok
05:53:29.0590 6188  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
05:53:29.0652 6188  MMCSS - ok
05:53:29.0652 6188  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
05:53:29.0684 6188  Modem - ok
05:53:29.0684 6188  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
05:53:29.0699 6188  monitor - ok
05:53:29.0715 6188  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
05:53:29.0730 6188  mouclass - ok
05:53:29.0730 6188  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
05:53:29.0746 6188  mouhid - ok
05:53:29.0746 6188  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
05:53:29.0777 6188  mountmgr - ok
05:53:29.0777 6188  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
05:53:29.0793 6188  mpio - ok
05:53:29.0793 6188  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
05:53:29.0824 6188  mpsdrv - ok
05:53:29.0840 6188  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
05:53:29.0886 6188  MpsSvc - ok
05:53:29.0902 6188  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
05:53:29.0918 6188  MRxDAV - ok
05:53:29.0918 6188  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
05:53:29.0933 6188  mrxsmb - ok
05:53:29.0949 6188  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:53:29.0964 6188  mrxsmb10 - ok
05:53:29.0964 6188  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:53:29.0980 6188  mrxsmb20 - ok
05:53:29.0980 6188  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
05:53:29.0996 6188  msahci - ok
05:53:30.0011 6188  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
05:53:30.0027 6188  msdsm - ok
05:53:30.0027 6188  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
05:53:30.0074 6188  MSDTC - ok
05:53:30.0074 6188  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
05:53:30.0105 6188  Msfs - ok
05:53:30.0105 6188  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
05:53:30.0136 6188  mshidkmdf - ok
05:53:30.0152 6188  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
05:53:30.0167 6188  msisadrv - ok
05:53:30.0167 6188  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
05:53:30.0214 6188  MSiSCSI - ok
05:53:30.0230 6188  msiserver - ok
05:53:30.0230 6188  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
05:53:30.0261 6188  MSKSSRV - ok
05:53:30.0261 6188  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
05:53:30.0292 6188  MSPCLOCK - ok
05:53:30.0292 6188  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
05:53:30.0339 6188  MSPQM - ok
05:53:30.0339 6188  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
05:53:30.0354 6188  MsRPC - ok
05:53:30.0370 6188  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
05:53:30.0370 6188  mssmbios - ok
05:53:30.0386 6188  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
05:53:30.0417 6188  MSTEE - ok
05:53:30.0417 6188  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
05:53:30.0432 6188  MTConfig - ok
05:53:30.0432 6188  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
05:53:30.0464 6188  Mup - ok
05:53:30.0464 6188  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
05:53:30.0526 6188  napagent - ok
05:53:30.0542 6188  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
05:53:30.0573 6188  NativeWifiP - ok
05:53:30.0573 6188  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
05:53:30.0604 6188  NDIS - ok
05:53:30.0604 6188  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
05:53:30.0635 6188  NdisCap - ok
05:53:30.0635 6188  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
05:53:30.0666 6188  NdisTapi - ok
05:53:30.0666 6188  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
05:53:30.0698 6188  Ndisuio - ok
05:53:30.0713 6188  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
05:53:30.0744 6188  NdisWan - ok
05:53:30.0744 6188  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
05:53:30.0776 6188  NDProxy - ok
05:53:30.0776 6188  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
05:53:30.0807 6188  NetBIOS - ok
05:53:30.0807 6188  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
05:53:30.0838 6188  NetBT - ok
05:53:30.0854 6188  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
05:53:30.0885 6188  Netlogon - ok
05:53:30.0885 6188  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
05:53:30.0947 6188  Netman - ok
05:53:30.0963 6188  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:53:30.0978 6188  NetMsmqActivator - ok
05:53:30.0978 6188  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:53:30.0994 6188  NetPipeActivator - ok
05:53:30.0994 6188  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
05:53:31.0056 6188  netprofm - ok
05:53:31.0056 6188  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:53:31.0072 6188  NetTcpActivator - ok
05:53:31.0072 6188  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:53:31.0088 6188  NetTcpPortSharing - ok
05:53:31.0088 6188  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
05:53:31.0103 6188  nfrd960 - ok
05:53:31.0103 6188  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
05:53:31.0166 6188  NlaSvc - ok
05:53:31.0166 6188  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
05:53:31.0197 6188  Npfs - ok
05:53:31.0197 6188  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
05:53:31.0259 6188  nsi - ok
05:53:31.0259 6188  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
05:53:31.0290 6188  nsiproxy - ok
05:53:31.0306 6188  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
05:53:31.0337 6188  Ntfs - ok
05:53:31.0353 6188  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
05:53:31.0384 6188  Null - ok
05:53:31.0384 6188  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
05:53:31.0400 6188  NVHDA - ok
05:53:31.0478 6188  [ 858262F04D4E4396B7D2B29E444B6690 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:53:31.0571 6188  nvlddmkm - ok
05:53:31.0587 6188  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
05:53:31.0602 6188  nvraid - ok
05:53:31.0602 6188  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
05:53:31.0634 6188  nvstor - ok
05:53:31.0634 6188  [ F37F612016CC2A6DFD8ADE79842E85DB ] nvsvc           C:\Windows\system32\nvvsvc.exe
05:53:31.0696 6188  nvsvc - ok
05:53:31.0696 6188  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
05:53:31.0712 6188  nv_agp - ok
05:53:31.0727 6188  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:53:31.0743 6188  odserv - ok
05:53:31.0743 6188  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
05:53:31.0774 6188  ohci1394 - ok
05:53:31.0774 6188  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:53:31.0790 6188  ose - ok
05:53:31.0790 6188  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
05:53:31.0852 6188  p2pimsvc - ok
05:53:31.0852 6188  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
05:53:31.0899 6188  p2psvc - ok
05:53:31.0914 6188  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
05:53:31.0930 6188  Parport - ok
05:53:31.0930 6188  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
05:53:31.0961 6188  partmgr - ok
05:53:31.0961 6188  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
05:53:32.0008 6188  PcaSvc - ok
05:53:32.0024 6188  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
05:53:32.0039 6188  pci - ok
05:53:32.0039 6188  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
05:53:32.0055 6188  pciide - ok
05:53:32.0070 6188  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
05:53:32.0086 6188  pcmcia - ok
05:53:32.0086 6188  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
05:53:32.0102 6188  pcw - ok
05:53:32.0117 6188  pdfcDispatcher - ok
05:53:32.0117 6188  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
05:53:32.0148 6188  PEAUTH - ok
05:53:32.0164 6188  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
05:53:32.0226 6188  PeerDistSvc - ok
05:53:32.0242 6188  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
05:53:32.0273 6188  PerfHost - ok
05:53:32.0289 6188  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
05:53:32.0367 6188  pla - ok
05:53:32.0382 6188  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
05:53:32.0445 6188  PlugPlay - ok
05:53:32.0445 6188  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
05:53:32.0507 6188  PNRPAutoReg - ok
05:53:32.0507 6188  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
05:53:32.0570 6188  PNRPsvc - ok
05:53:32.0570 6188  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
05:53:32.0616 6188  PolicyAgent - ok
05:53:32.0616 6188  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
05:53:32.0710 6188  Power - ok
05:53:32.0710 6188  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
05:53:32.0741 6188  PptpMiniport - ok
05:53:32.0741 6188  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
05:53:32.0772 6188  Processor - ok
05:53:32.0772 6188  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
05:53:32.0835 6188  ProfSvc - ok
05:53:32.0835 6188  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
05:53:32.0866 6188  ProtectedStorage - ok
05:53:32.0866 6188  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
05:53:32.0913 6188  Psched - ok
05:53:32.0913 6188  pwalker - ok
05:53:32.0928 6188  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
05:53:32.0960 6188  ql2300 - ok
05:53:32.0960 6188  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
05:53:32.0975 6188  ql40xx - ok
05:53:32.0991 6188  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
05:53:33.0053 6188  QWAVE - ok
05:53:33.0053 6188  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
05:53:33.0069 6188  QWAVEdrv - ok
05:53:33.0084 6188  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
05:53:33.0116 6188  RasAcd - ok
05:53:33.0116 6188  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
05:53:33.0147 6188  RasAgileVpn - ok
05:53:33.0147 6188  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
05:53:33.0225 6188  RasAuto - ok
05:53:33.0225 6188  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
05:53:33.0256 6188  Rasl2tp - ok
05:53:33.0256 6188  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
05:53:33.0334 6188  RasMan - ok
05:53:33.0334 6188  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
05:53:33.0365 6188  RasPppoe - ok
05:53:33.0381 6188  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
05:53:33.0412 6188  RasSstp - ok
05:53:33.0412 6188  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
05:53:33.0443 6188  rdbss - ok
05:53:33.0443 6188  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
05:53:33.0474 6188  rdpbus - ok
05:53:33.0474 6188  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
05:53:33.0506 6188  RDPCDD - ok
05:53:33.0506 6188  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
05:53:33.0537 6188  RDPDR - ok
05:53:33.0537 6188  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
05:53:33.0568 6188  RDPENCDD - ok
05:53:33.0568 6188  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
05:53:33.0615 6188  RDPREFMP - ok
05:53:33.0615 6188  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
05:53:33.0630 6188  RdpVideoMiniport - ok
05:53:33.0630 6188  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
05:53:33.0662 6188  RDPWD - ok
05:53:33.0662 6188  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
05:53:33.0693 6188  rdyboost - ok
05:53:33.0693 6188  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
05:53:33.0755 6188  RemoteAccess - ok
05:53:33.0755 6188  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
05:53:33.0833 6188  RemoteRegistry - ok
05:53:33.0833 6188  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
05:53:33.0896 6188  RpcEptMapper - ok
05:53:33.0911 6188  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
05:53:33.0942 6188  RpcLocator - ok
05:53:33.0958 6188  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
05:53:34.0020 6188  RpcSs - ok
05:53:34.0036 6188  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
05:53:34.0052 6188  rspndr - ok
05:53:34.0067 6188  [ 4041310BF35A7FA0541EF389D1102FD1 ] rspSanity       C:\Windows\system32\DRIVERS\rspSanity64.sys
05:53:34.0083 6188  rspSanity - ok
05:53:34.0083 6188  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
05:53:34.0114 6188  s3cap - ok
05:53:34.0114 6188  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
05:53:34.0145 6188  SamSs - ok
05:53:34.0145 6188  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
05:53:34.0176 6188  sbp2port - ok
05:53:34.0176 6188  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
05:53:34.0254 6188  SCardSvr - ok
05:53:34.0254 6188  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
05:53:34.0317 6188  scfilter - ok
05:53:34.0317 6188  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
05:53:34.0395 6188  Schedule - ok
05:53:34.0410 6188  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
05:53:34.0442 6188  SCPolicySvc - ok
05:53:34.0442 6188  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
05:53:34.0504 6188  SDRSVC - ok
05:53:34.0504 6188  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
05:53:34.0535 6188  secdrv - ok
05:53:34.0535 6188  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
05:53:34.0613 6188  seclogon - ok
05:53:34.0613 6188  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
05:53:34.0691 6188  SENS - ok
05:53:34.0691 6188  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
05:53:34.0754 6188  SensrSvc - ok
05:53:34.0754 6188  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
05:53:34.0785 6188  Serenum - ok
05:53:34.0785 6188  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
05:53:34.0800 6188  Serial - ok
05:53:34.0800 6188  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
05:53:34.0832 6188  sermouse - ok
05:53:34.0832 6188  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
05:53:34.0910 6188  SessionEnv - ok
05:53:34.0910 6188  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
05:53:34.0941 6188  sffdisk - ok
05:53:34.0941 6188  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
05:53:34.0956 6188  sffp_mmc - ok
05:53:34.0956 6188  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
05:53:34.0988 6188  sffp_sd - ok
05:53:34.0988 6188  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
05:53:35.0019 6188  sfloppy - ok
05:53:35.0019 6188  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
05:53:35.0066 6188  SharedAccess - ok
05:53:35.0066 6188  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
05:53:35.0144 6188  ShellHWDetection - ok
05:53:35.0144 6188  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
05:53:35.0175 6188  SiSRaid2 - ok
05:53:35.0175 6188  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
05:53:35.0190 6188  SiSRaid4 - ok
05:53:35.0206 6188  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
05:53:35.0237 6188  Smb - ok
05:53:35.0237 6188  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
05:53:35.0300 6188  SNMPTRAP - ok
05:53:35.0300 6188  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
05:53:35.0331 6188  spldr - ok
05:53:35.0331 6188  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
05:53:35.0393 6188  Spooler - ok
05:53:35.0424 6188  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
05:53:35.0518 6188  sppsvc - ok
05:53:35.0518 6188  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
05:53:35.0596 6188  sppuinotify - ok
05:53:35.0596 6188  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
05:53:35.0627 6188  srv - ok
05:53:35.0627 6188  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
05:53:35.0643 6188  srv2 - ok
05:53:35.0658 6188  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
05:53:35.0674 6188  srvnet - ok
05:53:35.0674 6188  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
05:53:35.0752 6188  SSDPSRV - ok
05:53:35.0752 6188  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
05:53:35.0830 6188  SstpSvc - ok
05:53:35.0830 6188  [ 877DF77ACE8C82F7F93764345BB82DF5 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
05:53:35.0846 6188  Stereo Service - ok
05:53:35.0846 6188  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
05:53:35.0877 6188  stexstor - ok
05:53:35.0877 6188  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
05:53:35.0955 6188  stisvc - ok
05:53:35.0970 6188  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
05:53:35.0986 6188  storflt - ok
05:53:35.0986 6188  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
05:53:36.0064 6188  StorSvc - ok
05:53:36.0064 6188  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
05:53:36.0080 6188  storvsc - ok
05:53:36.0080 6188  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
05:53:36.0095 6188  swenum - ok
05:53:36.0111 6188  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
05:53:36.0189 6188  swprv - ok
05:53:36.0204 6188  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
05:53:36.0282 6188  SysMain - ok
05:53:36.0282 6188  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
05:53:36.0360 6188  TabletInputService - ok
05:53:36.0360 6188  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
05:53:36.0438 6188  TapiSrv - ok
05:53:36.0438 6188  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
05:53:36.0516 6188  TBS - ok
05:53:36.0532 6188  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
05:53:36.0579 6188  Tcpip - ok
05:53:36.0594 6188  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
05:53:36.0626 6188  TCPIP6 - ok
05:53:36.0626 6188  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
05:53:36.0641 6188  tcpipreg - ok
05:53:36.0641 6188  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
05:53:36.0672 6188  TDPIPE - ok
05:53:36.0672 6188  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
05:53:36.0688 6188  TDTCP - ok
05:53:36.0688 6188  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
05:53:36.0735 6188  tdx - ok
05:53:36.0735 6188  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
05:53:36.0750 6188  TermDD - ok
05:53:36.0766 6188  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
05:53:36.0844 6188  TermService - ok
05:53:36.0844 6188  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
05:53:36.0922 6188  Themes - ok
05:53:36.0922 6188  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
05:53:36.0969 6188  THREADORDER - ok
05:53:36.0984 6188  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
05:53:37.0062 6188  TrkWks - ok
05:53:37.0062 6188  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
05:53:37.0094 6188  TrustedInstaller - ok
05:53:37.0094 6188  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
05:53:37.0125 6188  tssecsrv - ok
05:53:37.0125 6188  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
05:53:37.0140 6188  TsUsbFlt - ok
05:53:37.0140 6188  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
05:53:37.0172 6188  TsUsbGD - ok

 

to be continued:
 

Link to post
Share on other sites

part 2

 

05:53:37.0172 6188  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
05:53:37.0203 6188  tunnel - ok
05:53:37.0218 6188  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
05:53:37.0234 6188  uagp35 - ok
05:53:37.0234 6188  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
05:53:37.0281 6188  udfs - ok
05:53:37.0281 6188  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
05:53:37.0343 6188  UI0Detect - ok
05:53:37.0359 6188  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
05:53:37.0374 6188  uliagpkx - ok
05:53:37.0374 6188  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
05:53:37.0406 6188  umbus - ok
05:53:37.0406 6188  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
05:53:37.0421 6188  UmPass - ok
05:53:37.0421 6188  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
05:53:37.0499 6188  UmRdpService - ok
05:53:37.0515 6188  [ AF950F62E5FC72FFDB7363F72600B21C ] UmxEngine       C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
05:53:37.0530 6188  UmxEngine - ok
05:53:37.0530 6188  [ FA010336DB6FC6352A5056DD3E212CA8 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
05:53:37.0546 6188  UNS - ok
05:53:37.0546 6188  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
05:53:37.0624 6188  upnphost - ok
05:53:37.0640 6188  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
05:53:37.0655 6188  usbccgp - ok
05:53:37.0655 6188  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
05:53:37.0686 6188  usbcir - ok
05:53:37.0686 6188  [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
05:53:37.0702 6188  usbehci - ok
05:53:37.0718 6188  [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
05:53:37.0733 6188  usbhub - ok
05:53:37.0733 6188  [ 9406D801042FAF859CF81B2C886413DC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
05:53:37.0764 6188  usbohci - ok
05:53:37.0764 6188  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
05:53:37.0796 6188  usbprint - ok
05:53:37.0811 6188  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:53:37.0827 6188  USBSTOR - ok
05:53:37.0842 6188  [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
05:53:37.0858 6188  usbuhci - ok
05:53:37.0858 6188  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
05:53:37.0952 6188  UxSms - ok
05:53:37.0952 6188  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
05:53:37.0983 6188  VaultSvc - ok
05:53:37.0983 6188  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
05:53:38.0014 6188  vdrvroot - ok
05:53:38.0014 6188  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
05:53:38.0108 6188  vds - ok
05:53:38.0108 6188  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
05:53:38.0139 6188  vga - ok
05:53:38.0139 6188  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
05:53:38.0170 6188  VgaSave - ok
05:53:38.0170 6188  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
05:53:38.0201 6188  vhdmp - ok
05:53:38.0201 6188  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
05:53:38.0217 6188  viaide - ok
05:53:38.0232 6188  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
05:53:38.0248 6188  vmbus - ok
05:53:38.0248 6188  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
05:53:38.0279 6188  VMBusHID - ok
05:53:38.0279 6188  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
05:53:38.0310 6188  volmgr - ok
05:53:38.0310 6188  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
05:53:38.0342 6188  volmgrx - ok
05:53:38.0342 6188  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
05:53:38.0357 6188  volsnap - ok
05:53:38.0373 6188  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
05:53:38.0388 6188  vsmraid - ok
05:53:38.0404 6188  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
05:53:38.0498 6188  VSS - ok
05:53:38.0498 6188  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
05:53:38.0529 6188  vwifibus - ok
05:53:38.0529 6188  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
05:53:38.0622 6188  W32Time - ok
05:53:38.0622 6188  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
05:53:38.0654 6188  WacomPen - ok
05:53:38.0654 6188  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
05:53:38.0685 6188  WANARP - ok
05:53:38.0685 6188  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
05:53:38.0716 6188  Wanarpv6 - ok
05:53:38.0732 6188  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
05:53:38.0763 6188  WatAdminSvc - ok
05:53:38.0763 6188  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
05:53:38.0856 6188  wbengine - ok
05:53:38.0856 6188  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
05:53:38.0934 6188  WbioSrvc - ok
05:53:38.0934 6188  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
05:53:39.0028 6188  wcncsvc - ok
05:53:39.0028 6188  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
05:53:39.0106 6188  WcsPlugInService - ok
05:53:39.0106 6188  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
05:53:39.0122 6188  Wd - ok
05:53:39.0122 6188  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
05:53:39.0153 6188  Wdf01000 - ok
05:53:39.0168 6188  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
05:53:39.0246 6188  WdiServiceHost - ok
05:53:39.0246 6188  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
05:53:39.0324 6188  WdiSystemHost - ok
05:53:39.0324 6188  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
05:53:39.0402 6188  WebClient - ok
05:53:39.0402 6188  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
05:53:39.0496 6188  Wecsvc - ok
05:53:39.0496 6188  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
05:53:39.0590 6188  wercplsupport - ok
05:53:39.0590 6188  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
05:53:39.0683 6188  WerSvc - ok
05:53:39.0683 6188  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
05:53:39.0714 6188  WfpLwf - ok
05:53:39.0714 6188  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
05:53:39.0730 6188  WIMMount - ok
05:53:39.0746 6188  WinDefend - ok
05:53:39.0746 6188  WinHttpAutoProxySvc - ok
05:53:39.0746 6188  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
05:53:39.0777 6188  Winmgmt - ok
05:53:39.0792 6188  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
05:53:39.0902 6188  WinRM - ok
05:53:39.0902 6188  [ 78DB15E30154E093996C7EE84525514B ] WinSvchostManagerSrv C:\Windows\SysWOW64\cfgmig32.exe
05:53:39.0917 6188  WinSvchostManagerSrv - ok
05:53:39.0933 6188  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
05:53:40.0011 6188  Wlansvc - ok
05:53:40.0011 6188  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
05:53:40.0042 6188  WmiAcpi - ok
05:53:40.0042 6188  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
05:53:40.0058 6188  wmiApSrv - ok
05:53:40.0058 6188  WMPNetworkSvc - ok
05:53:40.0073 6188  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
05:53:40.0151 6188  WPCSvc - ok
05:53:40.0151 6188  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
05:53:40.0229 6188  WPDBusEnum - ok
05:53:40.0229 6188  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
05:53:40.0260 6188  ws2ifsl - ok
05:53:40.0260 6188  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
05:53:40.0338 6188  wscsvc - ok
05:53:40.0338 6188  WSearch - ok
05:53:40.0370 6188  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
05:53:40.0463 6188  wuauserv - ok
05:53:40.0463 6188  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
05:53:40.0479 6188  WudfPf - ok
05:53:40.0494 6188  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
05:53:40.0510 6188  WUDFRd - ok
05:53:40.0526 6188  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
05:53:40.0604 6188  wudfsvc - ok
05:53:40.0604 6188  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
05:53:40.0682 6188  WwanSvc - ok
05:53:40.0682 6188  ================ Scan global ===============================
05:53:40.0697 6188  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
05:53:40.0697 6188  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
05:53:40.0760 6188  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
05:53:40.0822 6188  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
05:53:40.0884 6188  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
05:53:40.0931 6188  [Global] - ok
05:53:40.0931 6188  ================ Scan MBR ==================================
05:53:40.0931 6188  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
05:53:41.0009 6188  \Device\Harddisk0\DR0 - ok
05:53:41.0009 6188  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
05:53:41.0072 6188  \Device\Harddisk1\DR1 - ok
05:53:41.0072 6188  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
05:53:41.0118 6188  \Device\Harddisk2\DR2 - ok
05:53:41.0118 6188  ================ Scan VBR ==================================
05:53:41.0134 6188  [ 9B9319757504E332BE94B3D4D4A46FDE ] \Device\Harddisk0\DR0\Partition1
05:53:41.0134 6188  \Device\Harddisk0\DR0\Partition1 - ok
05:53:41.0134 6188  [ BB6E306F44D8B74C14939B92AEDD8FA9 ] \Device\Harddisk0\DR0\Partition2
05:53:41.0134 6188  \Device\Harddisk0\DR0\Partition2 - ok
05:53:41.0134 6188  [ 9254DC0DF59330CF5AEE8A2613F8CD33 ] \Device\Harddisk0\DR0\Partition3
05:53:41.0134 6188  \Device\Harddisk0\DR0\Partition3 - ok
05:53:41.0134 6188  [ 9EE5911F5EF69D59923619B0F6D9394D ] \Device\Harddisk1\DR1\Partition1
05:53:41.0134 6188  \Device\Harddisk1\DR1\Partition1 - ok
05:53:41.0134 6188  [ 22FC1EDA8CB6907159EA4A27B050F346 ] \Device\Harddisk2\DR2\Partition1
05:53:41.0134 6188  \Device\Harddisk2\DR2\Partition1 - ok
05:53:41.0134 6188  ================ Scan active images ========================
05:53:41.0134 6188  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
05:53:41.0134 6188  C:\Windows\System32\drivers\crashdmp.sys - ok
05:53:41.0134 6188  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
05:53:41.0134 6188  C:\Windows\System32\drivers\dumpfve.sys - ok
05:53:41.0150 6188  [ D1753C06EE17E29352B065EACF3F10D0 ] C:\Windows\System32\drivers\iaStor.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\iaStor.sys - ok
05:53:41.0150 6188  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\cdrom.sys - ok
05:53:41.0150 6188  [ 77481D3753F6DCB0A499C3A01460DC00 ] C:\Windows\System32\drivers\KmxAgent.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\KmxAgent.sys - ok
05:53:41.0150 6188  [ 2FA4CB9DCA3ED83583659670F3B40916 ] C:\Windows\System32\drivers\KmxCfg.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\KmxCfg.sys - ok
05:53:41.0150 6188  [ EB0576050B2A618563CAA3ECBF19F2EF ] C:\Windows\System32\drivers\KmxFile.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\KmxFile.sys - ok
05:53:41.0150 6188  [ A1F53D2A00E64679A1D81B61D2333D06 ] C:\Windows\System32\drivers\avgtpx64.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\avgtpx64.sys - ok
05:53:41.0150 6188  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\beep.sys - ok
05:53:41.0150 6188  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\null.sys - ok
05:53:41.0150 6188  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\RDPCDD.sys - ok
05:53:41.0150 6188  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
05:53:41.0150 6188  C:\Windows\System32\drivers\RDPENCDD.sys - ok
05:53:41.0165 6188  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\RDPREFMP.sys - ok
05:53:41.0165 6188  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\vga.sys - ok
05:53:41.0165 6188  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\videoprt.sys - ok
05:53:41.0165 6188  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\watchdog.sys - ok
05:53:41.0165 6188  [ 314C17917AC8523EC77A710215012A65 ] C:\Windows\System32\drivers\afd.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\afd.sys - ok
05:53:41.0165 6188  [ 87DA5AFC8950EC34D0CDDF3438370727 ] C:\Windows\System32\drivers\KmxFilter.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\KmxFilter.sys - ok
05:53:41.0165 6188  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\msfs.sys - ok
05:53:41.0165 6188  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\netbt.sys - ok
05:53:41.0165 6188  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\npfs.sys - ok
05:53:41.0165 6188  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
05:53:41.0165 6188  C:\Windows\System32\drivers\pacer.sys - ok
05:53:41.0181 6188  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\tdx.sys - ok
05:53:41.0181 6188  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\wfplwf.sys - ok
05:53:41.0181 6188  [ 0571E626B1FDB6A83F67F11ACC65D2C0 ] C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys
05:53:41.0181 6188  C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys - ok
05:53:41.0181 6188  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\discache.sys - ok
05:53:41.0181 6188  [ BE2902E13CA69383F449B6BF927844FB ] C:\Windows\System32\drivers\ElbyCDIO.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\ElbyCDIO.sys - ok
05:53:41.0181 6188  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\mssmbios.sys - ok
05:53:41.0181 6188  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\netbios.sys - ok
05:53:41.0181 6188  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\nsiproxy.sys - ok
05:53:41.0181 6188  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\rdbss.sys - ok
05:53:41.0181 6188  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
05:53:41.0181 6188  C:\Windows\System32\drivers\serial.sys - ok
05:53:41.0196 6188  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
05:53:41.0196 6188  C:\Windows\System32\drivers\termdd.sys - ok
05:53:41.0196 6188  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
05:53:41.0196 6188  C:\Windows\System32\drivers\wanarp.sys - ok
05:53:41.0196 6188  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys

05:53:41.0196 6188  C:\Windows\System32\drivers\blbdrive.sys - ok

 

to be continued:

 

Link to post
Share on other sites

part 3:

 

05:53:41.0196 6188  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
05:53:41.0196 6188  C:\Windows\System32\drivers\csc.sys - ok
05:53:41.0196 6188  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
05:53:41.0196 6188  C:\Windows\System32\drivers\dfsc.sys - ok
05:53:41.0196 6188  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
05:53:41.0196 6188  C:\Windows\System32\drivers\tunnel.sys - ok
05:53:41.0196 6188  [ F0970A4BC8395659C22BF53D0FADF16F ] C:\Windows\System32\smss.exe
05:53:41.0196 6188  C:\Windows\System32\smss.exe - ok
05:53:41.0196 6188  [ CAAAC014C5C56A69F710B5F1B836DE22 ] C:\Windows\System32\ntdll.dll
05:53:41.0196 6188  C:\Windows\System32\ntdll.dll - ok
05:53:41.0196 6188  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
05:53:41.0196 6188  C:\Windows\System32\autochk.exe - ok
05:53:41.0196 6188  [ 858262F04D4E4396B7D2B29E444B6690 ] C:\Windows\System32\drivers\nvlddmkm.sys
05:53:41.0196 6188  C:\Windows\System32\drivers\nvlddmkm.sys - ok
05:53:41.0212 6188  [ 88612F1CE3BF42256913BF6E61C70D52 ] C:\Windows\System32\drivers\dxgkrnl.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\dxgkrnl.sys - ok
05:53:41.0212 6188  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\dxgmms1.sys - ok
05:53:41.0212 6188  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\hdaudbus.sys - ok
05:53:41.0212 6188  [ BA01A130D2B850CA87483CE6AC1A2BBA ] C:\Windows\System32\drivers\e1c62x64.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\e1c62x64.sys - ok
05:53:41.0212 6188  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] C:\Windows\System32\drivers\HECIx64.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\HECIx64.sys - ok
05:53:41.0212 6188  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] C:\Windows\System32\drivers\iusb3xhc.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\iusb3xhc.sys - ok
05:53:41.0212 6188  [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\serenum.sys - ok
05:53:41.0212 6188  [ 861C197502A5057E68F0AC75D9EFCDD7 ] C:\Windows\System32\drivers\usbd.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\usbd.sys - ok
05:53:41.0212 6188  [ C461EED35EF738AC38417EC4021FF4C7 ] C:\Windows\System32\drivers\cthdb.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\cthdb.sys - ok
05:53:41.0212 6188  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
05:53:41.0212 6188  C:\Windows\System32\drivers\drmk.sys - ok
05:53:41.0228 6188  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\ks.sys - ok
05:53:41.0228 6188  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\ksthunk.sys - ok
05:53:41.0228 6188  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\portcls.sys - ok
05:53:41.0228 6188  [ 311C1DD1088E55BEAE15954D17F50646 ] C:\Windows\System32\drivers\usbehci.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\usbehci.sys - ok
05:53:41.0228 6188  [ E73A7A04FDAC9DD46EE2A4257F09E91C ] C:\Windows\System32\drivers\usbport.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\usbport.sys - ok
05:53:41.0228 6188  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\agilevpn.sys - ok
05:53:41.0228 6188  [ CF24100CF607F0B8C1F3794540AE1D19 ] C:\Windows\System32\drivers\AnyDVD.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\AnyDVD.sys - ok
05:53:41.0228 6188  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\CompositeBus.sys - ok
05:53:41.0228 6188  [ 9387A484D31209D7FC3F795A787294DB ] C:\Windows\System32\drivers\ElbyCDFL.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\ElbyCDFL.sys - ok
05:53:41.0228 6188  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
05:53:41.0228 6188  C:\Windows\System32\drivers\i8042prt.sys - ok
05:53:41.0243 6188  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\intelppm.sys - ok
05:53:41.0243 6188  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\kbdclass.sys - ok
05:53:41.0243 6188  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\ndistapi.sys - ok
05:53:41.0243 6188  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\rasl2tp.sys - ok
05:53:41.0243 6188  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\wmiacpi.sys - ok
05:53:41.0243 6188  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\mouclass.sys - ok
05:53:41.0243 6188  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\ndiswan.sys - ok
05:53:41.0243 6188  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\raspppoe.sys - ok
05:53:41.0243 6188  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\raspptp.sys - ok
05:53:41.0243 6188  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
05:53:41.0243 6188  C:\Windows\System32\drivers\rassstp.sys - ok
05:53:41.0259 6188  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
05:53:41.0259 6188  C:\Windows\System32\drivers\rdpbus.sys - ok
05:53:41.0259 6188  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
05:53:41.0259 6188  C:\Windows\System32\drivers\swenum.sys - ok
05:53:41.0259 6188  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
05:53:41.0259 6188  C:\Windows\System32\drivers\umbus.sys - ok
05:53:41.0259 6188  [ 280E90CBF4B2DDD169F0728CB44D726F ] C:\Windows\System32\drivers\usbhub.sys
05:53:41.0259 6188  C:\Windows\System32\drivers\usbhub.sys - ok
05:53:41.0259 6188  [ CBACE8DFA420B78DD2225CAEA798612D ] C:\Windows\System32\drivers\cthda.sys
05:53:41.0259 6188  C:\Windows\System32\drivers\cthda.sys - ok
05:53:41.0259 6188  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
05:53:41.0259 6188  C:\Windows\System32\drivers\fastfat.sys - ok
05:53:41.0259 6188  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
05:53:41.0259 6188  C:\Windows\System32\gdi32.dll - ok
05:53:41.0259 6188  [ 63A580C88CFAF72A92550940054569EF ] C:\Windows\System32\advapi32.dll
05:53:41.0259 6188  C:\Windows\System32\advapi32.dll - ok
05:53:41.0259 6188  [ 796B47A4B82EF1C39F13435B88834C48 ] C:\Windows\System32\lpk.dll
05:53:41.0259 6188  C:\Windows\System32\lpk.dll - ok
05:53:41.0259 6188  [ 26036E228D2467DE6975AD819C22C043 ] C:\Windows\System32\rpcrt4.dll
05:53:41.0259 6188  C:\Windows\System32\rpcrt4.dll - ok
05:53:41.0274 6188  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
05:53:41.0274 6188  C:\Windows\System32\usp10.dll - ok
05:53:41.0274 6188  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
05:53:41.0274 6188  C:\Windows\System32\clbcatq.dll - ok
05:53:41.0274 6188  [ 882AC0DD997CFC90FBB468D698BD55C6 ] C:\Windows\System32\urlmon.dll
05:53:41.0274 6188  C:\Windows\System32\urlmon.dll - ok
05:53:41.0274 6188  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
05:53:41.0274 6188  C:\Windows\System32\difxapi.dll - ok
05:53:41.0274 6188  [ D8973E71F1B35CD3F3DEA7C12D49D0F0 ] C:\Windows\System32\kernel32.dll
05:53:41.0274 6188  C:\Windows\System32\kernel32.dll - ok
05:53:41.0274 6188  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
05:53:41.0274 6188  C:\Windows\System32\imm32.dll - ok
05:53:41.0274 6188  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
05:53:41.0274 6188  C:\Windows\System32\nsi.dll - ok
05:53:41.0274 6188  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
05:53:41.0274 6188  C:\Windows\System32\setupapi.dll - ok
05:53:41.0274 6188  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
05:53:41.0274 6188  C:\Windows\System32\drivers\ndproxy.sys - ok
05:53:41.0274 6188  [ 199BD40B1890E1EEFF7438B59787534F ] C:\Windows\System32\iertutil.dll
05:53:41.0274 6188  C:\Windows\System32\iertutil.dll - ok
05:53:41.0290 6188  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
05:53:41.0290 6188  C:\Windows\System32\imagehlp.dll - ok
05:53:41.0290 6188  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
05:53:41.0290 6188  C:\Windows\System32\msctf.dll - ok
05:53:41.0290 6188  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
05:53:41.0290 6188  C:\Windows\System32\ws2_32.dll - ok
05:53:41.0290 6188  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
05:53:41.0290 6188  C:\Windows\System32\comdlg32.dll - ok
05:53:41.0290 6188  [ AD662B34B161198B9D66A564EDDA7D43 ] C:\Windows\System32\shell32.dll
05:53:41.0290 6188  C:\Windows\System32\shell32.dll - ok
05:53:41.0290 6188  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
05:53:41.0290 6188  C:\Windows\System32\Wldap32.dll - ok
05:53:41.0290 6188  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
05:53:41.0290 6188  C:\Windows\System32\user32.dll - ok
05:53:41.0290 6188  [ D28B35DE88D27EFB27DF4B1E8319E3C0 ] C:\Windows\System32\wininet.dll
05:53:41.0290 6188  C:\Windows\System32\wininet.dll - ok
05:53:41.0290 6188  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
05:53:41.0290 6188  C:\Windows\System32\normaliz.dll - ok
05:53:41.0290 6188  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
05:53:41.0290 6188  C:\Windows\System32\ole32.dll - ok
05:53:41.0306 6188  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
05:53:41.0306 6188  C:\Windows\System32\psapi.dll - ok
05:53:41.0306 6188  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
05:53:41.0306 6188  C:\Windows\System32\cfgmgr32.dll - ok
05:53:41.0306 6188  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
05:53:41.0306 6188  C:\Windows\System32\msvcrt.dll - ok
05:53:41.0306 6188  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
05:53:41.0306 6188  C:\Windows\System32\oleaut32.dll - ok
05:53:41.0306 6188  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
05:53:41.0306 6188  C:\Windows\System32\sechost.dll - ok
05:53:41.0306 6188  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
05:53:41.0306 6188  C:\Windows\System32\shlwapi.dll - ok
05:53:41.0306 6188  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
05:53:41.0306 6188  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
05:53:41.0306 6188  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
05:53:41.0306 6188  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
05:53:41.0306 6188  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\System32\comctl32.dll
05:53:41.0306 6188  C:\Windows\System32\comctl32.dll - ok
05:53:41.0306 6188  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
05:53:41.0306 6188  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
05:53:41.0321 6188  [ 287998A9BA0140ABB59792CDEB2F8483 ] C:\Windows\System32\crypt32.dll
05:53:41.0321 6188  C:\Windows\System32\crypt32.dll - ok
05:53:41.0321 6188  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
05:53:41.0321 6188  C:\Windows\System32\devobj.dll - ok
05:53:41.0321 6188  [ B22C00ED0491FD7B8803D7DDE2849F4C ] C:\Windows\System32\KernelBase.dll
05:53:41.0321 6188  C:\Windows\System32\KernelBase.dll - ok
05:53:41.0321 6188  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
05:53:41.0321 6188  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
05:53:41.0321 6188  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
05:53:41.0321 6188  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
05:53:41.0321 6188  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
05:53:41.0321 6188  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
05:53:41.0321 6188  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
05:53:41.0321 6188  C:\Windows\System32\msasn1.dll - ok
05:53:41.0321 6188  [ 959041D7014C97133D859B45BCA0FC58 ] C:\Windows\System32\wintrust.dll
05:53:41.0321 6188  C:\Windows\System32\wintrust.dll - ok
05:53:41.0321 6188  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
05:53:41.0321 6188  C:\Windows\SysWOW64\normaliz.dll - ok
05:53:41.0321 6188  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] C:\Windows\System32\drivers\nvhda64v.sys
05:53:41.0321 6188  C:\Windows\System32\drivers\nvhda64v.sys - ok
05:53:41.0337 6188  [ 023896E23B61543A15A230EED996D911 ] C:\Windows\System32\drivers\iusb3hub.sys
05:53:41.0337 6188  C:\Windows\System32\drivers\iusb3hub.sys - ok
05:53:41.0337 6188  [ 059DDDEDBE5701DC3B779D32798108AC ] C:\Windows\System32\drivers\RTKVHD64.sys
05:53:41.0337 6188  C:\Windows\System32\drivers\RTKVHD64.sys - ok
05:53:41.0337 6188  [ 597C3699384E53CC59587ED50CCE5CA2 ] C:\Windows\System32\drivers\hidclass.sys
05:53:41.0337 6188  C:\Windows\System32\drivers\hidclass.sys - ok
05:53:41.0337 6188  [ 856E76B3641746ABBC2946BED1372098 ] C:\Windows\System32\drivers\hidparse.sys
05:53:41.0337 6188  C:\Windows\System32\drivers\hidparse.sys - ok
05:53:41.0337 6188  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
05:53:41.0337 6188  C:\Windows\System32\drivers\hidusb.sys - ok
05:53:41.0337 6188  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
05:53:41.0337 6188  C:\Windows\System32\drivers\mouhid.sys - ok
05:53:41.0337 6188  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
05:53:41.0337 6188  C:\Windows\System32\drivers\dxapi.sys - ok
05:53:41.0337 6188  [ 19320B121BFE7462EADD50A42C81AFD0 ] C:\Windows\System32\win32k.sys
05:53:41.0337 6188  C:\Windows\System32\win32k.sys - ok
05:53:41.0337 6188  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
05:53:41.0337 6188  C:\Windows\System32\basesrv.dll - ok
05:53:41.0337 6188  [ 216BABD555BC550952320EEA89C25DDF ] C:\Windows\System32\csrsrv.dll
05:53:41.0337 6188  C:\Windows\System32\csrsrv.dll - ok
05:53:41.0352 6188  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
05:53:41.0352 6188  C:\Windows\System32\csrss.exe - ok
05:53:41.0352 6188  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\System32\winsrv.dll
05:53:41.0352 6188  C:\Windows\System32\winsrv.dll - ok
05:53:41.0352 6188  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
05:53:41.0352 6188  C:\Windows\System32\drivers\monitor.sys - ok
05:53:41.0352 6188  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
05:53:41.0352 6188  C:\Windows\System32\sxssrv.dll - ok
05:53:41.0352 6188  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
05:53:41.0352 6188  C:\Windows\System32\tsddd.dll - ok
05:53:41.0352 6188  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
05:53:41.0352 6188  C:\Windows\System32\profapi.dll - ok
05:53:41.0352 6188  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
05:53:41.0352 6188  C:\Windows\System32\sxs.dll - ok
05:53:41.0352 6188  [ BC858A9C03ADBFFE176CC67567C188AE ] C:\Windows\System32\UmxSbxExA64.dll
05:53:41.0352 6188  C:\Windows\System32\UmxSbxExA64.dll - ok
05:53:41.0352 6188  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
05:53:41.0352 6188  C:\Windows\System32\wininit.exe - ok
05:53:41.0352 6188  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
05:53:41.0352 6188  C:\Windows\System32\cdd.dll - ok
05:53:41.0352 6188  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
05:53:41.0352 6188  C:\Windows\System32\KBDUS.DLL - ok
05:53:41.0368 6188  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
05:53:41.0368 6188  C:\Windows\System32\RpcRtRemote.dll - ok
05:53:41.0368 6188  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
05:53:41.0368 6188  C:\Windows\System32\WlS0WndH.dll - ok
05:53:41.0368 6188  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
05:53:41.0368 6188  C:\Windows\System32\cryptbase.dll - ok
05:53:41.0368 6188  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
05:53:41.0368 6188  C:\Windows\System32\apphelp.dll - ok
05:53:41.0368 6188  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
05:53:41.0368 6188  C:\Windows\System32\services.exe - ok
05:53:41.0368 6188  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
05:53:41.0368 6188  C:\Windows\System32\lsass.exe - ok
05:53:41.0368 6188  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
05:53:41.0368 6188  C:\Windows\System32\lsm.exe - ok
05:53:41.0368 6188  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
05:53:41.0368 6188  C:\Windows\System32\sspicli.dll - ok
05:53:41.0368 6188  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
05:53:41.0368 6188  C:\Windows\System32\sspisrv.dll - ok
05:53:41.0368 6188  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
05:53:41.0368 6188  C:\Windows\System32\cryptdll.dll - ok
05:53:41.0384 6188  [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
05:53:41.0384 6188  C:\Windows\System32\lsasrv.dll - ok
05:53:41.0384 6188  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
05:53:41.0384 6188  C:\Windows\System32\samsrv.dll - ok
05:53:41.0384 6188  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
05:53:41.0384 6188  C:\Windows\System32\scesrv.dll - ok
05:53:41.0384 6188  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
05:53:41.0384 6188  C:\Windows\System32\scext.dll - ok
05:53:41.0384 6188  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
05:53:41.0384 6188  C:\Windows\System32\secur32.dll - ok
05:53:41.0384 6188  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
05:53:41.0384 6188  C:\Windows\System32\srvcli.dll - ok
05:53:41.0384 6188  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
05:53:41.0384 6188  C:\Windows\System32\sysntfy.dll - ok
05:53:41.0384 6188  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
05:53:41.0384 6188  C:\Windows\System32\wevtapi.dll - ok
05:53:41.0384 6188  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
05:53:41.0384 6188  C:\Windows\System32\wmsgapi.dll - ok
05:53:41.0384 6188  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
05:53:41.0384 6188  C:\Windows\System32\authz.dll - ok
05:53:41.0384 6188  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
05:53:41.0384 6188  C:\Windows\System32\bcrypt.dll - ok
05:53:41.0399 6188  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
05:53:41.0399 6188  C:\Windows\System32\cngaudit.dll - ok
05:53:41.0399 6188  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
05:53:41.0399 6188  C:\Windows\System32\msprivs.dll - ok
05:53:41.0399 6188  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
05:53:41.0399 6188  C:\Windows\System32\ncrypt.dll - ok
05:53:41.0399 6188  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
05:53:41.0399 6188  C:\Windows\System32\negoexts.dll - ok
05:53:41.0399 6188  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
05:53:41.0399 6188  C:\Windows\System32\netjoin.dll - ok
05:53:41.0399 6188  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
05:53:41.0399 6188  C:\Windows\System32\cryptsp.dll - ok
05:53:41.0399 6188  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
05:53:41.0399 6188  C:\Windows\System32\kerberos.dll - ok
05:53:41.0399 6188  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
05:53:41.0399 6188  C:\Windows\System32\msv1_0.dll - ok
05:53:41.0399 6188  [ 9A9F9F1A77D6A80EE28B57664F00013E ] C:\Windows\System32\mswsock.dll
05:53:41.0399 6188  C:\Windows\System32\mswsock.dll - ok
05:53:41.0399 6188  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll

05:53:41.0399 6188  C:\Windows\System32\netlogon.dll - ok

 

Link to post
Share on other sites

part 4:

 

05:53:41.0415 6188  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
05:53:41.0415 6188  C:\Windows\System32\wship6.dll - ok
05:53:41.0415 6188  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
05:53:41.0415 6188  C:\Windows\System32\dnsapi.dll - ok
05:53:41.0415 6188  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
05:53:41.0415 6188  C:\Windows\System32\logoncli.dll - ok
05:53:41.0415 6188  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
05:53:41.0415 6188  C:\Windows\System32\rsaenh.dll - ok
05:53:41.0415 6188  [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
05:53:41.0415 6188  C:\Windows\System32\schannel.dll - ok
05:53:41.0415 6188  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
05:53:41.0415 6188  C:\Windows\System32\wdigest.dll - ok
05:53:41.0415 6188  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
05:53:41.0415 6188  C:\Windows\System32\bcryptprimitives.dll - ok
05:53:41.0415 6188  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
05:53:41.0415 6188  C:\Windows\System32\efslsaext.dll - ok
05:53:41.0415 6188  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
05:53:41.0415 6188  C:\Windows\System32\pku2u.dll - ok
05:53:41.0415 6188  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
05:53:41.0415 6188  C:\Windows\System32\scecli.dll - ok
05:53:41.0430 6188  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
05:53:41.0430 6188  C:\Windows\System32\TSpkg.dll - ok
05:53:41.0430 6188  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
05:53:41.0430 6188  C:\Windows\System32\ubpm.dll - ok
05:53:41.0430 6188  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
05:53:41.0430 6188  C:\Windows\System32\winsta.dll - ok
05:53:41.0430 6188  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
05:53:41.0430 6188  C:\Windows\System32\devrtl.dll - ok
05:53:41.0430 6188  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
05:53:41.0430 6188  C:\Windows\System32\SPInf.dll - ok
05:53:41.0430 6188  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
05:53:41.0430 6188  C:\Windows\System32\svchost.exe - ok
05:53:41.0430 6188  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
05:53:41.0430 6188  C:\Windows\System32\umpnpmgr.dll - ok
05:53:41.0430 6188  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
05:53:41.0430 6188  C:\Windows\System32\gpapi.dll - ok
05:53:41.0430 6188  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
05:53:41.0430 6188  C:\Windows\System32\pcwum.dll - ok
05:53:41.0430 6188  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
05:53:41.0430 6188  C:\Windows\System32\umpo.dll - ok
05:53:41.0430 6188  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
05:53:41.0430 6188  C:\Windows\System32\userenv.dll - ok
05:53:41.0446 6188  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
05:53:41.0446 6188  C:\Windows\System32\powrprof.dll - ok
05:53:41.0446 6188  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
05:53:41.0446 6188  C:\Windows\System32\drivers\luafv.sys - ok
05:53:41.0446 6188  [ EEF33889A80990C70595457A5C97EE09 ] C:\Windows\System32\drivers\KmxSbx.sys
05:53:41.0446 6188  C:\Windows\System32\drivers\KmxSbx.sys - ok
05:53:41.0446 6188  [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys
05:53:41.0446 6188  C:\Windows\System32\drivers\mbam.sys - ok
05:53:41.0446 6188  [ F37F612016CC2A6DFD8ADE79842E85DB ] C:\Windows\System32\nvvsvc.exe
05:53:41.0446 6188  C:\Windows\System32\nvvsvc.exe - ok
05:53:41.0446 6188  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
05:53:41.0446 6188  C:\Windows\System32\wtsapi32.dll - ok
05:53:41.0446 6188  [ 877DF77ACE8C82F7F93764345BB82DF5 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
05:53:41.0446 6188  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
05:53:41.0446 6188  [ A2B0924D50F4435FD389499047CE553A ] C:\Windows\SysWOW64\ntdll.dll
05:53:41.0446 6188  C:\Windows\SysWOW64\ntdll.dll - ok
05:53:41.0446 6188  [ 70833F5A59F65908698093889C34BCA2 ] C:\Windows\System32\wow64.dll
05:53:41.0446 6188  C:\Windows\System32\wow64.dll - ok
05:53:41.0446 6188  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
05:53:41.0446 6188  C:\Windows\System32\wow64cpu.dll - ok
05:53:41.0462 6188  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
05:53:41.0462 6188  C:\Windows\System32\wow64win.dll - ok
05:53:41.0462 6188  [ 365A5034093AD9E04F433046C4CDF6AB ] C:\Windows\SysWOW64\kernel32.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\kernel32.dll - ok
05:53:41.0462 6188  [ 1B7343C3765638D4D17CB925F84F8ABE ] C:\Windows\SysWOW64\KernelBase.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\KernelBase.dll - ok
05:53:41.0462 6188  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\msvcrt.dll - ok
05:53:41.0462 6188  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\setupapi.dll - ok
05:53:41.0462 6188  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\version.dll - ok
05:53:41.0462 6188  [ D67472125471784DE7147946EDA25FEB ] C:\Windows\SysWOW64\advapi32.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\advapi32.dll - ok
05:53:41.0462 6188  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\cfgmgr32.dll - ok
05:53:41.0462 6188  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\cryptbase.dll - ok
05:53:41.0462 6188  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
05:53:41.0462 6188  C:\Windows\SysWOW64\gdi32.dll - ok
05:53:41.0477 6188  [ 4DC999CED9429939D75682EBD7D48901 ] C:\Windows\SysWOW64\rpcrt4.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\rpcrt4.dll - ok
05:53:41.0477 6188  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\sechost.dll - ok
05:53:41.0477 6188  [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\sspicli.dll - ok
05:53:41.0477 6188  [ CC23295DA8F7B5C53F93804D2F5D30EB ] C:\Windows\SysWOW64\lpk.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\lpk.dll - ok
05:53:41.0477 6188  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\ole32.dll - ok
05:53:41.0477 6188  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\oleaut32.dll - ok
05:53:41.0477 6188  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\user32.dll - ok
05:53:41.0477 6188  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\usp10.dll - ok
05:53:41.0477 6188  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\devobj.dll - ok
05:53:41.0477 6188  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\imm32.dll - ok
05:53:41.0477 6188  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
05:53:41.0477 6188  C:\Windows\SysWOW64\msctf.dll - ok
05:53:41.0493 6188  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
05:53:41.0493 6188  C:\Windows\SysWOW64\winspool.drv - ok
05:53:41.0493 6188  [ 8C630884FABEF200F601DDCE5EAEAC3C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
05:53:41.0493 6188  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
05:53:41.0493 6188  [ A2586CF42930B2F42CD4D6C901AFDDA6 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
05:53:41.0493 6188  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
05:53:41.0493 6188  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
05:53:41.0493 6188  C:\Windows\System32\RpcEpMap.dll - ok
05:53:41.0493 6188  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
05:53:41.0493 6188  C:\Windows\System32\rpcss.dll - ok
05:53:41.0493 6188  [ AE8EB083B050E17A7D6EB5E28AECDDD6 ] C:\Windows\SysWOW64\crypt32.dll
05:53:41.0493 6188  C:\Windows\SysWOW64\crypt32.dll - ok
05:53:41.0493 6188  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
05:53:41.0493 6188  C:\Windows\SysWOW64\msasn1.dll - ok
05:53:41.0493 6188  [ 68EAAEDF0365168B804E8728368FA946 ] C:\Windows\SysWOW64\wintrust.dll
05:53:41.0493 6188  C:\Windows\SysWOW64\wintrust.dll - ok
05:53:41.0493 6188  [ 5C6DDDDB65020C36B25BECDD69A1F642 ] C:\Windows\System32\Vetredir64.dll
05:53:41.0493 6188  C:\Windows\System32\Vetredir64.dll - ok
05:53:41.0493 6188  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
05:53:41.0493 6188  C:\Windows\System32\wshqos.dll - ok
05:53:41.0508 6188  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
05:53:41.0508 6188  C:\Windows\System32\WSHTCPIP.DLL - ok
05:53:41.0508 6188  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
05:53:41.0508 6188  C:\Windows\SysWOW64\devrtl.dll - ok
05:53:41.0508 6188  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
05:53:41.0508 6188  C:\Windows\SysWOW64\ntmarta.dll - ok
05:53:41.0508 6188  [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
05:53:41.0508 6188  C:\Windows\SysWOW64\SPInf.dll - ok
05:53:41.0508 6188  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
05:53:41.0508 6188  C:\Windows\SysWOW64\Wldap32.dll - ok
05:53:41.0508 6188  [ 91CD061470127B651285AB8C217A7FAD ] C:\Windows\System32\Isafeif64.dll
05:53:41.0508 6188  C:\Windows\System32\Isafeif64.dll - ok
05:53:41.0508 6188  [ BE14CDE58770E71B6535E54E00E3AC6A ] C:\Windows\System32\isafprod64.dll
05:53:41.0508 6188  C:\Windows\System32\isafprod64.dll - ok
05:53:41.0508 6188  [ ED5C189A25FC37C445C93325CA717DB0 ] C:\Windows\System32\UmxSbxA64.dll
05:53:41.0508 6188  C:\Windows\System32\UmxSbxA64.dll - ok
05:53:41.0508 6188  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
05:53:41.0508 6188  C:\Windows\System32\FirewallAPI.dll - ok
05:53:41.0508 6188  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
05:53:41.0508 6188  C:\Windows\System32\version.dll - ok
05:53:41.0524 6188  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
05:53:41.0524 6188  C:\Windows\System32\wevtsvc.dll - ok
05:53:41.0524 6188  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
05:53:41.0524 6188  C:\Windows\System32\adtschema.dll - ok
05:53:41.0524 6188  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
05:53:41.0524 6188  C:\Windows\System32\audiosrv.dll - ok
05:53:41.0524 6188  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
05:53:41.0524 6188  C:\Windows\System32\profsvc.dll - ok
05:53:41.0524 6188  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
05:53:41.0524 6188  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
05:53:41.0524 6188  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
05:53:41.0524 6188  C:\Windows\System32\MMDevAPI.dll - ok
05:53:41.0524 6188  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
05:53:41.0524 6188  C:\Windows\System32\netprofm.dll - ok
05:53:41.0524 6188  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
05:53:41.0524 6188  C:\Windows\System32\propsys.dll - ok
05:53:41.0524 6188  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
05:53:41.0524 6188  C:\Windows\System32\avrt.dll - ok
05:53:41.0524 6188  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
05:53:41.0524 6188  C:\Windows\System32\drivers\fltMgr.sys - ok
05:53:41.0540 6188  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
05:53:41.0540 6188  C:\Windows\System32\FntCache.dll - ok
05:53:41.0540 6188  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
05:53:41.0540 6188  C:\Windows\System32\MPSSVC.dll - ok
05:53:41.0540 6188  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
05:53:41.0540 6188  C:\Windows\System32\winlogon.exe - ok
05:53:41.0540 6188  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
05:53:41.0540 6188  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
05:53:41.0540 6188  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
05:53:41.0540 6188  C:\Windows\System32\mmcss.dll - ok
05:53:41.0540 6188  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
05:53:41.0540 6188  C:\Windows\System32\PSHED.DLL - ok
05:53:41.0540 6188  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
05:53:41.0540 6188  C:\Windows\System32\audiodg.exe - ok
05:53:41.0540 6188  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
05:53:41.0540 6188  C:\Windows\System32\LogonUI.exe - ok
05:53:41.0540 6188  [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
05:53:41.0540 6188  C:\Windows\System32\authui.dll - ok
05:53:41.0540 6188  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
05:53:41.0540 6188  C:\Windows\System32\ntmarta.dll - ok
05:53:41.0555 6188  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
05:53:41.0555 6188  C:\Windows\System32\cryptui.dll - ok
05:53:41.0555 6188  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
05:53:41.0555 6188  C:\Windows\System32\cscsvc.dll - ok
05:53:41.0555 6188  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
05:53:41.0555 6188  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
05:53:41.0555 6188  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
05:53:41.0555 6188  C:\Windows\System32\atl.dll - ok
05:53:41.0555 6188  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
05:53:41.0555 6188  C:\Windows\System32\gpsvc.dll - ok
05:53:41.0555 6188  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
05:53:41.0555 6188  C:\Windows\System32\PeerDist.dll - ok
05:53:41.0555 6188  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
05:53:41.0555 6188  C:\Windows\System32\samlib.dll - ok
05:53:41.0555 6188  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
05:53:41.0555 6188  C:\Windows\System32\shacct.dll - ok
05:53:41.0555 6188  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
05:53:41.0555 6188  C:\Windows\System32\taskschd.dll - ok
05:53:41.0555 6188  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
05:53:41.0555 6188  C:\Windows\System32\themeservice.dll - ok
05:53:41.0571 6188  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
05:53:41.0571 6188  C:\Windows\System32\comres.dll - ok
05:53:41.0571 6188  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
05:53:41.0571 6188  C:\Windows\System32\dsrole.dll - ok
05:53:41.0571 6188  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
05:53:41.0571 6188  C:\Windows\System32\es.dll - ok
05:53:41.0571 6188  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
05:53:41.0571 6188  C:\Windows\System32\mstask.dll - ok
05:53:41.0571 6188  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
05:53:41.0571 6188  C:\Windows\System32\nlaapi.dll - ok
05:53:41.0571 6188  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
05:53:41.0571 6188  C:\Windows\System32\Sens.dll - ok
05:53:41.0571 6188  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
05:53:41.0571 6188  C:\Windows\System32\slc.dll - ok
05:53:41.0571 6188  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
05:53:41.0571 6188  C:\Windows\System32\uxtheme.dll - ok
05:53:41.0571 6188  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
05:53:41.0571 6188  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
05:53:41.0571 6188  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
05:53:41.0571 6188  C:\Windows\System32\drivers\lltdio.sys - ok
05:53:41.0571 6188  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
05:53:41.0586 6188  C:\Windows\System32\drivers\rspndr.sys - ok
05:53:41.0586 6188  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
05:53:41.0586 6188  C:\Windows\System32\dui70.dll - ok
05:53:41.0586 6188  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
05:53:41.0586 6188  C:\Windows\System32\uxsms.dll - ok
05:53:41.0586 6188  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
05:53:41.0586 6188  C:\Windows\System32\dhcpcore.dll - ok
05:53:41.0586 6188  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
05:53:41.0586 6188  C:\Windows\System32\dhcpcore6.dll - ok
05:53:41.0586 6188  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
05:53:41.0586 6188  C:\Windows\System32\duser.dll - ok
05:53:41.0586 6188  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
05:53:41.0586 6188  C:\Windows\System32\dwmapi.dll - ok
05:53:41.0586 6188  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
05:53:41.0586 6188  C:\Windows\System32\hid.dll - ok
05:53:41.0586 6188  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
05:53:41.0586 6188  C:\Windows\System32\IPHLPAPI.DLL - ok
05:53:41.0586 6188  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
05:53:41.0586 6188  C:\Windows\System32\lmhsvc.dll - ok
05:53:41.0586 6188  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
05:53:41.0586 6188  C:\Windows\System32\nrpsrv.dll - ok
05:53:41.0602 6188  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
05:53:41.0602 6188  C:\Windows\System32\nsisvc.dll - ok
05:53:41.0602 6188  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
05:53:41.0602 6188  C:\Windows\System32\SndVolSSO.dll - ok
05:53:41.0602 6188  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
05:53:41.0602 6188  C:\Windows\System32\winnsi.dll - ok
05:53:41.0602 6188  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
05:53:41.0602 6188  C:\Windows\System32\dnsext.dll - ok
05:53:41.0602 6188  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
05:53:41.0602 6188  C:\Windows\System32\dnsrslvr.dll - ok
05:53:41.0602 6188  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
05:53:41.0602 6188  C:\Windows\System32\FWPUCLNT.DLL - ok
05:53:41.0602 6188  [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll
05:53:41.0602 6188  C:\Windows\System32\WindowsCodecs.dll - ok
05:53:41.0602 6188  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
05:53:41.0602 6188  C:\Windows\System32\xmllite.dll - ok
05:53:41.0602 6188  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
05:53:41.0602 6188  C:\Windows\System32\dhcpcsvc.dll - ok
05:53:41.0602 6188  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
05:53:41.0602 6188  C:\Windows\System32\dhcpcsvc6.dll - ok


 

Link to post
Share on other sites

part 5:

 

05:53:41.0618 6188  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
05:53:41.0618 6188  C:\Windows\System32\netapi32.dll - ok
05:53:41.0618 6188  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
05:53:41.0618 6188  C:\Windows\System32\netutils.dll - ok
05:53:41.0618 6188  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll

05:53:41.0618 6188  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
05:53:41.0618 6188  C:\Windows\System32\shsvcs.dll - ok
05:53:41.0618 6188  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
05:53:41.0618 6188  C:\Windows\System32\wkscli.dll - ok
05:53:41.0618 6188  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
05:53:41.0618 6188  C:\Windows\System32\ktmw32.dll - ok
05:53:41.0618 6188  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
05:53:41.0618 6188  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
05:53:41.0618 6188  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
05:53:41.0618 6188  C:\Windows\System32\VaultCredProvider.dll - ok
05:53:41.0618 6188  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
05:53:41.0618 6188  C:\Windows\System32\winbrand.dll - ok
05:53:41.0618 6188  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
05:53:41.0618 6188  C:\Windows\System32\BioCredProv.dll - ok
05:53:41.0633 6188  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
05:53:41.0633 6188  C:\Windows\System32\certCredProvider.dll - ok
05:53:41.0633 6188  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
05:53:41.0633 6188  C:\Windows\System32\credui.dll - ok
05:53:41.0633 6188  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
05:53:41.0633 6188  C:\Windows\System32\samcli.dll - ok
05:53:41.0633 6188  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
05:53:41.0633 6188  C:\Windows\System32\vaultcli.dll - ok
05:53:41.0633 6188  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
05:53:41.0633 6188  C:\Windows\System32\winbio.dll - ok
05:53:41.0633 6188  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
05:53:41.0633 6188  C:\Windows\System32\rasapi32.dll - ok
05:53:41.0633 6188  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
05:53:41.0633 6188  C:\Windows\System32\rasman.dll - ok
05:53:41.0633 6188  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
05:53:41.0633 6188  C:\Windows\System32\rasplap.dll - ok
05:53:41.0633 6188  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
05:53:41.0633 6188  C:\Windows\System32\rtutils.dll - ok
05:53:41.0633 6188  [ 2ACBCDEB32167F9F6EABD1E8CEAF440F ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
05:53:41.0633 6188  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
05:53:41.0633 6188  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
05:53:41.0633 6188  C:\Windows\System32\oleacc.dll - ok
05:53:41.0649 6188  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
05:53:41.0649 6188  C:\Windows\System32\UXInit.dll - ok
05:53:41.0649 6188  [ BAE6617CCDCFEE4757D9220633CEA67D ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
05:53:41.0649 6188  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
05:53:41.0649 6188  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
05:53:41.0649 6188  C:\Windows\System32\UIAutomationCore.dll - ok

05:53:41.0649 6188  [ 4BC3E823F26F44B5E32E36F17A29B5E7 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
05:53:41.0649 6188  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
05:53:41.0649 6188  [ 22A39D595529F1D62A0B2BB7A600665E ] C:\Windows\System32\nvsvc64.dll
05:53:41.0649 6188  C:\Windows\System32\nvsvc64.dll - ok
05:53:41.0649 6188  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
05:53:41.0649 6188  C:\Windows\System32\mscms.dll - ok
05:53:41.0649 6188  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
05:53:41.0649 6188  C:\Windows\System32\taskcomp.dll - ok
05:53:41.0649 6188  [ B6B0DB8A5B5F81275AA788363599AA07 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
05:53:41.0649 6188  C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
05:53:41.0649 6188  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
05:53:41.0649 6188  C:\Windows\System32\msimg32.dll - ok
05:53:41.0664 6188  [ 778DDFA8D492FD70FA8D1CBA62E6E7FC ] C:\Windows\System32\nvapi64.dll
05:53:41.0664 6188  C:\Windows\System32\nvapi64.dll - ok
05:53:41.0664 6188  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
05:53:41.0664 6188  C:\Windows\System32\winmm.dll - ok
05:53:41.0664 6188  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
05:53:41.0664 6188  C:\Windows\System32\drivers\http.sys - ok
05:53:41.0664 6188  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
05:53:41.0664 6188  C:\Windows\System32\fveapi.dll - ok
05:53:41.0664 6188  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
05:53:41.0664 6188  C:\Windows\System32\fvecerts.dll - ok
05:53:41.0664 6188  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
05:53:41.0664 6188  C:\Windows\System32\tbs.dll - ok
05:53:41.0664 6188  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
05:53:41.0664 6188  C:\Windows\System32\imageres.dll - ok
05:53:41.0664 6188  [ EFF51F06269379648EC78AC01D3ED0F4 ] C:\Windows\System32\nvsvcr.dll
05:53:41.0664 6188  C:\Windows\System32\nvsvcr.dll - ok
05:53:41.0664 6188  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
05:53:41.0664 6188  C:\Windows\System32\spoolsv.exe - ok
05:53:41.0664 6188  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
05:53:41.0664 6188  C:\Windows\System32\winspool.drv - ok
05:53:41.0664 6188  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
05:53:41.0664 6188  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
05:53:41.0680 6188  [ 3700151700FD216912B1EF92D225A370 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
05:53:41.0680 6188  C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
05:53:41.0680 6188  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
05:53:41.0680 6188  C:\Windows\System32\BFE.DLL - ok
05:53:41.0680 6188  [ BD040ACAC1CE4B3A7FC385B7537054FC ] C:\Windows\System32\nvcpl.dll
05:53:41.0680 6188  C:\Windows\System32\nvcpl.dll - ok
05:53:41.0680 6188  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
05:53:41.0680 6188  C:\Windows\System32\wiarpc.dll - ok
05:53:41.0680 6188  [ 6740320D3471BD0AB1AF800AB144A10A ] C:\Windows\System32\nvumdshimx.dll
05:53:41.0680 6188  C:\Windows\System32\nvumdshimx.dll - ok
05:53:41.0680 6188  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
05:53:41.0680 6188  C:\Windows\System32\drivers\bowser.sys - ok
05:53:41.0680 6188  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
05:53:41.0680 6188  C:\Windows\System32\drivers\mpsdrv.sys - ok
05:53:41.0680 6188  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
05:53:41.0680 6188  C:\Windows\System32\drivers\mrxsmb.sys - ok
05:53:41.0680 6188  [ 28D75ACFBBA985B2A718D59181F0852E ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
05:53:41.0680 6188  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
05:53:41.0680 6188  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
05:53:41.0680 6188  C:\Windows\System32\drivers\mrxsmb10.sys - ok
05:53:41.0696 6188  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
05:53:41.0696 6188  C:\Windows\System32\drivers\mrxsmb20.sys - ok
05:53:41.0696 6188  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
05:53:41.0696 6188  C:\Windows\System32\wkssvc.dll - ok
05:53:41.0696 6188  [ C330710CF95587DCB7806BB6A22CF044 ] C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
05:53:41.0696 6188  C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe - ok
05:53:41.0696 6188  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
05:53:41.0696 6188  C:\Windows\System32\wfapigp.dll - ok
05:53:41.0696 6188  [ E02781D4871844DCD30DF1D69A650F78 ] C:\Windows\SysWOW64\shell32.dll
05:53:41.0696 6188  C:\Windows\SysWOW64\shell32.dll - ok
05:53:41.0696 6188  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
05:53:41.0696 6188  C:\Windows\System32\pcasvc.dll - ok
05:53:41.0696 6188  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
05:53:41.0696 6188  C:\Windows\System32\snmptrap.exe - ok
05:53:41.0696 6188  [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
05:53:41.0696 6188  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
05:53:41.0696 6188  [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
05:53:41.0696 6188  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
05:53:41.0696 6188  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
05:53:41.0696 6188  C:\Windows\System32\PeerDistSh.dll - ok
05:53:41.0711 6188  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
05:53:41.0711 6188  C:\Windows\SysWOW64\shlwapi.dll - ok
05:53:41.0711 6188  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
05:53:41.0711 6188  C:\Windows\System32\provsvc.dll - ok
05:53:41.0711 6188  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
05:53:41.0711 6188  C:\Windows\System32\sstpsvc.dll - ok
05:53:41.0711 6188  [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
05:53:41.0711 6188  C:\Windows\SysWOW64\msvcp60.dll - ok
05:53:41.0711 6188  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
05:53:41.0711 6188  C:\Windows\SysWOW64\profapi.dll - ok
05:53:41.0711 6188  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
05:53:41.0711 6188  C:\Windows\SysWOW64\psapi.dll - ok
05:53:41.0711 6188  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
05:53:41.0711 6188  C:\Windows\SysWOW64\userenv.dll - ok
05:53:41.0711 6188  [ 2FD15E765E209E3DAC193D3D528C4518 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe
05:53:41.0711 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe - ok
05:53:41.0711 6188  [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
05:53:41.0711 6188  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
05:53:41.0711 6188  [ F3EA260D8AB0B7A9B6A7E01A527529E7 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\crux_1_0.dll
05:53:41.0711 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\crux_1_0.dll - ok
05:53:41.0727 6188  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
05:53:41.0727 6188  C:\Windows\System32\dllhost.exe - ok
05:53:41.0727 6188  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
05:53:41.0727 6188  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
05:53:41.0727 6188  [ EAE7BA27BBD8CC4E0319F29777A23EC2 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe
05:53:41.0727 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe - ok
05:53:41.0727 6188  [ 85D7A84CEB2FE58F5BE6B6E5F9041BE2 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafserv.dll
05:53:41.0727 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafserv.dll - ok
05:53:41.0727 6188  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
05:53:41.0727 6188  C:\Windows\System32\IDStore.dll - ok

05:53:41.0727 6188  [ 94FE8DB09B3DD31AAA25A186EC086473 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\arclib.dll
05:53:41.0727 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\arclib.dll - ok
05:53:41.0727 6188  [ 8E7265421B80D8597BBA3F3B9E6DD314 ] C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe
05:53:41.0727 6188  C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe - ok
05:53:41.0727 6188  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
05:53:41.0727 6188  C:\Windows\System32\taskeng.exe - ok
05:53:41.0727 6188  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
05:53:41.0727 6188  C:\Windows\System32\taskhost.exe - ok
05:53:41.0742 6188  [ EFF90335023437DA22EC310B7F1CAF35 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\MalwareAPI.dll
05:53:41.0742 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\MalwareAPI.dll - ok
05:53:41.0742 6188  [ 6F778CA7BF8D9A37B005CCDF487992ED ] C:\Program Files\Total Defense\Internet Security Suite\log4cplusU.dll
05:53:41.0742 6188  C:\Program Files\Total Defense\Internet Security Suite\log4cplusU.dll - ok
05:53:41.0742 6188  [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
05:53:41.0742 6188  C:\Windows\System32\pdh.dll - ok
05:53:41.0742 6188  [ 59823D302288EEA778646C8CF963ADDD ] C:\Program Files\Total Defense\Internet Security Suite\ccscheduler.dll
05:53:41.0742 6188  C:\Program Files\Total Defense\Internet Security Suite\ccscheduler.dll - ok
05:53:41.0742 6188  [ 6B400F211BEE880A37A1ED0368776BF4 ] C:\Windows\System32\cryptsvc.dll
05:53:41.0742 6188  C:\Windows\System32\cryptsvc.dll - ok
05:53:41.0742 6188  [ 2617E19EC0DE5F90FF1EE4D4F735E5D4 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\vete.dll
05:53:41.0742 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\vete.dll - ok
05:53:41.0742 6188  [ A6B726DCA228F7878E38368A1BDC68BE ] C:\Windows\System32\cryptnet.dll
05:53:41.0742 6188  C:\Windows\System32\cryptnet.dll - ok
05:53:41.0742 6188  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
05:53:41.0742 6188  C:\Windows\System32\dps.dll - ok
05:53:41.0742 6188  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
05:53:41.0742 6188  C:\Windows\System32\fdPHost.dll - ok
05:53:41.0742 6188  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
05:53:41.0742 6188  C:\Windows\System32\vssapi.dll - ok
05:53:41.0758 6188  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
05:53:41.0758 6188  C:\Windows\SysWOW64\clbcatq.dll - ok
05:53:41.0758 6188  [ 3E43F0C5456ECA8A3F083804FAD1C405 ] C:\Windows\SysWOW64\CtHdaSvc.exe
05:53:41.0758 6188  C:\Windows\SysWOW64\CtHdaSvc.exe - ok
05:53:41.0758 6188  [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
05:53:41.0758 6188  C:\Windows\System32\fdWSD.dll - ok
05:53:41.0758 6188  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
05:53:41.0758 6188  C:\Windows\System32\mlang.dll - ok
05:53:41.0758 6188  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
05:53:41.0758 6188  C:\Windows\System32\vsstrace.dll - ok
05:53:41.0758 6188  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
05:53:41.0758 6188  C:\Windows\System32\webservices.dll - ok





 
Link to post
Share on other sites

part 6:

05:53:41.0758 6188 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll

05:53:41.0758 6188 C:\Windows\System32\WSDApi.dll - ok

05:53:41.0758 6188 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll

05:53:41.0758 6188 C:\Windows\SysWOW64\MMDevAPI.dll - ok

05:53:41.0758 6188 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll

05:53:41.0758 6188 C:\Windows\SysWOW64\propsys.dll - ok

05:53:41.0758 6188 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll

05:53:41.0758 6188 C:\Windows\System32\FDResPub.dll - ok

05:53:41.0774 6188 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL

05:53:41.0774 6188 C:\Windows\System32\IKEEXT.DLL - ok

05:53:41.0774 6188 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll

05:53:41.0774 6188 C:\Windows\System32\winhttp.dll - ok

05:53:41.0774 6188 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll

05:53:41.0774 6188 C:\Windows\SysWOW64\AudioSes.dll - ok

05:53:41.0774 6188 [ 0043EC20C06FD9FE339B5D37474B731E ] C:\Program Files\Intel\iCLS Client\HeciServer.exe

05:53:41.0774 6188 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok

05:53:41.0774 6188 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll

05:53:41.0774 6188 C:\Windows\System32\fdSSDP.dll - ok

05:53:41.0774 6188 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll

05:53:41.0774 6188 C:\Windows\System32\fundisc.dll - ok

05:53:41.0774 6188 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll

05:53:41.0774 6188 C:\Windows\System32\ssdpapi.dll - ok

05:53:41.0774 6188 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll

05:53:41.0774 6188 C:\Windows\System32\webio.dll - ok

05:53:41.0774 6188 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll

05:53:41.0774 6188 C:\Windows\System32\rasadhlp.dll - ok

05:53:41.0774 6188 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll

05:53:41.0774 6188 C:\Windows\System32\vpnikeapi.dll - ok

05:53:41.0774 6188 [ 82AB1C7D22490FDC93A4BE62E7F49E90 ] C:\Windows\SysWOW64\CtHdaCtl.dll

05:53:41.0789 6188 C:\Windows\SysWOW64\CtHdaCtl.dll - ok

05:53:41.0789 6188 [ EA83415296F905D11651B9AF26FB7EBD ] C:\Windows\System32\IPROSetMonitor.exe

05:53:41.0789 6188 C:\Windows\System32\IPROSetMonitor.exe - ok

05:53:41.0789 6188 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll

05:53:41.0789 6188 C:\Windows\System32\localspl.dll - ok

05:53:41.0789 6188 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll

05:53:41.0789 6188 C:\Windows\System32\msvcp100.dll - ok

05:53:41.0789 6188 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll

05:53:41.0789 6188 C:\Windows\System32\umb.dll - ok

05:53:41.0789 6188 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll

05:53:41.0789 6188 C:\Windows\System32\FXSMON.dll - ok

05:53:41.0789 6188 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll

05:53:41.0789 6188 C:\Windows\System32\msvcr100.dll - ok

05:53:41.0789 6188 [ FFA37D9FDE8B8E41C59CDDC94E1E0600 ] C:\Windows\System32\pdfc_port.dll

05:53:41.0789 6188 C:\Windows\System32\pdfc_port.dll - ok

05:53:41.0789 6188 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll

05:53:41.0789 6188 C:\Windows\System32\PrintIsolationProxy.dll - ok

05:53:41.0789 6188 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll

05:53:41.0789 6188 C:\Windows\System32\spoolss.dll - ok

05:53:41.0789 6188 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll

05:53:41.0789 6188 C:\Windows\System32\TSChannel.dll - ok

05:53:41.0805 6188 [ 45D8B085E2F2B52820B2136B8C2A74B7 ] C:\Program Files\Malwarebytes Anti-Exploit\mbae-loader.exe

05:53:41.0805 6188 C:\Program Files\Malwarebytes Anti-Exploit\mbae-loader.exe - ok

05:53:41.0805 6188 [ BF95EA5809E3BBF55370F7CB309FEBD0 ] C:\Windows\System32\conhost.exe

05:53:41.0805 6188 C:\Windows\System32\conhost.exe - ok

05:53:41.0805 6188 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll

05:53:41.0805 6188 C:\Windows\System32\msxml6.dll - ok

05:53:41.0805 6188 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll

05:53:41.0805 6188 C:\Windows\System32\snmpapi.dll - ok

05:53:41.0805 6188 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll

05:53:41.0805 6188 C:\Windows\System32\tcpmon.dll - ok

05:53:41.0805 6188 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll

05:53:41.0805 6188 C:\Windows\System32\wsnmp32.dll - ok

05:53:41.0805 6188 [ 2A51697D0F14970843F3A4189E49B695 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

05:53:41.0805 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe - ok

05:53:41.0805 6188 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll

05:53:41.0805 6188 C:\Windows\System32\fdPnp.dll - ok

05:53:41.0805 6188 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll

05:53:41.0805 6188 C:\Windows\System32\usbmon.dll - ok

05:53:41.0805 6188 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll

05:53:41.0805 6188 C:\Windows\System32\WSDMon.dll - ok

05:53:41.0820 6188 [ 2896919A9E5A4DC267A2D916F75D2346 ] C:\Windows\System32\drivers\KmxCF.sys

05:53:41.0820 6188 C:\Windows\System32\drivers\KmxCF.sys - ok

05:53:41.0820 6188 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll

05:53:41.0820 6188 C:\Windows\System32\inetpp.dll - ok

05:53:41.0820 6188 [ ACB4573209FC9F335E242017C3064E5C ] C:\Windows\System32\msvcr100d.dll

05:53:41.0820 6188 C:\Windows\System32\msvcr100d.dll - ok

05:53:41.0820 6188 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll

05:53:41.0820 6188 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok

05:53:41.0820 6188 [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll

05:53:41.0820 6188 C:\Windows\System32\win32spl.dll - ok

05:53:41.0820 6188 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll

05:53:41.0820 6188 C:\Windows\SysWOW64\msvcp100.dll - ok

05:53:41.0820 6188 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll

05:53:41.0820 6188 C:\Windows\SysWOW64\msvcr100.dll - ok

05:53:41.0820 6188 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll

05:53:41.0820 6188 C:\Windows\SysWOW64\nsi.dll - ok

05:53:41.0820 6188 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll

05:53:41.0820 6188 C:\Windows\SysWOW64\ws2_32.dll - ok

05:53:41.0820 6188 [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

05:53:41.0820 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok

05:53:41.0836 6188 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll

05:53:41.0836 6188 C:\Windows\System32\cscapi.dll - ok

05:53:41.0836 6188 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll

05:53:41.0836 6188 C:\Windows\System32\nlasvc.dll - ok

05:53:41.0836 6188 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll

05:53:41.0836 6188 C:\Windows\SysWOW64\dnsapi.dll - ok

05:53:41.0836 6188 [ E94C583CDE2348950155F2AF2876F34D ] C:\Windows\SysWOW64\mswsock.dll

05:53:41.0836 6188 C:\Windows\SysWOW64\mswsock.dll - ok

05:53:41.0836 6188 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll

05:53:41.0836 6188 C:\Windows\SysWOW64\wship6.dll - ok

05:53:41.0836 6188 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

05:53:41.0836 6188 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

05:53:41.0836 6188 [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll

05:53:41.0836 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok

05:53:41.0836 6188 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll

05:53:41.0836 6188 C:\Windows\System32\NapiNSP.dll - ok

05:53:41.0836 6188 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll

05:53:41.0836 6188 C:\Windows\System32\pnrpnsp.dll - ok

05:53:41.0836 6188 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL

05:53:41.0836 6188 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

05:53:41.0852 6188 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

05:53:41.0852 6188 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

05:53:41.0852 6188 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll

05:53:41.0852 6188 C:\Windows\SysWOW64\rasadhlp.dll - ok

05:53:41.0852 6188 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll

05:53:41.0852 6188 C:\Windows\SysWOW64\winnsi.dll - ok

05:53:41.0852 6188 [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll

05:53:41.0852 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok

05:53:41.0852 6188 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll

05:53:41.0852 6188 C:\Windows\SysWOW64\wtsapi32.dll - ok

05:53:41.0852 6188 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

05:53:41.0852 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok

05:53:41.0852 6188 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll

05:53:41.0852 6188 C:\Windows\System32\httpapi.dll - ok

05:53:41.0852 6188 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll

05:53:41.0852 6188 C:\Windows\SysWOW64\cryptsp.dll - ok

05:53:41.0852 6188 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll

05:53:41.0852 6188 C:\Windows\SysWOW64\rsaenh.dll - ok

05:53:41.0852 6188 [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll

05:53:41.0852 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok

05:53:41.0867 6188 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll

05:53:41.0867 6188 C:\Windows\SysWOW64\mpr.dll - ok

05:53:41.0867 6188 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll

05:53:41.0867 6188 C:\Windows\System32\aepic.dll - ok

05:53:41.0867 6188 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll

05:53:41.0867 6188 C:\Windows\System32\ncsi.dll - ok

05:53:41.0867 6188 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll

05:53:41.0867 6188 C:\Windows\System32\sfc.dll - ok

05:53:41.0867 6188 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll

05:53:41.0867 6188 C:\Windows\System32\sfc_os.dll - ok

05:53:41.0867 6188 [ 1D90C1413A803DD08E7D3B6A50C1135A ] C:\Program Files (x86)\PDF Complete\pdfsvc.exe

05:53:41.0867 6188 C:\Program Files (x86)\PDF Complete\pdfsvc.exe - ok

05:53:41.0867 6188 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll

05:53:41.0867 6188 C:\Windows\System32\MsCtfMonitor.dll - ok

05:53:41.0867 6188 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll

05:53:41.0867 6188 C:\Windows\System32\msutb.dll - ok

05:53:41.0867 6188 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe

05:53:41.0867 6188 C:\Windows\System32\AtBroker.exe - ok

05:53:41.0867 6188 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll

Link to post
Share on other sites

part 7:

05:53:41.0867 6188 C:\Windows\System32\mpr.dll - ok

05:53:41.0883 6188 [ E4FEB264B47360B7296AEA4E052F88D8 ] C:\Windows\SysWOW64\wininet.dll

05:53:41.0883 6188 C:\Windows\SysWOW64\wininet.dll - ok

05:53:41.0883 6188 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll

05:53:41.0883 6188 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok

05:53:41.0883 6188 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe

05:53:41.0883 6188 C:\Windows\System32\userinit.exe - ok

05:53:41.0883 6188 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok

05:53:41.0883 6188 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok

05:53:41.0883 6188 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok

05:53:41.0883 6188 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok

05:53:41.0883 6188 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok

05:53:41.0883 6188 [ 122B216B091D06F672CC8D331128FB06 ] C:\Windows\SysWOW64\iertutil.dll

05:53:41.0883 6188 C:\Windows\SysWOW64\iertutil.dll - ok

05:53:41.0883 6188 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe

05:53:41.0883 6188 C:\Windows\System32\dwm.exe - ok

05:53:41.0898 6188 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll

05:53:41.0898 6188 C:\Windows\System32\dwmcore.dll - ok

05:53:41.0898 6188 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll

05:53:41.0898 6188 C:\Windows\System32\dwmredir.dll - ok

05:53:41.0898 6188 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll

05:53:41.0898 6188 C:\Windows\System32\d3d10_1.dll - ok

05:53:41.0898 6188 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll

05:53:41.0898 6188 C:\Windows\System32\d3d10_1core.dll - ok

05:53:41.0898 6188 [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll

05:53:41.0898 6188 C:\Windows\System32\d3d11.dll - ok

05:53:41.0898 6188 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll

05:53:41.0898 6188 C:\Windows\System32\dxgi.dll - ok

05:53:41.0898 6188 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

05:53:41.0898 6188 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok

05:53:41.0898 6188 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll

05:53:41.0898 6188 C:\Windows\System32\esent.dll - ok

05:53:41.0898 6188 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll

05:53:41.0898 6188 C:\Windows\System32\HotStartUserAgent.dll - ok

05:53:41.0898 6188 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll

05:53:41.0898 6188 C:\Windows\System32\PlaySndSrv.dll - ok

05:53:41.0914 6188 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe

05:53:41.0914 6188 C:\Windows\explorer.exe - ok

05:53:41.0914 6188 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys

05:53:41.0914 6188 C:\Windows\System32\drivers\PEAuth.sys - ok

05:53:41.0914 6188 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys

05:53:41.0914 6188 C:\Windows\System32\drivers\secdrv.sys - ok

05:53:41.0914 6188 [ DD02E503195A46CDA30382DA7D053DF8 ] C:\Windows\System32\nvwgf2umx.dll

05:53:41.0914 6188 C:\Windows\System32\nvwgf2umx.dll - ok

05:53:41.0914 6188 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys

05:53:41.0914 6188 C:\Windows\System32\drivers\srvnet.sys - ok

05:53:41.0914 6188 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys

05:53:41.0914 6188 C:\Windows\System32\drivers\tcpipreg.sys - ok

05:53:41.0914 6188 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll

05:53:41.0914 6188 C:\Windows\System32\ExplorerFrame.dll - ok

05:53:41.0914 6188 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll

05:53:41.0914 6188 C:\Windows\System32\sysmain.dll - ok

05:53:41.0914 6188 [ AF950F62E5FC72FFDB7363F72600B21C ] C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe

05:53:41.0914 6188 C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe - ok

05:53:41.0914 6188 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll

05:53:41.0914 6188 C:\Windows\System32\trkwks.dll - ok

05:53:41.0930 6188 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll

05:53:41.0930 6188 C:\Windows\SysWOW64\winsta.dll - ok

05:53:41.0930 6188 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll

05:53:41.0930 6188 C:\Windows\System32\shfolder.dll - ok

05:53:41.0930 6188 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll

05:53:41.0930 6188 C:\Windows\SysWOW64\apphelp.dll - ok

05:53:41.0930 6188 [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

05:53:41.0930 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok

05:53:41.0930 6188 [ FD337E6B84FB6081D349DCDABF49BBB3 ] C:\Program Files\CA\SharedComponents\TMEngine\UmxCfg.dll

05:53:41.0930 6188 C:\Program Files\CA\SharedComponents\TMEngine\UmxCfg.dll - ok

05:53:41.0930 6188 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

05:53:41.0930 6188 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

05:53:41.0930 6188 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll

05:53:41.0930 6188 C:\Windows\System32\cscui.dll - ok

05:53:41.0930 6188 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll

05:53:41.0930 6188 C:\Windows\System32\EhStorShell.dll - ok

05:53:41.0930 6188 [ 8ED76FD8DAFFEAE18F602CDBBC2D73E5 ] C:\Program Files\CA\SharedComponents\TMEngine\UmxAgent.dll

05:53:41.0930 6188 C:\Program Files\CA\SharedComponents\TMEngine\UmxAgent.dll - ok

05:53:41.0930 6188 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll

05:53:41.0930 6188 C:\Windows\System32\cscdll.dll - ok

05:53:41.0945 6188 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll

05:53:41.0945 6188 C:\Windows\System32\ntshrui.dll - ok

05:53:41.0945 6188 [ 704F3E32D64E2AA147E17E2A0E21AE9F ] C:\Program Files\CA\SharedComponents\TMEngine\TmRtl.dll

05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\TmRtl.dll - ok

05:53:41.0945 6188 [ 385675AB2FC1940B05E12285B52141E9 ] C:\Program Files\CA\SharedComponents\TMEngine\UmxFwHlp.dll

05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\UmxFwHlp.dll - ok

05:53:41.0945 6188 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll

05:53:41.0945 6188 C:\Windows\System32\IconCodecService.dll - ok

05:53:41.0945 6188 [ EEEFBE582346EBFA087D987D759C15A5 ] C:\Program Files\CA\SharedComponents\TMEngine\TmEngine.dll

05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\TmEngine.dll - ok

05:53:41.0945 6188 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll

05:53:41.0945 6188 C:\Windows\SysWOW64\uxtheme.dll - ok

05:53:41.0945 6188 [ B2BDD8D41FCAECDD7A58D32A42EB0E74 ] C:\Program Files\CA\SharedComponents\TMEngine\AmrtSettings.dll

05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\AmrtSettings.dll - ok

05:53:41.0945 6188 [ 4495E679408426E3CB28135F39BAFE13 ] C:\Program Files\CA\SharedComponents\TMEngine\PathExpander.dll

05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\PathExpander.dll - ok

05:53:41.0945 6188 [ F5CC2B37668026E815D30D1BBEC74BB1 ] C:\Program Files\CA\SharedComponents\TMEngine\KnownApps.dll

05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\KnownApps.dll - ok

05:53:41.0945 6188 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll

05:53:41.0945 6188 C:\Windows\System32\msxml3.dll - ok

05:53:41.0961 6188 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll

05:53:41.0961 6188 C:\Windows\System32\wbem\WMIsvc.dll - ok

05:53:41.0961 6188 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll

05:53:41.0961 6188 C:\Windows\System32\wbemcomn.dll - ok

05:53:41.0961 6188 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll

05:53:41.0961 6188 C:\Windows\System32\wlanapi.dll - ok

05:53:41.0961 6188 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll

05:53:41.0961 6188 C:\Windows\System32\wlanutil.dll - ok

05:53:41.0961 6188 [ 78DB15E30154E093996C7EE84525514B ] C:\Windows\SysWOW64\cfgmig32.exe

05:53:41.0961 6188 C:\Windows\SysWOW64\cfgmig32.exe - ok

05:53:41.0961 6188 [ C91A45F02A5FE7D07B901FAFA44B6FB0 ] C:\Program Files\CA\SharedComponents\TMEngine\WindowsUserIdentity.dll

05:53:41.0961 6188 C:\Program Files\CA\SharedComponents\TMEngine\WindowsUserIdentity.dll - ok

05:53:41.0961 6188 [ 1888A9652A08437F58D9E2C279DC7FBC ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\Flipster.dll

05:53:41.0961 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\Flipster.dll - ok

05:53:41.0961 6188 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys

05:53:41.0961 6188 C:\Windows\System32\drivers\srv2.sys - ok

05:53:41.0961 6188 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll

05:53:41.0961 6188 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

05:53:41.0976 6188 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll

05:53:41.0976 6188 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

05:53:41.0976 6188 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll

05:53:41.0976 6188 C:\Windows\System32\iphlpsvc.dll - ok

05:53:41.0976 6188 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys

05:53:41.0976 6188 C:\Windows\System32\drivers\srv.sys - ok

05:53:41.0976 6188 [ 100EEF7401288674360E81D13B775344 ] C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe

05:53:41.0976 6188 C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe - ok

05:53:41.0976 6188 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll

05:53:41.0976 6188 C:\Windows\System32\winrnr.dll - ok

05:53:41.0976 6188 [ 5E8B539BFA882DFE03DC517755AFB890 ] C:\Program Files\Total Defense\Internet Security Suite\ccevtmgr.exe

05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\ccevtmgr.exe - ok

05:53:41.0976 6188 [ 33306E3F46AE8BFB8FC4DA9FAAEBA9E6 ] C:\Program Files\Total Defense\Internet Security Suite\ccguifrm.dll

05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\ccguifrm.dll - ok

05:53:41.0976 6188 [ 8CA6F2D0300F3E77CE59E0B411D3A976 ] C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrmImages.dll

05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrmImages.dll - ok

05:53:41.0976 6188 [ D8E28F8C01ACD0532EAF04ABEAAE699A ] C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrmres.dll

05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrmres.dll - ok

05:53:41.0976 6188 [ 228A37A43950235174F739C32B472423 ] C:\Program Files\Total Defense\Internet Security Suite\brand.dll

05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\brand.dll - ok

05:53:41.0992 6188 [ AD4C28A037CB5A1B95464164E2B9457A ] C:\Program Files\Total Defense\Internet Security Suite\ccissres.dll

05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\ccissres.dll - ok

05:53:41.0992 6188 [ EDBCD6880C18435B9469E6FDB04A6ABF ] C:\Program Files\Total Defense\Internet Security Suite\issresource.dll

05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\issresource.dll - ok

05:53:41.0992 6188 [ 72E4A06F4BE5DA78277F22B3F7AD0EEA ] C:\Program Files\Total Defense\Internet Security Suite\ccguifrmres.dll

05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\ccguifrmres.dll - ok

05:53:41.0992 6188 [ BF70155DF7F102AA46203042F3613896 ] C:\Program Files\Total Defense\Internet Security Suite\Personal Firewall\casansecurity.dll

05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\Personal Firewall\casansecurity.dll - ok

Link to post
Share on other sites

part 8:

 

05:53:41.0992 6188  [ 2F22B0F9A7FF5C5D6511CC19A9561672 ] C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrm.dll
05:53:41.0992 6188  C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrm.dll - ok
05:53:41.0992 6188  [ CCDB8FDC289AA9AFA5F8827A2ADB21AD ] C:\Windows\System32\ieframe.dll
05:53:41.0992 6188  C:\Windows\System32\ieframe.dll - ok
05:53:41.0992 6188  [ D664B6A7298014089F9F0C9B28158C14 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
05:53:41.0992 6188  C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
05:53:41.0992 6188  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
05:53:41.0992 6188  C:\Windows\System32\sqmapi.dll - ok
05:53:41.0992 6188  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
05:53:41.0992 6188  C:\Windows\System32\wbem\fastprox.dll - ok
05:53:42.0008 6188  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
05:53:42.0008 6188  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
05:53:42.0008 6188  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
05:53:42.0008 6188  C:\Windows\System32\aeevts.dll - ok
05:53:42.0008 6188  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
05:53:42.0008 6188  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
05:53:42.0008 6188  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
05:53:42.0008 6188  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
05:53:42.0008 6188  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
05:53:42.0008 6188  C:\Windows\System32\ntdsapi.dll - ok
05:53:42.0008 6188  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
05:53:42.0008 6188  C:\Windows\System32\srvsvc.dll - ok
05:53:42.0008 6188  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
05:53:42.0008 6188  C:\Windows\System32\wbem\wbemprox.dll - ok
05:53:42.0008 6188  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
05:53:42.0008 6188  C:\Windows\System32\wdscore.dll - ok
05:53:42.0008 6188  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
05:53:42.0008 6188  C:\Windows\System32\browser.dll - ok
05:53:42.0008 6188  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
05:53:42.0008 6188  C:\Windows\System32\netmsg.dll - ok
05:53:42.0023 6188  [ ED5DCBD7B658D12EA45F9C4E81953B97 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
05:53:42.0023 6188  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
05:53:42.0023 6188  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
05:53:42.0023 6188  C:\Windows\System32\clusapi.dll - ok
05:53:42.0023 6188  [ F026C6F104758D0EB215B017016FAE27 ] C:\Windows\System32\mshtml.dll
05:53:42.0023 6188  C:\Windows\System32\mshtml.dll - ok
05:53:42.0023 6188  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
05:53:42.0023 6188  C:\Windows\System32\resutils.dll - ok
05:53:42.0023 6188  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
05:53:42.0023 6188  C:\Windows\System32\sscore.dll - ok
05:53:42.0023 6188  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
05:53:42.0023 6188  C:\Windows\System32\wbem\wbemcore.dll - ok
05:53:42.0023 6188  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
05:53:42.0023 6188  C:\Windows\SysWOW64\netapi32.dll - ok
05:53:42.0023 6188  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
05:53:42.0023 6188  C:\Windows\SysWOW64\netutils.dll - ok
05:53:42.0023 6188  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
05:53:42.0023 6188  C:\Windows\System32\wbem\esscli.dll - ok
05:53:42.0023 6188  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
05:53:42.0023 6188  C:\Windows\SysWOW64\srvcli.dll - ok
05:53:42.0039 6188  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
05:53:42.0039 6188  C:\Windows\SysWOW64\wkscli.dll - ok
05:53:42.0039 6188  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
05:53:42.0039 6188  C:\Windows\System32\wbem\wbemsvc.dll - ok
05:53:42.0039 6188  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
05:53:42.0039 6188  C:\Windows\System32\wbem\wmiutils.dll - ok
05:53:42.0039 6188  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
05:53:42.0039 6188  C:\Windows\System32\wbem\repdrvfs.dll - ok
05:53:42.0039 6188  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
05:53:42.0039 6188  C:\Windows\System32\ncobjapi.dll - ok
05:53:42.0039 6188  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
05:53:42.0039 6188  C:\Windows\System32\wbem\wbemess.dll - ok
05:53:42.0039 6188  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
05:53:42.0039 6188  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
05:53:42.0039 6188  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
05:53:42.0039 6188  C:\Windows\System32\wbem\WinMgmtR.dll - ok
05:53:42.0039 6188  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
05:53:42.0039 6188  C:\Windows\System32\wbem\NCProv.dll - ok
05:53:42.0039 6188  [ 161EFB45DE0744802FBE88F50B57EB86 ] C:\Program Files\Internet Explorer\sqmapi.dll
05:53:42.0039 6188  C:\Program Files\Internet Explorer\sqmapi.dll - ok
05:53:42.0054 6188  [ 631325E7D627345B4056C485BA6B7387 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caambl.dll
05:53:42.0054 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caambl.dll - ok
05:53:42.0054 6188  [ 5F3AE297058F8B80862A13FD2CFD09C5 ] C:\Program Files\Total Defense\Internet Security Suite\scx86\Backup and Migration\DNABonesProxy.dll
05:53:42.0054 6188  C:\Program Files\Total Defense\Internet Security Suite\scx86\Backup and Migration\DNABonesProxy.dll - ok
05:53:42.0054 6188  [ 52E9D5B2322A8107FF5651B93D71E75B ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\QOEHook.dll
05:53:42.0054 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\QOEHook.dll - ok
05:53:42.0054 6188  [ 6B1F4B53A8E692F537184395299EAA8B ] C:\Program Files\Total Defense\Internet Security Suite\cckasubmit.dll
05:53:42.0054 6188  C:\Program Files\Total Defense\Internet Security Suite\cckasubmit.dll - ok
05:53:42.0054 6188  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
05:53:42.0054 6188  C:\Windows\System32\qmgr.dll - ok
05:53:42.0054 6188  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
05:53:42.0054 6188  C:\Windows\System32\wdi.dll - ok
05:53:42.0054 6188  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
05:53:42.0054 6188  C:\Windows\System32\wpdbusenum.dll - ok
05:53:42.0054 6188  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
05:53:42.0054 6188  C:\Windows\System32\Apphlpdm.dll - ok
05:53:42.0054 6188  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
05:53:42.0054 6188  C:\Windows\System32\appinfo.dll - ok
05:53:42.0054 6188  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
05:53:42.0054 6188  C:\Windows\System32\bitsigd.dll - ok
05:53:42.0070 6188  [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
05:53:42.0070 6188  C:\Windows\System32\bitsperf.dll - ok
05:53:42.0070 6188  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
05:53:42.0070 6188  C:\Windows\System32\diagperf.dll - ok
05:53:42.0070 6188  [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
05:53:42.0070 6188  C:\Windows\System32\msimtf.dll - ok
05:53:42.0070 6188  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
05:53:42.0070 6188  C:\Windows\System32\perftrack.dll - ok
05:53:42.0070 6188  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
05:53:42.0070 6188  C:\Windows\System32\wer.dll - ok
05:53:42.0070 6188  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
05:53:42.0070 6188  C:\Windows\System32\pnpts.dll - ok
05:53:42.0070 6188  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
05:53:42.0070 6188  C:\Windows\System32\PortableDeviceApi.dll - ok
05:53:42.0070 6188  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
05:53:42.0070 6188  C:\Windows\System32\radardt.dll - ok
05:53:42.0070 6188  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
05:53:42.0070 6188  C:\Windows\System32\upnp.dll - ok
05:53:42.0070 6188  [ D383602755758FA81166B0FD8AFE6D40 ] C:\Windows\System32\jscript9.dll
05:53:42.0070 6188  C:\Windows\System32\jscript9.dll - ok
05:53:42.0070 6188  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
05:53:42.0070 6188  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
05:53:42.0086 6188  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
05:53:42.0086 6188  C:\Windows\System32\ssdpsrv.dll - ok
05:53:42.0086 6188  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
05:53:42.0086 6188  C:\Windows\System32\wdiasqmmodule.dll - ok
05:53:42.0086 6188  [ 7E8A672B7B06A6EB11960C22E0360C59 ] C:\Windows\System32\d2d1.dll
05:53:42.0086 6188  C:\Windows\System32\d2d1.dll - ok
05:53:42.0086 6188  [ 63BB89DED1E9104E68D33E54DE4D340D ] C:\Windows\System32\DWrite.dll
05:53:42.0086 6188  C:\Windows\System32\DWrite.dll - ok
05:53:42.0086 6188  [ C498EF41B93986BCBD483597573EB96D ] C:\Windows\System32\d3d10warp.dll
05:53:42.0086 6188  C:\Windows\System32\d3d10warp.dll - ok
05:53:42.0086 6188  [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
05:53:42.0086 6188  C:\Windows\System32\msls31.dll - ok
05:53:42.0086 6188  [ F62C8E6A4DF87F4C309FF2CE6A18C0F7 ] C:\Program Files\Total Defense\Internet Security Suite\ccpriv.dll
05:53:42.0086 6188  C:\Program Files\Total Defense\Internet Security Suite\ccpriv.dll - ok
05:53:42.0086 6188  [ 5C850E5BCCAD657CD0C62FACC49D8F9B ] C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll
05:53:42.0086 6188  C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll - ok
05:53:42.0086 6188  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
05:53:42.0086 6188  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
05:53:42.0101 6188  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
05:53:42.0101 6188  C:\Windows\System32\wbem\cimwin32.dll - ok
05:53:42.0101 6188  [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
05:53:42.0101 6188  C:\Windows\System32\qmgrprxy.dll - ok
05:53:42.0101 6188  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
05:53:42.0101 6188  C:\Windows\System32\runonce.exe - ok
05:53:42.0101 6188  [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
05:53:42.0101 6188  C:\Windows\SysWOW64\qmgrprxy.dll - ok
05:53:42.0101 6188  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
05:53:42.0101 6188  C:\Windows\System32\framedynos.dll - ok
05:53:42.0101 6188  [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
05:53:42.0101 6188  C:\Windows\System32\wmi.dll - ok
05:53:42.0101 6188  [ 6519CF910F7CD2BC629E8E7237F4617D ] C:\Program Files\Total Defense\Internet Security Suite\ccipc.dll
05:53:42.0101 6188  C:\Program Files\Total Defense\Internet Security Suite\ccipc.dll - ok
05:53:42.0101 6188  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
05:53:42.0101 6188  C:\Windows\SysWOW64\runonce.exe - ok
05:53:42.0101 6188  [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
05:53:42.0101 6188  C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
05:53:42.0101 6188  [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
05:53:42.0101 6188  C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
05:53:42.0117 6188  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
05:53:42.0117 6188  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok


 

Link to post
Share on other sites

part 9:

 

05:53:42.0117 6188  [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
05:53:42.0117 6188  C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
05:53:42.0117 6188  [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
05:53:42.0117 6188  C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
05:53:42.0117 6188  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
05:53:42.0117 6188  C:\Windows\SysWOW64\msimg32.dll - ok
05:53:42.0117 6188  [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
05:53:42.0117 6188  C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
05:53:42.0117 6188  [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
05:53:42.0117 6188  C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
05:53:42.0117 6188  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
05:53:42.0117 6188  C:\Windows\SysWOW64\msxml3.dll - ok
05:53:42.0117 6188  [ 61DC3F2BE3093FE22CD717260946D7AD ] C:\Windows\SysWOW64\urlmon.dll
05:53:42.0117 6188  C:\Windows\SysWOW64\urlmon.dll - ok
05:53:42.0117 6188  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
05:53:42.0117 6188  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
05:53:42.0117 6188  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
05:53:42.0117 6188  C:\Windows\System32\netman.dll - ok
05:53:42.0132 6188  [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
05:53:42.0132 6188  C:\Windows\SysWOW64\netshell.dll - ok
05:53:42.0132 6188  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
05:53:42.0132 6188  C:\Windows\System32\netshell.dll - ok
05:53:42.0132 6188  [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
05:53:42.0132 6188  C:\Windows\SysWOW64\secur32.dll - ok
05:53:42.0132 6188  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
05:53:42.0132 6188  C:\Windows\SysWOW64\nlaapi.dll - ok
05:53:42.0132 6188  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
05:53:42.0132 6188  C:\Windows\SysWOW64\cmd.exe - ok
05:53:42.0132 6188  [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
05:53:42.0132 6188  C:\Windows\SysWOW64\rasdlg.dll - ok
05:53:42.0132 6188  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
05:53:42.0132 6188  C:\Windows\System32\rasdlg.dll - ok
05:53:42.0132 6188  [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
05:53:42.0132 6188  C:\Windows\SysWOW64\mprapi.dll - ok
05:53:42.0132 6188  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
05:53:42.0132 6188  C:\Windows\System32\mprapi.dll - ok
05:53:42.0132 6188  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
05:53:42.0132 6188  C:\Windows\SysWOW64\rasapi32.dll - ok
05:53:42.0148 6188  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
05:53:42.0148 6188  C:\Windows\SysWOW64\rasman.dll - ok
05:53:42.0148 6188  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
05:53:42.0148 6188  C:\Windows\SysWOW64\rtutils.dll - ok
05:53:42.0148 6188  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
05:53:42.0148 6188  C:\Windows\SysWOW64\dsrole.dll - ok
05:53:42.0148 6188  [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
05:53:42.0148 6188  C:\Windows\SysWOW64\svchost.exe - ok
05:53:42.0148 6188  [ 812A161FC470FA832C3F0CC3D7ACA2F9 ] C:\Windows\SysWOW64\apisetschema.dll
05:53:42.0148 6188  C:\Windows\SysWOW64\apisetschema.dll - ok
05:53:42.0148 6188  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
05:53:42.0148 6188  C:\Windows\System32\IPSECSVC.DLL - ok
05:53:42.0148 6188  [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
05:53:42.0148 6188  C:\Windows\SysWOW64\authz.dll - ok
05:53:42.0148 6188  [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
05:53:42.0148 6188  C:\Windows\SysWOW64\FirewallAPI.dll - ok
05:53:42.0148 6188  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
05:53:42.0148 6188  C:\Windows\SysWOW64\winbrand.dll - ok
05:53:42.0148 6188  [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll
05:53:42.0148 6188  C:\Windows\SysWOW64\FwRemoteSvr.dll - ok
05:53:42.0164 6188  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
05:53:42.0164 6188  C:\Windows\System32\FwRemoteSvr.dll - ok
05:53:42.0164 6188  [ B9A4DAC2192FD78CDA097BFA79F6E7B2 ] C:\Windows\SysWOW64\net.exe
05:53:42.0164 6188  C:\Windows\SysWOW64\net.exe - ok
05:53:42.0164 6188  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
05:53:42.0164 6188  C:\Windows\SysWOW64\taskschd.dll - ok
05:53:42.0164 6188  [ 3E1EBF74DD93287B7DC1C681B09E3639 ] C:\Windows\SysWOW64\usbceip.dll
05:53:42.0164 6188  C:\Windows\SysWOW64\usbceip.dll - ok
05:53:42.0164 6188  [ B998AB59D5541777A1E43175A9ACBE83 ] C:\Windows\System32\en-US\conhost.exe.mui
05:53:42.0164 6188  C:\Windows\System32\en-US\conhost.exe.mui - ok
05:53:42.0164 6188  [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
05:53:42.0164 6188  C:\Windows\SysWOW64\schannel.dll - ok
05:53:42.0164 6188  [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
05:53:42.0164 6188  C:\Windows\SysWOW64\dimsjob.dll - ok
05:53:42.0164 6188  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
05:53:42.0164 6188  C:\Windows\System32\dimsjob.dll - ok
05:53:42.0164 6188  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
05:53:42.0164 6188  C:\Windows\SysWOW64\netprofm.dll - ok
05:53:42.0164 6188  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
05:53:42.0164 6188  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
05:53:42.0179 6188  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
05:53:42.0179 6188  C:\Windows\SysWOW64\npmproxy.dll - ok
05:53:42.0179 6188  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
05:53:42.0179 6188  C:\Windows\System32\npmproxy.dll - ok
05:53:42.0179 6188  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
05:53:42.0179 6188  C:\Windows\SysWOW64\gpapi.dll - ok
05:53:42.0179 6188  [ 8F5EAAF76A6811332A8C67DB0D4C395F ] C:\Windows\SysWOW64\ieframe.dll
05:53:42.0179 6188  C:\Windows\SysWOW64\ieframe.dll - ok
05:53:42.0179 6188  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
05:53:42.0179 6188  C:\Windows\System32\aelupsvc.dll - ok
05:53:42.0179 6188  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
05:53:42.0179 6188  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
05:53:42.0179 6188  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
05:53:42.0179 6188  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
05:53:42.0179 6188  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
05:53:42.0179 6188  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
05:53:42.0179 6188  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503 ] C:\Windows\SysWOW64\shdocvw.dll
05:53:42.0179 6188  C:\Windows\SysWOW64\shdocvw.dll - ok
05:53:42.0179 6188  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
05:53:42.0179 6188  C:\Windows\SysWOW64\NapiNSP.dll - ok
05:53:42.0195 6188  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\pnrpnsp.dll - ok
05:53:42.0195 6188  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\winrnr.dll - ok
05:53:42.0195 6188  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Z220\AppData\Local\Temp\CDDFCDDA-17C4-4575-81C8-24DF586F3E61.exe
05:53:42.0195 6188  C:\Users\Z220\AppData\Local\Temp\CDDFCDDA-17C4-4575-81C8-24DF586F3E61.exe - ok
05:53:42.0195 6188  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\imagehlp.dll - ok
05:53:42.0195 6188  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\ncrypt.dll - ok
05:53:42.0195 6188  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\bcrypt.dll - ok
05:53:42.0195 6188  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
05:53:42.0195 6188  [ 7B851A8018B1EA00A69707A390004884 ] C:\Windows\SysWOW64\cryptnet.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\cryptnet.dll - ok
05:53:42.0195 6188  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\SensApi.dll - ok
05:53:42.0195 6188  [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll
05:53:42.0195 6188  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
05:53:42.0210 6188  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\EhStorShell.dll - ok
05:53:42.0210 6188  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\ntshrui.dll - ok
05:53:42.0210 6188  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\cscapi.dll - ok
05:53:42.0210 6188  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\slc.dll - ok
05:53:42.0210 6188  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\imageres.dll - ok
05:53:42.0210 6188  [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\IconCodecService.dll - ok
05:53:42.0210 6188  [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe
05:53:42.0210 6188  C:\Windows\SysWOW64\taskeng.exe - ok
05:53:42.0210 6188  [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\TSChannel.dll - ok
05:53:42.0210 6188  [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\ktmw32.dll - ok
05:53:42.0210 6188  [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
05:53:42.0210 6188  C:\Windows\SysWOW64\wevtapi.dll - ok


 

Link to post
Share on other sites

part 10:

 

05:53:42.0226 6188  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
05:53:42.0226 6188  C:\Windows\SysWOW64\xmllite.dll - ok
05:53:42.0226 6188  [ 696584B827A0FD48E28A76F35EE0A2B8 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
05:53:42.0226 6188  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe - ok
05:53:42.0226 6188  [ 3E6442B01E44B3AA31807FEF5235DC54 ] C:\Program Files\CCleaner\CCleaner.exe
05:53:42.0226 6188  C:\Program Files\CCleaner\CCleaner.exe - ok
05:53:42.0226 6188  [ 5C997FB34FBA9CD15637890048F1EB0B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll
05:53:42.0226 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll - ok
05:53:42.0226 6188  [ 99269DEE97D87DED45D05A3257493D8D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll
05:53:42.0226 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll - ok
05:53:42.0226 6188  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
05:53:42.0226 6188  C:\Windows\SysWOW64\mscoree.dll - ok
05:53:42.0226 6188  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
05:53:42.0226 6188  C:\Windows\System32\mscoree.dll - ok
05:53:42.0226 6188  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
05:53:42.0226 6188  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
05:53:42.0226 6188  [ C0FAAE8EC1B4760D3D04844F708DA0F0 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
05:53:42.0226 6188  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
05:53:42.0242 6188  [ 7F9C912B2817076DC0C9C129C90D8914 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll
05:53:42.0242 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll - ok
05:53:42.0242 6188  [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
05:53:42.0242 6188  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
05:53:42.0242 6188  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
05:53:42.0242 6188  C:\Windows\SysWOW64\riched20.dll - ok
05:53:42.0242 6188  [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
05:53:42.0242 6188  C:\Windows\System32\riched20.dll - ok
05:53:42.0242 6188  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
05:53:42.0242 6188  C:\Windows\System32\SensApi.dll - ok
05:53:42.0242 6188  [ 8A525B8D583D067C5AAAC1AF5F91B89A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll
05:53:42.0242 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll - ok
05:53:42.0242 6188  [ 0F25194F0257C1ED7C93C55FE6AE6E8A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll
05:53:42.0242 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll - ok
05:53:42.0242 6188  [ AE098D9D3BD83440C59A0C3386F4F5DD ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
05:53:42.0242 6188  C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
05:53:42.0242 6188  [ 6E656C325A5519A3A9D951709958CF6F ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
05:53:42.0242 6188  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
05:53:42.0257 6188  [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
05:53:42.0257 6188  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
05:53:42.0257 6188  [ 4C0989878EB9DF67C42A7CD42713451E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll
05:53:42.0257 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll - ok
05:53:42.0257 6188  [ 29EA0DE7CE74A18B99A2A94809C54C79 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\994b9a807cc6fa0c8d1a9ae90ab685ac\System.Windows.Forms.ni.dll
05:53:42.0257 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\994b9a807cc6fa0c8d1a9ae90ab685ac\System.Windows.Forms.ni.dll - ok
05:53:42.0257 6188  [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
05:53:42.0257 6188  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
05:53:42.0257 6188  [ AC6E6940C8C98EE153D96FFA2CA7B272 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll
05:53:42.0257 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll - ok
05:53:42.0257 6188  [ E2A3AE8CD6FA7F294ACF77180946616B ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Localization\7.0.0.1__a2352a4c73e11587\HP.SupportFramework.Localization.dll
05:53:42.0257 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Localization\7.0.0.1__a2352a4c73e11587\HP.SupportFramework.Localization.dll - ok
05:53:42.0257 6188  [ E98284A6C9A76D2FC08CD0FC9D91B534 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HP.SupportAssistant.UIController.dll
05:53:42.0257 6188  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HP.SupportAssistant.UIController.dll - ok
05:53:42.0257 6188  [ DB634D1F0330255341EEAD2CC4AEC920 ] C:\Windows\assembly\GAC_MSIL\HP.SupportAssistant.Engine\7.0.1.1__e1eab6ede003577a\HP.SupportAssistant.Engine.dll
05:53:42.0257 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportAssistant.Engine\7.0.1.1__e1eab6ede003577a\HP.SupportAssistant.Engine.dll - ok
05:53:42.0257 6188  [ 29FB9D78D310991E2E1488A716344638 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Utilities\7.0.0.1__deb98ab3a292405a\HP.SupportFramework.Utilities.dll
05:53:42.0257 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Utilities\7.0.0.1__deb98ab3a292405a\HP.SupportFramework.Utilities.dll - ok
05:53:42.0273 6188  [ D66F354CF10CB0CF65F401B5B3160140 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.UI\7.0.0.1__3d7f4982d5e863bc\HP.SupportFramework.UI.dll
05:53:42.0273 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.UI\7.0.0.1__3d7f4982d5e863bc\HP.SupportFramework.UI.dll - ok
05:53:42.0273 6188  [ 6E5C9C5171C0663331BF58B7DEA54498 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Common\7.0.0.1__41bdec5abf54f6dc\HP.SupportFramework.Common.dll
05:53:42.0273 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Common\7.0.0.1__41bdec5abf54f6dc\HP.SupportFramework.Common.dll - ok
05:53:42.0273 6188  [ CFA6A9299864FB9713BBF279CB0F7DEF ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Communicator\7.0.0.1__370cd15173f7ac8f\HP.SupportFramework.Communicator.dll
05:53:42.0273 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Communicator\7.0.0.1__370cd15173f7ac8f\HP.SupportFramework.Communicator.dll - ok
05:53:42.0273 6188  [ 08F2E3CD8BC16B54C39F779CE4DC2D74 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.ServiceManager\7.0.0.1__afd7346f05a57c11\HP.SupportFramework.ServiceManager.dll
05:53:42.0273 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.ServiceManager\7.0.0.1__afd7346f05a57c11\HP.SupportFramework.ServiceManager.dll - ok
05:53:42.0273 6188  [ 8B615B1E2D01DB66850B56727F99C558 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Logging\7.0.0.1__a5a013d267b3a679\HP.SupportFramework.Logging.dll
05:53:42.0273 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Logging\7.0.0.1__a5a013d267b3a679\HP.SupportFramework.Logging.dll - ok
05:53:42.0273 6188  [ 06324F22EF3BABF05D5B3EC905E2BEA9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\c3e08d83feb430f44496c4adb55ef007\System.Runtime.Remoting.ni.dll
05:53:42.0273 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\c3e08d83feb430f44496c4adb55ef007\System.Runtime.Remoting.ni.dll - ok
05:53:42.0273 6188  [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
05:53:42.0273 6188  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
05:53:42.0273 6188  [ 0405BACBBD2006CAF3C54256FE71FB2A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\7e1a0f53a8580321c5902b6867c3f7da\System.Management.ni.dll
05:53:42.0273 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\7e1a0f53a8580321c5902b6867c3f7da\System.Management.ni.dll - ok
05:53:42.0273 6188  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:53:42.0273 6188  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
05:53:42.0288 6188  [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
05:53:42.0288 6188  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
05:53:42.0288 6188  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
05:53:42.0288 6188  C:\Windows\SysWOW64\wbemcomn.dll - ok
05:53:42.0288 6188  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
05:53:42.0288 6188  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
05:53:42.0288 6188  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
05:53:42.0288 6188  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
05:53:42.0288 6188  [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
05:53:42.0288 6188  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
05:53:42.0288 6188  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:53:42.0288 6188  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
05:53:42.0288 6188  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
05:53:42.0288 6188  C:\Windows\System32\msvcr100_clr0400.dll - ok
05:53:42.0288 6188  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
05:53:42.0288 6188  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
05:53:42.0288 6188  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
05:53:42.0288 6188  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
05:53:42.0288 6188  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
05:53:42.0288 6188  C:\Windows\SysWOW64\ntdsapi.dll - ok
05:53:42.0304 6188  [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
05:53:42.0304 6188  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
05:53:42.0304 6188  [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
05:53:42.0304 6188  C:\Windows\SysWOW64\ncobjapi.dll - ok
05:53:42.0304 6188  [ 9C9943220F8F94B917D8C4C9618074CC ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
05:53:42.0304 6188  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe - ok
05:53:42.0304 6188  [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll
05:53:42.0304 6188  C:\Windows\SysWOW64\framedynos.dll - ok


 

Link to post
Share on other sites

part 11:

 

05:53:42.0304 6188  [ 20F79A90C76651A17A9B211BC33743A7 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll
05:53:42.0304 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll - ok
05:53:42.0304 6188  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
05:53:42.0304 6188  C:\Windows\SysWOW64\shfolder.dll - ok
05:53:42.0304 6188  [ DDA324215F71243786A9A4D1C5027BEB ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
05:53:42.0304 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe - ok
05:53:42.0304 6188  [ FE32E6B3EEB32237CFED798F0B80EBD0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\7140611b14c038e25f80544af4f1ab61\System.Core.ni.dll
05:53:42.0304 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\7140611b14c038e25f80544af4f1ab61\System.Core.ni.dll - ok
05:53:42.0304 6188  [ 2BBEAE7C6CC97BA6669482AD69EE8541 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\cfd4d6a6ccde1323b6ecb279483718f1\System.Xml.Linq.ni.dll
05:53:42.0304 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\cfd4d6a6ccde1323b6ecb279483718f1\System.Xml.Linq.ni.dll - ok
05:53:42.0320 6188  [ 107F19308A07F27CEA7B317BDF67756F ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
05:53:42.0320 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
05:53:42.0320 6188  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
05:53:42.0320 6188  C:\Windows\System32\sppsvc.exe - ok
05:53:42.0320 6188  [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
05:53:42.0320 6188  C:\Windows\System32\sppobjs.dll - ok
05:53:42.0320 6188  [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
05:53:42.0320 6188  C:\Windows\System32\sppwinob.dll - ok
05:53:42.0320 6188  [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
05:53:42.0320 6188  C:\Windows\System32\drivers\spsys.sys - ok
05:53:42.0320 6188  [ B3F15947F40E25B74938B203FEAF0640 ] C:\Users\Z220\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll
05:53:42.0320 6188  C:\Users\Z220\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll - ok
05:53:42.0320 6188  [ F980F2E6E8E68D797CF07434C8DDBF30 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
05:53:42.0320 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll - ok
05:53:42.0320 6188  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
05:53:42.0320 6188  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
05:53:42.0320 6188  [ 671E5892CF12C89031FADC6697CBAEDE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\ffcb92605ae455c5763d0cf2afa82ed2\System.Web.ni.dll
05:53:42.0320 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\ffcb92605ae455c5763d0cf2afa82ed2\System.Web.ni.dll - ok
05:53:42.0335 6188  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
05:53:42.0335 6188  C:\Windows\SysWOW64\wsock32.dll - ok
05:53:42.0335 6188  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
05:53:42.0335 6188  C:\Windows\System32\wsock32.dll - ok
05:53:42.0335 6188  [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
05:53:42.0335 6188  C:\Windows\System32\security.dll - ok
05:53:42.0335 6188  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
05:53:42.0335 6188  C:\Windows\SysWOW64\powrprof.dll - ok
05:53:42.0335 6188  [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
05:53:42.0335 6188  C:\Windows\SysWOW64\security.dll - ok
05:53:42.0335 6188  [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
05:53:42.0335 6188  C:\Windows\SysWOW64\dssenh.dll - ok
05:53:42.0335 6188  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
05:53:42.0335 6188  C:\Windows\System32\dssenh.dll - ok
05:53:42.0335 6188  [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll
05:53:42.0335 6188  C:\Windows\SysWOW64\wmdrmdev.dll - ok
05:53:42.0335 6188  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
05:53:42.0335 6188  C:\Windows\System32\wmdrmdev.dll - ok
05:53:42.0335 6188  [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll
05:53:42.0335 6188  C:\Windows\SysWOW64\drmv2clt.dll - ok
05:53:42.0351 6188  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
05:53:42.0351 6188  C:\Windows\System32\wscsvc.dll - ok
05:53:42.0351 6188  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
05:53:42.0351 6188  C:\Windows\System32\drmv2clt.dll - ok
05:53:42.0351 6188  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
05:53:42.0351 6188  C:\Windows\SysWOW64\dbghelp.dll - ok
05:53:42.0351 6188  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
05:53:42.0351 6188  C:\Windows\SysWOW64\samcli.dll - ok
05:53:42.0351 6188  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
05:53:42.0351 6188  C:\Windows\SysWOW64\logoncli.dll - ok
05:53:42.0351 6188  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
05:53:42.0351 6188  C:\Windows\System32\dbghelp.dll - ok
05:53:42.0351 6188  [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
05:53:42.0351 6188  C:\Windows\SysWOW64\browcli.dll - ok
05:53:42.0351 6188  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
05:53:42.0351 6188  C:\Windows\SysWOW64\mfplat.dll - ok
05:53:42.0351 6188  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
05:53:42.0351 6188  C:\Windows\System32\mfplat.dll - ok
05:53:42.0351 6188  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
05:53:42.0351 6188  C:\Windows\System32\browcli.dll - ok
05:53:42.0351 6188  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
05:53:42.0351 6188  C:\Windows\SysWOW64\avrt.dll - ok
05:53:42.0366 6188  [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
05:53:42.0366 6188  C:\Windows\SysWOW64\schedcli.dll - ok
05:53:42.0366 6188  [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
05:53:42.0366 6188  C:\Windows\System32\schedcli.dll - ok
05:53:42.0366 6188  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
05:53:42.0366 6188  C:\Windows\System32\p2pcollab.dll - ok
05:53:42.0366 6188  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
05:53:42.0366 6188  C:\Windows\System32\QAGENTRT.DLL - ok
05:53:42.0366 6188  [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
05:53:42.0366 6188  C:\Windows\SysWOW64\SearchIndexer.exe - ok
05:53:42.0366 6188  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
05:53:42.0366 6188  C:\Windows\SysWOW64\sxs.dll - ok
05:53:42.0366 6188  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
05:53:42.0366 6188  C:\Windows\System32\fveui.dll - ok
05:53:42.0366 6188  [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll
05:53:42.0366 6188  C:\Windows\SysWOW64\blackbox.dll - ok
05:53:42.0366 6188  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
05:53:42.0366 6188  C:\Windows\System32\blackbox.dll - ok
05:53:42.0366 6188  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
05:53:42.0366 6188  C:\Windows\System32\SearchIndexer.exe - ok
05:53:42.0382 6188  [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\Windows\SysWOW64\wuapi.dll
05:53:42.0382 6188  C:\Windows\SysWOW64\wuapi.dll - ok
05:53:42.0382 6188  [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
05:53:42.0382 6188  C:\Windows\SysWOW64\tquery.dll - ok
05:53:42.0382 6188  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
05:53:42.0382 6188  C:\Windows\System32\wuapi.dll - ok
05:53:42.0382 6188  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
05:53:42.0382 6188  C:\Windows\System32\tquery.dll - ok
05:53:42.0382 6188  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
05:53:42.0382 6188  C:\Windows\SysWOW64\cabinet.dll - ok
05:53:42.0382 6188  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
05:53:42.0382 6188  C:\Windows\System32\cabinet.dll - ok
05:53:42.0382 6188  [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
05:53:42.0382 6188  C:\Windows\SysWOW64\mssrch.dll - ok
05:53:42.0382 6188  [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
05:53:42.0382 6188  C:\Windows\SysWOW64\upnp.dll - ok
05:53:42.0382 6188  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
05:53:42.0382 6188  C:\Windows\System32\mssrch.dll - ok
05:53:42.0382 6188  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
05:53:42.0382 6188  C:\Windows\SysWOW64\winhttp.dll - ok
05:53:42.0398 6188  [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
05:53:42.0398 6188  C:\Windows\SysWOW64\esent.dll - ok
05:53:42.0398 6188  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
05:53:42.0398 6188  C:\Windows\SysWOW64\webio.dll - ok
05:53:42.0398 6188  [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll
05:53:42.0398 6188  C:\Windows\SysWOW64\wups.dll - ok
05:53:42.0398 6188  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
05:53:42.0398 6188  C:\Windows\System32\wups.dll - ok
05:53:42.0398 6188  [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
05:53:42.0398 6188  C:\Windows\SysWOW64\ssdpapi.dll - ok
05:53:42.0398 6188  [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
05:53:42.0398 6188  C:\Windows\SysWOW64\msidle.dll - ok
05:53:42.0398 6188  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
05:53:42.0398 6188  C:\Windows\System32\msidle.dll - ok
05:53:42.0398 6188  [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
05:53:42.0398 6188  C:\Windows\SysWOW64\KBDUS.DLL - ok
05:53:42.0398 6188  [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
05:53:42.0398 6188  C:\Windows\SysWOW64\wmp.dll - ok
05:53:42.0398 6188  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
05:53:42.0398 6188  C:\Windows\System32\wmp.dll - ok
05:53:42.0398 6188  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
05:53:42.0398 6188  C:\Windows\SysWOW64\dwmapi.dll - ok
05:53:42.0413 6188  [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
05:53:42.0413 6188  C:\Windows\SysWOW64\wmploc.DLL - ok
05:53:42.0413 6188  [ F4079F18F919248CF978BBAEDB139A61 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\interop.Scheduler.dll
05:53:42.0413 6188  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\interop.Scheduler.dll - ok
05:53:42.0413 6188  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
05:53:42.0413 6188  C:\Windows\System32\wmploc.DLL - ok
05:53:42.0413 6188  [ CE5516C7B8EC9948770FF72DB9FB8B96 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\7.0.0.1__d4a591153760ff28\HP.SupportFramework.dll
05:53:42.0413 6188  C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\7.0.0.1__d4a591153760ff28\HP.SupportFramework.dll - ok


 

Link to post
Share on other sites

part 12:

 

05:53:42.0413 6188  [ F479C4B55B70A27E509113273DC1E67B ] C:\Program Files\Internet Explorer\ieproxy.dll
05:53:42.0413 6188  C:\Program Files\Internet Explorer\ieproxy.dll - ok
05:53:42.0413 6188  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
05:53:42.0413 6188  C:\Windows\SysWOW64\provsvc.dll - ok
05:53:42.0413 6188  [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll
05:53:42.0413 6188  C:\Windows\SysWOW64\wmpps.dll - ok
05:53:42.0413 6188  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
05:53:42.0413 6188  C:\Windows\System32\wmpps.dll - ok
05:53:42.0413 6188  [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\SysWOW64\wmpmde.dll
05:53:42.0413 6188  C:\Windows\SysWOW64\wmpmde.dll - ok
05:53:42.0413 6188  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
05:53:42.0413 6188  C:\Windows\System32\wmpmde.dll - ok
05:53:42.0429 6188  [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
05:53:42.0429 6188  C:\Windows\SysWOW64\httpapi.dll - ok
05:53:42.0429 6188  [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
05:53:42.0429 6188  C:\Windows\SysWOW64\pcwum.dll - ok
05:53:42.0429 6188  [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll
05:53:42.0429 6188  C:\Windows\SysWOW64\WinSATAPI.dll - ok
05:53:42.0429 6188  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
05:53:42.0429 6188  C:\Windows\System32\WinSATAPI.dll - ok
05:53:42.0429 6188  [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
05:53:42.0429 6188  C:\Windows\SysWOW64\dxgi.dll - ok
05:53:42.0429 6188  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
05:53:42.0429 6188  C:\Windows\SysWOW64\msxml6.dll - ok
05:53:42.0429 6188  [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
05:53:42.0429 6188  C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
05:53:42.0429 6188  [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL
05:53:42.0429 6188  C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok
05:53:42.0429 6188  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
05:53:42.0429 6188  C:\Windows\System32\MSMPEG2ENC.DLL - ok
05:53:42.0429 6188  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
05:53:42.0429 6188  C:\Windows\SysWOW64\devenum.dll - ok
05:53:42.0444 6188  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
05:53:42.0444 6188  C:\Windows\System32\devenum.dll - ok
05:53:42.0444 6188  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
05:53:42.0444 6188  C:\Windows\SysWOW64\winmm.dll - ok
05:53:42.0444 6188  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
05:53:42.0444 6188  C:\Windows\System32\msdmo.dll - ok
05:53:42.0444 6188  [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
05:53:42.0444 6188  C:\Windows\SysWOW64\msdmo.dll - ok
05:53:42.0444 6188  [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll
05:53:42.0444 6188  C:\Windows\SysWOW64\upnphost.dll - ok
05:53:42.0444 6188  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
05:53:42.0444 6188  C:\Windows\System32\upnphost.dll - ok
05:53:42.0444 6188  [ 6AAF3BECE2C3D17091BCEF37C5A82AC0 ] C:\Windows\SysWOW64\mmc.exe
05:53:42.0444 6188  C:\Windows\SysWOW64\mmc.exe - ok
05:53:42.0444 6188  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
05:53:42.0444 6188  C:\Windows\SysWOW64\perfos.dll - ok
05:53:42.0444 6188  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
05:53:42.0444 6188  C:\Windows\System32\wbem\wmiprov.dll - ok
05:53:42.0444 6188  [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll
05:53:42.0444 6188  C:\Windows\SysWOW64\wmi.dll - ok
05:53:42.0460 6188  [ F24D69C3F5E98ABEE59ECCB0E2DF820E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll
05:53:42.0460 6188  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll - ok
05:53:42.0460 6188  [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
05:53:42.0460 6188  C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
05:53:42.0460 6188  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
05:53:42.0460 6188  C:\Windows\System32\en-US\tquery.dll.mui - ok
05:53:42.0460 6188  [ 2003E9B15E1C502B146DAD2E383AC1E3 ] C:\Windows\SysWOW64\schtasks.exe
05:53:42.0460 6188  C:\Windows\SysWOW64\schtasks.exe - ok
05:53:42.0460 6188  [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe
05:53:42.0460 6188  C:\Windows\System32\schtasks.exe - ok
05:53:42.0460 6188  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
05:53:42.0460 6188  C:\Windows\System32\udhisapi.dll - ok
05:53:42.0460 6188  [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\SysWOW64\udhisapi.dll
05:53:42.0460 6188  C:\Windows\SysWOW64\udhisapi.dll - ok
05:53:42.0460 6188  [ C7BC97E988324F5963CD7401C22E8024 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe
05:53:42.0460 6188  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe - ok
05:53:42.0460 6188  [ AF51D4FE088A3EFA5303B36FFFD0581B ] C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
05:53:42.0460 6188  C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe - ok
05:53:42.0460 6188  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
05:53:42.0460 6188  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
05:53:42.0476 6188  [ 37B6EBA4E783A0B25F3FE05EF86722CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
05:53:42.0476 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
05:53:42.0476 6188  [ 33A77D477EF9D7A5C65A950129DF2E47 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
05:53:42.0476 6188  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
05:53:42.0476 6188  [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
05:53:42.0476 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
05:53:42.0476 6188  [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
05:53:42.0476 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
05:53:42.0476 6188  [ D144849E9B48A7DFB942281ED7EDB1C1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
05:53:42.0476 6188  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll - ok
05:53:42.0476 6188  [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
05:53:42.0476 6188  C:\Windows\SysWOW64\vssapi.dll - ok
05:53:42.0476 6188  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
05:53:42.0476 6188  C:\Windows\SysWOW64\atl.dll - ok
05:53:42.0476 6188  [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
05:53:42.0476 6188  C:\Windows\SysWOW64\vsstrace.dll - ok
05:53:42.0476 6188  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
05:53:42.0476 6188  C:\Windows\SysWOW64\samlib.dll - ok
05:53:42.0476 6188  [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
05:53:42.0491 6188  C:\Windows\SysWOW64\es.dll - ok
05:53:42.0491 6188  [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
05:53:42.0491 6188  C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
05:53:42.0491 6188  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
05:53:42.0491 6188  C:\Windows\System32\SearchProtocolHost.exe - ok
05:53:42.0491 6188  [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
05:53:42.0491 6188  C:\Windows\SysWOW64\msshooks.dll - ok
05:53:42.0491 6188  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
05:53:42.0491 6188  C:\Windows\System32\msshooks.dll - ok
05:53:42.0491 6188  [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
05:53:42.0491 6188  C:\Windows\SysWOW64\SearchFilterHost.exe - ok
05:53:42.0491 6188  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
05:53:42.0491 6188  C:\Windows\System32\SearchFilterHost.exe - ok
05:53:42.0491 6188  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
05:53:42.0491 6188  C:\Windows\System32\wuaueng.dll - ok
05:53:42.0491 6188  [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\SysWOW64\mspatcha.dll
05:53:42.0491 6188  C:\Windows\SysWOW64\mspatcha.dll - ok
05:53:42.0491 6188  [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
05:53:42.0491 6188  C:\Windows\System32\mspatcha.dll - ok
05:53:42.0507 6188  [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
05:53:42.0507 6188  C:\Windows\SysWOW64\mssprxy.dll - ok
05:53:42.0507 6188  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
05:53:42.0507 6188  C:\Windows\System32\mssprxy.dll - ok
05:53:42.0507 6188  [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
05:53:42.0507 6188  C:\Windows\SysWOW64\mssph.dll - ok
05:53:42.0507 6188  [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
05:53:42.0507 6188  C:\Windows\System32\mssph.dll - ok
05:53:42.0507 6188  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
05:53:42.0507 6188  C:\Windows\SysWOW64\mapi32.dll - ok
05:53:42.0507 6188  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
05:53:42.0507 6188  C:\Windows\System32\mapi32.dll - ok
05:53:42.0507 6188  [ DC72ADE29F40EEFD38E35ED8A4D1F8F1 ] C:\Windows\SysWOW64\xmlfilter.dll
05:53:42.0507 6188  C:\Windows\SysWOW64\xmlfilter.dll - ok
05:53:42.0507 6188  [ 86C6E8597094BD9F2CF0E5F841641F4E ] C:\Windows\System32\xmlfilter.dll
05:53:42.0507 6188  C:\Windows\System32\xmlfilter.dll - ok
05:53:42.0507 6188  [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\SysWOW64\NaturalLanguage6.dll
05:53:42.0507 6188  C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
05:53:42.0507 6188  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
05:53:42.0507 6188  C:\Windows\System32\NaturalLanguage6.dll - ok
05:53:42.0507 6188  [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\SysWOW64\NlsData0009.dll
05:53:42.0507 6188  C:\Windows\SysWOW64\NlsData0009.dll - ok
05:53:42.0522 6188  [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
05:53:42.0522 6188  C:\Windows\System32\NlsData0009.dll - ok
05:53:42.0522 6188  [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\SysWOW64\NlsLexicons0009.dll
05:53:42.0522 6188  C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
05:53:42.0522 6188  [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
05:53:42.0522 6188  C:\Windows\System32\NlsLexicons0009.dll - ok
05:53:42.0522 6188  [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\SysWOW64\ELSCore.dll
05:53:42.0522 6188  C:\Windows\SysWOW64\ELSCore.dll - ok
05:53:42.0522 6188  [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
05:53:42.0522 6188  C:\Windows\System32\ELSCore.dll - ok
05:53:42.0522 6188  [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
05:53:42.0522 6188  C:\Windows\System32\elsTrans.dll - ok
05:53:42.0522 6188  [ 7B3FD36359DE5D2EE49D213CCAD13427 ] C:\Windows\SysWOW64\elsTrans.dll
05:53:42.0522 6188  C:\Windows\SysWOW64\elsTrans.dll - ok
05:53:42.0522 6188  [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\SysWOW64\elslad.dll
05:53:42.0522 6188  C:\Windows\SysWOW64\elslad.dll - ok
05:53:42.0522 6188  [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
05:53:42.0522 6188  C:\Windows\System32\elslad.dll - ok
05:53:42.0522 6188  [ 61B33014F2D2A4F9553F6EF64FB82E31 ] C:\Windows\SysWOW64\NlsData000c.dll
05:53:42.0522 6188  C:\Windows\SysWOW64\NlsData000c.dll - ok
05:53:42.0538 6188  [ 51272A935F4F482A70F2A7D1C3A67AEE ] C:\Windows\System32\NlsData000c.dll
05:53:42.0538 6188  C:\Windows\System32\NlsData000c.dll - ok
05:53:42.0538 6188  [ AC7D0114246661B1E29A0939039157C5 ] C:\Windows\SysWOW64\NlsLexicons000c.dll
05:53:42.0538 6188  C:\Windows\SysWOW64\NlsLexicons000c.dll - ok
05:53:42.0538 6188  [ C2142407A2BE3462247500849B3FF8C7 ] C:\Windows\System32\NlsLexicons000c.dll
05:53:42.0538 6188  C:\Windows\System32\NlsLexicons000c.dll - ok
05:53:42.0538 6188  [ 555F35AF3B56EAAE367D767B9E2F1E8B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
05:53:42.0538 6188  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll - ok
05:53:42.0538 6188  [ 28CAAA8B3DAC4604B6871F311C6B9F49 ] C:\Windows\SysWOW64\NlsData0000.dll
05:53:42.0538 6188  C:\Windows\SysWOW64\NlsData0000.dll - ok
05:53:42.0538 6188  [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
05:53:42.0538 6188  C:\Windows\System32\NlsData0000.dll - ok
05:53:42.0538 6188  [ A79FFFBA93697FB09584F11BD09AB636 ] C:\Windows\SysWOW64\NlsData0018.dll
05:53:42.0538 6188  C:\Windows\SysWOW64\NlsData0018.dll - ok
05:53:42.0538 6188  [ 9BDB62D5C4B3AE8807CB61F7503784E7 ] C:\Windows\System32\NlsData0018.dll
05:53:42.0538 6188  C:\Windows\System32\NlsData0018.dll - ok


 

Link to post
Share on other sites

part 13:

 

05:53:42.0538 6188  [ A4308D8E2B90C3365B124AD2448ED1A2 ] C:\Windows\SysWOW64\NlsLexicons0018.dll
05:53:42.0538 6188  C:\Windows\SysWOW64\NlsLexicons0018.dll - ok
05:53:42.0554 6188  [ 3A84190D1D472A3BB9CC4AF141326F13 ] C:\Windows\System32\NlsLexicons0018.dll
05:53:42.0554 6188  C:\Windows\System32\NlsLexicons0018.dll - ok
05:53:42.0554 6188  [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll
05:53:42.0554 6188  C:\Windows\SysWOW64\wmsgapi.dll - ok
05:53:42.0554 6188  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
05:53:42.0554 6188  C:\Windows\System32\wups2.dll - ok
05:53:42.0554 6188  [ C7A572160F9FFA4363E7C90A91C1ACCB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\439eb22c3f6967beb8a3364626883423\System.Xml.ni.dll
05:53:42.0554 6188  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\439eb22c3f6967beb8a3364626883423\System.Xml.ni.dll - ok
05:53:42.0554 6188  [ 41132124BA846F34829F56ACF7C935B9 ] C:\Program Files (x86)\Hewlett-Packard\HP Ceement\CeeUtil.dll
05:53:42.0554 6188  C:\Program Files (x86)\Hewlett-Packard\HP Ceement\CeeUtil.dll - ok
05:53:42.0554 6188  [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
05:53:42.0554 6188  C:\Windows\SysWOW64\tapi32.dll - ok
05:53:42.0554 6188  [ 613BF4820361543956909043A265C6AC ] C:\Windows\SysWOW64\tapisrv.dll
05:53:42.0554 6188  C:\Windows\SysWOW64\tapisrv.dll - ok
05:53:42.0554 6188  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
05:53:42.0554 6188  C:\Windows\System32\tapisrv.dll - ok
05:53:42.0554 6188  [ FA010336DB6FC6352A5056DD3E212CA8 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
05:53:42.0554 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
05:53:42.0554 6188  [ FBF8259AEB2AD54BDC93B83C550B2348 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
05:53:42.0554 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll - ok
05:53:42.0569 6188  [ E6F0F0253BB410AEE8B071E77A9CD201 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll
05:53:42.0569 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll - ok
05:53:42.0569 6188  [ 681C2614A2732E37A12BDE5192D95CA0 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll
05:53:42.0569 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll - ok
05:53:42.0569 6188  [ 56260EB61D3C58797EC00AC1B9013585 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll
05:53:42.0569 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll - ok
05:53:42.0569 6188  [ 82B105EDDE5BA70077AB0C62FE206651 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll
05:53:42.0569 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll - ok
05:53:42.0569 6188  [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\SysWOW64\wdigest.dll
05:53:42.0569 6188  C:\Windows\SysWOW64\wdigest.dll - ok
05:53:42.0569 6188  [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
05:53:42.0569 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
05:53:42.0569 6188  [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
05:53:42.0569 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
05:53:42.0569 6188  [ DD50D698711D9435BF46E2EFDABB06CA ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll
05:53:42.0569 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll - ok
05:53:42.0569 6188  [ 5077C374979D8CCEC42CBD6780D53795 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\SoapServerService.dll
05:53:42.0569 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\SoapServerService.dll - ok
05:53:42.0585 6188  [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
05:53:42.0585 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
05:53:42.0585 6188  [ 478B4083DD336A5C7FE26C9AD8C4672E ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\PartialFWUpdateService.dll
05:53:42.0585 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\PartialFWUpdateService.dll - ok
05:53:42.0585 6188  [ 0FC90F5E6A200DA235465495CB9F60E5 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\IPRefreshService.dll
05:53:42.0585 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\IPRefreshService.dll - ok
05:53:42.0585 6188  [ 878908FA24416D3EA1FA0708646B6D2D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ComEventHandler.dll
05:53:42.0585 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ComEventHandler.dll - ok
05:53:42.0585 6188  [ BC8D16DB1D85981ECD25B4A53C5E2B0A ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\HistoryEventHandler.dll
05:53:42.0585 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\HistoryEventHandler.dll - ok
05:53:42.0585 6188  [ DD1724F38102A558DBB5E9241730D64C ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll
05:53:42.0585 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll - ok
05:53:42.0585 6188  [ FF514B17CA850FCE3D0FAB1ACE22B1AC ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WMIEventHandler.dll
05:53:42.0585 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WMIEventHandler.dll - ok
05:53:42.0585 6188  [ C07E8CDC6FF4129DEA6FBAF3CC372C29 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WinLogEventHandler.dll
05:53:42.0585 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WinLogEventHandler.dll - ok
05:53:42.0585 6188  [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
05:53:42.0585 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
05:53:42.0600 6188  [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
05:53:42.0600 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
05:53:42.0600 6188  [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
05:53:42.0600 6188  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
05:53:42.0600 6188  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
05:53:42.0600 6188  C:\Windows\SysWOW64\sfc.dll - ok
05:53:42.0600 6188  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
05:53:42.0600 6188  C:\Windows\SysWOW64\sfc_os.dll - ok
05:53:42.0600 6188  [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
05:53:42.0600 6188  C:\Windows\SysWOW64\SndVolSSO.dll - ok
05:53:42.0600 6188  [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
05:53:42.0600 6188  C:\Windows\SysWOW64\hid.dll - ok
05:53:42.0600 6188  [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
05:53:42.0600 6188  C:\Windows\SysWOW64\timedate.cpl - ok
05:53:42.0600 6188  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
05:53:42.0600 6188  C:\Windows\System32\timedate.cpl - ok
05:53:42.0600 6188  [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\SysWOW64\shsvcs.dll
05:53:42.0600 6188  C:\Windows\SysWOW64\shsvcs.dll - ok
05:53:42.0600 6188  [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
05:53:42.0600 6188  C:\Windows\SysWOW64\actxprxy.dll - ok
05:53:42.0616 6188  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
05:53:42.0616 6188  C:\Windows\System32\actxprxy.dll - ok
05:53:42.0616 6188  [ 23B001185B7C3CB1F4BDEB143E6B45B7 ] C:\Windows\System32\shdocvw.dll
05:53:42.0616 6188  C:\Windows\System32\shdocvw.dll - ok
05:53:42.0616 6188  [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
05:53:42.0616 6188  C:\Windows\SysWOW64\shacct.dll - ok
05:53:42.0616 6188  [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
05:53:42.0616 6188  C:\Windows\SysWOW64\msftedit.dll - ok
05:53:42.0616 6188  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
05:53:42.0616 6188  C:\Windows\System32\msftedit.dll - ok
05:53:42.0616 6188  [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll
05:53:42.0616 6188  C:\Windows\SysWOW64\msls31.dll - ok
05:53:42.0616 6188  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
05:53:42.0616 6188  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
05:53:42.0616 6188  [ E904178851A6A44BFA97E064EF779E9D ] C:\Windows\SysWOW64\authui.dll
05:53:42.0616 6188  C:\Windows\SysWOW64\authui.dll - ok
05:53:42.0616 6188  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
05:53:42.0616 6188  C:\Windows\SysWOW64\cryptui.dll - ok
05:53:42.0616 6188  [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll
05:53:42.0616 6188  C:\Windows\SysWOW64\gameux.dll - ok
05:53:42.0632 6188  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
05:53:42.0632 6188  C:\Windows\System32\gameux.dll - ok
05:53:42.0632 6188  [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
05:53:42.0632 6188  C:\Windows\SysWOW64\wer.dll - ok
05:53:42.0632 6188  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
05:53:42.0632 6188  C:\Windows\System32\msiltcfg.dll - ok
05:53:42.0632 6188  [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
05:53:42.0632 6188  C:\Windows\SysWOW64\msiltcfg.dll - ok
05:53:42.0632 6188  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
05:53:42.0632 6188  C:\Windows\SysWOW64\msi.dll - ok
05:53:42.0632 6188  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
05:53:42.0632 6188  C:\Windows\System32\msi.dll - ok
05:53:42.0632 6188  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
05:53:42.0632 6188  C:\Windows\SysWOW64\linkinfo.dll - ok
05:53:42.0632 6188  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
05:53:42.0632 6188  C:\Windows\System32\linkinfo.dll - ok
05:53:42.0632 6188  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
05:53:42.0632 6188  C:\Windows\System32\DeviceCenter.dll - ok
05:53:42.0632 6188  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
05:53:42.0632 6188  C:\Windows\SysWOW64\networkexplorer.dll - ok
05:53:42.0632 6188  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
05:53:42.0632 6188  C:\Windows\System32\networkexplorer.dll - ok
05:53:42.0647 6188  [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
05:53:42.0647 6188  C:\Windows\SysWOW64\drprov.dll - ok
05:53:42.0647 6188  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
05:53:42.0647 6188  C:\Windows\System32\drprov.dll - ok
05:53:42.0647 6188  [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
05:53:42.0647 6188  C:\Windows\SysWOW64\ntlanman.dll - ok
05:53:42.0647 6188  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
05:53:42.0647 6188  C:\Windows\System32\ntlanman.dll - ok
05:53:42.0647 6188  [ EAF4712B706936C0B10D3B5319B37E81 ] C:\Windows\SysWOW64\davclnt.dll
05:53:42.0647 6188  C:\Windows\SysWOW64\davclnt.dll - ok
05:53:42.0647 6188  [ B32AB94A432289AC2DF77A3DCAD32EED ] C:\Windows\System32\davclnt.dll
05:53:42.0647 6188  C:\Windows\System32\davclnt.dll - ok
05:53:42.0647 6188  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
05:53:42.0647 6188  C:\Windows\System32\davhlpr.dll - ok
05:53:42.0647 6188  [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
05:53:42.0647 6188  C:\Windows\SysWOW64\davhlpr.dll - ok
05:53:42.0647 6188  [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
05:53:42.0647 6188  C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok
05:53:42.0647 6188  [ 195145237BE4B95227B8FD6F3D1283BC ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
05:53:42.0647 6188  C:\Program Files\NVIDIA Corporation\nview\nwiz.exe - ok
05:53:42.0663 6188  [ 59AF838A39A377C6F7DD387748C5DE87 ] C:\Program Files\Total Defense\Internet Security Suite\casc.exe
05:53:42.0663 6188  C:\Program Files\Total Defense\Internet Security Suite\casc.exe - ok
05:53:42.0663 6188  [ FEF06E14E7105AD2769A614F45502540 ] C:\Program Files\NVIDIA Corporation\nview\nView64.dll
05:53:42.0663 6188  C:\Program Files\NVIDIA Corporation\nview\nView64.dll - ok
05:53:42.0663 6188  [ 79C982EF9198EB4B1A6AFDFA5D269E4D ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe
05:53:42.0663 6188  C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe - ok
05:53:42.0663 6188  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\05378752.sys
05:53:42.0663 6188  C:\Windows\System32\drivers\05378752.sys - ok
05:53:42.0663 6188  [ DF9CAA5B27E64551AC045FFB46F55629 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
05:53:42.0663 6188  C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe - ok
05:53:42.0663 6188  [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
05:53:42.0663 6188  C:\Windows\SysWOW64\rundll32.exe - ok
05:53:42.0663 6188  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
05:53:42.0663 6188  C:\Windows\System32\rundll32.exe - ok
05:53:42.0663 6188  [ 2F5B3AFA626DD53225E86BF34CB80EB1 ] C:\Windows\SysWOW64\ElbyCDIO.dll
05:53:42.0663 6188  C:\Windows\SysWOW64\ElbyCDIO.dll - ok
05:53:42.0663 6188  [ 1F74B33DC1296273C07F329466B8BE0F ] C:\Windows\SysWOW64\en-US\runonce.exe.mui
05:53:42.0663 6188  C:\Windows\SysWOW64\en-US\runonce.exe.mui - ok
05:53:42.0678 6188  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
05:53:42.0678 6188  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
05:53:42.0678 6188  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
05:53:42.0678 6188  C:\Windows\SysWOW64\duser.dll - ok
05:53:42.0678 6188  [ 8433BDAC7D756F47B60A25B713E1CDD1 ] C:\Program Files\Total Defense\Internet Security Suite\ccemail.dll
05:53:42.0678 6188  C:\Program Files\Total Defense\Internet Security Suite\ccemail.dll - ok
05:53:42.0678 6188  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
05:53:42.0678 6188  C:\Windows\SysWOW64\dui70.dll - ok
05:53:42.0678 6188  [ D5E18BA95F9E7D787D25EF07AC68603E ] C:\Windows\SysWOW64\tzres.dll
05:53:42.0678 6188  C:\Windows\SysWOW64\tzres.dll - ok
05:53:42.0678 6188  [ 8FD0EC6EB52F9EFE15B7A605C827932C ] C:\Windows\System32\Defrag.exe
05:53:42.0678 6188  C:\Windows\System32\Defrag.exe - ok


 

Link to post
Share on other sites

part 14:

 

05:53:42.0678 6188  [ 42771387FE5EAE8211F7000859157620 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.dll
05:53:42.0678 6188  C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.dll - ok
05:53:42.0678 6188  [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
05:53:42.0678 6188  C:\Windows\AppPatch\AcLayers.dll - ok
05:53:42.0678 6188  [ 2041012726EF7C95ED51C15C56545A7F ] C:\Windows\SysWOW64\net1.exe
05:53:42.0678 6188  C:\Windows\SysWOW64\net1.exe - ok
05:53:42.0678 6188  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
05:53:42.0678 6188  C:\Windows\SysWOW64\d3d9.dll - ok
05:53:42.0694 6188  [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
05:53:42.0694 6188  C:\Windows\System32\d3d9.dll - ok
05:53:42.0694 6188  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
05:53:42.0694 6188  C:\Windows\SysWOW64\d3d8thk.dll - ok
05:53:42.0694 6188  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
05:53:42.0694 6188  C:\Windows\System32\d3d8thk.dll - ok
05:53:42.0694 6188  [ F2E76C84BD0211103113A0BC4A835A7D ] C:\Windows\SysWOW64\TRACERT.EXE
05:53:42.0694 6188  C:\Windows\SysWOW64\TRACERT.EXE - ok
05:53:42.0694 6188  [ BF484058640D08AC23C4498002223B8F ] C:\Windows\System32\nvd3dumx.dll
05:53:42.0694 6188  C:\Windows\System32\nvd3dumx.dll - ok
05:53:42.0694 6188  [ 7E067D5C3EF2BB87B3E07DCD61286390 ] C:\Windows\AppPatch\acwow64.dll
05:53:42.0694 6188  C:\Windows\AppPatch\acwow64.dll - ok
05:53:42.0694 6188  [ B8DD4F4747E37DC6EEB4BDC22AE270F8 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDialog.dll
05:53:42.0694 6188  C:\Program Files (x86)\SlySoft\AnyDVD\AnyDialog.dll - ok
05:53:42.0694 6188  [ AFC329AF2E9AF235C7ABA8D6D63C40FE ] C:\Program Files\NVIDIA Corporation\nview\nView.dll
05:53:42.0694 6188  C:\Program Files\NVIDIA Corporation\nview\nView.dll - ok
05:53:42.0694 6188  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
05:53:42.0694 6188  C:\Windows\SysWOW64\comdlg32.dll - ok
05:53:42.0694 6188  [ B976D45A3DE9B915E6A0625D89BF6529 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp.dll
05:53:42.0694 6188  C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp.dll - ok
05:53:42.0710 6188  [ 33B26FA5DBEB69FFAB703EDCB4E6DE4A ] C:\Windows\SysWOW64\qdvd.dll
05:53:42.0710 6188  C:\Windows\SysWOW64\qdvd.dll - ok
05:53:42.0710 6188  [ B35B2DF377BB08844EA7A30D40FED7E7 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
05:53:42.0710 6188  C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe - ok
05:53:42.0710 6188  [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
05:53:42.0710 6188  C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
05:53:42.0710 6188  [ 766A9085EC0A0CA37B6905EE092D9D16 ] C:\Program Files\Total Defense\Internet Security Suite\issimages.dll
05:53:42.0710 6188  C:\Program Files\Total Defense\Internet Security Suite\issimages.dll - ok
05:53:42.0710 6188  [ A45CB10FC8C4DCA23F96FE4D334F64FE ] C:\Windows\SysWOW64\msxml3r.dll
05:53:42.0710 6188  C:\Windows\SysWOW64\msxml3r.dll - ok
05:53:42.0710 6188  [ 973131EB99BE1E19DAC502CB724E72A5 ] C:\Windows\System32\qdvd.dll
05:53:42.0710 6188  C:\Windows\System32\qdvd.dll - ok
05:53:42.0710 6188  [ F245764C6292A7364F4A9EC688430C47 ] C:\Program Files\Total Defense\Internet Security Suite\Parental Controls\capcbo.dll
05:53:42.0710 6188  C:\Program Files\Total Defense\Internet Security Suite\Parental Controls\capcbo.dll - ok
05:53:42.0710 6188  [ 8E19E70B4549D28E413FF04767BC6853 ] C:\Program Files\Total Defense\Internet Security Suite\caentitlementdll.dll
05:53:42.0710 6188  C:\Program Files\Total Defense\Internet Security Suite\caentitlementdll.dll - ok
05:53:42.0710 6188  [ 1E4B20432D6CB47A219A9049000F5E09 ] C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe
05:53:42.0710 6188  C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe - ok
05:53:42.0725 6188  [ D0267EABA2147D97D696A69131DC1AA8 ] C:\Program Files\Total Defense\Internet Security Suite\ccdynamiccontent.dll
05:53:42.0725 6188  C:\Program Files\Total Defense\Internet Security Suite\ccdynamiccontent.dll - ok
05:53:42.0725 6188  [ 87816DF335990F58C0844BE8AB1976DE ] C:\Program Files\Total Defense\Internet Security Suite\ccissprd.dll
05:53:42.0725 6188  C:\Program Files\Total Defense\Internet Security Suite\ccissprd.dll - ok
05:53:42.0725 6188  [ 0C43FC1A5DF9CD2984508BCEA169C7FB ] C:\Windows\SysWOW64\nvapi.dll
05:53:42.0725 6188  C:\Windows\SysWOW64\nvapi.dll - ok
05:53:42.0725 6188  [ FE889875746F7E51CE79A516E1AAE86F ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\AntiSpamPBO.dll
05:53:42.0725 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\AntiSpamPBO.dll - ok
05:53:42.0725 6188  [ 9DF9BF62BBA3B7CD60A0002848443310 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphishbo.dll
05:53:42.0725 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphishbo.dll - ok
05:53:42.0725 6188  [ DEED9A789137833A1CEEE1B1501829FA ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\sitefilter.dll
05:53:42.0725 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\sitefilter.dll - ok
05:53:42.0725 6188  [ A005676B30AEB3C7703C317D992B193A ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
05:53:42.0725 6188  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok
05:53:42.0725 6188  [ CBC8C9B3298F292F9DEBDCD16281688D ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphupd.exe
05:53:42.0725 6188  C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphupd.exe - ok
05:53:42.0725 6188  [ 16E5353520281CE35F441F0EE3397E86 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
05:53:42.0725 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe - ok
05:53:42.0741 6188  [ 0E245A12C90A46C6CFD2FC1291F6E0AF ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
05:53:42.0741 6188  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok
05:53:42.0741 6188  [ 30C43B8DF6B5E3AB01696CA902D95875 ] C:\Program Files\Total Defense\Internet Security Suite\commonbo.dll
05:53:42.0741 6188  C:\Program Files\Total Defense\Internet Security Suite\commonbo.dll - ok
05:53:42.0741 6188  [ 433BDD755D73E7FA75FCE69F9EAD4809 ] C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe
05:53:42.0741 6188  C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe - ok
05:53:42.0741 6188  [ 6A964389E2DA5046982CD5FFC3276CAA ] C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
05:53:42.0741 6188  C:\Program Files\NVIDIA Corporation\nview\nvShell.dll - ok
05:53:42.0741 6188  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
05:53:42.0741 6188  C:\Windows\SysWOW64\wscisvif.dll - ok
05:53:42.0741 6188  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
05:53:42.0741 6188  C:\Windows\SysWOW64\wscapi.dll - ok
05:53:42.0741 6188  [ 9DBC4D7C09DD0F51BCA0464E907ACE9D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\MeProv.dll
05:53:42.0741 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\MeProv.dll - ok
05:53:42.0741 6188  [ 210F667167ADED94A124CA8EC078E31D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\WsmanClient.dll
05:53:42.0741 6188  C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\WsmanClient.dll - ok
05:53:42.0741 6188  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
05:53:42.0741 6188  C:\Windows\System32\wscapi.dll - ok
05:53:42.0756 6188  [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
05:53:42.0756 6188  C:\Windows\System32\wscisvif.dll - ok
05:53:42.0756 6188  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
05:53:42.0756 6188  C:\Windows\SysWOW64\wshqos.dll - ok
05:53:42.0756 6188  [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
05:53:42.0756 6188  C:\Windows\SysWOW64\stobject.dll - ok
05:53:42.0756 6188  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
05:53:42.0756 6188  C:\Windows\System32\stobject.dll - ok
05:53:42.0756 6188  [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
05:53:42.0756 6188  C:\Windows\SysWOW64\batmeter.dll - ok
05:53:42.0756 6188  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
05:53:42.0756 6188  C:\Windows\System32\batmeter.dll - ok
05:53:42.0756 6188  [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
05:53:42.0756 6188  C:\Windows\SysWOW64\prnfldr.dll - ok
05:53:42.0756 6188  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
05:53:42.0756 6188  C:\Windows\System32\prnfldr.dll - ok
05:53:42.0756 6188  [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll
05:53:42.0756 6188  C:\Windows\SysWOW64\fundisc.dll - ok
05:53:42.0756 6188  [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll
05:53:42.0756 6188  C:\Windows\SysWOW64\fdProxy.dll - ok
05:53:42.0756 6188  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
05:53:42.0756 6188  C:\Windows\System32\fdProxy.dll - ok
05:53:42.0772 6188  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
05:53:42.0772 6188  C:\Windows\System32\AudioSes.dll - ok
05:53:42.0772 6188  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
05:53:42.0772 6188  C:\Windows\System32\DXP.dll - ok
05:53:42.0772 6188  [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
05:53:42.0772 6188  C:\Windows\SysWOW64\Syncreg.dll - ok
05:53:42.0772 6188  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
05:53:42.0772 6188  C:\Windows\System32\Syncreg.dll - ok
05:53:42.0772 6188  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
05:53:42.0772 6188  C:\Windows\ehome\ehSSO.dll - ok
05:53:42.0772 6188  [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
05:53:42.0772 6188  C:\Windows\SysWOW64\AltTab.dll - ok
05:53:42.0772 6188  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
05:53:42.0772 6188  C:\Windows\System32\AltTab.dll - ok
05:53:42.0772 6188  [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
05:53:42.0772 6188  C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
05:53:42.0772 6188  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
05:53:42.0772 6188  C:\Windows\System32\WPDShServiceObj.dll - ok
05:53:42.0772 6188  [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
05:53:42.0772 6188  C:\Windows\System32\wbem\wmipcima.dll - ok
05:53:42.0788 6188  [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
05:53:42.0788 6188  C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
05:53:42.0788 6188  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
05:53:42.0788 6188  C:\Windows\System32\PortableDeviceTypes.dll - ok
05:53:42.0788 6188  [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
05:53:42.0788 6188  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
05:53:42.0788 6188  [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
05:53:42.0788 6188  C:\Windows\SysWOW64\pnidui.dll - ok
05:53:42.0788 6188  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
05:53:42.0788 6188  C:\Windows\System32\pnidui.dll - ok
05:53:42.0788 6188  [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
05:53:42.0788 6188  C:\Windows\SysWOW64\QUTIL.DLL - ok
05:53:42.0788 6188  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
05:53:42.0788 6188  C:\Windows\System32\QUTIL.DLL - ok
05:53:42.0788 6188  [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll
05:53:42.0788 6188  C:\Windows\SysWOW64\ncsi.dll - ok
05:53:42.0788 6188  [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\SysWOW64\cscobj.dll
05:53:42.0788 6188  C:\Windows\SysWOW64\cscobj.dll - ok
05:53:42.0788 6188  [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
05:53:42.0788 6188  C:\Windows\System32\cscobj.dll - ok
05:53:42.0803 6188  [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
05:53:42.0803 6188  C:\Windows\SysWOW64\netcfgx.dll - ok
05:53:42.0803 6188  [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
05:53:42.0803 6188  C:\Windows\SysWOW64\srchadmin.dll - ok
05:53:42.0803 6188  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
05:53:42.0803 6188  C:\Windows\System32\netcfgx.dll - ok
05:53:42.0803 6188  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
05:53:42.0803 6188  C:\Windows\System32\srchadmin.dll - ok
05:53:42.0803 6188  [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
05:53:42.0803 6188  C:\Windows\SysWOW64\dot3api.dll - ok
05:53:42.0803 6188  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
05:53:42.0803 6188  C:\Windows\System32\dot3api.dll - ok
05:53:42.0803 6188  [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll
05:53:42.0803 6188  C:\Windows\SysWOW64\eappcfg.dll - ok
05:53:42.0803 6188  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
05:53:42.0803 6188  C:\Windows\System32\eappcfg.dll - ok
05:53:42.0803 6188  [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\SysWOW64\webcheck.dll
05:53:42.0803 6188  C:\Windows\SysWOW64\webcheck.dll - ok
05:53:42.0803 6188  [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
05:53:42.0803 6188  C:\Windows\SysWOW64\wlanhlp.dll - ok
05:53:42.0819 6188  [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
05:53:42.0819 6188  C:\Windows\System32\webcheck.dll - ok
05:53:42.0819 6188  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
05:53:42.0819 6188  C:\Windows\System32\wlanhlp.dll - ok
05:53:42.0819 6188  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
05:53:42.0819 6188  C:\Windows\SysWOW64\mlang.dll - ok
05:53:42.0819 6188  [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
05:53:42.0819 6188  C:\Windows\SysWOW64\wlanapi.dll - ok
05:53:42.0819 6188  [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
05:53:42.0819 6188  C:\Windows\SysWOW64\wlanutil.dll - ok
05:53:42.0819 6188  [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\SysWOW64\onex.dll
05:53:42.0819 6188  C:\Windows\SysWOW64\onex.dll - ok
05:53:42.0819 6188  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
05:53:42.0819 6188  C:\Windows\System32\onex.dll - ok
05:53:42.0819 6188  [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\SysWOW64\eappprxy.dll
05:53:42.0819 6188  C:\Windows\SysWOW64\eappprxy.dll - ok
05:53:42.0819 6188  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
05:53:42.0819 6188  C:\Windows\System32\eappprxy.dll - ok
05:53:42.0819 6188  [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
05:53:42.0819 6188  C:\Windows\SysWOW64\hnetcfg.dll - ok
05:53:42.0834 6188  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
05:53:42.0834 6188  C:\Windows\System32\hnetcfg.dll - ok
05:53:42.0834 6188  [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\SysWOW64\mssvp.dll
05:53:42.0834 6188  C:\Windows\SysWOW64\mssvp.dll - ok
05:53:42.0834 6188  [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll
05:53:42.0834 6188  C:\Windows\System32\mssvp.dll - ok
05:53:42.0834 6188  [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
05:53:42.0834 6188  C:\Windows\SysWOW64\SyncCenter.dll - ok
05:53:42.0834 6188  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
05:53:42.0834 6188  C:\Windows\System32\SyncCenter.dll - ok
05:53:42.0834 6188  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
05:53:42.0834 6188  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
05:53:42.0834 6188  [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
05:53:42.0834 6188  C:\Windows\SysWOW64\ActionCenter.dll - ok
05:53:42.0834 6188  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
05:53:42.0834 6188  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
05:53:42.0834 6188  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
05:53:42.0834 6188  C:\Windows\System32\ActionCenter.dll - ok
05:53:42.0834 6188  [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
05:53:42.0834 6188  C:\Windows\SysWOW64\WWanAPI.dll - ok
05:53:42.0850 6188  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
05:53:42.0850 6188  C:\Windows\System32\WWanAPI.dll - ok
05:53:42.0850 6188  [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
05:53:42.0850 6188  C:\Windows\SysWOW64\wwapi.dll - ok


 

Link to post
Share on other sites

part 15:

 

05:53:42.0850 6188  [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
05:53:42.0850 6188  C:\Windows\SysWOW64\imapi2.dll - ok
05:53:42.0850 6188  [ 12395E528456DFE82979ACFEA96D290C ] C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui
05:53:42.0850 6188  C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui - ok
05:53:42.0850 6188  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
05:53:42.0850 6188  C:\Windows\System32\imapi2.dll - ok
05:53:42.0850 6188  [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
05:53:42.0850 6188  C:\Windows\SysWOW64\QAGENT.DLL - ok
05:53:42.0850 6188  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
05:53:42.0850 6188  C:\Windows\System32\QAGENT.DLL - ok
05:53:42.0850 6188  [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
05:53:42.0850 6188  C:\Windows\SysWOW64\bthprops.cpl - ok
05:53:42.0850 6188  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
05:53:42.0850 6188  C:\Windows\System32\bthprops.cpl - ok
05:53:42.0866 6188  [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
05:53:42.0866 6188  C:\Windows\SysWOW64\hgcpl.dll - ok
05:53:42.0866 6188  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
05:53:42.0866 6188  C:\Windows\System32\hgcpl.dll - ok
05:53:42.0866 6188  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
05:53:42.0866 6188  C:\Windows\System32\ListSvc.dll - ok
05:53:42.0866 6188  [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\SysWOW64\P2P.dll
05:53:42.0866 6188  C:\Windows\SysWOW64\P2P.dll - ok
05:53:42.0866 6188  [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
05:53:42.0866 6188  C:\Windows\System32\P2P.dll - ok
05:53:42.0866 6188  [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
05:53:42.0866 6188  C:\Windows\System32\IdListen.dll - ok
05:53:42.0866 6188  [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll
05:53:42.0866 6188  C:\Windows\SysWOW64\p2pcollab.dll - ok
05:53:42.0866 6188  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
05:53:42.0866 6188  C:\Windows\System32\pnrpsvc.dll - ok
05:53:42.0866 6188  [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
05:53:42.0866 6188  C:\Windows\System32\hgprint.dll - ok
05:53:42.0866 6188  [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
05:53:42.0866 6188  C:\Windows\SysWOW64\sqmapi.dll - ok
05:53:42.0881 6188  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
05:53:42.0881 6188  C:\Windows\System32\p2psvc.dll - ok
05:53:42.0881 6188  [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\SysWOW64\P2PGraph.dll
05:53:42.0881 6188  C:\Windows\SysWOW64\P2PGraph.dll - ok
05:53:42.0881 6188  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
05:53:42.0881 6188  C:\Windows\System32\P2PGraph.dll - ok
05:53:42.0881 6188  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
05:53:42.0881 6188  C:\Windows\System32\FXSST.dll - ok
05:53:42.0881 6188  [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
05:53:42.0881 6188  C:\Windows\SysWOW64\FXSAPI.dll - ok
05:53:42.0881 6188  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
05:53:42.0881 6188  C:\Windows\System32\FXSAPI.dll - ok
05:53:42.0881 6188  [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
05:53:42.0881 6188  C:\Windows\SysWOW64\FXSRESM.dll - ok
05:53:42.0881 6188  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
05:53:42.0881 6188  C:\Windows\System32\FXSRESM.dll - ok
05:53:42.0881 6188  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
05:53:42.0881 6188  C:\Windows\System32\FXSSVC.exe - ok
05:53:42.0881 6188  ============================================================
05:53:42.0881 6188  Scan finished
05:53:42.0881 6188  ============================================================
05:53:42.0897 6180  Detected object count: 1
05:53:42.0897 6180  Actual detected object count: 1
05:54:58.0684 6180  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
05:54:58.0684 6180  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

 

========================================================================================

 

ark.txt:

 

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-10-29 06:11:01
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 INTEL_SS rev.335t 223.57GB
Running: vh5jpc8s.exe; Driver: C:\Users\Z220\AppData\Local\Temp\pgldipow.sys

---- Threads - GMER 2.1 ----

Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4484]  000007fefb802a7c
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4512]  000007feea91d618
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4428]  000007fef9315124

---- EOF - GMER 2.1 ----

 

====================================================================================

 

** I am unable to upload the malicious file as it exceeds the 5 megabyte maximum. It's 7 meg already zipped and I don't know how to split it.

 

Many thanks,

 

chooki

Link to post
Share on other sites

Check the suspicious fiel with VirusTotal:

 

 

Scan file(s) via VirusTotal

Please check the file in the code box via Virustotal

  • Click browse
  • copy the following into the search box
    your suspicious file here!
  • and click open.
  • click Send File.

please be patinet until the file is uploade completely. If you get the message

 

File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:

click on Reanalyse. Wait until Current status: Finished appears. Now, copy the link from within your browser´s adress bar and poste it here.

 

 

 

 

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe



When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Link to post
Share on other sites

Even though I stopped the antivirus from starting at bootup, certain components of it still ran until I rebooted twice more. Even then, the antivirus prompted me whether to block or allow "Freeware Implementation Of reg.exe" and "NirCmd". I allowed them.

 

Combofix.txt:

 

ComboFix 13-10-28.01 - Z220 29/10/2013  19:21:21.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.61.1033.18.16329.14324 [GMT 11:00]
Running from: c:\users\Z220\Desktop\ComboFix.exe
AV: Total Defense Anti-Virus *Enabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}
FW: Total Defense Personal Firewall *Enabled* {6F8E4568-E0DA-DA91-5F44-FD1E1B727591}
SP: Total Defense Anti-Virus *Enabled/Updated* {ECD425A9-8C8F-D447-4EAB-6F599E267857}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-09-28 to 2013-10-29  )))))))))))))))))))))))))))))))
.
.
2013-10-29 08:26 . 2013-10-29 08:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-29 08:17 . 2013-10-29 08:17 16712 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS
2013-10-27 06:24 . 2013-10-27 06:25 -------- d-----w- c:\programdata\Recovery
2013-10-26 07:43 . 2013-10-26 07:43 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-10-26 07:33 . 2013-10-26 07:43 -------- d-----w- c:\programdata\HitmanPro
2013-10-26 02:00 . 2013-10-26 02:00 -------- d-----w- c:\programdata\Kingsoft
2013-10-26 01:34 . 2013-10-26 01:34 -------- d-----w- c:\programdata\SysReveal
2013-10-26 01:23 . 2013-10-26 01:24 25088 ----a-w- c:\windows\SysWow64\drivers\dvqGGvc.sys
2013-10-26 01:12 . 2013-10-26 01:12 35712 ----a-w- c:\windows\SysWow64\drivers\Lpc0GR7b.sys
2013-10-25 10:12 . 2013-10-25 10:12 -------- d-----w- c:\programdata\Norton
2013-10-25 10:08 . 2013-10-25 10:08 56832 ----a-w- c:\windows\SysWow64\drivers\RKD.sys
2013-10-25 09:43 . 2010-08-23 06:07 29752 ----a-w- c:\windows\system32\drivers\rspSanity64.sys
2013-10-25 06:16 . 2013-10-25 06:16 -------- d-----w- c:\programdata\Sony
2013-10-25 06:16 . 2013-10-25 06:16 -------- d-----w- c:\program files (x86)\Sony
2013-10-24 08:14 . 2013-10-24 08:14 -------- d-----w- c:\program files (x86)\MSECache
2013-10-23 10:18 . 2013-10-23 10:18 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-10-23 10:18 . 2013-10-23 10:18 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2013-10-23 04:12 . 2013-10-23 04:12 -------- d-----w- c:\windows\ERUNT
2013-10-23 04:11 . 2013-10-23 04:11 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-10-23 03:40 . 2013-10-23 03:40 116440 ----a-w- c:\windows\system32\drivers\48230029.sys
2013-10-23 03:39 . 2013-10-23 03:39 91352 ----a-w- c:\windows\system32\drivers\3E5D0FD8.sys
2013-10-23 03:16 . 2013-10-23 03:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-23 03:16 . 2013-04-04 03:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-23 01:55 . 2013-10-28 03:40 -------- d-----w- c:\program files\Malwarebytes Anti-Exploit
2013-10-23 01:55 . 2013-07-15 17:41 743248 ----a-w- c:\windows\SysWow64\msvcp100d.dll
2013-10-23 01:55 . 2013-07-15 17:41 1858896 ----a-w- c:\windows\system32\msvcr100d.dll
2013-10-23 01:55 . 2013-07-15 17:41 1498960 ----a-w- c:\windows\SysWow64\msvcr100d.dll
2013-10-23 01:55 . 2013-07-15 17:41 1014096 ----a-w- c:\windows\system32\msvcp100d.dll
2013-10-22 07:17 . 2013-10-22 07:17 -------- d-----w- C:\Program Files(x86)
2013-10-22 06:53 . 2013-10-22 06:53 -------- d-----w- c:\programdata\Easy CD-DA Extractor
2013-10-22 06:53 . 2013-10-22 06:53 -------- d-----w- c:\program files\Easy CD-DA Extractor 15
2013-10-21 06:39 . 2013-10-21 06:39 -------- d-----w- c:\programdata\vsosdk
2013-10-21 02:44 . 2013-10-21 02:44 -------- d-----w- c:\program files (x86)\Convert AVI to MP4
2013-10-21 02:39 . 2013-10-23 09:10 -------- d-----w- c:\programdata\VSO
2013-10-21 02:39 . 2013-10-21 04:48 -------- d-----w- c:\program files (x86)\VSO
2013-10-21 02:11 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\Gabest
2013-10-21 02:11 . 2011-05-30 13:42 240640 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-10-21 02:11 . 2011-05-30 13:42 255488 ----a-w- c:\windows\system32\xvidvfw.dll
2013-10-21 02:11 . 2011-05-23 09:52 153088 ----a-w- c:\windows\SysWow64\xvid.ax
2013-10-21 02:11 . 2011-05-23 07:49 173568 ----a-w- c:\windows\system32\xvid.ax
2013-10-21 02:11 . 2011-05-23 07:46 645632 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-10-21 02:11 . 2011-05-23 07:45 696832 ----a-w- c:\windows\system32\xvidcore.dll
2013-10-21 02:11 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\Xvid
2013-10-21 02:10 . 2013-10-21 02:10 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2013-10-21 02:09 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\AVI ReComp
2013-10-21 00:57 . 2013-10-21 00:57 -------- d-----w- c:\program files\Handbrake
2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\programdata\ArcSoft
2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\program files (x86)\ArcSoft
2013-10-21 00:34 . 2013-10-21 00:34 -------- d-----w- c:\programdata\Aiseesoft Studio
2013-10-21 00:34 . 2013-10-21 00:34 -------- d-----w- c:\program files (x86)\Aiseesoft Studio
2013-10-21 00:25 . 2013-10-22 07:27 -------- d-----w- c:\programdata\SlySoft
2013-10-21 00:25 . 2013-10-22 07:26 -------- d-----w- c:\program files (x86)\SlySoft
2013-10-17 05:26 . 2013-10-28 09:09 -------- d-----w- C:\P&Plus
2013-10-17 04:21 . 2013-10-17 04:20 265736 ----a-w- c:\windows\SysWow64\cfgmig32.exe
2013-10-17 04:21 . 2013-10-17 04:20 1424904 ----a-w- c:\windows\SysWow64\cfgmig32.dll
2013-10-17 04:21 . 2013-10-17 04:20 1424904 ----a-w- c:\windows\system32\cfgmig32.dll
2013-10-17 04:21 . 2013-09-03 12:01 3213712 ----a-w- c:\windows\SysWow64\mdmcls32.exe
2013-10-17 04:21 . 2013-09-03 12:01 3213712 ----a-w- c:\windows\system32\mdmcls32.exe
2013-10-17 04:21 . 2013-09-03 07:22 2992528 ----a-w- c:\windows\SysWow64\winsflte.dll
2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files (x86)\CA
2013-10-17 04:05 . 2013-09-03 12:09 2763152 ----a-w- c:\windows\SysWow64\svcprs32.exe
2013-10-17 04:05 . 2013-09-03 12:05 291728 ----a-w- c:\windows\SysWow64\winsfinst_x64.exe
2013-10-17 04:05 . 2013-09-03 12:05 100752 ----a-w- c:\windows\SysWow64\winsfinst.exe
2013-10-17 04:05 . 2013-09-03 12:03 4110736 ----a-w- c:\windows\SysWow64\win32cpr.dll
2013-10-17 04:05 . 2002-01-01 03:02 7440 ----a-w- c:\windows\SysWow64\sporder.dll
2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-10-17 04:05 . 2013-10-17 04:20 -------- d-----w- c:\program files\ISSThirdParty
2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files\Total Defense
2013-10-17 04:05 . 2013-10-17 04:22 -------- d-----w- c:\programdata\CA
2013-10-17 00:22 . 2013-10-17 00:22 -------- d-----w- c:\programdata\EPSON
2013-10-16 15:12 . 2013-10-24 11:41 27256 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys
2013-10-16 09:52 . 2013-10-16 09:52 -------- d-----w- c:\programdata\Sophos
2013-10-15 06:16 . 2013-10-26 12:44 -------- d-----w- c:\program files\CCleaner
2013-10-15 00:48 . 2013-10-15 01:35 -------- d-----w- c:\program files (x86)\Defender Pro Quick Scanner
2013-10-14 23:07 . 2013-10-14 23:07 -------- d-----w- c:\program files\Enigma Software Group
2013-10-14 23:06 . 2013-10-14 23:06 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-10-14 10:22 . 2013-10-14 10:22 -------- d-----w- c:\programdata\Malwarebytes
2013-10-14 10:22 . 2013-10-23 03:47 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-10-13 09:21 . 2013-10-13 09:21 -------- d-----w- c:\program files\MPC-HC
2013-10-13 06:16 . 2013-10-13 06:18 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-10-13 06:16 . 2013-10-13 06:16 -------- d-----w- c:\windows\PCHEALTH
2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----w- c:\program files\Microsoft Office
2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-10-13 06:15 . 2013-10-13 06:29 -------- d-----w- c:\programdata\Microsoft Help
2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----r- C:\MSOCache
2013-10-12 21:58 . 2013-10-12 21:58 -------- d-----w- c:\users\Public\Creative
2013-10-12 21:31 . 2013-10-12 21:31 -------- d-----w- c:\windows\SysWow64\Wat
2013-10-12 21:31 . 2013-10-12 21:31 -------- d-----w- c:\windows\system32\Wat
2013-10-12 21:10 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-10-12 12:50 . 2013-02-20 11:14 495888 ----a-w- c:\windows\system32\drivers\e1c62x64.sys
2013-10-12 12:50 . 2012-12-05 16:21 73032 ----a-w- c:\windows\system32\e1cmsg.dll
2013-10-12 12:50 . 2012-11-13 17:07 101224 ----a-w- c:\windows\system32\NicInstC.dll
2013-10-12 12:50 . 2013-10-12 12:50 316736 ----a-w- c:\windows\system32\PRONtObj.dll
2013-10-12 12:50 . 2013-10-12 12:50 163400 ----a-w- c:\windows\system32\drivers\iANSW60e.sys
2013-10-12 12:07 . 2013-10-12 12:07 -------- d-----w- c:\programdata\{A5CCDB92-FA53-47D1-89E6-32B82D86621A}
2013-10-12 11:59 . 2013-10-15 01:34 -------- d-----w- c:\windows\system32\appmgmt
2013-10-12 10:03 . 2013-10-12 10:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-10-12 10:02 . 2013-10-17 03:51 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-10-12 09:22 . 2013-10-12 09:22 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-10-12 09:20 . 2013-10-12 09:20 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-12 08:44 . 2013-09-25 14:46 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-12 08:29 . 2013-10-12 08:29 -------- d-----w- c:\program files\WinRAR
2013-10-12 06:31 . 2013-10-12 06:31 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-10-12 04:45 . 2012-06-08 18:09 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2013-10-12 04:45 . 2013-10-12 04:45 -------- d-----w- C:\Intel
2013-10-12 04:45 . 2011-08-23 20:52 117248 ----a-w- c:\windows\system32\HPMUIDir.exe
2013-10-12 04:45 . 2013-10-12 04:48 -------- d-----w- c:\program files\Hewlett-Packard
2013-10-12 04:45 . 2013-10-12 12:07 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2013-10-12 04:38 . 2013-10-12 04:38 96768 ----a-w- c:\windows\system32\fsutil.exe
2013-10-12 04:38 . 2013-10-12 04:38 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2013-10-12 04:38 . 2013-10-12 04:38 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2013-10-12 04:38 . 2013-10-12 04:38 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2013-10-12 04:38 . 2013-10-12 04:38 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2013-10-12 04:38 . 2013-10-12 04:38 2565632 ----a-w- c:\windows\system32\esent.dll
2013-10-12 04:38 . 2013-10-12 04:38 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2013-10-12 04:38 . 2013-10-12 04:38 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2013-10-12 04:38 . 2013-10-12 04:38 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2013-10-12 04:38 . 2013-10-12 04:38 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2013-10-12 04:38 . 2013-10-12 04:38 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2013-10-12 04:37 . 2013-10-12 04:37 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2013-10-12 04:37 . 2013-10-12 04:37 503808 ----a-w- c:\windows\system32\srcore.dll
2013-10-12 04:37 . 2013-10-12 04:37 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2013-10-12 04:36 . 2013-10-12 04:36 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2013-10-12 04:36 . 2013-10-12 04:36 2048 ----a-w- c:\windows\system32\msxml3r.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-03 03:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-11 15:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-31 11:23 . 2013-07-31 11:23 139352 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys
2013-07-31 11:23 . 2013-07-31 11:23 139352 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVD.exe" [2013-10-25 94296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-06-08 291648]
"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-05-02 132440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
2011-02-24 03:33 79368 ----a-w- c:\windows\System32\UmxWNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R1 1UnHooker;1UnHooker;c:\windows\system32\DRIVERS\1UnHooker.sys;c:\windows\SYSNATIVE\DRIVERS\1UnHooker.sys [x]
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\RUN\a2ddax64.sys;c:\eek\RUN\a2ddax64.sys [x]
R2 CAAMSvc;CAAMSvc;c:\program files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe;c:\program files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 UmxEngine;TM Engine;c:\program files\CA\SharedComponents\TMEngine\UmxEngine.exe;c:\program files\CA\SharedComponents\TMEngine\UmxEngine.exe [x]
R3 aswArKrn;aswArKrn;c:\users\Z220\AppData\Local\Temp\aswArKrn.sys;c:\users\Z220\AppData\Local\Temp\aswArKrn.sys [x]
R3 cleanhlp;cleanhlp;c:\eek\Run\cleanhlp64.sys;c:\eek\Run\cleanhlp64.sys [x]
R3 DarkSpy;DarkSpy;c:\windows\system32\DarkSpyKernel.sys;c:\windows\SYSNATIVE\DarkSpyKernel.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FilterMon;FilterMon;c:\users\Z220\Desktop\anti rootkit apps\x64\FilterMon.sys;c:\users\Z220\Desktop\anti rootkit apps\x64\FilterMon.sys [x]
R3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM60x64.sys;c:\windows\SYSNATIVE\drivers\ifM60x64.sys [x]
R3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP60X64.sys;c:\windows\SYSNATIVE\drivers\ifP60X64.sys [x]
R3 Lpc0GR7b;BlackBox SR2; [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 pwalker;Process Walker Driver;c:\users\Z220\Desktop\anti rootkit apps\New folder\pwalker.sys;c:\users\Z220\Desktop\anti rootkit apps\New folder\pwalker.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rspSanity;rspSanity;c:\windows\system32\DRIVERS\rspSanity64.sys;c:\windows\SYSNATIVE\DRIVERS\rspSanity64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 KmxAMRT;KmxAMRT;c:\windows\system32\DRIVERS\KmxAMRT.sys;c:\windows\SYSNATIVE\DRIVERS\KmxAMRT.sys [x]
S0 KmxFw;KmxFw;c:\windows\System32\DRIVERS\kmxfw.sys;c:\windows\SYSNATIVE\DRIVERS\kmxfw.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files\Malwarebytes Anti-Exploit\MBAE.sys;c:\program files\Malwarebytes Anti-Exploit\MBAE.sys [x]
S1 KmxAgent;KmxAgent;c:\windows\system32\DRIVERS\kmxagent.sys;c:\windows\SYSNATIVE\DRIVERS\kmxagent.sys [x]
S1 KmxCfg;KmxCfg;c:\windows\system32\DRIVERS\kmxcfg.sys;c:\windows\SYSNATIVE\DRIVERS\kmxcfg.sys [x]
S1 KmxFile;KmxFile;c:\windows\system32\DRIVERS\KmxFile.sys;c:\windows\SYSNATIVE\DRIVERS\KmxFile.sys [x]
S1 KmxFilter;HIPS Core Filter Driver;c:\windows\system32\DRIVERS\KmxFilter.sys;c:\windows\SYSNATIVE\DRIVERS\KmxFilter.sys [x]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
S2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\Total Defense\Internet Security Suite\ccschedulersvc.exe;c:\program files\Total Defense\Internet Security Suite\ccschedulersvc.exe [x]
S2 CtHdaSvc;Sound Blaster Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 KmxCF;KmxCF;c:\windows\system32\DRIVERS\KmxCF.sys;c:\windows\SYSNATIVE\DRIVERS\KmxCF.sys [x]
S2 KmxSbx;KmxSbx;c:\windows\system32\DRIVERS\KmxSbx.sys;c:\windows\SYSNATIVE\DRIVERS\KmxSbx.sys [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 WinSvchostManagerSrv;WinSvchostManagerSrv;c:\windows\SysWOW64\cfgmig32.exe;c:\windows\SysWOW64\cfgmig32.exe [x]
S3 cthda;Sound Blaster HDAudio;c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x]
S3 cthdb;SB Recon3D PCIe Audio Bus Filter;c:\windows\system32\DRIVERS\cthdb.sys;c:\windows\SYSNATIVE\DRIVERS\cthdb.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-28 c:\windows\Tasks\HPCeeScheduleForZ220.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-10-29 c:\windows\Tasks\Malwarebytes Anti-Exploit.job
- c:\program files\Malwarebytes Anti-Exploit\mbae-loader.exe [2013-10-23 22:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-06-05 2716960]
"cctray"="c:\program files\Total Defense\Internet Security Suite\casc.exe" [2013-10-17 2733576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\UmxSbxExA64.dll
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com.au/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
.
.
------- File Associations -------
.
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-07589289.sys
SafeBoot-48829666.sys
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
AddRemove-{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A} - c:\program files (x86)\InstallShield Installation Information\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-10-29  19:28:22
ComboFix-quarantined-files.txt  2013-10-29 08:28
.
Pre-Run: 169,453,965,312 bytes free
Post-Run: 169,285,218,304 bytes free
.
- - End Of File - - C4A02DD0465594C7508EACE1F78B6066
 

Link to post
Share on other sites

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

ESET found only these:

 

C:\Users\Z220\Desktop\malware\x264 Video Codecs XP-Win7.zip    Win32/Sathurbot.A Trojan
C:\Users\Z220\Desktop\malware\x264 Video Codecs XP-Win7.exe   Win32/Sathurbot.A Trojan

 

These are the files I tried to upload to Malwarebytes for examination but they exceed the 5MB maximum filesize so I couldn't.

 

 

Combofix created a new folder called Qoobox and there are a few quarantined files and folders in it.
 

Link to post
Share on other sites

I know that this folder has been created, that´s ok.

You don´t need to uplaod the file as it is well knwon by other antivirus program manufacturers (as you can see within the Virustotal log file)

 

There is no more malware on your system...

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also


SecurityCheck

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

 

 

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender



    [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×