chooki Posted October 28, 2013 ID:747240 Share Posted October 28, 2013 Hello everyone, I started my thread with info here: https://forums.malwarebytes.org/index.php?showtopic=135584 I've done everything as suggested here: https://forums.malwarebytes.org/index.php?showtopic=9573 The dds.txt and Attach.txt are as follows: DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16720Run by Z220 at 14:55:22 on 2013-10-28Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.16329.11727 [GMT 11:00].AV: Total Defense Anti-Virus *Disabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}SP: Total Defense Anti-Virus *Disabled/Updated* {ECD425A9-8C8F-D447-4EAB-6F599E267857}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Total Defense Personal Firewall *Enabled* {6F8E4568-E0DA-DA91-5F44-FD1E1B727591}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exeC:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exeC:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exeC:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exeC:\Windows\sysWow64\CtHdaSvc.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationc:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Windows\system32\IProsetMonitor.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\PDF Complete\pdfsvc.exeC:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\SysWOW64\cfgmig32.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskhost.exeC:\Windows\Explorer.EXEC:\Program Files\Total Defense\Internet Security Suite\ccEvtMgr.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files\Total Defense\Internet Security Suite\casc.exeC:\Windows\system32\rundll32.exeC:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exeC:\Windows\SysWOW64\rundll32.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exeC:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exeC:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\SearchProtocolHost.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Total Defense\Internet Security Suite\ccprovep.exeC:\Windows\System32\svchost.exe -k swprvC:\Windows\system32\wbengine.exeC:\Windows\System32\vds.exeC:\Windows\System32\msdtc.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Windows\system32\vssvc.exeC:\Windows\system32\sppsvc.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: Total Defense Anti-Phishing Toolbar Helper: {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllTB: Total Defense Anti-Phishing Toolbar: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dllTB: Total Defense Anti-Phishing Toolbar: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dlluRun: [AnyDVD] "C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe"mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"uPolicies-Explorer: NoViewOnDrive = dword:0uPolicies-Explorer: NoDrives = dword:0uPolicies-Explorer: DisableLocalMachineRun = dword:0uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0uPolicies-Explorer: DisableCurrentUserRun = dword:0uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0uPolicies-Explorer: NoDriveTypeAutoRun = dword:0uPolicies-Explorer: NoFile = dword:0uPolicies-Explorer: HideClock = dword:0uPolicies-Explorer: NoDevMgrUpdate = dword:0uPolicies-Explorer: NoDFSTab = dword:0uPolicies-Explorer: NoWindowsUpdate = dword:0uPolicies-Explorer: NoEncryptOnMove = dword:0uPolicies-Explorer: NoRunasInstallPrompt = dword:0uPolicies-Explorer: NoResolveTrack = dword:0uPolicies-Explorer: NoStartMenuSubFolders = dword:0uPolicies-System: NoDispAppearancePage = dword:0uPolicies-System: NoDispSettingsPage = dword:0mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoViewOnDrive = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: DisableLocalMachineRun = dword:0mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0mPolicies-Explorer: DisableCurrentUserRun = dword:0mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:0mPolicies-Explorer: NoFile = dword:0mPolicies-Explorer: HideClock = dword:0mPolicies-Explorer: NoDevMgrUpdate = dword:0mPolicies-Explorer: NoDFSTab = dword:0mPolicies-Explorer: NoWindowsUpdate = dword:0mPolicies-Explorer: NoEncryptOnMove = dword:0mPolicies-Explorer: NoRunasInstallPrompt = dword:0mPolicies-Explorer: NoResolveTrack = dword:0mPolicies-Explorer: NoStartMenuSubFolders = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: NoDispAppearancePage = dword:0mPolicies-System: NoDispSettingsPage = dword:0mPolicies-Explorer: NoViewOnDrive = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: DisableLocalMachineRun = dword:0mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0mPolicies-Explorer: DisableCurrentUserRun = dword:0mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:0mPolicies-Explorer: NoFile = dword:0mPolicies-Explorer: HideClock = dword:0mPolicies-Explorer: NoDevMgrUpdate = dword:0mPolicies-Explorer: NoDFSTab = dword:0mPolicies-Explorer: NoWindowsUpdate = dword:0mPolicies-Explorer: NoEncryptOnMove = dword:0mPolicies-Explorer: NoRunasInstallPrompt = dword:0mPolicies-Explorer: NoResolveTrack = dword:0mPolicies-Explorer: NoStartMenuSubFolders = dword:0mPolicies-System: NoDispAppearancePage = dword:0mPolicies-System: NoDispSettingsPage = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 198.142.0.51 211.29.132.12 198.142.235.14TCP: Interfaces\{2FD68308-1EEF-416B-A893-8FC49DB397F2} : DHCPNameServer = 198.142.0.51 211.29.132.12 198.142.235.14Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllNotify: PFW - UmxWnp.DllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllx64-BHO: Total Defense Anti-Phishing Toolbar Helper: {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dllx64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dllx64-TB: Total Defense Anti-Phishing Toolbar: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dllx64-Run: [HPSYSDRV] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXEx64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquietx64-Run: [cctray] "C:\Program Files\Total Defense\Internet Security Suite\casc.exe"x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe.INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Notify: PFW - <no file>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-6-9 19264]R0 KmxAMRT;KmxAMRT;C:\Windows\System32\drivers\KmxAMRT.sys [2011-10-27 182352]R0 KmxFw;KmxFw;C:\Windows\System32\drivers\KmxFw.sys [2011-9-6 143824]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-10-23 46368]R1 KmxAgent;KmxAgent;C:\Windows\System32\drivers\KmxAgent.sys [2011-10-26 113744]R1 KmxCfg;KmxCfg;C:\Windows\System32\drivers\KmxCfg.sys [2011-9-6 365136]R1 KmxFile;KmxFile;C:\Windows\System32\drivers\KmxFile.sys [2011-9-6 87120]R1 KmxFilter;HIPS Core Filter Driver;C:\Windows\System32\drivers\KmxFilter.sys [2011-9-6 99024]R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-8-14 43624]R2 CAAMSvc;CAAMSvc;C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe [2013-10-17 313040]R2 CAISafe;CAISafe;C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe [2013-10-17 314448]R2 ccSchedulerSVC;CA Common Scheduler Service;C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe [2013-10-17 288776]R2 CtHdaSvc;Sound Blaster Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2013-2-14 103424]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-8-29 92160]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-7 629984]R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-10-12 127320]R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-1-3 183200]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-10-12 164184]R2 KmxCF;KmxCF;C:\Windows\System32\drivers\KmxCF.sys [2011-9-6 201936]R2 KmxSbx;KmxSbx;C:\Windows\System32\drivers\KmxSbx.sys [2011-9-6 81488]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-23 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-23 701512]R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-10-12 1134624]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-5-14 383776]R2 UmxEngine;TM Engine;C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe [2011-4-4 920656]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-10-12 362840]R2 WinSvchostManagerSrv;WinSvchostManagerSrv;C:\Windows\SysWOW64\cfgmig32.exe [2013-10-17 265736]R3 cthda;Sound Blaster HDAudio;C:\Windows\System32\drivers\cthda.sys [2013-2-14 1044760]R3 cthdb;SB Recon3D PCIe Audio Bus Filter;C:\Windows\System32\drivers\cthdb.sys [2013-2-14 28440]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-6-9 357184]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-6-9 789824]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-23 25928]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]S2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update --> C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [?]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-13 19456]S3 rspSanity;rspSanity;C:\Windows\System32\drivers\rspSanity64.sys [2013-10-25 29752]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-10-13 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-10-13 30208]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-13 1255736].=============== File Associations ===============.FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1.=============== Created Last 30 ================.2013-10-27 06:24:52 -------- d-----w- C:\ProgramData\Recovery2013-10-26 11:49:08 -------- d-sh--w- C:\$RECYCLE.BIN2013-10-26 07:43:09 12872 ----a-w- C:\Windows\System32\bootdelete.exe2013-10-26 07:33:21 -------- d-----w- C:\ProgramData\HitmanPro2013-10-26 02:00:55 -------- d-----w- C:\ProgramData\Kingsoft2013-10-26 01:34:45 -------- d-----w- C:\ProgramData\SysReveal2013-10-26 01:23:51 25088 ----a-w- C:\Windows\SysWow64\drivers\dvqGGvc.sys2013-10-26 01:12:50 35712 ----a-w- C:\Windows\SysWow64\drivers\Lpc0GR7b.sys2013-10-26 00:55:10 -------- d-----w- C:\Users\Z220\AppData\Local\CrashDumps2013-10-25 10:12:26 -------- d-----w- C:\Users\Z220\AppData\Local\NPE2013-10-25 10:12:26 -------- d-----w- C:\ProgramData\Norton2013-10-25 10:08:04 56832 ----a-w- C:\Windows\SysWow64\drivers\RKD.sys2013-10-25 09:43:13 29752 ----a-w- C:\Windows\System32\drivers\rspSanity64.sys2013-10-25 06:16:51 -------- d-----w- C:\Users\Z220\AppData\Local\Sony2013-10-25 06:16:51 -------- d-----w- C:\Program Files (x86)\Sony2013-10-24 08:14:24 -------- d-----w- C:\Program Files (x86)\MSECache2013-10-23 10:26:19 -------- d-----w- C:\Users\Z220\AppData\Local\lptmp18629161882013-10-23 10:18:23 -------- d-----w- C:\Users\Z220\AppData\Local\AVG SafeGuard toolbar2013-10-23 10:18:11 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-10-23 10:18:06 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar2013-10-23 04:53:20 -------- d-----w- C:\Users\Z220\Pavark2013-10-23 04:12:10 -------- d-----w- C:\Windows\ERUNT2013-10-23 04:11:14 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys2013-10-23 03:40:08 116440 ----a-w- C:\Windows\System32\drivers\48230029.sys2013-10-23 03:39:50 91352 ----a-w- C:\Windows\System32\drivers\3E5D0FD8.sys2013-10-23 03:17:09 -------- d-----w- C:\Users\Z220\AppData\Roaming\Malwarebytes2013-10-23 03:16:58 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-10-23 03:16:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-10-23 01:55:02 743248 ----a-w- C:\Windows\SysWow64\msvcp100d.dll2013-10-23 01:55:02 1858896 ----a-w- C:\Windows\System32\msvcr100d.dll2013-10-23 01:55:02 1498960 ----a-w- C:\Windows\SysWow64\msvcr100d.dll2013-10-23 01:55:02 1014096 ----a-w- C:\Windows\System32\msvcp100d.dll2013-10-23 01:55:02 -------- d-----w- C:\Program Files\Malwarebytes Anti-Exploit2013-10-22 07:17:46 -------- d-----w- C:\Program Files(x86)2013-10-22 06:53:19 -------- d-----w- C:\Users\Z220\AppData\Local\Easy CD-DA Extractor2013-10-22 06:53:13 -------- d-----w- C:\ProgramData\Easy CD-DA Extractor2013-10-22 06:53:12 -------- d-----w- C:\Program Files\Easy CD-DA Extractor 152013-10-21 06:39:25 -------- d-----w- C:\ProgramData\vsosdk2013-10-21 02:44:22 -------- d-----w- C:\Program Files (x86)\Convert AVI to MP42013-10-21 02:39:43 -------- d-----w- C:\ProgramData\VSO2013-10-21 02:39:43 -------- d-----w- C:\Program Files (x86)\VSO2013-10-21 02:11:26 696832 ----a-w- C:\Windows\System32\xvidcore.dll2013-10-21 02:11:26 645632 ----a-w- C:\Windows\SysWow64\xvidcore.dll2013-10-21 02:11:26 255488 ----a-w- C:\Windows\System32\xvidvfw.dll2013-10-21 02:11:26 240640 ----a-w- C:\Windows\SysWow64\xvidvfw.dll2013-10-21 02:11:26 173568 ----a-w- C:\Windows\System32\xvid.ax2013-10-21 02:11:26 153088 ----a-w- C:\Windows\SysWow64\xvid.ax2013-10-21 02:11:25 -------- d-----w- C:\Program Files (x86)\Xvid2013-10-21 02:10:16 -------- d-----w- C:\Program Files (x86)\AviSynth 2.52013-10-21 02:09:38 -------- d-----w- C:\Program Files (x86)\AVI ReComp2013-10-21 01:06:06 -------- d-----w- C:\Users\Z220\AppData\Roaming\NVIDIA2013-10-21 00:57:42 -------- d-----w- C:\Users\Z220\AppData\Roaming\HandBrake2013-10-21 00:57:24 -------- d-----w- C:\Program Files\Handbrake2013-10-21 00:40:33 -------- d-----w- C:\ProgramData\ArcSoft2013-10-21 00:40:32 -------- d-----w- C:\Users\Z220\AppData\Local\ArcSoft2013-10-21 00:37:44 -------- d-----w- C:\Users\Z220\AppData\Roaming\log2013-10-21 00:35:05 -------- d-----w- C:\Users\Z220\AppData\Local\Aiseesoft Studio2013-10-21 00:34:38 -------- d-----w- C:\ProgramData\Aiseesoft Studio2013-10-21 00:34:38 -------- d-----w- C:\Program Files (x86)\Aiseesoft Studio2013-10-21 00:25:58 -------- d-----w- C:\Program Files (x86)\SlySoft2013-10-20 09:54:42 -------- d-----w- C:\Users\Z220\AppData\Local\Diagnostics2013-10-18 12:41:02 -------- d-----w- C:\Users\Z220\AppData\Roaming\uTorrent2013-10-17 14:03:00 10280728 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll2013-10-17 11:02:42 -------- d-----w- C:\Users\Z220\AppData\Local\Qurb42013-10-17 05:26:03 -------- d-----w- C:\P&Plus2013-10-17 04:21:36 265736 ----a-w- C:\Windows\SysWow64\cfgmig32.exe2013-10-17 04:21:36 1424904 ----a-w- C:\Windows\SysWow64\cfgmig32.dll2013-10-17 04:21:36 1424904 ----a-w- C:\Windows\System32\cfgmig32.dll2013-10-17 04:21:32 3213712 ----a-w- C:\Windows\SysWow64\mdmcls32.exe2013-10-17 04:21:32 3213712 ----a-w- C:\Windows\System32\mdmcls32.exe2013-10-17 04:21:32 2992528 ----a-w- C:\Windows\SysWow64\winsflte.dll2013-10-17 00:22:34 -------- d-----w- C:\ProgramData\EPSON2013-10-17 00:20:31 -------- d-----w- C:\Users\Z220\AppData\Local\ElevatedDiagnostics2013-10-16 15:12:14 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys2013-10-16 15:04:37 3989504 ----a-w- C:\Users\Z220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\apps\pc\___rootkit removal tools\RogueKillerX64.exe2013-10-16 09:52:18 -------- d-----w- C:\ProgramData\Sophos2013-10-15 06:16:15 -------- d-----w- C:\Program Files\CCleaner2013-10-15 00:48:41 -------- d-----w- C:\Users\Z220\AppData\Roaming\QuickScan2013-10-15 00:48:23 -------- d-----w- C:\Program Files (x86)\Defender Pro Quick Scanner2013-10-14 23:07:46 -------- d-----w- C:\Program Files\Enigma Software Group2013-10-14 23:06:50 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard2013-10-14 10:22:44 -------- d-----w- C:\ProgramData\Malwarebytes2013-10-14 10:22:42 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-10-14 10:19:34 980992 ----a-w- C:\Users\Z220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\apps\pc\WIGI\WIGI.exe2013-10-14 10:19:34 77824 ----a-w- C:\Users\Z220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\apps\pc\WIGI\fr\WhyIGotInfected.resources.dll2013-10-13 09:21:50 -------- d-----w- C:\Program Files\MPC-HC2013-10-13 06:16:20 -------- d-----w- C:\Windows\PCHEALTH2013-10-13 06:15:32 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 82013-10-13 06:15:13 -------- d-----w- C:\Users\Z220\AppData\Local\Microsoft Help2013-10-12 21:31:58 -------- d-----w- C:\Windows\SysWow64\Wat2013-10-12 21:31:58 -------- d-----w- C:\Windows\System32\Wat2013-10-12 21:10:52 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll2013-10-12 12:50:53 73032 ----a-w- C:\Windows\System32\e1cmsg.dll2013-10-12 12:50:53 495888 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys2013-10-12 12:50:53 101224 ----a-w- C:\Windows\System32\NicInstC.dll2013-10-12 12:50:27 316736 ----a-w- C:\Windows\System32\PRONtObj.dll2013-10-12 12:50:27 163400 ----a-w- C:\Windows\System32\drivers\iANSW60e.sys2013-10-12 12:07:16 -------- d-----w- C:\ProgramData\{A5CCDB92-FA53-47D1-89E6-32B82D86621A}2013-10-12 11:59:41 -------- d-----w- C:\Windows\System32\appmgmt2013-10-12 10:03:05 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy2013-10-12 10:02:56 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 22013-10-12 10:02:34 -------- d-----w- C:\Users\Z220\AppData\Local\Programs2013-10-12 09:22:17 -------- d-----w- C:\Program Files (x86)\MSXML 4.02013-10-12 09:20:44 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-10-12 08:51:43 -------- d-----w- C:\Users\Z220\AppData\Roaming\BitTorrent2013-10-12 07:55:35 377856 ----a-w- C:\Users\Z220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\apps\pc\___rootkit removal tools\x6cm00gv.exe2013-10-12 06:25:47 -------- d-----w- C:\Windows\pss2013-10-12 04:48:35 -------- d-----r- C:\Program Files (x86)\Online Services2013-10-12 04:48:31 21008 ----a-w- C:\Windows\System32\pdfc_port.dll2013-10-12 04:48:30 -------- d-----w- C:\Program Files (x86)\PDF Complete2013-10-12 04:48:21 -------- d-----w- C:\ProgramData\PDFC2013-10-12 04:48:05 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll2013-10-12 04:47:49 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent2013-10-12 04:45:37 552760 ----a-w- C:\Windows\System32\PROUnstl.exe2013-10-12 04:45:20 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll2013-10-12 04:45:19 -------- d-----w- C:\Intel2013-10-12 04:45:14 117248 ----a-w- C:\Windows\System32\HPMUIDir.exe2013-10-12 04:38:08 96768 ----a-w- C:\Windows\System32\fsutil.exe2013-10-12 04:38:08 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe2013-10-12 04:38:08 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys2013-10-12 04:38:08 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys2013-10-12 04:38:08 2565632 ----a-w- C:\Windows\System32\esent.dll2013-10-12 04:38:08 189824 ----a-w- C:\Windows\System32\drivers\storport.sys2013-10-12 04:38:08 1699328 ----a-w- C:\Windows\SysWow64\esent.dll2013-10-12 04:38:08 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys2013-10-12 04:38:08 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys2013-10-12 04:38:08 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys2013-10-12 04:37:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys2013-10-12 04:37:33 503808 ----a-w- C:\Windows\System32\srcore.dll2013-10-12 04:37:33 43008 ----a-w- C:\Windows\SysWow64\srclient.dll2013-10-12 04:36:51 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll2013-10-12 04:36:51 2048 ----a-w- C:\Windows\System32\msxml3r.dll2013-10-12 04:36:43 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys2013-10-12 04:36:43 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys2013-10-12 04:36:28 956928 ----a-w- C:\Windows\System32\localspl.dll2013-10-12 04:36:13 209920 ----a-w- C:\Windows\System32\profsvc.dll2013-10-12 04:34:54 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys2013-10-12 04:34:39 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys2013-10-12 04:34:03 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe2013-10-12 04:34:03 77312 ----a-w- C:\Windows\System32\rdpwsx.dll2013-10-12 04:34:03 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll2013-10-12 04:32:37 509952 ----a-w- C:\Windows\System32\ntshrui.dll2013-10-12 04:32:37 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll2013-10-12 04:32:16 1572864 ----a-w- C:\Windows\System32\quartz.dll2013-10-12 04:32:16 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll2013-10-12 04:32:02 723456 ----a-w- C:\Windows\System32\EncDec.dll2013-10-12 04:32:02 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll2013-10-12 04:30:58 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll2013-10-12 04:29:44 2871808 ----a-w- C:\Windows\explorer.exe2013-10-12 04:28:46 7680 ----a-w- C:\Windows\System32\KBDINTAM.DLL2013-10-11 18:00:32 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui2013-10-11 17:44:02 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys2013-10-11 17:44:02 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll2013-10-11 17:44:02 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys2013-10-11 17:44:02 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll2013-10-11 17:44:01 744448 ----a-w- C:\Windows\System32\WUDFx.dll2013-10-11 17:44:01 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll2013-10-11 17:44:01 229888 ----a-w- C:\Windows\System32\WUDFHost.exe2013-10-11 17:26:48 -------- d-----w- C:\Users\Z220\AppData\Roaming\hpqLog2013-10-11 17:04:54 -------- d-----w- C:\HP_TOOLS_mountHPSF2013-10-11 17:04:54 -------- d-----w- C:\HP_RECOVERY_mountHPSF2013-10-11 15:54:18 633856 ----a-w- C:\Windows\System32\comctl32.dll2013-10-11 15:54:18 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll2013-10-11 15:54:11 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll2013-10-11 15:54:11 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll2013-10-11 15:54:11 142336 ----a-w- C:\Windows\System32\poqexec.exe2013-10-11 15:54:11 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe2013-10-11 15:54:09 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll2013-10-11 15:54:09 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll2013-10-11 15:54:09 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll2013-10-11 15:54:09 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll2013-10-11 15:52:50 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll2013-10-11 15:51:42 95744 ----a-w- C:\Windows\System32\synceng.dll2013-10-11 15:44:46 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll2013-10-11 15:44:46 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys2013-10-11 15:44:46 1031680 ----a-w- C:\Windows\System32\rdpcore.dll2013-10-11 15:41:56 2622464 ----a-w- C:\Windows\System32\wucltux.dll2013-10-11 15:41:53 99840 ----a-w- C:\Windows\System32\wudriver.dll2013-10-11 15:41:52 36864 ----a-w- C:\Windows\System32\wuapp.exe2013-10-11 15:41:52 186752 ----a-w- C:\Windows\System32\wuwebv.dll2013-10-11 11:29:36 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-11 11:29:36 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-10-11 11:29:18 -------- d-----w- C:\Users\Z220\AppData\Local\Adobe2013-10-11 11:22:15 77320 ----a-w- C:\BackupProductRes.dll2013-10-11 11:22:15 438280 ----a-w- C:\DNABonesProxy.dll2013-10-11 11:22:15 364040 ----a-w- C:\BackupProduct.exe2013-10-11 11:22:15 2706952 ----a-w- C:\BonesResource.dll2013-10-11 11:22:15 1461768 ----a-w- C:\DNABones.dll2013-10-11 11:15:12 97360 ----a-w- C:\Windows\SysWow64\Vetredir.dll2013-10-11 11:15:12 259664 ----a-w- C:\Windows\System32\isafprod64.dll2013-10-11 11:15:12 207952 ----a-w- C:\Windows\SysWow64\Isafprod.dll2013-10-11 11:15:12 142928 ----a-w- C:\Windows\System32\Isafeif64.dll2013-10-11 11:15:12 130128 ----a-w- C:\Windows\SysWow64\Isafeif.dll2013-10-11 11:15:12 105552 ----a-w- C:\Windows\System32\Vetredir64.dll2013-10-11 11:15:06 -------- d-----w- C:\Program Files\CA2013-10-11 11:15:01 289296 ----a-w- C:\Windows\System32\winsfinst.exe2013-10-11 11:15:00 -------- d-----w- C:\Windows\rnapxs2013-10-11 11:11:20 -------- d-----w- C:\Users\Z220\AppData\Local\Hewlett-Packard2013-10-11 10:43:12 -------- d-----w- C:\Users\Z220\AppData\Local\Apps2013-10-11 10:31:45 -------- d-----w- C:\ProgramData\TotalDefense2013-09-30 23:38:16 97176 ----a-w- C:\Windows\SysWow64\ElbyCDIO.dll.==================== Find3M ====================.2013-10-12 09:20:44 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-10-12 04:35:50 59392 ----a-w- C:\Windows\System32\browcli.dll2013-10-12 04:35:50 41984 ----a-w- C:\Windows\SysWow64\browcli.dll2013-10-12 04:35:50 136704 ----a-w- C:\Windows\System32\browser.dll2013-10-12 04:35:23 3216384 ----a-w- C:\Windows\System32\msi.dll2013-10-12 04:35:23 2342400 ----a-w- C:\Windows\SysWow64\msi.dll2013-10-12 04:35:15 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll2013-10-12 04:35:15 1133568 ----a-w- C:\Windows\System32\cdosys.dll2013-10-12 04:31:48 229888 ----a-w- C:\Windows\System32\drivers\1394ohci.sys2013-10-12 04:31:41 77312 ----a-w- C:\Windows\System32\packager.dll2013-10-12 04:31:41 67072 ----a-w- C:\Windows\SysWow64\packager.dll2013-10-12 04:31:34 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax2013-10-12 04:31:34 613888 ----a-w- C:\Windows\System32\psisdecd.dll2013-10-12 04:31:34 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll2013-10-12 04:31:34 108032 ----a-w- C:\Windows\System32\psisrndr.ax2013-10-12 04:31:12 861696 ----a-w- C:\Windows\System32\oleaut32.dll2013-10-12 04:31:12 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll2013-10-12 04:31:12 331776 ----a-w- C:\Windows\System32\oleacc.dll2013-10-12 04:31:12 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll2013-10-12 04:29:44 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe2013-10-12 04:28:46 7680 ----a-w- C:\Windows\System32\KBDINMAL.DLL2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-09-03 12:09:34 2763152 ----a-w- C:\Windows\SysWow64\svcprs32.exe2013-09-03 12:05:26 291728 ----a-w- C:\Windows\SysWow64\winsfinst_x64.exe2013-09-03 12:05:14 100752 ----a-w- C:\Windows\SysWow64\winsfinst.exe2013-09-03 12:03:50 4110736 ----a-w- C:\Windows\SysWow64\win32cpr.dll2013-09-03 03:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-07-31 11:23:57 139352 ----a-w- C:\Windows\SysWow64\drivers\AnyDVD.sys2013-07-31 11:23:57 139352 ----a-w- C:\Windows\System32\drivers\AnyDVD.sys.============= FINISH: 14:55:44.13 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 11/10/2013 10:07:12 PMSystem Uptime: 28/10/2013 1:13:35 PM (1 hours ago).Motherboard: Hewlett-Packard | | 1790Processor: Intel® Xeon® CPU E3-1245 V2 @ 3.40GHz | SOCKET 0 | 3401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 217 GiB total, 158.888 GiB free.D: is FIXED (NTFS) - 1863 GiB total, 626.761 GiB free.E: is FIXED (NTFS) - 1863 GiB total, 339.373 GiB free.G: is CDROM ()H: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP40: 28/10/2013 2:54:41 PM - system checkpoint.==== Installed Programs ======================.2007 Microsoft Office Suite Service Pack 3 (SP3)Adobe Flash Player 11 ActiveXAiseesoft Blu-ray Ripper Ultimate 6.3.80Anti-VirusAnyDVDAPH placeholderArcSoft MediaConverter 8AVI ReComp 1.5.5AviSynth 2.5CCleanerCloneCDConvert AVI to MP4DNAMigratorEasy CD-DA Extractor 15HandBrake 0.9.9.1Hewlett-Packard ACLM.NET v1.2.2.3HIPSHP Customer Experience EnhancementsHP OdometerHP Performance AdvisorHP Support AssistantHP Support InformationIntel® Control CenterIntel® Management Engine ComponentsIntel® Network Connections 18.1.59.0Intel® USB 3.0 eXtensible Host Controller DriverIntel® Trusted Connect Service ClientInternet Explorer (Enable DEP)Malwarebytes Anti-Exploit version 0.09.3.1000Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Works 6-9 ConvertermIRCMPC-HC 1.7.0 (64-bit)MSVCRT RedistsMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)NVIDIA 3D Vision Driver 311.66NVIDIA Control Panel 311.66NVIDIA Graphics Driver 311.66NVIDIA HD Audio Driver 1.3.18.0NVIDIA Install ApplicationNVIDIA nView 140.54NVIDIA Stereoscopic 3D DriverPDF Complete Corporate EditionRealtek High Definition Audio DriverRecovery ManagerSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596825) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597973) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687309) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687439) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760411) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760585) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760591) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827326) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827329) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2827330) 32-Bit EditionSound Forge Audio Studio 10.0Total Defense Internet Security SuiteUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VobSub 2.23VSO Blu-ray Converter Ultimate 2VSO ConvertXToDVDWinRAR 5.00 (64-bit)Xvid Video Codec.==== Event Viewer Messages From Past Week ========.28/10/2013 2:44:15 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.28/10/2013 1:16:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.28/10/2013 1:16:17 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.28/10/2013 1:16:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}28/10/2013 1:15:53 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.28/10/2013 1:15:53 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.28/10/2013 1:15:45 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load:28/10/2013 1:15:44 PM, Error: Service Control Manager [7023] - The IP Helper service terminated with the following error: Access is denied.28/10/2013 1:15:37 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Network List Service service which failed to start because of the following error: After starting, the service hung in a start-pending state.28/10/2013 1:15:27 PM, Error: Service Control Manager [7022] - The WinSvchostManagerSrv service hung on starting.28/10/2013 1:15:17 PM, Error: Service Control Manager [7022] - The Network List Service service hung on starting.28/10/2013 1:15:06 PM, Error: Service Control Manager [7022] - The IP Helper service hung on starting.28/10/2013 1:14:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.28/10/2013 1:13:44 PM, Error: Service Control Manager [7000] - The HOSTS Anti-PUPs service failed to start due to the following error: The system cannot find the file specified.28/10/2013 1:13:38 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\DRIVERS\1UnHooker.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.27/10/2013 8:42:42 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).26/10/2013 11:08:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.26/10/2013 11:08:08 PM, Error: Service Control Manager [7000] - The HOSTS Anti-PUPs service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.26/10/2013 10:19:14 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started.26/10/2013 10:19:10 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: A system shutdown is in progress.26/10/2013 10:19:10 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: A system shutdown is in progress.1UnHooker1UnHooker1UnHooker1UnHooker1UnHooker1UnHooker1UnHooker1UnHooker1UnHooker1UnHooker.==== End Of File =========================== For what it might be worth, catchme.exe found modifications in the NTDLL code... as follows: detected NTDLL code modification:ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error It's all way beyond me at this point. I could really do with some help here. Many thanks, chooki p.s. I still have on the desktop the file which I caused myself all this trouble with. Many anti-rootkit apps consider it ok, including Malwarebytes, but is certainly isn't okay. If someone at Malwarebytes would like me to upload the file so they can maybe dissect it and hopefully prevent other pc users from being infected, I'll gladly do that. Link to post Share on other sites More sharing options...
Psychotic Posted October 28, 2013 ID:747277 Share Posted October 28, 2013 Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding. Scan with TDSS-KillerPlease read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.Download TDSSKiller.exe and save it to your desktopExecute TDSSKiller.exe by doubleclicking on it. Press Start Scan If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txtPlease post the contents of that log in your next reply. Scan with Gmer rootkit scannerPlease download Gmer from here by clicking on the "Download EXE" Button.Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent. If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO. In the right panel, you will see several boxes that have been checked. Uncheck the following ...Sections IAT/EAT Show All ( should be unchecked by default )[*]Leave everything else as it is. [*]Close all other running programs as well as your Browser. [*]Click the Scan button & wait for it to finish. [*]Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. [*]Save it where you can easily find it, such as your desktop. [*]Please post the content of the ark.txt here.**Caution**Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries Please upload the malicious file here: www.bleepingcomputer.com/submit-malware.php?channel=156 Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747455 Share Posted October 28, 2013 Hello Marius, I've followed your instructions carefully, the results of the scans are below: ====================================================================================== 05:53:08.0514 3244 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:4205:53:09.0840 3244 ============================================================05:53:09.0840 3244 Current date / time: 2013/10/29 05:53:09.084005:53:09.0840 3244 SystemInfo:05:53:09.0840 3244 05:53:09.0840 3244 OS Version: 6.1.7601 ServicePack: 1.005:53:09.0840 3244 Product type: Workstation05:53:09.0840 3244 ComputerName: HPX05:53:09.0840 3244 UserName: Z22005:53:09.0840 3244 Windows directory: C:\Windows05:53:09.0840 3244 System windows directory: C:\Windows05:53:09.0840 3244 Running under WOW6405:53:09.0840 3244 Processor architecture: Intel x6405:53:09.0840 3244 Number of processors: 805:53:09.0840 3244 Page size: 0x100005:53:09.0840 3244 Boot type: Normal boot05:53:09.0840 3244 ============================================================05:53:10.0074 3244 BG loaded05:53:10.0293 3244 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004005:53:10.0293 3244 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004005:53:10.0293 3244 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004005:53:10.0293 3244 ============================================================05:53:10.0293 3244 \Device\Harddisk0\DR0:05:53:10.0293 3244 MBR partitions:05:53:10.0293 3244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x19000005:53:10.0293 3244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x190800, BlocksNum 0x1B12E80005:53:10.0293 3244 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B2BF000, BlocksNum 0xC3280005:53:10.0293 3244 \Device\Harddisk1\DR1:05:53:10.0293 3244 MBR partitions:05:53:10.0293 3244 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E0780005:53:10.0293 3244 \Device\Harddisk2\DR2:05:53:10.0293 3244 MBR partitions:05:53:10.0293 3244 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E0780005:53:10.0293 3244 ============================================================05:53:10.0293 3244 C: <-> \Device\Harddisk0\DR0\Partition205:53:10.0308 3244 D: <-> \Device\Harddisk1\DR1\Partition105:53:10.0324 3244 E: <-> \Device\Harddisk2\DR2\Partition105:53:10.0324 3244 ============================================================05:53:10.0324 3244 Initialize success05:53:10.0324 3244 ============================================================05:53:23.0802 6188 ============================================================05:53:23.0802 6188 Scan started05:53:23.0802 6188 Mode: Manual; SigCheck; TDLFS;05:53:23.0802 6188 ============================================================05:53:23.0896 6188 ================ Scan system memory ========================05:53:23.0896 6188 System memory - ok05:53:23.0896 6188 ================ Scan services =============================05:53:23.0912 6188 [ AE1CCB9C48647833683D3579D105A615 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys05:53:24.0005 6188 1394ohci - ok05:53:24.0005 6188 1UnHooker - ok05:53:24.0005 6188 A2DDA - ok05:53:24.0021 6188 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys05:53:24.0036 6188 ACPI - ok05:53:24.0036 6188 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys05:53:24.0052 6188 AcpiPmi - ok05:53:24.0068 6188 [ C330710CF95587DCB7806BB6A22CF044 ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe05:53:24.0083 6188 ADExchange - ok05:53:24.0083 6188 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys05:53:24.0114 6188 adp94xx - ok05:53:24.0114 6188 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys05:53:24.0130 6188 adpahci - ok05:53:24.0146 6188 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys05:53:24.0161 6188 adpu320 - ok05:53:24.0161 6188 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll05:53:24.0208 6188 AeLookupSvc - ok05:53:24.0208 6188 [ 314C17917AC8523EC77A710215012A65 ] AFD C:\Windows\system32\drivers\afd.sys05:53:24.0239 6188 AFD - ok05:53:24.0239 6188 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys05:53:24.0255 6188 agp440 - ok05:53:24.0255 6188 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe05:53:24.0270 6188 ALG - ok05:53:24.0286 6188 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys05:53:24.0302 6188 aliide - ok05:53:24.0302 6188 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys05:53:24.0317 6188 amdide - ok05:53:24.0317 6188 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys05:53:24.0333 6188 AmdK8 - ok05:53:24.0333 6188 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys05:53:24.0348 6188 AmdPPM - ok05:53:24.0364 6188 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys05:53:24.0380 6188 amdsata - ok05:53:24.0380 6188 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys05:53:24.0395 6188 amdsbs - ok05:53:24.0395 6188 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys05:53:24.0411 6188 amdxata - ok05:53:24.0411 6188 [ CF24100CF607F0B8C1F3794540AE1D19 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys05:53:24.0426 6188 AnyDVD - ok05:53:24.0442 6188 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys05:53:24.0489 6188 AppID - ok05:53:24.0489 6188 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll05:53:24.0520 6188 AppIDSvc - ok05:53:24.0520 6188 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll05:53:24.0551 6188 Appinfo - ok05:53:24.0551 6188 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll05:53:24.0567 6188 AppMgmt - ok05:53:24.0567 6188 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys05:53:24.0582 6188 arc - ok05:53:24.0582 6188 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys05:53:24.0598 6188 arcsas - ok05:53:24.0614 6188 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe05:53:24.0629 6188 aspnet_state - ok05:53:24.0629 6188 aswArKrn - ok05:53:24.0629 6188 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys05:53:24.0660 6188 AsyncMac - ok05:53:24.0660 6188 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys05:53:24.0676 6188 atapi - ok05:53:24.0692 6188 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll05:53:24.0723 6188 AudioEndpointBuilder - ok05:53:24.0723 6188 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll05:53:24.0754 6188 AudioSrv - ok05:53:24.0754 6188 [ A1F53D2A00E64679A1D81B61D2333D06 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys05:53:24.0770 6188 avgtp - ok05:53:24.0785 6188 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll05:53:24.0801 6188 AxInstSV - ok05:53:24.0816 6188 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys05:53:24.0832 6188 b06bdrv - ok05:53:24.0832 6188 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys05:53:24.0863 6188 b57nd60a - ok05:53:24.0863 6188 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll05:53:24.0879 6188 BDESVC - ok05:53:24.0894 6188 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys05:53:24.0910 6188 Beep - ok05:53:24.0926 6188 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll05:53:24.0957 6188 BFE - ok05:53:24.0957 6188 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll05:53:25.0035 6188 BITS - ok05:53:25.0035 6188 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys05:53:25.0050 6188 blbdrive - ok05:53:25.0066 6188 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys05:53:25.0082 6188 bowser - ok05:53:25.0082 6188 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys05:53:25.0097 6188 BrFiltLo - ok05:53:25.0097 6188 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys05:53:25.0113 6188 BrFiltUp - ok05:53:25.0128 6188 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll05:53:25.0144 6188 Browser - ok05:53:25.0144 6188 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys05:53:25.0160 6188 Brserid - ok05:53:25.0175 6188 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys05:53:25.0191 6188 BrSerWdm - ok05:53:25.0191 6188 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys05:53:25.0206 6188 BrUsbMdm - ok05:53:25.0222 6188 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys05:53:25.0238 6188 BrUsbSer - ok05:53:25.0238 6188 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys05:53:25.0253 6188 BTHMODEM - ok05:53:25.0253 6188 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll05:53:25.0300 6188 bthserv - ok05:53:25.0300 6188 [ 2FD15E765E209E3DAC193D3D528C4518 ] CAAMSvc C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe05:53:25.0316 6188 CAAMSvc - ok05:53:25.0316 6188 [ 1E4B20432D6CB47A219A9049000F5E09 ] CaCCProvSP C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe05:53:25.0331 6188 CaCCProvSP - ok05:53:25.0331 6188 [ EAE7BA27BBD8CC4E0319F29777A23EC2 ] CAISafe C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe05:53:25.0347 6188 CAISafe - ok05:53:25.0347 6188 [ 8E7265421B80D8597BBA3F3B9E6DD314 ] ccSchedulerSVC C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe05:53:25.0362 6188 ccSchedulerSVC - ok05:53:25.0362 6188 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys05:53:25.0394 6188 cdfs - ok05:53:25.0394 6188 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys05:53:25.0409 6188 cdrom - ok05:53:25.0425 6188 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll05:53:25.0456 6188 CertPropSvc - ok05:53:25.0456 6188 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys05:53:25.0472 6188 circlass - ok05:53:25.0472 6188 cleanhlp - ok05:53:25.0472 6188 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys05:53:25.0503 6188 CLFS - ok05:53:25.0503 6188 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe05:53:25.0518 6188 clr_optimization_v2.0.50727_32 - ok05:53:25.0518 6188 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe05:53:25.0534 6188 clr_optimization_v2.0.50727_64 - ok05:53:25.0550 6188 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe05:53:25.0565 6188 clr_optimization_v4.0.30319_32 - ok05:53:25.0565 6188 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe05:53:25.0581 6188 clr_optimization_v4.0.30319_64 - ok05:53:25.0581 6188 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys05:53:25.0596 6188 CmBatt - ok05:53:25.0596 6188 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys05:53:25.0612 6188 cmdide - ok05:53:25.0628 6188 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys05:53:25.0643 6188 CNG - ok05:53:25.0643 6188 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys05:53:25.0674 6188 Compbatt - ok05:53:25.0674 6188 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys05:53:25.0690 6188 CompositeBus - ok05:53:25.0690 6188 COMSysApp - ok05:53:25.0690 6188 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys05:53:25.0706 6188 crcdisk - ok05:53:25.0721 6188 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll05:53:25.0737 6188 CryptSvc - ok05:53:25.0737 6188 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys05:53:25.0768 6188 CSC - ok05:53:25.0768 6188 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll05:53:25.0799 6188 CscService - ok05:53:25.0799 6188 [ CBACE8DFA420B78DD2225CAEA798612D ] cthda C:\Windows\system32\drivers\cthda.sys05:53:25.0830 6188 cthda - ok05:53:25.0846 6188 [ 3E43F0C5456ECA8A3F083804FAD1C405 ] CtHdaSvc C:\Windows\sysWow64\CtHdaSvc.exe05:53:25.0862 6188 CtHdaSvc - ok05:53:25.0862 6188 [ C461EED35EF738AC38417EC4021FF4C7 ] cthdb C:\Windows\system32\DRIVERS\cthdb.sys05:53:25.0877 6188 cthdb - ok05:53:25.0877 6188 DarkSpy - ok05:53:25.0893 6188 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll05:53:25.0955 6188 DcomLaunch - ok05:53:25.0971 6188 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll05:53:26.0002 6188 defragsvc - ok05:53:26.0002 6188 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys05:53:26.0033 6188 DfsC - ok05:53:26.0033 6188 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll05:53:26.0064 6188 Dhcp - ok05:53:26.0064 6188 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys05:53:26.0096 6188 discache - ok05:53:26.0096 6188 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys05:53:26.0111 6188 Disk - ok05:53:26.0127 6188 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys05:53:26.0142 6188 dmvsc - ok05:53:26.0142 6188 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll05:53:26.0174 6188 Dnscache - ok05:53:26.0174 6188 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll05:53:26.0220 6188 dot3svc - ok05:53:26.0220 6188 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll05:53:26.0267 6188 DPS - ok05:53:26.0267 6188 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys05:53:26.0283 6188 drmkaud - ok05:53:26.0298 6188 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys05:53:26.0314 6188 DXGKrnl - ok05:53:26.0330 6188 [ BA01A130D2B850CA87483CE6AC1A2BBA ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys05:53:26.0345 6188 e1cexpress - ok05:53:26.0345 6188 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll05:53:26.0392 6188 EapHost - ok05:53:26.0408 6188 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys05:53:26.0454 6188 ebdrv - ok05:53:26.0454 6188 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe05:53:26.0501 6188 EFS - ok05:53:26.0501 6188 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe05:53:26.0532 6188 ehRecvr - ok05:53:26.0532 6188 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe05:53:26.0548 6188 ehSched - ok05:53:26.0548 6188 [ 9387A484D31209D7FC3F795A787294DB ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys05:53:26.0564 6188 ElbyCDFL - ok05:53:26.0579 6188 [ BE2902E13CA69383F449B6BF927844FB ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys05:53:26.0595 6188 ElbyCDIO - ok05:53:26.0595 6188 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys05:53:26.0610 6188 elxstor - ok05:53:26.0626 6188 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys05:53:26.0642 6188 ErrDev - ok05:53:26.0642 6188 esgiguard - ok05:53:26.0642 6188 [ 0571E626B1FDB6A83F67F11ACC65D2C0 ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys05:53:26.0657 6188 ESProtectionDriver - ok05:53:26.0673 6188 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll05:53:26.0704 6188 EventSystem - ok05:53:26.0704 6188 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys05:53:26.0751 6188 exfat - ok05:53:26.0751 6188 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys05:53:26.0782 6188 fastfat - ok05:53:26.0782 6188 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe05:53:26.0813 6188 Fax - ok05:53:26.0813 6188 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys05:53:26.0844 6188 fdc - ok05:53:26.0844 6188 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll05:53:26.0876 6188 fdPHost - ok05:53:26.0891 6188 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll05:53:26.0922 6188 FDResPub - ok05:53:26.0922 6188 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys05:53:26.0938 6188 FileInfo - ok05:53:26.0954 6188 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys05:53:26.0985 6188 Filetrace - ok05:53:26.0985 6188 FilterMon - ok05:53:26.0985 6188 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys05:53:27.0000 6188 flpydisk - ok05:53:27.0016 6188 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys05:53:27.0016 6188 FltMgr - ok05:53:27.0032 6188 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll05:53:27.0063 6188 FontCache - ok05:53:27.0078 6188 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe05:53:27.0094 6188 FontCache3.0.0.0 - ok05:53:27.0094 6188 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys05:53:27.0110 6188 FsDepends - ok05:53:27.0110 6188 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys05:53:27.0125 6188 Fs_Rec - ok05:53:27.0125 6188 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys05:53:27.0156 6188 fvevol - ok05:53:27.0156 6188 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys05:53:27.0172 6188 gagp30kx - ok05:53:27.0172 6188 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll05:53:27.0219 6188 gpsvc - ok05:53:27.0219 6188 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys05:53:27.0250 6188 hcw85cir - ok05:53:27.0250 6188 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys05:53:27.0281 6188 HdAudAddService - ok05:53:27.0281 6188 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys05:53:27.0297 6188 HDAudBus - ok05:53:27.0297 6188 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys05:53:27.0312 6188 HidBatt - ok05:53:27.0312 6188 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys05:53:27.0344 6188 HidBth - ok05:53:27.0344 6188 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys05:53:27.0359 6188 HidIr - ok05:53:27.0375 6188 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll05:53:27.0422 6188 hidserv - ok05:53:27.0422 6188 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys05:53:27.0437 6188 HidUsb - ok05:53:27.0437 6188 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll05:53:27.0500 6188 hkmsvc - ok05:53:27.0500 6188 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll05:53:27.0546 6188 HomeGroupListener - ok05:53:27.0546 6188 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll05:53:27.0609 6188 HomeGroupProvider - ok05:53:27.0609 6188 HOSTS Anti-PUPs - ok05:53:27.0609 6188 [ 9C9943220F8F94B917D8C4C9618074CC ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe05:53:27.0609 6188 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning05:53:27.0609 6188 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)05:53:27.0624 6188 [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe05:53:27.0656 6188 hpqwmiex - ok05:53:27.0656 6188 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys05:53:27.0671 6188 HpSAMD - ok05:53:27.0671 6188 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys05:53:27.0718 6188 HTTP - ok05:53:27.0718 6188 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys05:53:27.0734 6188 hwpolicy - ok05:53:27.0734 6188 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys05:53:27.0749 6188 i8042prt - ok05:53:27.0765 6188 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\drivers\iaStor.sys05:53:27.0780 6188 iaStor - ok05:53:27.0780 6188 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys05:53:27.0796 6188 iaStorV - ok05:53:27.0812 6188 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe05:53:27.0843 6188 idsvc - ok05:53:27.0843 6188 IFCoEMP - ok05:53:27.0843 6188 IFCoEVB - ok05:53:27.0874 6188 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys05:53:27.0952 6188 igfx - ok05:53:27.0952 6188 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys05:53:27.0968 6188 iirsp - ok05:53:27.0968 6188 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll05:53:28.0030 6188 IKEEXT - ok05:53:28.0061 6188 [ 059DDDEDBE5701DC3B779D32798108AC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys05:53:28.0108 6188 IntcAzAudAddService - ok05:53:28.0124 6188 [ 0043EC20C06FD9FE339B5D37474B731E ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe05:53:28.0139 6188 Intel® Capability Licensing Service Interface - ok05:53:28.0139 6188 [ DDA324215F71243786A9A4D1C5027BEB ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe05:53:28.0139 6188 Intel® ME Service - ok05:53:28.0155 6188 [ EA83415296F905D11651B9AF26FB7EBD ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe05:53:28.0186 6188 Intel® PROSet Monitoring Service - ok05:53:28.0186 6188 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys05:53:28.0202 6188 intelide - ok05:53:28.0202 6188 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys05:53:28.0217 6188 intelppm - ok05:53:28.0233 6188 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll05:53:28.0280 6188 IPBusEnum - ok05:53:28.0280 6188 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys05:53:28.0311 6188 IpFilterDriver - ok05:53:28.0311 6188 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll05:53:28.0358 6188 iphlpsvc - ok05:53:28.0358 6188 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys05:53:28.0373 6188 IPMIDRV - ok05:53:28.0373 6188 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys05:53:28.0420 6188 IPNAT - ok05:53:28.0420 6188 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys05:53:28.0436 6188 IRENUM - ok05:53:28.0436 6188 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys05:53:28.0451 6188 isapnp - ok05:53:28.0467 6188 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys05:53:28.0482 6188 iScsiPrt - ok05:53:28.0482 6188 [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys05:53:28.0498 6188 iusb3hcs - ok05:53:28.0514 6188 [ 023896E23B61543A15A230EED996D911 ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys05:53:28.0529 6188 iusb3hub - ok05:53:28.0529 6188 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys05:53:28.0560 6188 iusb3xhc - ok05:53:28.0560 6188 [ 2A51697D0F14970843F3A4189E49B695 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe05:53:28.0576 6188 jhi_service - ok05:53:28.0576 6188 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys05:53:28.0592 6188 kbdclass - ok05:53:28.0592 6188 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys05:53:28.0607 6188 kbdhid - ok05:53:28.0607 6188 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe05:53:28.0654 6188 KeyIso - ok05:53:28.0654 6188 [ 77481D3753F6DCB0A499C3A01460DC00 ] KmxAgent C:\Windows\system32\DRIVERS\kmxagent.sys05:53:28.0670 6188 KmxAgent - ok05:53:28.0670 6188 [ C30A499E4A05FA7C1B2B1325953F12D4 ] KmxAMRT C:\Windows\system32\DRIVERS\KmxAMRT.sys05:53:28.0685 6188 KmxAMRT - ok05:53:28.0701 6188 [ 2896919A9E5A4DC267A2D916F75D2346 ] KmxCF C:\Windows\system32\DRIVERS\KmxCF.sys05:53:28.0701 6188 KmxCF - ok05:53:28.0716 6188 [ 2FA4CB9DCA3ED83583659670F3B40916 ] KmxCfg C:\Windows\system32\DRIVERS\kmxcfg.sys05:53:28.0732 6188 KmxCfg - ok05:53:28.0732 6188 [ EB0576050B2A618563CAA3ECBF19F2EF ] KmxFile C:\Windows\system32\DRIVERS\KmxFile.sys05:53:28.0748 6188 KmxFile - ok05:53:28.0748 6188 [ 87DA5AFC8950EC34D0CDDF3438370727 ] KmxFilter C:\Windows\system32\DRIVERS\KmxFilter.sys05:53:28.0763 6188 KmxFilter - ok05:53:28.0763 6188 [ 15260D1B5BB6BA8E5079E758FCE88207 ] KmxFw C:\Windows\system32\DRIVERS\kmxfw.sys05:53:28.0794 6188 KmxFw - ok05:53:28.0794 6188 [ EEF33889A80990C70595457A5C97EE09 ] KmxSbx C:\Windows\system32\DRIVERS\KmxSbx.sys05:53:28.0810 6188 KmxSbx - ok05:53:28.0810 6188 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys05:53:28.0826 6188 KSecDD - ok05:53:28.0826 6188 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys05:53:28.0841 6188 KSecPkg - ok05:53:28.0857 6188 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys05:53:28.0888 6188 ksthunk - ok05:53:28.0888 6188 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll05:53:28.0950 6188 KtmRm - ok05:53:28.0950 6188 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll05:53:29.0028 6188 LanmanServer - ok05:53:29.0028 6188 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll05:53:29.0122 6188 LanmanWorkstation - ok05:53:29.0122 6188 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys05:53:29.0153 6188 lltdio - ok05:53:29.0153 6188 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll05:53:29.0216 6188 lltdsvc - ok05:53:29.0216 6188 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll05:53:29.0262 6188 lmhosts - ok05:53:29.0278 6188 [ 107F19308A07F27CEA7B317BDF67756F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe05:53:29.0278 6188 LMS - ok05:53:29.0278 6188 Lpc0GR7b - ok05:53:29.0294 6188 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys05:53:29.0309 6188 LSI_FC - ok05:53:29.0309 6188 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys05:53:29.0325 6188 LSI_SAS - ok05:53:29.0325 6188 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys05:53:29.0356 6188 LSI_SAS2 - ok05:53:29.0356 6188 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys05:53:29.0372 6188 LSI_SCSI - ok05:53:29.0372 6188 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys05:53:29.0403 6188 luafv - ok05:53:29.0403 6188 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys05:53:29.0418 6188 MBAMProtector - ok05:53:29.0418 6188 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe05:53:29.0434 6188 MBAMScheduler - ok05:53:29.0450 6188 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe05:53:29.0450 6188 MBAMService - ok05:53:29.0465 6188 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll05:53:29.0512 6188 Mcx2Svc - ok05:53:29.0512 6188 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys05:53:29.0528 6188 megasas - ok05:53:29.0528 6188 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys05:53:29.0559 6188 MegaSR - ok05:53:29.0559 6188 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys05:53:29.0574 6188 MEIx64 - ok05:53:29.0574 6188 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe05:53:29.0590 6188 Microsoft Office Groove Audit Service - ok05:53:29.0590 6188 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll05:53:29.0652 6188 MMCSS - ok05:53:29.0652 6188 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys05:53:29.0684 6188 Modem - ok05:53:29.0684 6188 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys05:53:29.0699 6188 monitor - ok05:53:29.0715 6188 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys05:53:29.0730 6188 mouclass - ok05:53:29.0730 6188 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys05:53:29.0746 6188 mouhid - ok05:53:29.0746 6188 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys05:53:29.0777 6188 mountmgr - ok05:53:29.0777 6188 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys05:53:29.0793 6188 mpio - ok05:53:29.0793 6188 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys05:53:29.0824 6188 mpsdrv - ok05:53:29.0840 6188 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll05:53:29.0886 6188 MpsSvc - ok05:53:29.0902 6188 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys05:53:29.0918 6188 MRxDAV - ok05:53:29.0918 6188 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys05:53:29.0933 6188 mrxsmb - ok05:53:29.0949 6188 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys05:53:29.0964 6188 mrxsmb10 - ok05:53:29.0964 6188 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys05:53:29.0980 6188 mrxsmb20 - ok05:53:29.0980 6188 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys05:53:29.0996 6188 msahci - ok05:53:30.0011 6188 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys05:53:30.0027 6188 msdsm - ok05:53:30.0027 6188 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe05:53:30.0074 6188 MSDTC - ok05:53:30.0074 6188 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys05:53:30.0105 6188 Msfs - ok05:53:30.0105 6188 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys05:53:30.0136 6188 mshidkmdf - ok05:53:30.0152 6188 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys05:53:30.0167 6188 msisadrv - ok05:53:30.0167 6188 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll05:53:30.0214 6188 MSiSCSI - ok05:53:30.0230 6188 msiserver - ok05:53:30.0230 6188 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys05:53:30.0261 6188 MSKSSRV - ok05:53:30.0261 6188 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys05:53:30.0292 6188 MSPCLOCK - ok05:53:30.0292 6188 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys05:53:30.0339 6188 MSPQM - ok05:53:30.0339 6188 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys05:53:30.0354 6188 MsRPC - ok05:53:30.0370 6188 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys05:53:30.0370 6188 mssmbios - ok05:53:30.0386 6188 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys05:53:30.0417 6188 MSTEE - ok05:53:30.0417 6188 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys05:53:30.0432 6188 MTConfig - ok05:53:30.0432 6188 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys05:53:30.0464 6188 Mup - ok05:53:30.0464 6188 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll05:53:30.0526 6188 napagent - ok05:53:30.0542 6188 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys05:53:30.0573 6188 NativeWifiP - ok05:53:30.0573 6188 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys05:53:30.0604 6188 NDIS - ok05:53:30.0604 6188 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys05:53:30.0635 6188 NdisCap - ok05:53:30.0635 6188 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys05:53:30.0666 6188 NdisTapi - ok05:53:30.0666 6188 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys05:53:30.0698 6188 Ndisuio - ok05:53:30.0713 6188 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys05:53:30.0744 6188 NdisWan - ok05:53:30.0744 6188 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys05:53:30.0776 6188 NDProxy - ok05:53:30.0776 6188 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys05:53:30.0807 6188 NetBIOS - ok05:53:30.0807 6188 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys05:53:30.0838 6188 NetBT - ok05:53:30.0854 6188 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe05:53:30.0885 6188 Netlogon - ok05:53:30.0885 6188 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll05:53:30.0947 6188 Netman - ok05:53:30.0963 6188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe05:53:30.0978 6188 NetMsmqActivator - ok05:53:30.0978 6188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe05:53:30.0994 6188 NetPipeActivator - ok05:53:30.0994 6188 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll05:53:31.0056 6188 netprofm - ok05:53:31.0056 6188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe05:53:31.0072 6188 NetTcpActivator - ok05:53:31.0072 6188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe05:53:31.0088 6188 NetTcpPortSharing - ok05:53:31.0088 6188 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys05:53:31.0103 6188 nfrd960 - ok05:53:31.0103 6188 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll05:53:31.0166 6188 NlaSvc - ok05:53:31.0166 6188 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys05:53:31.0197 6188 Npfs - ok05:53:31.0197 6188 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll05:53:31.0259 6188 nsi - ok05:53:31.0259 6188 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys05:53:31.0290 6188 nsiproxy - ok05:53:31.0306 6188 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys05:53:31.0337 6188 Ntfs - ok05:53:31.0353 6188 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys05:53:31.0384 6188 Null - ok05:53:31.0384 6188 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys05:53:31.0400 6188 NVHDA - ok05:53:31.0478 6188 [ 858262F04D4E4396B7D2B29E444B6690 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys05:53:31.0571 6188 nvlddmkm - ok05:53:31.0587 6188 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys05:53:31.0602 6188 nvraid - ok05:53:31.0602 6188 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys05:53:31.0634 6188 nvstor - ok05:53:31.0634 6188 [ F37F612016CC2A6DFD8ADE79842E85DB ] nvsvc C:\Windows\system32\nvvsvc.exe05:53:31.0696 6188 nvsvc - ok05:53:31.0696 6188 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys05:53:31.0712 6188 nv_agp - ok05:53:31.0727 6188 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE05:53:31.0743 6188 odserv - ok05:53:31.0743 6188 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys05:53:31.0774 6188 ohci1394 - ok05:53:31.0774 6188 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE05:53:31.0790 6188 ose - ok05:53:31.0790 6188 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll05:53:31.0852 6188 p2pimsvc - ok05:53:31.0852 6188 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll05:53:31.0899 6188 p2psvc - ok05:53:31.0914 6188 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys05:53:31.0930 6188 Parport - ok05:53:31.0930 6188 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys05:53:31.0961 6188 partmgr - ok05:53:31.0961 6188 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll05:53:32.0008 6188 PcaSvc - ok05:53:32.0024 6188 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys05:53:32.0039 6188 pci - ok05:53:32.0039 6188 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys05:53:32.0055 6188 pciide - ok05:53:32.0070 6188 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys05:53:32.0086 6188 pcmcia - ok05:53:32.0086 6188 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys05:53:32.0102 6188 pcw - ok05:53:32.0117 6188 pdfcDispatcher - ok05:53:32.0117 6188 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys05:53:32.0148 6188 PEAUTH - ok05:53:32.0164 6188 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll05:53:32.0226 6188 PeerDistSvc - ok05:53:32.0242 6188 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe05:53:32.0273 6188 PerfHost - ok05:53:32.0289 6188 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll05:53:32.0367 6188 pla - ok05:53:32.0382 6188 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll05:53:32.0445 6188 PlugPlay - ok05:53:32.0445 6188 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll05:53:32.0507 6188 PNRPAutoReg - ok05:53:32.0507 6188 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll05:53:32.0570 6188 PNRPsvc - ok05:53:32.0570 6188 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll05:53:32.0616 6188 PolicyAgent - ok05:53:32.0616 6188 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll05:53:32.0710 6188 Power - ok05:53:32.0710 6188 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys05:53:32.0741 6188 PptpMiniport - ok05:53:32.0741 6188 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys05:53:32.0772 6188 Processor - ok05:53:32.0772 6188 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll05:53:32.0835 6188 ProfSvc - ok05:53:32.0835 6188 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe05:53:32.0866 6188 ProtectedStorage - ok05:53:32.0866 6188 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys05:53:32.0913 6188 Psched - ok05:53:32.0913 6188 pwalker - ok05:53:32.0928 6188 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys05:53:32.0960 6188 ql2300 - ok05:53:32.0960 6188 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys05:53:32.0975 6188 ql40xx - ok05:53:32.0991 6188 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll05:53:33.0053 6188 QWAVE - ok05:53:33.0053 6188 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys05:53:33.0069 6188 QWAVEdrv - ok05:53:33.0084 6188 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys05:53:33.0116 6188 RasAcd - ok05:53:33.0116 6188 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys05:53:33.0147 6188 RasAgileVpn - ok05:53:33.0147 6188 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll05:53:33.0225 6188 RasAuto - ok05:53:33.0225 6188 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys05:53:33.0256 6188 Rasl2tp - ok05:53:33.0256 6188 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll05:53:33.0334 6188 RasMan - ok05:53:33.0334 6188 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys05:53:33.0365 6188 RasPppoe - ok05:53:33.0381 6188 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys05:53:33.0412 6188 RasSstp - ok05:53:33.0412 6188 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys05:53:33.0443 6188 rdbss - ok05:53:33.0443 6188 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys05:53:33.0474 6188 rdpbus - ok05:53:33.0474 6188 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys05:53:33.0506 6188 RDPCDD - ok05:53:33.0506 6188 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys05:53:33.0537 6188 RDPDR - ok05:53:33.0537 6188 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys05:53:33.0568 6188 RDPENCDD - ok05:53:33.0568 6188 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys05:53:33.0615 6188 RDPREFMP - ok05:53:33.0615 6188 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys05:53:33.0630 6188 RdpVideoMiniport - ok05:53:33.0630 6188 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys05:53:33.0662 6188 RDPWD - ok05:53:33.0662 6188 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys05:53:33.0693 6188 rdyboost - ok05:53:33.0693 6188 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll05:53:33.0755 6188 RemoteAccess - ok05:53:33.0755 6188 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll05:53:33.0833 6188 RemoteRegistry - ok05:53:33.0833 6188 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll05:53:33.0896 6188 RpcEptMapper - ok05:53:33.0911 6188 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe05:53:33.0942 6188 RpcLocator - ok05:53:33.0958 6188 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll05:53:34.0020 6188 RpcSs - ok05:53:34.0036 6188 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys05:53:34.0052 6188 rspndr - ok05:53:34.0067 6188 [ 4041310BF35A7FA0541EF389D1102FD1 ] rspSanity C:\Windows\system32\DRIVERS\rspSanity64.sys05:53:34.0083 6188 rspSanity - ok05:53:34.0083 6188 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys05:53:34.0114 6188 s3cap - ok05:53:34.0114 6188 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe05:53:34.0145 6188 SamSs - ok05:53:34.0145 6188 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys05:53:34.0176 6188 sbp2port - ok05:53:34.0176 6188 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll05:53:34.0254 6188 SCardSvr - ok05:53:34.0254 6188 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys05:53:34.0317 6188 scfilter - ok05:53:34.0317 6188 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll05:53:34.0395 6188 Schedule - ok05:53:34.0410 6188 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll05:53:34.0442 6188 SCPolicySvc - ok05:53:34.0442 6188 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll05:53:34.0504 6188 SDRSVC - ok05:53:34.0504 6188 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys05:53:34.0535 6188 secdrv - ok05:53:34.0535 6188 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll05:53:34.0613 6188 seclogon - ok05:53:34.0613 6188 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll05:53:34.0691 6188 SENS - ok05:53:34.0691 6188 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll05:53:34.0754 6188 SensrSvc - ok05:53:34.0754 6188 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys05:53:34.0785 6188 Serenum - ok05:53:34.0785 6188 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys05:53:34.0800 6188 Serial - ok05:53:34.0800 6188 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys05:53:34.0832 6188 sermouse - ok05:53:34.0832 6188 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll05:53:34.0910 6188 SessionEnv - ok05:53:34.0910 6188 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys05:53:34.0941 6188 sffdisk - ok05:53:34.0941 6188 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys05:53:34.0956 6188 sffp_mmc - ok05:53:34.0956 6188 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys05:53:34.0988 6188 sffp_sd - ok05:53:34.0988 6188 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys05:53:35.0019 6188 sfloppy - ok05:53:35.0019 6188 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll05:53:35.0066 6188 SharedAccess - ok05:53:35.0066 6188 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll05:53:35.0144 6188 ShellHWDetection - ok05:53:35.0144 6188 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys05:53:35.0175 6188 SiSRaid2 - ok05:53:35.0175 6188 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys05:53:35.0190 6188 SiSRaid4 - ok05:53:35.0206 6188 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys05:53:35.0237 6188 Smb - ok05:53:35.0237 6188 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe05:53:35.0300 6188 SNMPTRAP - ok05:53:35.0300 6188 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys05:53:35.0331 6188 spldr - ok05:53:35.0331 6188 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe05:53:35.0393 6188 Spooler - ok05:53:35.0424 6188 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe05:53:35.0518 6188 sppsvc - ok05:53:35.0518 6188 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll05:53:35.0596 6188 sppuinotify - ok05:53:35.0596 6188 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys05:53:35.0627 6188 srv - ok05:53:35.0627 6188 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys05:53:35.0643 6188 srv2 - ok05:53:35.0658 6188 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys05:53:35.0674 6188 srvnet - ok05:53:35.0674 6188 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll05:53:35.0752 6188 SSDPSRV - ok05:53:35.0752 6188 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll05:53:35.0830 6188 SstpSvc - ok05:53:35.0830 6188 [ 877DF77ACE8C82F7F93764345BB82DF5 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe05:53:35.0846 6188 Stereo Service - ok05:53:35.0846 6188 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys05:53:35.0877 6188 stexstor - ok05:53:35.0877 6188 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll05:53:35.0955 6188 stisvc - ok05:53:35.0970 6188 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys05:53:35.0986 6188 storflt - ok05:53:35.0986 6188 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll05:53:36.0064 6188 StorSvc - ok05:53:36.0064 6188 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys05:53:36.0080 6188 storvsc - ok05:53:36.0080 6188 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys05:53:36.0095 6188 swenum - ok05:53:36.0111 6188 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll05:53:36.0189 6188 swprv - ok05:53:36.0204 6188 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll05:53:36.0282 6188 SysMain - ok05:53:36.0282 6188 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll05:53:36.0360 6188 TabletInputService - ok05:53:36.0360 6188 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll05:53:36.0438 6188 TapiSrv - ok05:53:36.0438 6188 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll05:53:36.0516 6188 TBS - ok05:53:36.0532 6188 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys05:53:36.0579 6188 Tcpip - ok05:53:36.0594 6188 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys05:53:36.0626 6188 TCPIP6 - ok05:53:36.0626 6188 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys05:53:36.0641 6188 tcpipreg - ok05:53:36.0641 6188 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys05:53:36.0672 6188 TDPIPE - ok05:53:36.0672 6188 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys05:53:36.0688 6188 TDTCP - ok05:53:36.0688 6188 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys05:53:36.0735 6188 tdx - ok05:53:36.0735 6188 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys05:53:36.0750 6188 TermDD - ok05:53:36.0766 6188 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll05:53:36.0844 6188 TermService - ok05:53:36.0844 6188 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll05:53:36.0922 6188 Themes - ok05:53:36.0922 6188 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll05:53:36.0969 6188 THREADORDER - ok05:53:36.0984 6188 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll05:53:37.0062 6188 TrkWks - ok05:53:37.0062 6188 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe05:53:37.0094 6188 TrustedInstaller - ok05:53:37.0094 6188 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys05:53:37.0125 6188 tssecsrv - ok05:53:37.0125 6188 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys05:53:37.0140 6188 TsUsbFlt - ok05:53:37.0140 6188 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys05:53:37.0172 6188 TsUsbGD - ok to be continued: Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747458 Share Posted October 28, 2013 part 2 05:53:37.0172 6188 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys05:53:37.0203 6188 tunnel - ok05:53:37.0218 6188 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys05:53:37.0234 6188 uagp35 - ok05:53:37.0234 6188 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys05:53:37.0281 6188 udfs - ok05:53:37.0281 6188 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe05:53:37.0343 6188 UI0Detect - ok05:53:37.0359 6188 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys05:53:37.0374 6188 uliagpkx - ok05:53:37.0374 6188 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys05:53:37.0406 6188 umbus - ok05:53:37.0406 6188 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys05:53:37.0421 6188 UmPass - ok05:53:37.0421 6188 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll05:53:37.0499 6188 UmRdpService - ok05:53:37.0515 6188 [ AF950F62E5FC72FFDB7363F72600B21C ] UmxEngine C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe05:53:37.0530 6188 UmxEngine - ok05:53:37.0530 6188 [ FA010336DB6FC6352A5056DD3E212CA8 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe05:53:37.0546 6188 UNS - ok05:53:37.0546 6188 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll05:53:37.0624 6188 upnphost - ok05:53:37.0640 6188 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\Windows\system32\drivers\usbccgp.sys05:53:37.0655 6188 usbccgp - ok05:53:37.0655 6188 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys05:53:37.0686 6188 usbcir - ok05:53:37.0686 6188 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\Windows\system32\drivers\usbehci.sys05:53:37.0702 6188 usbehci - ok05:53:37.0718 6188 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys05:53:37.0733 6188 usbhub - ok05:53:37.0733 6188 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\Windows\system32\drivers\usbohci.sys05:53:37.0764 6188 usbohci - ok05:53:37.0764 6188 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys05:53:37.0796 6188 usbprint - ok05:53:37.0811 6188 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS05:53:37.0827 6188 USBSTOR - ok05:53:37.0842 6188 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys05:53:37.0858 6188 usbuhci - ok05:53:37.0858 6188 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll05:53:37.0952 6188 UxSms - ok05:53:37.0952 6188 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe05:53:37.0983 6188 VaultSvc - ok05:53:37.0983 6188 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys05:53:38.0014 6188 vdrvroot - ok05:53:38.0014 6188 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe05:53:38.0108 6188 vds - ok05:53:38.0108 6188 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys05:53:38.0139 6188 vga - ok05:53:38.0139 6188 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys05:53:38.0170 6188 VgaSave - ok05:53:38.0170 6188 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys05:53:38.0201 6188 vhdmp - ok05:53:38.0201 6188 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys05:53:38.0217 6188 viaide - ok05:53:38.0232 6188 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys05:53:38.0248 6188 vmbus - ok05:53:38.0248 6188 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys05:53:38.0279 6188 VMBusHID - ok05:53:38.0279 6188 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys05:53:38.0310 6188 volmgr - ok05:53:38.0310 6188 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys05:53:38.0342 6188 volmgrx - ok05:53:38.0342 6188 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys05:53:38.0357 6188 volsnap - ok05:53:38.0373 6188 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys05:53:38.0388 6188 vsmraid - ok05:53:38.0404 6188 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe05:53:38.0498 6188 VSS - ok05:53:38.0498 6188 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys05:53:38.0529 6188 vwifibus - ok05:53:38.0529 6188 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll05:53:38.0622 6188 W32Time - ok05:53:38.0622 6188 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys05:53:38.0654 6188 WacomPen - ok05:53:38.0654 6188 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys05:53:38.0685 6188 WANARP - ok05:53:38.0685 6188 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys05:53:38.0716 6188 Wanarpv6 - ok05:53:38.0732 6188 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe05:53:38.0763 6188 WatAdminSvc - ok05:53:38.0763 6188 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe05:53:38.0856 6188 wbengine - ok05:53:38.0856 6188 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll05:53:38.0934 6188 WbioSrvc - ok05:53:38.0934 6188 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll05:53:39.0028 6188 wcncsvc - ok05:53:39.0028 6188 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll05:53:39.0106 6188 WcsPlugInService - ok05:53:39.0106 6188 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys05:53:39.0122 6188 Wd - ok05:53:39.0122 6188 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys05:53:39.0153 6188 Wdf01000 - ok05:53:39.0168 6188 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll05:53:39.0246 6188 WdiServiceHost - ok05:53:39.0246 6188 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll05:53:39.0324 6188 WdiSystemHost - ok05:53:39.0324 6188 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll05:53:39.0402 6188 WebClient - ok05:53:39.0402 6188 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll05:53:39.0496 6188 Wecsvc - ok05:53:39.0496 6188 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll05:53:39.0590 6188 wercplsupport - ok05:53:39.0590 6188 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll05:53:39.0683 6188 WerSvc - ok05:53:39.0683 6188 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys05:53:39.0714 6188 WfpLwf - ok05:53:39.0714 6188 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys05:53:39.0730 6188 WIMMount - ok05:53:39.0746 6188 WinDefend - ok05:53:39.0746 6188 WinHttpAutoProxySvc - ok05:53:39.0746 6188 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll05:53:39.0777 6188 Winmgmt - ok05:53:39.0792 6188 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll05:53:39.0902 6188 WinRM - ok05:53:39.0902 6188 [ 78DB15E30154E093996C7EE84525514B ] WinSvchostManagerSrv C:\Windows\SysWOW64\cfgmig32.exe05:53:39.0917 6188 WinSvchostManagerSrv - ok05:53:39.0933 6188 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll05:53:40.0011 6188 Wlansvc - ok05:53:40.0011 6188 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys05:53:40.0042 6188 WmiAcpi - ok05:53:40.0042 6188 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe05:53:40.0058 6188 wmiApSrv - ok05:53:40.0058 6188 WMPNetworkSvc - ok05:53:40.0073 6188 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll05:53:40.0151 6188 WPCSvc - ok05:53:40.0151 6188 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll05:53:40.0229 6188 WPDBusEnum - ok05:53:40.0229 6188 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys05:53:40.0260 6188 ws2ifsl - ok05:53:40.0260 6188 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll05:53:40.0338 6188 wscsvc - ok05:53:40.0338 6188 WSearch - ok05:53:40.0370 6188 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll05:53:40.0463 6188 wuauserv - ok05:53:40.0463 6188 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys05:53:40.0479 6188 WudfPf - ok05:53:40.0494 6188 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys05:53:40.0510 6188 WUDFRd - ok05:53:40.0526 6188 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll05:53:40.0604 6188 wudfsvc - ok05:53:40.0604 6188 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll05:53:40.0682 6188 WwanSvc - ok05:53:40.0682 6188 ================ Scan global ===============================05:53:40.0697 6188 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll05:53:40.0697 6188 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll05:53:40.0760 6188 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll05:53:40.0822 6188 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll05:53:40.0884 6188 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe05:53:40.0931 6188 [Global] - ok05:53:40.0931 6188 ================ Scan MBR ==================================05:53:40.0931 6188 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR005:53:41.0009 6188 \Device\Harddisk0\DR0 - ok05:53:41.0009 6188 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR105:53:41.0072 6188 \Device\Harddisk1\DR1 - ok05:53:41.0072 6188 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR205:53:41.0118 6188 \Device\Harddisk2\DR2 - ok05:53:41.0118 6188 ================ Scan VBR ==================================05:53:41.0134 6188 [ 9B9319757504E332BE94B3D4D4A46FDE ] \Device\Harddisk0\DR0\Partition105:53:41.0134 6188 \Device\Harddisk0\DR0\Partition1 - ok05:53:41.0134 6188 [ BB6E306F44D8B74C14939B92AEDD8FA9 ] \Device\Harddisk0\DR0\Partition205:53:41.0134 6188 \Device\Harddisk0\DR0\Partition2 - ok05:53:41.0134 6188 [ 9254DC0DF59330CF5AEE8A2613F8CD33 ] \Device\Harddisk0\DR0\Partition305:53:41.0134 6188 \Device\Harddisk0\DR0\Partition3 - ok05:53:41.0134 6188 [ 9EE5911F5EF69D59923619B0F6D9394D ] \Device\Harddisk1\DR1\Partition105:53:41.0134 6188 \Device\Harddisk1\DR1\Partition1 - ok05:53:41.0134 6188 [ 22FC1EDA8CB6907159EA4A27B050F346 ] \Device\Harddisk2\DR2\Partition105:53:41.0134 6188 \Device\Harddisk2\DR2\Partition1 - ok05:53:41.0134 6188 ================ Scan active images ========================05:53:41.0134 6188 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys05:53:41.0134 6188 C:\Windows\System32\drivers\crashdmp.sys - ok05:53:41.0134 6188 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys05:53:41.0134 6188 C:\Windows\System32\drivers\dumpfve.sys - ok05:53:41.0150 6188 [ D1753C06EE17E29352B065EACF3F10D0 ] C:\Windows\System32\drivers\iaStor.sys05:53:41.0150 6188 C:\Windows\System32\drivers\iaStor.sys - ok05:53:41.0150 6188 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys05:53:41.0150 6188 C:\Windows\System32\drivers\cdrom.sys - ok05:53:41.0150 6188 [ 77481D3753F6DCB0A499C3A01460DC00 ] C:\Windows\System32\drivers\KmxAgent.sys05:53:41.0150 6188 C:\Windows\System32\drivers\KmxAgent.sys - ok05:53:41.0150 6188 [ 2FA4CB9DCA3ED83583659670F3B40916 ] C:\Windows\System32\drivers\KmxCfg.sys05:53:41.0150 6188 C:\Windows\System32\drivers\KmxCfg.sys - ok05:53:41.0150 6188 [ EB0576050B2A618563CAA3ECBF19F2EF ] C:\Windows\System32\drivers\KmxFile.sys05:53:41.0150 6188 C:\Windows\System32\drivers\KmxFile.sys - ok05:53:41.0150 6188 [ A1F53D2A00E64679A1D81B61D2333D06 ] C:\Windows\System32\drivers\avgtpx64.sys05:53:41.0150 6188 C:\Windows\System32\drivers\avgtpx64.sys - ok05:53:41.0150 6188 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys05:53:41.0150 6188 C:\Windows\System32\drivers\beep.sys - ok05:53:41.0150 6188 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys05:53:41.0150 6188 C:\Windows\System32\drivers\null.sys - ok05:53:41.0150 6188 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys05:53:41.0150 6188 C:\Windows\System32\drivers\RDPCDD.sys - ok05:53:41.0150 6188 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys05:53:41.0150 6188 C:\Windows\System32\drivers\RDPENCDD.sys - ok05:53:41.0165 6188 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys05:53:41.0165 6188 C:\Windows\System32\drivers\RDPREFMP.sys - ok05:53:41.0165 6188 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys05:53:41.0165 6188 C:\Windows\System32\drivers\vga.sys - ok05:53:41.0165 6188 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys05:53:41.0165 6188 C:\Windows\System32\drivers\videoprt.sys - ok05:53:41.0165 6188 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys05:53:41.0165 6188 C:\Windows\System32\drivers\watchdog.sys - ok05:53:41.0165 6188 [ 314C17917AC8523EC77A710215012A65 ] C:\Windows\System32\drivers\afd.sys05:53:41.0165 6188 C:\Windows\System32\drivers\afd.sys - ok05:53:41.0165 6188 [ 87DA5AFC8950EC34D0CDDF3438370727 ] C:\Windows\System32\drivers\KmxFilter.sys05:53:41.0165 6188 C:\Windows\System32\drivers\KmxFilter.sys - ok05:53:41.0165 6188 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys05:53:41.0165 6188 C:\Windows\System32\drivers\msfs.sys - ok05:53:41.0165 6188 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys05:53:41.0165 6188 C:\Windows\System32\drivers\netbt.sys - ok05:53:41.0165 6188 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys05:53:41.0165 6188 C:\Windows\System32\drivers\npfs.sys - ok05:53:41.0165 6188 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys05:53:41.0165 6188 C:\Windows\System32\drivers\pacer.sys - ok05:53:41.0181 6188 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys05:53:41.0181 6188 C:\Windows\System32\drivers\tdx.sys - ok05:53:41.0181 6188 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys05:53:41.0181 6188 C:\Windows\System32\drivers\wfplwf.sys - ok05:53:41.0181 6188 [ 0571E626B1FDB6A83F67F11ACC65D2C0 ] C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys05:53:41.0181 6188 C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys - ok05:53:41.0181 6188 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys05:53:41.0181 6188 C:\Windows\System32\drivers\discache.sys - ok05:53:41.0181 6188 [ BE2902E13CA69383F449B6BF927844FB ] C:\Windows\System32\drivers\ElbyCDIO.sys05:53:41.0181 6188 C:\Windows\System32\drivers\ElbyCDIO.sys - ok05:53:41.0181 6188 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys05:53:41.0181 6188 C:\Windows\System32\drivers\mssmbios.sys - ok05:53:41.0181 6188 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys05:53:41.0181 6188 C:\Windows\System32\drivers\netbios.sys - ok05:53:41.0181 6188 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys05:53:41.0181 6188 C:\Windows\System32\drivers\nsiproxy.sys - ok05:53:41.0181 6188 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys05:53:41.0181 6188 C:\Windows\System32\drivers\rdbss.sys - ok05:53:41.0181 6188 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys05:53:41.0181 6188 C:\Windows\System32\drivers\serial.sys - ok05:53:41.0196 6188 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys05:53:41.0196 6188 C:\Windows\System32\drivers\termdd.sys - ok05:53:41.0196 6188 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys05:53:41.0196 6188 C:\Windows\System32\drivers\wanarp.sys - ok05:53:41.0196 6188 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys05:53:41.0196 6188 C:\Windows\System32\drivers\blbdrive.sys - ok to be continued: Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747461 Share Posted October 28, 2013 part 3: 05:53:41.0196 6188 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys05:53:41.0196 6188 C:\Windows\System32\drivers\csc.sys - ok05:53:41.0196 6188 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys05:53:41.0196 6188 C:\Windows\System32\drivers\dfsc.sys - ok05:53:41.0196 6188 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys05:53:41.0196 6188 C:\Windows\System32\drivers\tunnel.sys - ok05:53:41.0196 6188 [ F0970A4BC8395659C22BF53D0FADF16F ] C:\Windows\System32\smss.exe05:53:41.0196 6188 C:\Windows\System32\smss.exe - ok05:53:41.0196 6188 [ CAAAC014C5C56A69F710B5F1B836DE22 ] C:\Windows\System32\ntdll.dll05:53:41.0196 6188 C:\Windows\System32\ntdll.dll - ok05:53:41.0196 6188 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe05:53:41.0196 6188 C:\Windows\System32\autochk.exe - ok05:53:41.0196 6188 [ 858262F04D4E4396B7D2B29E444B6690 ] C:\Windows\System32\drivers\nvlddmkm.sys05:53:41.0196 6188 C:\Windows\System32\drivers\nvlddmkm.sys - ok05:53:41.0212 6188 [ 88612F1CE3BF42256913BF6E61C70D52 ] C:\Windows\System32\drivers\dxgkrnl.sys05:53:41.0212 6188 C:\Windows\System32\drivers\dxgkrnl.sys - ok05:53:41.0212 6188 [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys05:53:41.0212 6188 C:\Windows\System32\drivers\dxgmms1.sys - ok05:53:41.0212 6188 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys05:53:41.0212 6188 C:\Windows\System32\drivers\hdaudbus.sys - ok05:53:41.0212 6188 [ BA01A130D2B850CA87483CE6AC1A2BBA ] C:\Windows\System32\drivers\e1c62x64.sys05:53:41.0212 6188 C:\Windows\System32\drivers\e1c62x64.sys - ok05:53:41.0212 6188 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] C:\Windows\System32\drivers\HECIx64.sys05:53:41.0212 6188 C:\Windows\System32\drivers\HECIx64.sys - ok05:53:41.0212 6188 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] C:\Windows\System32\drivers\iusb3xhc.sys05:53:41.0212 6188 C:\Windows\System32\drivers\iusb3xhc.sys - ok05:53:41.0212 6188 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys05:53:41.0212 6188 C:\Windows\System32\drivers\serenum.sys - ok05:53:41.0212 6188 [ 861C197502A5057E68F0AC75D9EFCDD7 ] C:\Windows\System32\drivers\usbd.sys05:53:41.0212 6188 C:\Windows\System32\drivers\usbd.sys - ok05:53:41.0212 6188 [ C461EED35EF738AC38417EC4021FF4C7 ] C:\Windows\System32\drivers\cthdb.sys05:53:41.0212 6188 C:\Windows\System32\drivers\cthdb.sys - ok05:53:41.0212 6188 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys05:53:41.0212 6188 C:\Windows\System32\drivers\drmk.sys - ok05:53:41.0228 6188 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys05:53:41.0228 6188 C:\Windows\System32\drivers\ks.sys - ok05:53:41.0228 6188 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys05:53:41.0228 6188 C:\Windows\System32\drivers\ksthunk.sys - ok05:53:41.0228 6188 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys05:53:41.0228 6188 C:\Windows\System32\drivers\portcls.sys - ok05:53:41.0228 6188 [ 311C1DD1088E55BEAE15954D17F50646 ] C:\Windows\System32\drivers\usbehci.sys05:53:41.0228 6188 C:\Windows\System32\drivers\usbehci.sys - ok05:53:41.0228 6188 [ E73A7A04FDAC9DD46EE2A4257F09E91C ] C:\Windows\System32\drivers\usbport.sys05:53:41.0228 6188 C:\Windows\System32\drivers\usbport.sys - ok05:53:41.0228 6188 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys05:53:41.0228 6188 C:\Windows\System32\drivers\agilevpn.sys - ok05:53:41.0228 6188 [ CF24100CF607F0B8C1F3794540AE1D19 ] C:\Windows\System32\drivers\AnyDVD.sys05:53:41.0228 6188 C:\Windows\System32\drivers\AnyDVD.sys - ok05:53:41.0228 6188 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys05:53:41.0228 6188 C:\Windows\System32\drivers\CompositeBus.sys - ok05:53:41.0228 6188 [ 9387A484D31209D7FC3F795A787294DB ] C:\Windows\System32\drivers\ElbyCDFL.sys05:53:41.0228 6188 C:\Windows\System32\drivers\ElbyCDFL.sys - ok05:53:41.0228 6188 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys05:53:41.0228 6188 C:\Windows\System32\drivers\i8042prt.sys - ok05:53:41.0243 6188 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys05:53:41.0243 6188 C:\Windows\System32\drivers\intelppm.sys - ok05:53:41.0243 6188 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys05:53:41.0243 6188 C:\Windows\System32\drivers\kbdclass.sys - ok05:53:41.0243 6188 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys05:53:41.0243 6188 C:\Windows\System32\drivers\ndistapi.sys - ok05:53:41.0243 6188 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys05:53:41.0243 6188 C:\Windows\System32\drivers\rasl2tp.sys - ok05:53:41.0243 6188 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys05:53:41.0243 6188 C:\Windows\System32\drivers\wmiacpi.sys - ok05:53:41.0243 6188 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys05:53:41.0243 6188 C:\Windows\System32\drivers\mouclass.sys - ok05:53:41.0243 6188 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys05:53:41.0243 6188 C:\Windows\System32\drivers\ndiswan.sys - ok05:53:41.0243 6188 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys05:53:41.0243 6188 C:\Windows\System32\drivers\raspppoe.sys - ok05:53:41.0243 6188 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys05:53:41.0243 6188 C:\Windows\System32\drivers\raspptp.sys - ok05:53:41.0243 6188 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys05:53:41.0243 6188 C:\Windows\System32\drivers\rassstp.sys - ok05:53:41.0259 6188 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys05:53:41.0259 6188 C:\Windows\System32\drivers\rdpbus.sys - ok05:53:41.0259 6188 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys05:53:41.0259 6188 C:\Windows\System32\drivers\swenum.sys - ok05:53:41.0259 6188 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys05:53:41.0259 6188 C:\Windows\System32\drivers\umbus.sys - ok05:53:41.0259 6188 [ 280E90CBF4B2DDD169F0728CB44D726F ] C:\Windows\System32\drivers\usbhub.sys05:53:41.0259 6188 C:\Windows\System32\drivers\usbhub.sys - ok05:53:41.0259 6188 [ CBACE8DFA420B78DD2225CAEA798612D ] C:\Windows\System32\drivers\cthda.sys05:53:41.0259 6188 C:\Windows\System32\drivers\cthda.sys - ok05:53:41.0259 6188 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys05:53:41.0259 6188 C:\Windows\System32\drivers\fastfat.sys - ok05:53:41.0259 6188 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll05:53:41.0259 6188 C:\Windows\System32\gdi32.dll - ok05:53:41.0259 6188 [ 63A580C88CFAF72A92550940054569EF ] C:\Windows\System32\advapi32.dll05:53:41.0259 6188 C:\Windows\System32\advapi32.dll - ok05:53:41.0259 6188 [ 796B47A4B82EF1C39F13435B88834C48 ] C:\Windows\System32\lpk.dll05:53:41.0259 6188 C:\Windows\System32\lpk.dll - ok05:53:41.0259 6188 [ 26036E228D2467DE6975AD819C22C043 ] C:\Windows\System32\rpcrt4.dll05:53:41.0259 6188 C:\Windows\System32\rpcrt4.dll - ok05:53:41.0274 6188 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll05:53:41.0274 6188 C:\Windows\System32\usp10.dll - ok05:53:41.0274 6188 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll05:53:41.0274 6188 C:\Windows\System32\clbcatq.dll - ok05:53:41.0274 6188 [ 882AC0DD997CFC90FBB468D698BD55C6 ] C:\Windows\System32\urlmon.dll05:53:41.0274 6188 C:\Windows\System32\urlmon.dll - ok05:53:41.0274 6188 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll05:53:41.0274 6188 C:\Windows\System32\difxapi.dll - ok05:53:41.0274 6188 [ D8973E71F1B35CD3F3DEA7C12D49D0F0 ] C:\Windows\System32\kernel32.dll05:53:41.0274 6188 C:\Windows\System32\kernel32.dll - ok05:53:41.0274 6188 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll05:53:41.0274 6188 C:\Windows\System32\imm32.dll - ok05:53:41.0274 6188 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll05:53:41.0274 6188 C:\Windows\System32\nsi.dll - ok05:53:41.0274 6188 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll05:53:41.0274 6188 C:\Windows\System32\setupapi.dll - ok05:53:41.0274 6188 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys05:53:41.0274 6188 C:\Windows\System32\drivers\ndproxy.sys - ok05:53:41.0274 6188 [ 199BD40B1890E1EEFF7438B59787534F ] C:\Windows\System32\iertutil.dll05:53:41.0274 6188 C:\Windows\System32\iertutil.dll - ok05:53:41.0290 6188 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll05:53:41.0290 6188 C:\Windows\System32\imagehlp.dll - ok05:53:41.0290 6188 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll05:53:41.0290 6188 C:\Windows\System32\msctf.dll - ok05:53:41.0290 6188 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll05:53:41.0290 6188 C:\Windows\System32\ws2_32.dll - ok05:53:41.0290 6188 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll05:53:41.0290 6188 C:\Windows\System32\comdlg32.dll - ok05:53:41.0290 6188 [ AD662B34B161198B9D66A564EDDA7D43 ] C:\Windows\System32\shell32.dll05:53:41.0290 6188 C:\Windows\System32\shell32.dll - ok05:53:41.0290 6188 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll05:53:41.0290 6188 C:\Windows\System32\Wldap32.dll - ok05:53:41.0290 6188 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll05:53:41.0290 6188 C:\Windows\System32\user32.dll - ok05:53:41.0290 6188 [ D28B35DE88D27EFB27DF4B1E8319E3C0 ] C:\Windows\System32\wininet.dll05:53:41.0290 6188 C:\Windows\System32\wininet.dll - ok05:53:41.0290 6188 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll05:53:41.0290 6188 C:\Windows\System32\normaliz.dll - ok05:53:41.0290 6188 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll05:53:41.0290 6188 C:\Windows\System32\ole32.dll - ok05:53:41.0306 6188 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll05:53:41.0306 6188 C:\Windows\System32\psapi.dll - ok05:53:41.0306 6188 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll05:53:41.0306 6188 C:\Windows\System32\cfgmgr32.dll - ok05:53:41.0306 6188 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll05:53:41.0306 6188 C:\Windows\System32\msvcrt.dll - ok05:53:41.0306 6188 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll05:53:41.0306 6188 C:\Windows\System32\oleaut32.dll - ok05:53:41.0306 6188 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll05:53:41.0306 6188 C:\Windows\System32\sechost.dll - ok05:53:41.0306 6188 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll05:53:41.0306 6188 C:\Windows\System32\shlwapi.dll - ok05:53:41.0306 6188 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll05:53:41.0306 6188 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok05:53:41.0306 6188 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll05:53:41.0306 6188 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok05:53:41.0306 6188 [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\System32\comctl32.dll05:53:41.0306 6188 C:\Windows\System32\comctl32.dll - ok05:53:41.0306 6188 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll05:53:41.0306 6188 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok05:53:41.0321 6188 [ 287998A9BA0140ABB59792CDEB2F8483 ] C:\Windows\System32\crypt32.dll05:53:41.0321 6188 C:\Windows\System32\crypt32.dll - ok05:53:41.0321 6188 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll05:53:41.0321 6188 C:\Windows\System32\devobj.dll - ok05:53:41.0321 6188 [ B22C00ED0491FD7B8803D7DDE2849F4C ] C:\Windows\System32\KernelBase.dll05:53:41.0321 6188 C:\Windows\System32\KernelBase.dll - ok05:53:41.0321 6188 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll05:53:41.0321 6188 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok05:53:41.0321 6188 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll05:53:41.0321 6188 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok05:53:41.0321 6188 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll05:53:41.0321 6188 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok05:53:41.0321 6188 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll05:53:41.0321 6188 C:\Windows\System32\msasn1.dll - ok05:53:41.0321 6188 [ 959041D7014C97133D859B45BCA0FC58 ] C:\Windows\System32\wintrust.dll05:53:41.0321 6188 C:\Windows\System32\wintrust.dll - ok05:53:41.0321 6188 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll05:53:41.0321 6188 C:\Windows\SysWOW64\normaliz.dll - ok05:53:41.0321 6188 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] C:\Windows\System32\drivers\nvhda64v.sys05:53:41.0321 6188 C:\Windows\System32\drivers\nvhda64v.sys - ok05:53:41.0337 6188 [ 023896E23B61543A15A230EED996D911 ] C:\Windows\System32\drivers\iusb3hub.sys05:53:41.0337 6188 C:\Windows\System32\drivers\iusb3hub.sys - ok05:53:41.0337 6188 [ 059DDDEDBE5701DC3B779D32798108AC ] C:\Windows\System32\drivers\RTKVHD64.sys05:53:41.0337 6188 C:\Windows\System32\drivers\RTKVHD64.sys - ok05:53:41.0337 6188 [ 597C3699384E53CC59587ED50CCE5CA2 ] C:\Windows\System32\drivers\hidclass.sys05:53:41.0337 6188 C:\Windows\System32\drivers\hidclass.sys - ok05:53:41.0337 6188 [ 856E76B3641746ABBC2946BED1372098 ] C:\Windows\System32\drivers\hidparse.sys05:53:41.0337 6188 C:\Windows\System32\drivers\hidparse.sys - ok05:53:41.0337 6188 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys05:53:41.0337 6188 C:\Windows\System32\drivers\hidusb.sys - ok05:53:41.0337 6188 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys05:53:41.0337 6188 C:\Windows\System32\drivers\mouhid.sys - ok05:53:41.0337 6188 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys05:53:41.0337 6188 C:\Windows\System32\drivers\dxapi.sys - ok05:53:41.0337 6188 [ 19320B121BFE7462EADD50A42C81AFD0 ] C:\Windows\System32\win32k.sys05:53:41.0337 6188 C:\Windows\System32\win32k.sys - ok05:53:41.0337 6188 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll05:53:41.0337 6188 C:\Windows\System32\basesrv.dll - ok05:53:41.0337 6188 [ 216BABD555BC550952320EEA89C25DDF ] C:\Windows\System32\csrsrv.dll05:53:41.0337 6188 C:\Windows\System32\csrsrv.dll - ok05:53:41.0352 6188 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe05:53:41.0352 6188 C:\Windows\System32\csrss.exe - ok05:53:41.0352 6188 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\System32\winsrv.dll05:53:41.0352 6188 C:\Windows\System32\winsrv.dll - ok05:53:41.0352 6188 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys05:53:41.0352 6188 C:\Windows\System32\drivers\monitor.sys - ok05:53:41.0352 6188 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll05:53:41.0352 6188 C:\Windows\System32\sxssrv.dll - ok05:53:41.0352 6188 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll05:53:41.0352 6188 C:\Windows\System32\tsddd.dll - ok05:53:41.0352 6188 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll05:53:41.0352 6188 C:\Windows\System32\profapi.dll - ok05:53:41.0352 6188 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll05:53:41.0352 6188 C:\Windows\System32\sxs.dll - ok05:53:41.0352 6188 [ BC858A9C03ADBFFE176CC67567C188AE ] C:\Windows\System32\UmxSbxExA64.dll05:53:41.0352 6188 C:\Windows\System32\UmxSbxExA64.dll - ok05:53:41.0352 6188 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe05:53:41.0352 6188 C:\Windows\System32\wininit.exe - ok05:53:41.0352 6188 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll05:53:41.0352 6188 C:\Windows\System32\cdd.dll - ok05:53:41.0352 6188 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL05:53:41.0352 6188 C:\Windows\System32\KBDUS.DLL - ok05:53:41.0368 6188 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll05:53:41.0368 6188 C:\Windows\System32\RpcRtRemote.dll - ok05:53:41.0368 6188 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll05:53:41.0368 6188 C:\Windows\System32\WlS0WndH.dll - ok05:53:41.0368 6188 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll05:53:41.0368 6188 C:\Windows\System32\cryptbase.dll - ok05:53:41.0368 6188 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll05:53:41.0368 6188 C:\Windows\System32\apphelp.dll - ok05:53:41.0368 6188 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe05:53:41.0368 6188 C:\Windows\System32\services.exe - ok05:53:41.0368 6188 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe05:53:41.0368 6188 C:\Windows\System32\lsass.exe - ok05:53:41.0368 6188 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe05:53:41.0368 6188 C:\Windows\System32\lsm.exe - ok05:53:41.0368 6188 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll05:53:41.0368 6188 C:\Windows\System32\sspicli.dll - ok05:53:41.0368 6188 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll05:53:41.0368 6188 C:\Windows\System32\sspisrv.dll - ok05:53:41.0368 6188 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll05:53:41.0368 6188 C:\Windows\System32\cryptdll.dll - ok05:53:41.0384 6188 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll05:53:41.0384 6188 C:\Windows\System32\lsasrv.dll - ok05:53:41.0384 6188 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll05:53:41.0384 6188 C:\Windows\System32\samsrv.dll - ok05:53:41.0384 6188 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll05:53:41.0384 6188 C:\Windows\System32\scesrv.dll - ok05:53:41.0384 6188 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll05:53:41.0384 6188 C:\Windows\System32\scext.dll - ok05:53:41.0384 6188 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll05:53:41.0384 6188 C:\Windows\System32\secur32.dll - ok05:53:41.0384 6188 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll05:53:41.0384 6188 C:\Windows\System32\srvcli.dll - ok05:53:41.0384 6188 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll05:53:41.0384 6188 C:\Windows\System32\sysntfy.dll - ok05:53:41.0384 6188 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll05:53:41.0384 6188 C:\Windows\System32\wevtapi.dll - ok05:53:41.0384 6188 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll05:53:41.0384 6188 C:\Windows\System32\wmsgapi.dll - ok05:53:41.0384 6188 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll05:53:41.0384 6188 C:\Windows\System32\authz.dll - ok05:53:41.0384 6188 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll05:53:41.0384 6188 C:\Windows\System32\bcrypt.dll - ok05:53:41.0399 6188 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll05:53:41.0399 6188 C:\Windows\System32\cngaudit.dll - ok05:53:41.0399 6188 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll05:53:41.0399 6188 C:\Windows\System32\msprivs.dll - ok05:53:41.0399 6188 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll05:53:41.0399 6188 C:\Windows\System32\ncrypt.dll - ok05:53:41.0399 6188 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll05:53:41.0399 6188 C:\Windows\System32\negoexts.dll - ok05:53:41.0399 6188 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll05:53:41.0399 6188 C:\Windows\System32\netjoin.dll - ok05:53:41.0399 6188 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll05:53:41.0399 6188 C:\Windows\System32\cryptsp.dll - ok05:53:41.0399 6188 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll05:53:41.0399 6188 C:\Windows\System32\kerberos.dll - ok05:53:41.0399 6188 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll05:53:41.0399 6188 C:\Windows\System32\msv1_0.dll - ok05:53:41.0399 6188 [ 9A9F9F1A77D6A80EE28B57664F00013E ] C:\Windows\System32\mswsock.dll05:53:41.0399 6188 C:\Windows\System32\mswsock.dll - ok05:53:41.0399 6188 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll05:53:41.0399 6188 C:\Windows\System32\netlogon.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747463 Share Posted October 28, 2013 part 4: 05:53:41.0415 6188 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll05:53:41.0415 6188 C:\Windows\System32\wship6.dll - ok05:53:41.0415 6188 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll05:53:41.0415 6188 C:\Windows\System32\dnsapi.dll - ok05:53:41.0415 6188 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll05:53:41.0415 6188 C:\Windows\System32\logoncli.dll - ok05:53:41.0415 6188 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll05:53:41.0415 6188 C:\Windows\System32\rsaenh.dll - ok05:53:41.0415 6188 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll05:53:41.0415 6188 C:\Windows\System32\schannel.dll - ok05:53:41.0415 6188 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll05:53:41.0415 6188 C:\Windows\System32\wdigest.dll - ok05:53:41.0415 6188 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll05:53:41.0415 6188 C:\Windows\System32\bcryptprimitives.dll - ok05:53:41.0415 6188 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll05:53:41.0415 6188 C:\Windows\System32\efslsaext.dll - ok05:53:41.0415 6188 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll05:53:41.0415 6188 C:\Windows\System32\pku2u.dll - ok05:53:41.0415 6188 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll05:53:41.0415 6188 C:\Windows\System32\scecli.dll - ok05:53:41.0430 6188 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll05:53:41.0430 6188 C:\Windows\System32\TSpkg.dll - ok05:53:41.0430 6188 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll05:53:41.0430 6188 C:\Windows\System32\ubpm.dll - ok05:53:41.0430 6188 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll05:53:41.0430 6188 C:\Windows\System32\winsta.dll - ok05:53:41.0430 6188 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll05:53:41.0430 6188 C:\Windows\System32\devrtl.dll - ok05:53:41.0430 6188 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll05:53:41.0430 6188 C:\Windows\System32\SPInf.dll - ok05:53:41.0430 6188 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe05:53:41.0430 6188 C:\Windows\System32\svchost.exe - ok05:53:41.0430 6188 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll05:53:41.0430 6188 C:\Windows\System32\umpnpmgr.dll - ok05:53:41.0430 6188 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll05:53:41.0430 6188 C:\Windows\System32\gpapi.dll - ok05:53:41.0430 6188 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll05:53:41.0430 6188 C:\Windows\System32\pcwum.dll - ok05:53:41.0430 6188 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll05:53:41.0430 6188 C:\Windows\System32\umpo.dll - ok05:53:41.0430 6188 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll05:53:41.0430 6188 C:\Windows\System32\userenv.dll - ok05:53:41.0446 6188 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll05:53:41.0446 6188 C:\Windows\System32\powrprof.dll - ok05:53:41.0446 6188 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys05:53:41.0446 6188 C:\Windows\System32\drivers\luafv.sys - ok05:53:41.0446 6188 [ EEF33889A80990C70595457A5C97EE09 ] C:\Windows\System32\drivers\KmxSbx.sys05:53:41.0446 6188 C:\Windows\System32\drivers\KmxSbx.sys - ok05:53:41.0446 6188 [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys05:53:41.0446 6188 C:\Windows\System32\drivers\mbam.sys - ok05:53:41.0446 6188 [ F37F612016CC2A6DFD8ADE79842E85DB ] C:\Windows\System32\nvvsvc.exe05:53:41.0446 6188 C:\Windows\System32\nvvsvc.exe - ok05:53:41.0446 6188 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll05:53:41.0446 6188 C:\Windows\System32\wtsapi32.dll - ok05:53:41.0446 6188 [ 877DF77ACE8C82F7F93764345BB82DF5 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe05:53:41.0446 6188 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok05:53:41.0446 6188 [ A2B0924D50F4435FD389499047CE553A ] C:\Windows\SysWOW64\ntdll.dll05:53:41.0446 6188 C:\Windows\SysWOW64\ntdll.dll - ok05:53:41.0446 6188 [ 70833F5A59F65908698093889C34BCA2 ] C:\Windows\System32\wow64.dll05:53:41.0446 6188 C:\Windows\System32\wow64.dll - ok05:53:41.0446 6188 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll05:53:41.0446 6188 C:\Windows\System32\wow64cpu.dll - ok05:53:41.0462 6188 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll05:53:41.0462 6188 C:\Windows\System32\wow64win.dll - ok05:53:41.0462 6188 [ 365A5034093AD9E04F433046C4CDF6AB ] C:\Windows\SysWOW64\kernel32.dll05:53:41.0462 6188 C:\Windows\SysWOW64\kernel32.dll - ok05:53:41.0462 6188 [ 1B7343C3765638D4D17CB925F84F8ABE ] C:\Windows\SysWOW64\KernelBase.dll05:53:41.0462 6188 C:\Windows\SysWOW64\KernelBase.dll - ok05:53:41.0462 6188 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll05:53:41.0462 6188 C:\Windows\SysWOW64\msvcrt.dll - ok05:53:41.0462 6188 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll05:53:41.0462 6188 C:\Windows\SysWOW64\setupapi.dll - ok05:53:41.0462 6188 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll05:53:41.0462 6188 C:\Windows\SysWOW64\version.dll - ok05:53:41.0462 6188 [ D67472125471784DE7147946EDA25FEB ] C:\Windows\SysWOW64\advapi32.dll05:53:41.0462 6188 C:\Windows\SysWOW64\advapi32.dll - ok05:53:41.0462 6188 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll05:53:41.0462 6188 C:\Windows\SysWOW64\cfgmgr32.dll - ok05:53:41.0462 6188 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll05:53:41.0462 6188 C:\Windows\SysWOW64\cryptbase.dll - ok05:53:41.0462 6188 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll05:53:41.0462 6188 C:\Windows\SysWOW64\gdi32.dll - ok05:53:41.0477 6188 [ 4DC999CED9429939D75682EBD7D48901 ] C:\Windows\SysWOW64\rpcrt4.dll05:53:41.0477 6188 C:\Windows\SysWOW64\rpcrt4.dll - ok05:53:41.0477 6188 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll05:53:41.0477 6188 C:\Windows\SysWOW64\sechost.dll - ok05:53:41.0477 6188 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll05:53:41.0477 6188 C:\Windows\SysWOW64\sspicli.dll - ok05:53:41.0477 6188 [ CC23295DA8F7B5C53F93804D2F5D30EB ] C:\Windows\SysWOW64\lpk.dll05:53:41.0477 6188 C:\Windows\SysWOW64\lpk.dll - ok05:53:41.0477 6188 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll05:53:41.0477 6188 C:\Windows\SysWOW64\ole32.dll - ok05:53:41.0477 6188 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll05:53:41.0477 6188 C:\Windows\SysWOW64\oleaut32.dll - ok05:53:41.0477 6188 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll05:53:41.0477 6188 C:\Windows\SysWOW64\user32.dll - ok05:53:41.0477 6188 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll05:53:41.0477 6188 C:\Windows\SysWOW64\usp10.dll - ok05:53:41.0477 6188 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll05:53:41.0477 6188 C:\Windows\SysWOW64\devobj.dll - ok05:53:41.0477 6188 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll05:53:41.0477 6188 C:\Windows\SysWOW64\imm32.dll - ok05:53:41.0477 6188 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll05:53:41.0477 6188 C:\Windows\SysWOW64\msctf.dll - ok05:53:41.0493 6188 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv05:53:41.0493 6188 C:\Windows\SysWOW64\winspool.drv - ok05:53:41.0493 6188 [ 8C630884FABEF200F601DDCE5EAEAC3C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll05:53:41.0493 6188 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok05:53:41.0493 6188 [ A2586CF42930B2F42CD4D6C901AFDDA6 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll05:53:41.0493 6188 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok05:53:41.0493 6188 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll05:53:41.0493 6188 C:\Windows\System32\RpcEpMap.dll - ok05:53:41.0493 6188 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll05:53:41.0493 6188 C:\Windows\System32\rpcss.dll - ok05:53:41.0493 6188 [ AE8EB083B050E17A7D6EB5E28AECDDD6 ] C:\Windows\SysWOW64\crypt32.dll05:53:41.0493 6188 C:\Windows\SysWOW64\crypt32.dll - ok05:53:41.0493 6188 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll05:53:41.0493 6188 C:\Windows\SysWOW64\msasn1.dll - ok05:53:41.0493 6188 [ 68EAAEDF0365168B804E8728368FA946 ] C:\Windows\SysWOW64\wintrust.dll05:53:41.0493 6188 C:\Windows\SysWOW64\wintrust.dll - ok05:53:41.0493 6188 [ 5C6DDDDB65020C36B25BECDD69A1F642 ] C:\Windows\System32\Vetredir64.dll05:53:41.0493 6188 C:\Windows\System32\Vetredir64.dll - ok05:53:41.0493 6188 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll05:53:41.0493 6188 C:\Windows\System32\wshqos.dll - ok05:53:41.0508 6188 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL05:53:41.0508 6188 C:\Windows\System32\WSHTCPIP.DLL - ok05:53:41.0508 6188 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll05:53:41.0508 6188 C:\Windows\SysWOW64\devrtl.dll - ok05:53:41.0508 6188 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll05:53:41.0508 6188 C:\Windows\SysWOW64\ntmarta.dll - ok05:53:41.0508 6188 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll05:53:41.0508 6188 C:\Windows\SysWOW64\SPInf.dll - ok05:53:41.0508 6188 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll05:53:41.0508 6188 C:\Windows\SysWOW64\Wldap32.dll - ok05:53:41.0508 6188 [ 91CD061470127B651285AB8C217A7FAD ] C:\Windows\System32\Isafeif64.dll05:53:41.0508 6188 C:\Windows\System32\Isafeif64.dll - ok05:53:41.0508 6188 [ BE14CDE58770E71B6535E54E00E3AC6A ] C:\Windows\System32\isafprod64.dll05:53:41.0508 6188 C:\Windows\System32\isafprod64.dll - ok05:53:41.0508 6188 [ ED5C189A25FC37C445C93325CA717DB0 ] C:\Windows\System32\UmxSbxA64.dll05:53:41.0508 6188 C:\Windows\System32\UmxSbxA64.dll - ok05:53:41.0508 6188 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll05:53:41.0508 6188 C:\Windows\System32\FirewallAPI.dll - ok05:53:41.0508 6188 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll05:53:41.0508 6188 C:\Windows\System32\version.dll - ok05:53:41.0524 6188 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll05:53:41.0524 6188 C:\Windows\System32\wevtsvc.dll - ok05:53:41.0524 6188 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll05:53:41.0524 6188 C:\Windows\System32\adtschema.dll - ok05:53:41.0524 6188 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll05:53:41.0524 6188 C:\Windows\System32\audiosrv.dll - ok05:53:41.0524 6188 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll05:53:41.0524 6188 C:\Windows\System32\profsvc.dll - ok05:53:41.0524 6188 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll05:53:41.0524 6188 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok05:53:41.0524 6188 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll05:53:41.0524 6188 C:\Windows\System32\MMDevAPI.dll - ok05:53:41.0524 6188 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll05:53:41.0524 6188 C:\Windows\System32\netprofm.dll - ok05:53:41.0524 6188 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll05:53:41.0524 6188 C:\Windows\System32\propsys.dll - ok05:53:41.0524 6188 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll05:53:41.0524 6188 C:\Windows\System32\avrt.dll - ok05:53:41.0524 6188 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys05:53:41.0524 6188 C:\Windows\System32\drivers\fltMgr.sys - ok05:53:41.0540 6188 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll05:53:41.0540 6188 C:\Windows\System32\FntCache.dll - ok05:53:41.0540 6188 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll05:53:41.0540 6188 C:\Windows\System32\MPSSVC.dll - ok05:53:41.0540 6188 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe05:53:41.0540 6188 C:\Windows\System32\winlogon.exe - ok05:53:41.0540 6188 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll05:53:41.0540 6188 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok05:53:41.0540 6188 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll05:53:41.0540 6188 C:\Windows\System32\mmcss.dll - ok05:53:41.0540 6188 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL05:53:41.0540 6188 C:\Windows\System32\PSHED.DLL - ok05:53:41.0540 6188 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe05:53:41.0540 6188 C:\Windows\System32\audiodg.exe - ok05:53:41.0540 6188 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe05:53:41.0540 6188 C:\Windows\System32\LogonUI.exe - ok05:53:41.0540 6188 [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll05:53:41.0540 6188 C:\Windows\System32\authui.dll - ok05:53:41.0540 6188 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll05:53:41.0540 6188 C:\Windows\System32\ntmarta.dll - ok05:53:41.0555 6188 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll05:53:41.0555 6188 C:\Windows\System32\cryptui.dll - ok05:53:41.0555 6188 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll05:53:41.0555 6188 C:\Windows\System32\cscsvc.dll - ok05:53:41.0555 6188 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll05:53:41.0555 6188 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok05:53:41.0555 6188 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll05:53:41.0555 6188 C:\Windows\System32\atl.dll - ok05:53:41.0555 6188 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll05:53:41.0555 6188 C:\Windows\System32\gpsvc.dll - ok05:53:41.0555 6188 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll05:53:41.0555 6188 C:\Windows\System32\PeerDist.dll - ok05:53:41.0555 6188 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll05:53:41.0555 6188 C:\Windows\System32\samlib.dll - ok05:53:41.0555 6188 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll05:53:41.0555 6188 C:\Windows\System32\shacct.dll - ok05:53:41.0555 6188 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll05:53:41.0555 6188 C:\Windows\System32\taskschd.dll - ok05:53:41.0555 6188 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll05:53:41.0555 6188 C:\Windows\System32\themeservice.dll - ok05:53:41.0571 6188 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll05:53:41.0571 6188 C:\Windows\System32\comres.dll - ok05:53:41.0571 6188 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll05:53:41.0571 6188 C:\Windows\System32\dsrole.dll - ok05:53:41.0571 6188 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll05:53:41.0571 6188 C:\Windows\System32\es.dll - ok05:53:41.0571 6188 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll05:53:41.0571 6188 C:\Windows\System32\mstask.dll - ok05:53:41.0571 6188 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll05:53:41.0571 6188 C:\Windows\System32\nlaapi.dll - ok05:53:41.0571 6188 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll05:53:41.0571 6188 C:\Windows\System32\Sens.dll - ok05:53:41.0571 6188 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll05:53:41.0571 6188 C:\Windows\System32\slc.dll - ok05:53:41.0571 6188 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll05:53:41.0571 6188 C:\Windows\System32\uxtheme.dll - ok05:53:41.0571 6188 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll05:53:41.0571 6188 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok05:53:41.0571 6188 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys05:53:41.0571 6188 C:\Windows\System32\drivers\lltdio.sys - ok05:53:41.0571 6188 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys05:53:41.0586 6188 C:\Windows\System32\drivers\rspndr.sys - ok05:53:41.0586 6188 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll05:53:41.0586 6188 C:\Windows\System32\dui70.dll - ok05:53:41.0586 6188 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll05:53:41.0586 6188 C:\Windows\System32\uxsms.dll - ok05:53:41.0586 6188 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll05:53:41.0586 6188 C:\Windows\System32\dhcpcore.dll - ok05:53:41.0586 6188 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll05:53:41.0586 6188 C:\Windows\System32\dhcpcore6.dll - ok05:53:41.0586 6188 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll05:53:41.0586 6188 C:\Windows\System32\duser.dll - ok05:53:41.0586 6188 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll05:53:41.0586 6188 C:\Windows\System32\dwmapi.dll - ok05:53:41.0586 6188 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll05:53:41.0586 6188 C:\Windows\System32\hid.dll - ok05:53:41.0586 6188 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL05:53:41.0586 6188 C:\Windows\System32\IPHLPAPI.DLL - ok05:53:41.0586 6188 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll05:53:41.0586 6188 C:\Windows\System32\lmhsvc.dll - ok05:53:41.0586 6188 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll05:53:41.0586 6188 C:\Windows\System32\nrpsrv.dll - ok05:53:41.0602 6188 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll05:53:41.0602 6188 C:\Windows\System32\nsisvc.dll - ok05:53:41.0602 6188 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll05:53:41.0602 6188 C:\Windows\System32\SndVolSSO.dll - ok05:53:41.0602 6188 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll05:53:41.0602 6188 C:\Windows\System32\winnsi.dll - ok05:53:41.0602 6188 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll05:53:41.0602 6188 C:\Windows\System32\dnsext.dll - ok05:53:41.0602 6188 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll05:53:41.0602 6188 C:\Windows\System32\dnsrslvr.dll - ok05:53:41.0602 6188 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL05:53:41.0602 6188 C:\Windows\System32\FWPUCLNT.DLL - ok05:53:41.0602 6188 [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll05:53:41.0602 6188 C:\Windows\System32\WindowsCodecs.dll - ok05:53:41.0602 6188 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll05:53:41.0602 6188 C:\Windows\System32\xmllite.dll - ok05:53:41.0602 6188 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll05:53:41.0602 6188 C:\Windows\System32\dhcpcsvc.dll - ok05:53:41.0602 6188 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll05:53:41.0602 6188 C:\Windows\System32\dhcpcsvc6.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747465 Share Posted October 28, 2013 part 5: 05:53:41.0618 6188 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll05:53:41.0618 6188 C:\Windows\System32\netapi32.dll - ok05:53:41.0618 6188 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll05:53:41.0618 6188 C:\Windows\System32\netutils.dll - ok05:53:41.0618 6188 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll05:53:41.0618 6188 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll05:53:41.0618 6188 C:\Windows\System32\shsvcs.dll - ok05:53:41.0618 6188 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll05:53:41.0618 6188 C:\Windows\System32\wkscli.dll - ok05:53:41.0618 6188 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll05:53:41.0618 6188 C:\Windows\System32\ktmw32.dll - ok05:53:41.0618 6188 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll05:53:41.0618 6188 C:\Windows\System32\SmartcardCredentialProvider.dll - ok05:53:41.0618 6188 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll05:53:41.0618 6188 C:\Windows\System32\VaultCredProvider.dll - ok05:53:41.0618 6188 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll05:53:41.0618 6188 C:\Windows\System32\winbrand.dll - ok05:53:41.0618 6188 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll05:53:41.0618 6188 C:\Windows\System32\BioCredProv.dll - ok05:53:41.0633 6188 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll05:53:41.0633 6188 C:\Windows\System32\certCredProvider.dll - ok05:53:41.0633 6188 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll05:53:41.0633 6188 C:\Windows\System32\credui.dll - ok05:53:41.0633 6188 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll05:53:41.0633 6188 C:\Windows\System32\samcli.dll - ok05:53:41.0633 6188 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll05:53:41.0633 6188 C:\Windows\System32\vaultcli.dll - ok05:53:41.0633 6188 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll05:53:41.0633 6188 C:\Windows\System32\winbio.dll - ok05:53:41.0633 6188 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll05:53:41.0633 6188 C:\Windows\System32\rasapi32.dll - ok05:53:41.0633 6188 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll05:53:41.0633 6188 C:\Windows\System32\rasman.dll - ok05:53:41.0633 6188 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll05:53:41.0633 6188 C:\Windows\System32\rasplap.dll - ok05:53:41.0633 6188 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll05:53:41.0633 6188 C:\Windows\System32\rtutils.dll - ok05:53:41.0633 6188 [ 2ACBCDEB32167F9F6EABD1E8CEAF440F ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll05:53:41.0633 6188 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok05:53:41.0633 6188 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll05:53:41.0633 6188 C:\Windows\System32\oleacc.dll - ok05:53:41.0649 6188 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll05:53:41.0649 6188 C:\Windows\System32\UXInit.dll - ok05:53:41.0649 6188 [ BAE6617CCDCFEE4757D9220633CEA67D ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe05:53:41.0649 6188 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok05:53:41.0649 6188 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll05:53:41.0649 6188 C:\Windows\System32\UIAutomationCore.dll - ok05:53:41.0649 6188 [ 4BC3E823F26F44B5E32E36F17A29B5E7 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll05:53:41.0649 6188 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok05:53:41.0649 6188 [ 22A39D595529F1D62A0B2BB7A600665E ] C:\Windows\System32\nvsvc64.dll05:53:41.0649 6188 C:\Windows\System32\nvsvc64.dll - ok05:53:41.0649 6188 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll05:53:41.0649 6188 C:\Windows\System32\mscms.dll - ok05:53:41.0649 6188 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll05:53:41.0649 6188 C:\Windows\System32\taskcomp.dll - ok05:53:41.0649 6188 [ B6B0DB8A5B5F81275AA788363599AA07 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll05:53:41.0649 6188 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok05:53:41.0649 6188 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll05:53:41.0649 6188 C:\Windows\System32\msimg32.dll - ok05:53:41.0664 6188 [ 778DDFA8D492FD70FA8D1CBA62E6E7FC ] C:\Windows\System32\nvapi64.dll05:53:41.0664 6188 C:\Windows\System32\nvapi64.dll - ok05:53:41.0664 6188 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll05:53:41.0664 6188 C:\Windows\System32\winmm.dll - ok05:53:41.0664 6188 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys05:53:41.0664 6188 C:\Windows\System32\drivers\http.sys - ok05:53:41.0664 6188 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll05:53:41.0664 6188 C:\Windows\System32\fveapi.dll - ok05:53:41.0664 6188 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll05:53:41.0664 6188 C:\Windows\System32\fvecerts.dll - ok05:53:41.0664 6188 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll05:53:41.0664 6188 C:\Windows\System32\tbs.dll - ok05:53:41.0664 6188 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll05:53:41.0664 6188 C:\Windows\System32\imageres.dll - ok05:53:41.0664 6188 [ EFF51F06269379648EC78AC01D3ED0F4 ] C:\Windows\System32\nvsvcr.dll05:53:41.0664 6188 C:\Windows\System32\nvsvcr.dll - ok05:53:41.0664 6188 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe05:53:41.0664 6188 C:\Windows\System32\spoolsv.exe - ok05:53:41.0664 6188 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv05:53:41.0664 6188 C:\Windows\System32\winspool.drv - ok05:53:41.0664 6188 [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll05:53:41.0664 6188 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok05:53:41.0680 6188 [ 3700151700FD216912B1EF92D225A370 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll05:53:41.0680 6188 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok05:53:41.0680 6188 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL05:53:41.0680 6188 C:\Windows\System32\BFE.DLL - ok05:53:41.0680 6188 [ BD040ACAC1CE4B3A7FC385B7537054FC ] C:\Windows\System32\nvcpl.dll05:53:41.0680 6188 C:\Windows\System32\nvcpl.dll - ok05:53:41.0680 6188 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll05:53:41.0680 6188 C:\Windows\System32\wiarpc.dll - ok05:53:41.0680 6188 [ 6740320D3471BD0AB1AF800AB144A10A ] C:\Windows\System32\nvumdshimx.dll05:53:41.0680 6188 C:\Windows\System32\nvumdshimx.dll - ok05:53:41.0680 6188 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys05:53:41.0680 6188 C:\Windows\System32\drivers\bowser.sys - ok05:53:41.0680 6188 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys05:53:41.0680 6188 C:\Windows\System32\drivers\mpsdrv.sys - ok05:53:41.0680 6188 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys05:53:41.0680 6188 C:\Windows\System32\drivers\mrxsmb.sys - ok05:53:41.0680 6188 [ 28D75ACFBBA985B2A718D59181F0852E ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll05:53:41.0680 6188 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok05:53:41.0680 6188 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys05:53:41.0680 6188 C:\Windows\System32\drivers\mrxsmb10.sys - ok05:53:41.0696 6188 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys05:53:41.0696 6188 C:\Windows\System32\drivers\mrxsmb20.sys - ok05:53:41.0696 6188 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll05:53:41.0696 6188 C:\Windows\System32\wkssvc.dll - ok05:53:41.0696 6188 [ C330710CF95587DCB7806BB6A22CF044 ] C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe05:53:41.0696 6188 C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe - ok05:53:41.0696 6188 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll05:53:41.0696 6188 C:\Windows\System32\wfapigp.dll - ok05:53:41.0696 6188 [ E02781D4871844DCD30DF1D69A650F78 ] C:\Windows\SysWOW64\shell32.dll05:53:41.0696 6188 C:\Windows\SysWOW64\shell32.dll - ok05:53:41.0696 6188 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll05:53:41.0696 6188 C:\Windows\System32\pcasvc.dll - ok05:53:41.0696 6188 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe05:53:41.0696 6188 C:\Windows\System32\snmptrap.exe - ok05:53:41.0696 6188 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll05:53:41.0696 6188 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok05:53:41.0696 6188 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll05:53:41.0696 6188 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok05:53:41.0696 6188 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll05:53:41.0696 6188 C:\Windows\System32\PeerDistSh.dll - ok05:53:41.0711 6188 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll05:53:41.0711 6188 C:\Windows\SysWOW64\shlwapi.dll - ok05:53:41.0711 6188 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll05:53:41.0711 6188 C:\Windows\System32\provsvc.dll - ok05:53:41.0711 6188 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll05:53:41.0711 6188 C:\Windows\System32\sstpsvc.dll - ok05:53:41.0711 6188 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll05:53:41.0711 6188 C:\Windows\SysWOW64\msvcp60.dll - ok05:53:41.0711 6188 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll05:53:41.0711 6188 C:\Windows\SysWOW64\profapi.dll - ok05:53:41.0711 6188 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll05:53:41.0711 6188 C:\Windows\SysWOW64\psapi.dll - ok05:53:41.0711 6188 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll05:53:41.0711 6188 C:\Windows\SysWOW64\userenv.dll - ok05:53:41.0711 6188 [ 2FD15E765E209E3DAC193D3D528C4518 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe05:53:41.0711 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe - ok05:53:41.0711 6188 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll05:53:41.0711 6188 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok05:53:41.0711 6188 [ F3EA260D8AB0B7A9B6A7E01A527529E7 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\crux_1_0.dll05:53:41.0711 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\crux_1_0.dll - ok05:53:41.0727 6188 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe05:53:41.0727 6188 C:\Windows\System32\dllhost.exe - ok05:53:41.0727 6188 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll05:53:41.0727 6188 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok05:53:41.0727 6188 [ EAE7BA27BBD8CC4E0319F29777A23EC2 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe05:53:41.0727 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe - ok05:53:41.0727 6188 [ 85D7A84CEB2FE58F5BE6B6E5F9041BE2 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafserv.dll05:53:41.0727 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafserv.dll - ok05:53:41.0727 6188 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll05:53:41.0727 6188 C:\Windows\System32\IDStore.dll - ok05:53:41.0727 6188 [ 94FE8DB09B3DD31AAA25A186EC086473 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\arclib.dll05:53:41.0727 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\arclib.dll - ok05:53:41.0727 6188 [ 8E7265421B80D8597BBA3F3B9E6DD314 ] C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe05:53:41.0727 6188 C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe - ok05:53:41.0727 6188 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe05:53:41.0727 6188 C:\Windows\System32\taskeng.exe - ok05:53:41.0727 6188 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe05:53:41.0727 6188 C:\Windows\System32\taskhost.exe - ok05:53:41.0742 6188 [ EFF90335023437DA22EC310B7F1CAF35 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\MalwareAPI.dll05:53:41.0742 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\MalwareAPI.dll - ok05:53:41.0742 6188 [ 6F778CA7BF8D9A37B005CCDF487992ED ] C:\Program Files\Total Defense\Internet Security Suite\log4cplusU.dll05:53:41.0742 6188 C:\Program Files\Total Defense\Internet Security Suite\log4cplusU.dll - ok05:53:41.0742 6188 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll05:53:41.0742 6188 C:\Windows\System32\pdh.dll - ok05:53:41.0742 6188 [ 59823D302288EEA778646C8CF963ADDD ] C:\Program Files\Total Defense\Internet Security Suite\ccscheduler.dll05:53:41.0742 6188 C:\Program Files\Total Defense\Internet Security Suite\ccscheduler.dll - ok05:53:41.0742 6188 [ 6B400F211BEE880A37A1ED0368776BF4 ] C:\Windows\System32\cryptsvc.dll05:53:41.0742 6188 C:\Windows\System32\cryptsvc.dll - ok05:53:41.0742 6188 [ 2617E19EC0DE5F90FF1EE4D4F735E5D4 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\vete.dll05:53:41.0742 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\vete.dll - ok05:53:41.0742 6188 [ A6B726DCA228F7878E38368A1BDC68BE ] C:\Windows\System32\cryptnet.dll05:53:41.0742 6188 C:\Windows\System32\cryptnet.dll - ok05:53:41.0742 6188 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll05:53:41.0742 6188 C:\Windows\System32\dps.dll - ok05:53:41.0742 6188 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll05:53:41.0742 6188 C:\Windows\System32\fdPHost.dll - ok05:53:41.0742 6188 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll05:53:41.0742 6188 C:\Windows\System32\vssapi.dll - ok05:53:41.0758 6188 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll05:53:41.0758 6188 C:\Windows\SysWOW64\clbcatq.dll - ok05:53:41.0758 6188 [ 3E43F0C5456ECA8A3F083804FAD1C405 ] C:\Windows\SysWOW64\CtHdaSvc.exe05:53:41.0758 6188 C:\Windows\SysWOW64\CtHdaSvc.exe - ok05:53:41.0758 6188 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll05:53:41.0758 6188 C:\Windows\System32\fdWSD.dll - ok05:53:41.0758 6188 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll05:53:41.0758 6188 C:\Windows\System32\mlang.dll - ok05:53:41.0758 6188 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll05:53:41.0758 6188 C:\Windows\System32\vsstrace.dll - ok05:53:41.0758 6188 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll05:53:41.0758 6188 C:\Windows\System32\webservices.dll - ok Link to post Share on other sites More sharing options...
Psychotic Posted October 28, 2013 ID:747466 Share Posted October 28, 2013 Please attach the TDSS-Killer log to your next reply Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747468 Share Posted October 28, 2013 part 6: 05:53:41.0758 6188 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll 05:53:41.0758 6188 C:\Windows\System32\WSDApi.dll - ok 05:53:41.0758 6188 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll 05:53:41.0758 6188 C:\Windows\SysWOW64\MMDevAPI.dll - ok 05:53:41.0758 6188 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll 05:53:41.0758 6188 C:\Windows\SysWOW64\propsys.dll - ok 05:53:41.0758 6188 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll 05:53:41.0758 6188 C:\Windows\System32\FDResPub.dll - ok 05:53:41.0774 6188 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL 05:53:41.0774 6188 C:\Windows\System32\IKEEXT.DLL - ok 05:53:41.0774 6188 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll 05:53:41.0774 6188 C:\Windows\System32\winhttp.dll - ok 05:53:41.0774 6188 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll 05:53:41.0774 6188 C:\Windows\SysWOW64\AudioSes.dll - ok 05:53:41.0774 6188 [ 0043EC20C06FD9FE339B5D37474B731E ] C:\Program Files\Intel\iCLS Client\HeciServer.exe 05:53:41.0774 6188 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok 05:53:41.0774 6188 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll 05:53:41.0774 6188 C:\Windows\System32\fdSSDP.dll - ok 05:53:41.0774 6188 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll 05:53:41.0774 6188 C:\Windows\System32\fundisc.dll - ok 05:53:41.0774 6188 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll 05:53:41.0774 6188 C:\Windows\System32\ssdpapi.dll - ok 05:53:41.0774 6188 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll 05:53:41.0774 6188 C:\Windows\System32\webio.dll - ok 05:53:41.0774 6188 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll 05:53:41.0774 6188 C:\Windows\System32\rasadhlp.dll - ok 05:53:41.0774 6188 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll 05:53:41.0774 6188 C:\Windows\System32\vpnikeapi.dll - ok 05:53:41.0774 6188 [ 82AB1C7D22490FDC93A4BE62E7F49E90 ] C:\Windows\SysWOW64\CtHdaCtl.dll 05:53:41.0789 6188 C:\Windows\SysWOW64\CtHdaCtl.dll - ok 05:53:41.0789 6188 [ EA83415296F905D11651B9AF26FB7EBD ] C:\Windows\System32\IPROSetMonitor.exe 05:53:41.0789 6188 C:\Windows\System32\IPROSetMonitor.exe - ok 05:53:41.0789 6188 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll 05:53:41.0789 6188 C:\Windows\System32\localspl.dll - ok 05:53:41.0789 6188 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll 05:53:41.0789 6188 C:\Windows\System32\msvcp100.dll - ok 05:53:41.0789 6188 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll 05:53:41.0789 6188 C:\Windows\System32\umb.dll - ok 05:53:41.0789 6188 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll 05:53:41.0789 6188 C:\Windows\System32\FXSMON.dll - ok 05:53:41.0789 6188 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll 05:53:41.0789 6188 C:\Windows\System32\msvcr100.dll - ok 05:53:41.0789 6188 [ FFA37D9FDE8B8E41C59CDDC94E1E0600 ] C:\Windows\System32\pdfc_port.dll 05:53:41.0789 6188 C:\Windows\System32\pdfc_port.dll - ok 05:53:41.0789 6188 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll 05:53:41.0789 6188 C:\Windows\System32\PrintIsolationProxy.dll - ok 05:53:41.0789 6188 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll 05:53:41.0789 6188 C:\Windows\System32\spoolss.dll - ok 05:53:41.0789 6188 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll 05:53:41.0789 6188 C:\Windows\System32\TSChannel.dll - ok 05:53:41.0805 6188 [ 45D8B085E2F2B52820B2136B8C2A74B7 ] C:\Program Files\Malwarebytes Anti-Exploit\mbae-loader.exe 05:53:41.0805 6188 C:\Program Files\Malwarebytes Anti-Exploit\mbae-loader.exe - ok 05:53:41.0805 6188 [ BF95EA5809E3BBF55370F7CB309FEBD0 ] C:\Windows\System32\conhost.exe 05:53:41.0805 6188 C:\Windows\System32\conhost.exe - ok 05:53:41.0805 6188 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll 05:53:41.0805 6188 C:\Windows\System32\msxml6.dll - ok 05:53:41.0805 6188 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll 05:53:41.0805 6188 C:\Windows\System32\snmpapi.dll - ok 05:53:41.0805 6188 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll 05:53:41.0805 6188 C:\Windows\System32\tcpmon.dll - ok 05:53:41.0805 6188 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll 05:53:41.0805 6188 C:\Windows\System32\wsnmp32.dll - ok 05:53:41.0805 6188 [ 2A51697D0F14970843F3A4189E49B695 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe 05:53:41.0805 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe - ok 05:53:41.0805 6188 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll 05:53:41.0805 6188 C:\Windows\System32\fdPnp.dll - ok 05:53:41.0805 6188 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll 05:53:41.0805 6188 C:\Windows\System32\usbmon.dll - ok 05:53:41.0805 6188 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll 05:53:41.0805 6188 C:\Windows\System32\WSDMon.dll - ok 05:53:41.0820 6188 [ 2896919A9E5A4DC267A2D916F75D2346 ] C:\Windows\System32\drivers\KmxCF.sys 05:53:41.0820 6188 C:\Windows\System32\drivers\KmxCF.sys - ok 05:53:41.0820 6188 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll 05:53:41.0820 6188 C:\Windows\System32\inetpp.dll - ok 05:53:41.0820 6188 [ ACB4573209FC9F335E242017C3064E5C ] C:\Windows\System32\msvcr100d.dll 05:53:41.0820 6188 C:\Windows\System32\msvcr100d.dll - ok 05:53:41.0820 6188 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll 05:53:41.0820 6188 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok 05:53:41.0820 6188 [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll 05:53:41.0820 6188 C:\Windows\System32\win32spl.dll - ok 05:53:41.0820 6188 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll 05:53:41.0820 6188 C:\Windows\SysWOW64\msvcp100.dll - ok 05:53:41.0820 6188 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll 05:53:41.0820 6188 C:\Windows\SysWOW64\msvcr100.dll - ok 05:53:41.0820 6188 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll 05:53:41.0820 6188 C:\Windows\SysWOW64\nsi.dll - ok 05:53:41.0820 6188 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll 05:53:41.0820 6188 C:\Windows\SysWOW64\ws2_32.dll - ok 05:53:41.0820 6188 [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 05:53:41.0820 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok 05:53:41.0836 6188 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll 05:53:41.0836 6188 C:\Windows\System32\cscapi.dll - ok 05:53:41.0836 6188 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll 05:53:41.0836 6188 C:\Windows\System32\nlasvc.dll - ok 05:53:41.0836 6188 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll 05:53:41.0836 6188 C:\Windows\SysWOW64\dnsapi.dll - ok 05:53:41.0836 6188 [ E94C583CDE2348950155F2AF2876F34D ] C:\Windows\SysWOW64\mswsock.dll 05:53:41.0836 6188 C:\Windows\SysWOW64\mswsock.dll - ok 05:53:41.0836 6188 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll 05:53:41.0836 6188 C:\Windows\SysWOW64\wship6.dll - ok 05:53:41.0836 6188 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL 05:53:41.0836 6188 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok 05:53:41.0836 6188 [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll 05:53:41.0836 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok 05:53:41.0836 6188 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll 05:53:41.0836 6188 C:\Windows\System32\NapiNSP.dll - ok 05:53:41.0836 6188 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll 05:53:41.0836 6188 C:\Windows\System32\pnrpnsp.dll - ok 05:53:41.0836 6188 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL 05:53:41.0836 6188 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok 05:53:41.0852 6188 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL 05:53:41.0852 6188 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok 05:53:41.0852 6188 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll 05:53:41.0852 6188 C:\Windows\SysWOW64\rasadhlp.dll - ok 05:53:41.0852 6188 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll 05:53:41.0852 6188 C:\Windows\SysWOW64\winnsi.dll - ok 05:53:41.0852 6188 [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll 05:53:41.0852 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok 05:53:41.0852 6188 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll 05:53:41.0852 6188 C:\Windows\SysWOW64\wtsapi32.dll - ok 05:53:41.0852 6188 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 05:53:41.0852 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok 05:53:41.0852 6188 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll 05:53:41.0852 6188 C:\Windows\System32\httpapi.dll - ok 05:53:41.0852 6188 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll 05:53:41.0852 6188 C:\Windows\SysWOW64\cryptsp.dll - ok 05:53:41.0852 6188 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll 05:53:41.0852 6188 C:\Windows\SysWOW64\rsaenh.dll - ok 05:53:41.0852 6188 [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll 05:53:41.0852 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok 05:53:41.0867 6188 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll 05:53:41.0867 6188 C:\Windows\SysWOW64\mpr.dll - ok 05:53:41.0867 6188 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll 05:53:41.0867 6188 C:\Windows\System32\aepic.dll - ok 05:53:41.0867 6188 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll 05:53:41.0867 6188 C:\Windows\System32\ncsi.dll - ok 05:53:41.0867 6188 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll 05:53:41.0867 6188 C:\Windows\System32\sfc.dll - ok 05:53:41.0867 6188 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll 05:53:41.0867 6188 C:\Windows\System32\sfc_os.dll - ok 05:53:41.0867 6188 [ 1D90C1413A803DD08E7D3B6A50C1135A ] C:\Program Files (x86)\PDF Complete\pdfsvc.exe 05:53:41.0867 6188 C:\Program Files (x86)\PDF Complete\pdfsvc.exe - ok 05:53:41.0867 6188 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll 05:53:41.0867 6188 C:\Windows\System32\MsCtfMonitor.dll - ok 05:53:41.0867 6188 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll 05:53:41.0867 6188 C:\Windows\System32\msutb.dll - ok 05:53:41.0867 6188 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe 05:53:41.0867 6188 C:\Windows\System32\AtBroker.exe - ok 05:53:41.0867 6188 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747469 Share Posted October 28, 2013 part 7: 05:53:41.0867 6188 C:\Windows\System32\mpr.dll - ok 05:53:41.0883 6188 [ E4FEB264B47360B7296AEA4E052F88D8 ] C:\Windows\SysWOW64\wininet.dll 05:53:41.0883 6188 C:\Windows\SysWOW64\wininet.dll - ok 05:53:41.0883 6188 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll 05:53:41.0883 6188 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok 05:53:41.0883 6188 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe 05:53:41.0883 6188 C:\Windows\System32\userinit.exe - ok 05:53:41.0883 6188 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok 05:53:41.0883 6188 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok 05:53:41.0883 6188 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok 05:53:41.0883 6188 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok 05:53:41.0883 6188 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 05:53:41.0883 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok 05:53:41.0883 6188 [ 122B216B091D06F672CC8D331128FB06 ] C:\Windows\SysWOW64\iertutil.dll 05:53:41.0883 6188 C:\Windows\SysWOW64\iertutil.dll - ok 05:53:41.0883 6188 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe 05:53:41.0883 6188 C:\Windows\System32\dwm.exe - ok 05:53:41.0898 6188 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll 05:53:41.0898 6188 C:\Windows\System32\dwmcore.dll - ok 05:53:41.0898 6188 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll 05:53:41.0898 6188 C:\Windows\System32\dwmredir.dll - ok 05:53:41.0898 6188 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll 05:53:41.0898 6188 C:\Windows\System32\d3d10_1.dll - ok 05:53:41.0898 6188 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll 05:53:41.0898 6188 C:\Windows\System32\d3d10_1core.dll - ok 05:53:41.0898 6188 [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll 05:53:41.0898 6188 C:\Windows\System32\d3d11.dll - ok 05:53:41.0898 6188 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll 05:53:41.0898 6188 C:\Windows\System32\dxgi.dll - ok 05:53:41.0898 6188 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 05:53:41.0898 6188 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok 05:53:41.0898 6188 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll 05:53:41.0898 6188 C:\Windows\System32\esent.dll - ok 05:53:41.0898 6188 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll 05:53:41.0898 6188 C:\Windows\System32\HotStartUserAgent.dll - ok 05:53:41.0898 6188 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll 05:53:41.0898 6188 C:\Windows\System32\PlaySndSrv.dll - ok 05:53:41.0914 6188 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe 05:53:41.0914 6188 C:\Windows\explorer.exe - ok 05:53:41.0914 6188 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys 05:53:41.0914 6188 C:\Windows\System32\drivers\PEAuth.sys - ok 05:53:41.0914 6188 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys 05:53:41.0914 6188 C:\Windows\System32\drivers\secdrv.sys - ok 05:53:41.0914 6188 [ DD02E503195A46CDA30382DA7D053DF8 ] C:\Windows\System32\nvwgf2umx.dll 05:53:41.0914 6188 C:\Windows\System32\nvwgf2umx.dll - ok 05:53:41.0914 6188 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys 05:53:41.0914 6188 C:\Windows\System32\drivers\srvnet.sys - ok 05:53:41.0914 6188 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys 05:53:41.0914 6188 C:\Windows\System32\drivers\tcpipreg.sys - ok 05:53:41.0914 6188 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll 05:53:41.0914 6188 C:\Windows\System32\ExplorerFrame.dll - ok 05:53:41.0914 6188 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll 05:53:41.0914 6188 C:\Windows\System32\sysmain.dll - ok 05:53:41.0914 6188 [ AF950F62E5FC72FFDB7363F72600B21C ] C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe 05:53:41.0914 6188 C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe - ok 05:53:41.0914 6188 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll 05:53:41.0914 6188 C:\Windows\System32\trkwks.dll - ok 05:53:41.0930 6188 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll 05:53:41.0930 6188 C:\Windows\SysWOW64\winsta.dll - ok 05:53:41.0930 6188 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll 05:53:41.0930 6188 C:\Windows\System32\shfolder.dll - ok 05:53:41.0930 6188 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll 05:53:41.0930 6188 C:\Windows\SysWOW64\apphelp.dll - ok 05:53:41.0930 6188 [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 05:53:41.0930 6188 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok 05:53:41.0930 6188 [ FD337E6B84FB6081D349DCDABF49BBB3 ] C:\Program Files\CA\SharedComponents\TMEngine\UmxCfg.dll 05:53:41.0930 6188 C:\Program Files\CA\SharedComponents\TMEngine\UmxCfg.dll - ok 05:53:41.0930 6188 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 05:53:41.0930 6188 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok 05:53:41.0930 6188 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll 05:53:41.0930 6188 C:\Windows\System32\cscui.dll - ok 05:53:41.0930 6188 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll 05:53:41.0930 6188 C:\Windows\System32\EhStorShell.dll - ok 05:53:41.0930 6188 [ 8ED76FD8DAFFEAE18F602CDBBC2D73E5 ] C:\Program Files\CA\SharedComponents\TMEngine\UmxAgent.dll 05:53:41.0930 6188 C:\Program Files\CA\SharedComponents\TMEngine\UmxAgent.dll - ok 05:53:41.0930 6188 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll 05:53:41.0930 6188 C:\Windows\System32\cscdll.dll - ok 05:53:41.0945 6188 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll 05:53:41.0945 6188 C:\Windows\System32\ntshrui.dll - ok 05:53:41.0945 6188 [ 704F3E32D64E2AA147E17E2A0E21AE9F ] C:\Program Files\CA\SharedComponents\TMEngine\TmRtl.dll 05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\TmRtl.dll - ok 05:53:41.0945 6188 [ 385675AB2FC1940B05E12285B52141E9 ] C:\Program Files\CA\SharedComponents\TMEngine\UmxFwHlp.dll 05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\UmxFwHlp.dll - ok 05:53:41.0945 6188 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll 05:53:41.0945 6188 C:\Windows\System32\IconCodecService.dll - ok 05:53:41.0945 6188 [ EEEFBE582346EBFA087D987D759C15A5 ] C:\Program Files\CA\SharedComponents\TMEngine\TmEngine.dll 05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\TmEngine.dll - ok 05:53:41.0945 6188 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll 05:53:41.0945 6188 C:\Windows\SysWOW64\uxtheme.dll - ok 05:53:41.0945 6188 [ B2BDD8D41FCAECDD7A58D32A42EB0E74 ] C:\Program Files\CA\SharedComponents\TMEngine\AmrtSettings.dll 05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\AmrtSettings.dll - ok 05:53:41.0945 6188 [ 4495E679408426E3CB28135F39BAFE13 ] C:\Program Files\CA\SharedComponents\TMEngine\PathExpander.dll 05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\PathExpander.dll - ok 05:53:41.0945 6188 [ F5CC2B37668026E815D30D1BBEC74BB1 ] C:\Program Files\CA\SharedComponents\TMEngine\KnownApps.dll 05:53:41.0945 6188 C:\Program Files\CA\SharedComponents\TMEngine\KnownApps.dll - ok 05:53:41.0945 6188 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll 05:53:41.0945 6188 C:\Windows\System32\msxml3.dll - ok 05:53:41.0961 6188 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll 05:53:41.0961 6188 C:\Windows\System32\wbem\WMIsvc.dll - ok 05:53:41.0961 6188 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll 05:53:41.0961 6188 C:\Windows\System32\wbemcomn.dll - ok 05:53:41.0961 6188 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll 05:53:41.0961 6188 C:\Windows\System32\wlanapi.dll - ok 05:53:41.0961 6188 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll 05:53:41.0961 6188 C:\Windows\System32\wlanutil.dll - ok 05:53:41.0961 6188 [ 78DB15E30154E093996C7EE84525514B ] C:\Windows\SysWOW64\cfgmig32.exe 05:53:41.0961 6188 C:\Windows\SysWOW64\cfgmig32.exe - ok 05:53:41.0961 6188 [ C91A45F02A5FE7D07B901FAFA44B6FB0 ] C:\Program Files\CA\SharedComponents\TMEngine\WindowsUserIdentity.dll 05:53:41.0961 6188 C:\Program Files\CA\SharedComponents\TMEngine\WindowsUserIdentity.dll - ok 05:53:41.0961 6188 [ 1888A9652A08437F58D9E2C279DC7FBC ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\Flipster.dll 05:53:41.0961 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\Flipster.dll - ok 05:53:41.0961 6188 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys 05:53:41.0961 6188 C:\Windows\System32\drivers\srv2.sys - ok 05:53:41.0961 6188 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll 05:53:41.0961 6188 C:\Windows\System32\wbem\WmiDcPrv.dll - ok 05:53:41.0976 6188 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll 05:53:41.0976 6188 C:\Windows\SysWOW64\RpcRtRemote.dll - ok 05:53:41.0976 6188 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll 05:53:41.0976 6188 C:\Windows\System32\iphlpsvc.dll - ok 05:53:41.0976 6188 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys 05:53:41.0976 6188 C:\Windows\System32\drivers\srv.sys - ok 05:53:41.0976 6188 [ 100EEF7401288674360E81D13B775344 ] C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe 05:53:41.0976 6188 C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe - ok 05:53:41.0976 6188 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll 05:53:41.0976 6188 C:\Windows\System32\winrnr.dll - ok 05:53:41.0976 6188 [ 5E8B539BFA882DFE03DC517755AFB890 ] C:\Program Files\Total Defense\Internet Security Suite\ccevtmgr.exe 05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\ccevtmgr.exe - ok 05:53:41.0976 6188 [ 33306E3F46AE8BFB8FC4DA9FAAEBA9E6 ] C:\Program Files\Total Defense\Internet Security Suite\ccguifrm.dll 05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\ccguifrm.dll - ok 05:53:41.0976 6188 [ 8CA6F2D0300F3E77CE59E0B411D3A976 ] C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrmImages.dll 05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrmImages.dll - ok 05:53:41.0976 6188 [ D8E28F8C01ACD0532EAF04ABEAAE699A ] C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrmres.dll 05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrmres.dll - ok 05:53:41.0976 6188 [ 228A37A43950235174F739C32B472423 ] C:\Program Files\Total Defense\Internet Security Suite\brand.dll 05:53:41.0976 6188 C:\Program Files\Total Defense\Internet Security Suite\brand.dll - ok 05:53:41.0992 6188 [ AD4C28A037CB5A1B95464164E2B9457A ] C:\Program Files\Total Defense\Internet Security Suite\ccissres.dll 05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\ccissres.dll - ok 05:53:41.0992 6188 [ EDBCD6880C18435B9469E6FDB04A6ABF ] C:\Program Files\Total Defense\Internet Security Suite\issresource.dll 05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\issresource.dll - ok 05:53:41.0992 6188 [ 72E4A06F4BE5DA78277F22B3F7AD0EEA ] C:\Program Files\Total Defense\Internet Security Suite\ccguifrmres.dll 05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\ccguifrmres.dll - ok 05:53:41.0992 6188 [ BF70155DF7F102AA46203042F3613896 ] C:\Program Files\Total Defense\Internet Security Suite\Personal Firewall\casansecurity.dll 05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\Personal Firewall\casansecurity.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747474 Share Posted October 28, 2013 part 8: 05:53:41.0992 6188 [ 2F22B0F9A7FF5C5D6511CC19A9561672 ] C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrm.dll05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrm.dll - ok05:53:41.0992 6188 [ CCDB8FDC289AA9AFA5F8827A2ADB21AD ] C:\Windows\System32\ieframe.dll05:53:41.0992 6188 C:\Windows\System32\ieframe.dll - ok05:53:41.0992 6188 [ D664B6A7298014089F9F0C9B28158C14 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll05:53:41.0992 6188 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok05:53:41.0992 6188 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll05:53:41.0992 6188 C:\Windows\System32\sqmapi.dll - ok05:53:41.0992 6188 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll05:53:41.0992 6188 C:\Windows\System32\wbem\fastprox.dll - ok05:53:42.0008 6188 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll05:53:42.0008 6188 C:\Windows\SysWOW64\dhcpcsvc.dll - ok05:53:42.0008 6188 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll05:53:42.0008 6188 C:\Windows\System32\aeevts.dll - ok05:53:42.0008 6188 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll05:53:42.0008 6188 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok05:53:42.0008 6188 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll05:53:42.0008 6188 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok05:53:42.0008 6188 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll05:53:42.0008 6188 C:\Windows\System32\ntdsapi.dll - ok05:53:42.0008 6188 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll05:53:42.0008 6188 C:\Windows\System32\srvsvc.dll - ok05:53:42.0008 6188 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll05:53:42.0008 6188 C:\Windows\System32\wbem\wbemprox.dll - ok05:53:42.0008 6188 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll05:53:42.0008 6188 C:\Windows\System32\wdscore.dll - ok05:53:42.0008 6188 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll05:53:42.0008 6188 C:\Windows\System32\browser.dll - ok05:53:42.0008 6188 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll05:53:42.0008 6188 C:\Windows\System32\netmsg.dll - ok05:53:42.0023 6188 [ ED5DCBD7B658D12EA45F9C4E81953B97 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe05:53:42.0023 6188 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok05:53:42.0023 6188 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll05:53:42.0023 6188 C:\Windows\System32\clusapi.dll - ok05:53:42.0023 6188 [ F026C6F104758D0EB215B017016FAE27 ] C:\Windows\System32\mshtml.dll05:53:42.0023 6188 C:\Windows\System32\mshtml.dll - ok05:53:42.0023 6188 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll05:53:42.0023 6188 C:\Windows\System32\resutils.dll - ok05:53:42.0023 6188 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll05:53:42.0023 6188 C:\Windows\System32\sscore.dll - ok05:53:42.0023 6188 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll05:53:42.0023 6188 C:\Windows\System32\wbem\wbemcore.dll - ok05:53:42.0023 6188 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll05:53:42.0023 6188 C:\Windows\SysWOW64\netapi32.dll - ok05:53:42.0023 6188 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll05:53:42.0023 6188 C:\Windows\SysWOW64\netutils.dll - ok05:53:42.0023 6188 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll05:53:42.0023 6188 C:\Windows\System32\wbem\esscli.dll - ok05:53:42.0023 6188 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll05:53:42.0023 6188 C:\Windows\SysWOW64\srvcli.dll - ok05:53:42.0039 6188 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll05:53:42.0039 6188 C:\Windows\SysWOW64\wkscli.dll - ok05:53:42.0039 6188 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll05:53:42.0039 6188 C:\Windows\System32\wbem\wbemsvc.dll - ok05:53:42.0039 6188 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll05:53:42.0039 6188 C:\Windows\System32\wbem\wmiutils.dll - ok05:53:42.0039 6188 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll05:53:42.0039 6188 C:\Windows\System32\wbem\repdrvfs.dll - ok05:53:42.0039 6188 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll05:53:42.0039 6188 C:\Windows\System32\ncobjapi.dll - ok05:53:42.0039 6188 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll05:53:42.0039 6188 C:\Windows\System32\wbem\wbemess.dll - ok05:53:42.0039 6188 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll05:53:42.0039 6188 C:\Windows\System32\wbem\WmiPrvSD.dll - ok05:53:42.0039 6188 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll05:53:42.0039 6188 C:\Windows\System32\wbem\WinMgmtR.dll - ok05:53:42.0039 6188 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll05:53:42.0039 6188 C:\Windows\System32\wbem\NCProv.dll - ok05:53:42.0039 6188 [ 161EFB45DE0744802FBE88F50B57EB86 ] C:\Program Files\Internet Explorer\sqmapi.dll05:53:42.0039 6188 C:\Program Files\Internet Explorer\sqmapi.dll - ok05:53:42.0054 6188 [ 631325E7D627345B4056C485BA6B7387 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caambl.dll05:53:42.0054 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caambl.dll - ok05:53:42.0054 6188 [ 5F3AE297058F8B80862A13FD2CFD09C5 ] C:\Program Files\Total Defense\Internet Security Suite\scx86\Backup and Migration\DNABonesProxy.dll05:53:42.0054 6188 C:\Program Files\Total Defense\Internet Security Suite\scx86\Backup and Migration\DNABonesProxy.dll - ok05:53:42.0054 6188 [ 52E9D5B2322A8107FF5651B93D71E75B ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\QOEHook.dll05:53:42.0054 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\QOEHook.dll - ok05:53:42.0054 6188 [ 6B1F4B53A8E692F537184395299EAA8B ] C:\Program Files\Total Defense\Internet Security Suite\cckasubmit.dll05:53:42.0054 6188 C:\Program Files\Total Defense\Internet Security Suite\cckasubmit.dll - ok05:53:42.0054 6188 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll05:53:42.0054 6188 C:\Windows\System32\qmgr.dll - ok05:53:42.0054 6188 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll05:53:42.0054 6188 C:\Windows\System32\wdi.dll - ok05:53:42.0054 6188 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll05:53:42.0054 6188 C:\Windows\System32\wpdbusenum.dll - ok05:53:42.0054 6188 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll05:53:42.0054 6188 C:\Windows\System32\Apphlpdm.dll - ok05:53:42.0054 6188 [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll05:53:42.0054 6188 C:\Windows\System32\appinfo.dll - ok05:53:42.0054 6188 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll05:53:42.0054 6188 C:\Windows\System32\bitsigd.dll - ok05:53:42.0070 6188 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll05:53:42.0070 6188 C:\Windows\System32\bitsperf.dll - ok05:53:42.0070 6188 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll05:53:42.0070 6188 C:\Windows\System32\diagperf.dll - ok05:53:42.0070 6188 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll05:53:42.0070 6188 C:\Windows\System32\msimtf.dll - ok05:53:42.0070 6188 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll05:53:42.0070 6188 C:\Windows\System32\perftrack.dll - ok05:53:42.0070 6188 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll05:53:42.0070 6188 C:\Windows\System32\wer.dll - ok05:53:42.0070 6188 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll05:53:42.0070 6188 C:\Windows\System32\pnpts.dll - ok05:53:42.0070 6188 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll05:53:42.0070 6188 C:\Windows\System32\PortableDeviceApi.dll - ok05:53:42.0070 6188 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll05:53:42.0070 6188 C:\Windows\System32\radardt.dll - ok05:53:42.0070 6188 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll05:53:42.0070 6188 C:\Windows\System32\upnp.dll - ok05:53:42.0070 6188 [ D383602755758FA81166B0FD8AFE6D40 ] C:\Windows\System32\jscript9.dll05:53:42.0070 6188 C:\Windows\System32\jscript9.dll - ok05:53:42.0070 6188 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll05:53:42.0070 6188 C:\Windows\System32\PortableDeviceConnectApi.dll - ok05:53:42.0086 6188 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll05:53:42.0086 6188 C:\Windows\System32\ssdpsrv.dll - ok05:53:42.0086 6188 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll05:53:42.0086 6188 C:\Windows\System32\wdiasqmmodule.dll - ok05:53:42.0086 6188 [ 7E8A672B7B06A6EB11960C22E0360C59 ] C:\Windows\System32\d2d1.dll05:53:42.0086 6188 C:\Windows\System32\d2d1.dll - ok05:53:42.0086 6188 [ 63BB89DED1E9104E68D33E54DE4D340D ] C:\Windows\System32\DWrite.dll05:53:42.0086 6188 C:\Windows\System32\DWrite.dll - ok05:53:42.0086 6188 [ C498EF41B93986BCBD483597573EB96D ] C:\Windows\System32\d3d10warp.dll05:53:42.0086 6188 C:\Windows\System32\d3d10warp.dll - ok05:53:42.0086 6188 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll05:53:42.0086 6188 C:\Windows\System32\msls31.dll - ok05:53:42.0086 6188 [ F62C8E6A4DF87F4C309FF2CE6A18C0F7 ] C:\Program Files\Total Defense\Internet Security Suite\ccpriv.dll05:53:42.0086 6188 C:\Program Files\Total Defense\Internet Security Suite\ccpriv.dll - ok05:53:42.0086 6188 [ 5C850E5BCCAD657CD0C62FACC49D8F9B ] C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll05:53:42.0086 6188 C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll - ok05:53:42.0086 6188 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe05:53:42.0086 6188 C:\Windows\System32\wbem\WmiPrvSE.exe - ok05:53:42.0101 6188 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll05:53:42.0101 6188 C:\Windows\System32\wbem\cimwin32.dll - ok05:53:42.0101 6188 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll05:53:42.0101 6188 C:\Windows\System32\qmgrprxy.dll - ok05:53:42.0101 6188 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe05:53:42.0101 6188 C:\Windows\System32\runonce.exe - ok05:53:42.0101 6188 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll05:53:42.0101 6188 C:\Windows\SysWOW64\qmgrprxy.dll - ok05:53:42.0101 6188 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll05:53:42.0101 6188 C:\Windows\System32\framedynos.dll - ok05:53:42.0101 6188 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll05:53:42.0101 6188 C:\Windows\System32\wmi.dll - ok05:53:42.0101 6188 [ 6519CF910F7CD2BC629E8E7237F4617D ] C:\Program Files\Total Defense\Internet Security Suite\ccipc.dll05:53:42.0101 6188 C:\Program Files\Total Defense\Internet Security Suite\ccipc.dll - ok05:53:42.0101 6188 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe05:53:42.0101 6188 C:\Windows\SysWOW64\runonce.exe - ok05:53:42.0101 6188 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll05:53:42.0101 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok05:53:42.0101 6188 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll05:53:42.0101 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok05:53:42.0117 6188 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll05:53:42.0117 6188 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747477 Share Posted October 28, 2013 part 9: 05:53:42.0117 6188 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll05:53:42.0117 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok05:53:42.0117 6188 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll05:53:42.0117 6188 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok05:53:42.0117 6188 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll05:53:42.0117 6188 C:\Windows\SysWOW64\msimg32.dll - ok05:53:42.0117 6188 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll05:53:42.0117 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok05:53:42.0117 6188 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll05:53:42.0117 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok05:53:42.0117 6188 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll05:53:42.0117 6188 C:\Windows\SysWOW64\msxml3.dll - ok05:53:42.0117 6188 [ 61DC3F2BE3093FE22CD717260946D7AD ] C:\Windows\SysWOW64\urlmon.dll05:53:42.0117 6188 C:\Windows\SysWOW64\urlmon.dll - ok05:53:42.0117 6188 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll05:53:42.0117 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok05:53:42.0117 6188 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll05:53:42.0117 6188 C:\Windows\System32\netman.dll - ok05:53:42.0132 6188 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll05:53:42.0132 6188 C:\Windows\SysWOW64\netshell.dll - ok05:53:42.0132 6188 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll05:53:42.0132 6188 C:\Windows\System32\netshell.dll - ok05:53:42.0132 6188 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll05:53:42.0132 6188 C:\Windows\SysWOW64\secur32.dll - ok05:53:42.0132 6188 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll05:53:42.0132 6188 C:\Windows\SysWOW64\nlaapi.dll - ok05:53:42.0132 6188 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe05:53:42.0132 6188 C:\Windows\SysWOW64\cmd.exe - ok05:53:42.0132 6188 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll05:53:42.0132 6188 C:\Windows\SysWOW64\rasdlg.dll - ok05:53:42.0132 6188 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll05:53:42.0132 6188 C:\Windows\System32\rasdlg.dll - ok05:53:42.0132 6188 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll05:53:42.0132 6188 C:\Windows\SysWOW64\mprapi.dll - ok05:53:42.0132 6188 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll05:53:42.0132 6188 C:\Windows\System32\mprapi.dll - ok05:53:42.0132 6188 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll05:53:42.0132 6188 C:\Windows\SysWOW64\rasapi32.dll - ok05:53:42.0148 6188 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll05:53:42.0148 6188 C:\Windows\SysWOW64\rasman.dll - ok05:53:42.0148 6188 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll05:53:42.0148 6188 C:\Windows\SysWOW64\rtutils.dll - ok05:53:42.0148 6188 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll05:53:42.0148 6188 C:\Windows\SysWOW64\dsrole.dll - ok05:53:42.0148 6188 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe05:53:42.0148 6188 C:\Windows\SysWOW64\svchost.exe - ok05:53:42.0148 6188 [ 812A161FC470FA832C3F0CC3D7ACA2F9 ] C:\Windows\SysWOW64\apisetschema.dll05:53:42.0148 6188 C:\Windows\SysWOW64\apisetschema.dll - ok05:53:42.0148 6188 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL05:53:42.0148 6188 C:\Windows\System32\IPSECSVC.DLL - ok05:53:42.0148 6188 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll05:53:42.0148 6188 C:\Windows\SysWOW64\authz.dll - ok05:53:42.0148 6188 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll05:53:42.0148 6188 C:\Windows\SysWOW64\FirewallAPI.dll - ok05:53:42.0148 6188 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll05:53:42.0148 6188 C:\Windows\SysWOW64\winbrand.dll - ok05:53:42.0148 6188 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll05:53:42.0148 6188 C:\Windows\SysWOW64\FwRemoteSvr.dll - ok05:53:42.0164 6188 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll05:53:42.0164 6188 C:\Windows\System32\FwRemoteSvr.dll - ok05:53:42.0164 6188 [ B9A4DAC2192FD78CDA097BFA79F6E7B2 ] C:\Windows\SysWOW64\net.exe05:53:42.0164 6188 C:\Windows\SysWOW64\net.exe - ok05:53:42.0164 6188 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll05:53:42.0164 6188 C:\Windows\SysWOW64\taskschd.dll - ok05:53:42.0164 6188 [ 3E1EBF74DD93287B7DC1C681B09E3639 ] C:\Windows\SysWOW64\usbceip.dll05:53:42.0164 6188 C:\Windows\SysWOW64\usbceip.dll - ok05:53:42.0164 6188 [ B998AB59D5541777A1E43175A9ACBE83 ] C:\Windows\System32\en-US\conhost.exe.mui05:53:42.0164 6188 C:\Windows\System32\en-US\conhost.exe.mui - ok05:53:42.0164 6188 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll05:53:42.0164 6188 C:\Windows\SysWOW64\schannel.dll - ok05:53:42.0164 6188 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll05:53:42.0164 6188 C:\Windows\SysWOW64\dimsjob.dll - ok05:53:42.0164 6188 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll05:53:42.0164 6188 C:\Windows\System32\dimsjob.dll - ok05:53:42.0164 6188 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll05:53:42.0164 6188 C:\Windows\SysWOW64\netprofm.dll - ok05:53:42.0164 6188 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll05:53:42.0164 6188 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok05:53:42.0179 6188 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll05:53:42.0179 6188 C:\Windows\SysWOW64\npmproxy.dll - ok05:53:42.0179 6188 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll05:53:42.0179 6188 C:\Windows\System32\npmproxy.dll - ok05:53:42.0179 6188 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll05:53:42.0179 6188 C:\Windows\SysWOW64\gpapi.dll - ok05:53:42.0179 6188 [ 8F5EAAF76A6811332A8C67DB0D4C395F ] C:\Windows\SysWOW64\ieframe.dll05:53:42.0179 6188 C:\Windows\SysWOW64\ieframe.dll - ok05:53:42.0179 6188 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll05:53:42.0179 6188 C:\Windows\System32\aelupsvc.dll - ok05:53:42.0179 6188 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll05:53:42.0179 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok05:53:42.0179 6188 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll05:53:42.0179 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok05:53:42.0179 6188 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll05:53:42.0179 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok05:53:42.0179 6188 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503 ] C:\Windows\SysWOW64\shdocvw.dll05:53:42.0179 6188 C:\Windows\SysWOW64\shdocvw.dll - ok05:53:42.0179 6188 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll05:53:42.0179 6188 C:\Windows\SysWOW64\NapiNSP.dll - ok05:53:42.0195 6188 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll05:53:42.0195 6188 C:\Windows\SysWOW64\pnrpnsp.dll - ok05:53:42.0195 6188 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll05:53:42.0195 6188 C:\Windows\SysWOW64\winrnr.dll - ok05:53:42.0195 6188 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Z220\AppData\Local\Temp\CDDFCDDA-17C4-4575-81C8-24DF586F3E61.exe05:53:42.0195 6188 C:\Users\Z220\AppData\Local\Temp\CDDFCDDA-17C4-4575-81C8-24DF586F3E61.exe - ok05:53:42.0195 6188 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll05:53:42.0195 6188 C:\Windows\SysWOW64\imagehlp.dll - ok05:53:42.0195 6188 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll05:53:42.0195 6188 C:\Windows\SysWOW64\ncrypt.dll - ok05:53:42.0195 6188 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll05:53:42.0195 6188 C:\Windows\SysWOW64\bcrypt.dll - ok05:53:42.0195 6188 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll05:53:42.0195 6188 C:\Windows\SysWOW64\bcryptprimitives.dll - ok05:53:42.0195 6188 [ 7B851A8018B1EA00A69707A390004884 ] C:\Windows\SysWOW64\cryptnet.dll05:53:42.0195 6188 C:\Windows\SysWOW64\cryptnet.dll - ok05:53:42.0195 6188 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll05:53:42.0195 6188 C:\Windows\SysWOW64\SensApi.dll - ok05:53:42.0195 6188 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll05:53:42.0195 6188 C:\Windows\SysWOW64\WindowsCodecs.dll - ok05:53:42.0210 6188 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll05:53:42.0210 6188 C:\Windows\SysWOW64\EhStorShell.dll - ok05:53:42.0210 6188 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll05:53:42.0210 6188 C:\Windows\SysWOW64\ntshrui.dll - ok05:53:42.0210 6188 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll05:53:42.0210 6188 C:\Windows\SysWOW64\cscapi.dll - ok05:53:42.0210 6188 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll05:53:42.0210 6188 C:\Windows\SysWOW64\slc.dll - ok05:53:42.0210 6188 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll05:53:42.0210 6188 C:\Windows\SysWOW64\imageres.dll - ok05:53:42.0210 6188 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll05:53:42.0210 6188 C:\Windows\SysWOW64\IconCodecService.dll - ok05:53:42.0210 6188 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe05:53:42.0210 6188 C:\Windows\SysWOW64\taskeng.exe - ok05:53:42.0210 6188 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll05:53:42.0210 6188 C:\Windows\SysWOW64\TSChannel.dll - ok05:53:42.0210 6188 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll05:53:42.0210 6188 C:\Windows\SysWOW64\ktmw32.dll - ok05:53:42.0210 6188 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll05:53:42.0210 6188 C:\Windows\SysWOW64\wevtapi.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747479 Share Posted October 28, 2013 part 10: 05:53:42.0226 6188 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll05:53:42.0226 6188 C:\Windows\SysWOW64\xmllite.dll - ok05:53:42.0226 6188 [ 696584B827A0FD48E28A76F35EE0A2B8 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe05:53:42.0226 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe - ok05:53:42.0226 6188 [ 3E6442B01E44B3AA31807FEF5235DC54 ] C:\Program Files\CCleaner\CCleaner.exe05:53:42.0226 6188 C:\Program Files\CCleaner\CCleaner.exe - ok05:53:42.0226 6188 [ 5C997FB34FBA9CD15637890048F1EB0B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll05:53:42.0226 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll - ok05:53:42.0226 6188 [ 99269DEE97D87DED45D05A3257493D8D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll05:53:42.0226 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll - ok05:53:42.0226 6188 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll05:53:42.0226 6188 C:\Windows\SysWOW64\mscoree.dll - ok05:53:42.0226 6188 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll05:53:42.0226 6188 C:\Windows\System32\mscoree.dll - ok05:53:42.0226 6188 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll05:53:42.0226 6188 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok05:53:42.0226 6188 [ C0FAAE8EC1B4760D3D04844F708DA0F0 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll05:53:42.0226 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok05:53:42.0242 6188 [ 7F9C912B2817076DC0C9C129C90D8914 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll05:53:42.0242 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll - ok05:53:42.0242 6188 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll05:53:42.0242 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok05:53:42.0242 6188 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll05:53:42.0242 6188 C:\Windows\SysWOW64\riched20.dll - ok05:53:42.0242 6188 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll05:53:42.0242 6188 C:\Windows\System32\riched20.dll - ok05:53:42.0242 6188 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll05:53:42.0242 6188 C:\Windows\System32\SensApi.dll - ok05:53:42.0242 6188 [ 8A525B8D583D067C5AAAC1AF5F91B89A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll05:53:42.0242 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll - ok05:53:42.0242 6188 [ 0F25194F0257C1ED7C93C55FE6AE6E8A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll05:53:42.0242 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll - ok05:53:42.0242 6188 [ AE098D9D3BD83440C59A0C3386F4F5DD ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll05:53:42.0242 6188 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok05:53:42.0242 6188 [ 6E656C325A5519A3A9D951709958CF6F ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll05:53:42.0242 6188 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok05:53:42.0257 6188 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll05:53:42.0257 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok05:53:42.0257 6188 [ 4C0989878EB9DF67C42A7CD42713451E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll05:53:42.0257 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll - ok05:53:42.0257 6188 [ 29EA0DE7CE74A18B99A2A94809C54C79 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\994b9a807cc6fa0c8d1a9ae90ab685ac\System.Windows.Forms.ni.dll05:53:42.0257 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\994b9a807cc6fa0c8d1a9ae90ab685ac\System.Windows.Forms.ni.dll - ok05:53:42.0257 6188 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll05:53:42.0257 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok05:53:42.0257 6188 [ AC6E6940C8C98EE153D96FFA2CA7B272 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll05:53:42.0257 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll - ok05:53:42.0257 6188 [ E2A3AE8CD6FA7F294ACF77180946616B ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Localization\7.0.0.1__a2352a4c73e11587\HP.SupportFramework.Localization.dll05:53:42.0257 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Localization\7.0.0.1__a2352a4c73e11587\HP.SupportFramework.Localization.dll - ok05:53:42.0257 6188 [ E98284A6C9A76D2FC08CD0FC9D91B534 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HP.SupportAssistant.UIController.dll05:53:42.0257 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HP.SupportAssistant.UIController.dll - ok05:53:42.0257 6188 [ DB634D1F0330255341EEAD2CC4AEC920 ] C:\Windows\assembly\GAC_MSIL\HP.SupportAssistant.Engine\7.0.1.1__e1eab6ede003577a\HP.SupportAssistant.Engine.dll05:53:42.0257 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportAssistant.Engine\7.0.1.1__e1eab6ede003577a\HP.SupportAssistant.Engine.dll - ok05:53:42.0257 6188 [ 29FB9D78D310991E2E1488A716344638 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Utilities\7.0.0.1__deb98ab3a292405a\HP.SupportFramework.Utilities.dll05:53:42.0257 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Utilities\7.0.0.1__deb98ab3a292405a\HP.SupportFramework.Utilities.dll - ok05:53:42.0273 6188 [ D66F354CF10CB0CF65F401B5B3160140 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.UI\7.0.0.1__3d7f4982d5e863bc\HP.SupportFramework.UI.dll05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.UI\7.0.0.1__3d7f4982d5e863bc\HP.SupportFramework.UI.dll - ok05:53:42.0273 6188 [ 6E5C9C5171C0663331BF58B7DEA54498 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Common\7.0.0.1__41bdec5abf54f6dc\HP.SupportFramework.Common.dll05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Common\7.0.0.1__41bdec5abf54f6dc\HP.SupportFramework.Common.dll - ok05:53:42.0273 6188 [ CFA6A9299864FB9713BBF279CB0F7DEF ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Communicator\7.0.0.1__370cd15173f7ac8f\HP.SupportFramework.Communicator.dll05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Communicator\7.0.0.1__370cd15173f7ac8f\HP.SupportFramework.Communicator.dll - ok05:53:42.0273 6188 [ 08F2E3CD8BC16B54C39F779CE4DC2D74 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.ServiceManager\7.0.0.1__afd7346f05a57c11\HP.SupportFramework.ServiceManager.dll05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.ServiceManager\7.0.0.1__afd7346f05a57c11\HP.SupportFramework.ServiceManager.dll - ok05:53:42.0273 6188 [ 8B615B1E2D01DB66850B56727F99C558 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Logging\7.0.0.1__a5a013d267b3a679\HP.SupportFramework.Logging.dll05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Logging\7.0.0.1__a5a013d267b3a679\HP.SupportFramework.Logging.dll - ok05:53:42.0273 6188 [ 06324F22EF3BABF05D5B3EC905E2BEA9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\c3e08d83feb430f44496c4adb55ef007\System.Runtime.Remoting.ni.dll05:53:42.0273 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\c3e08d83feb430f44496c4adb55ef007\System.Runtime.Remoting.ni.dll - ok05:53:42.0273 6188 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll05:53:42.0273 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok05:53:42.0273 6188 [ 0405BACBBD2006CAF3C54256FE71FB2A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\7e1a0f53a8580321c5902b6867c3f7da\System.Management.ni.dll05:53:42.0273 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\7e1a0f53a8580321c5902b6867c3f7da\System.Management.ni.dll - ok05:53:42.0273 6188 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe05:53:42.0273 6188 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok05:53:42.0288 6188 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll05:53:42.0288 6188 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok05:53:42.0288 6188 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll05:53:42.0288 6188 C:\Windows\SysWOW64\wbemcomn.dll - ok05:53:42.0288 6188 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll05:53:42.0288 6188 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok05:53:42.0288 6188 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll05:53:42.0288 6188 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok05:53:42.0288 6188 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll05:53:42.0288 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok05:53:42.0288 6188 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe05:53:42.0288 6188 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok05:53:42.0288 6188 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll05:53:42.0288 6188 C:\Windows\System32\msvcr100_clr0400.dll - ok05:53:42.0288 6188 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll05:53:42.0288 6188 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok05:53:42.0288 6188 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll05:53:42.0288 6188 C:\Windows\SysWOW64\wbem\fastprox.dll - ok05:53:42.0288 6188 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll05:53:42.0288 6188 C:\Windows\SysWOW64\ntdsapi.dll - ok05:53:42.0304 6188 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe05:53:42.0304 6188 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok05:53:42.0304 6188 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll05:53:42.0304 6188 C:\Windows\SysWOW64\ncobjapi.dll - ok05:53:42.0304 6188 [ 9C9943220F8F94B917D8C4C9618074CC ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe05:53:42.0304 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe - ok05:53:42.0304 6188 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll05:53:42.0304 6188 C:\Windows\SysWOW64\framedynos.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747481 Share Posted October 28, 2013 part 11: 05:53:42.0304 6188 [ 20F79A90C76651A17A9B211BC33743A7 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll05:53:42.0304 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll - ok05:53:42.0304 6188 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll05:53:42.0304 6188 C:\Windows\SysWOW64\shfolder.dll - ok05:53:42.0304 6188 [ DDA324215F71243786A9A4D1C5027BEB ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe05:53:42.0304 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe - ok05:53:42.0304 6188 [ FE32E6B3EEB32237CFED798F0B80EBD0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\7140611b14c038e25f80544af4f1ab61\System.Core.ni.dll05:53:42.0304 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\7140611b14c038e25f80544af4f1ab61\System.Core.ni.dll - ok05:53:42.0304 6188 [ 2BBEAE7C6CC97BA6669482AD69EE8541 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\cfd4d6a6ccde1323b6ecb279483718f1\System.Xml.Linq.ni.dll05:53:42.0304 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\cfd4d6a6ccde1323b6ecb279483718f1\System.Xml.Linq.ni.dll - ok05:53:42.0320 6188 [ 107F19308A07F27CEA7B317BDF67756F ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe05:53:42.0320 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok05:53:42.0320 6188 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe05:53:42.0320 6188 C:\Windows\System32\sppsvc.exe - ok05:53:42.0320 6188 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll05:53:42.0320 6188 C:\Windows\System32\sppobjs.dll - ok05:53:42.0320 6188 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll05:53:42.0320 6188 C:\Windows\System32\sppwinob.dll - ok05:53:42.0320 6188 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys05:53:42.0320 6188 C:\Windows\System32\drivers\spsys.sys - ok05:53:42.0320 6188 [ B3F15947F40E25B74938B203FEAF0640 ] C:\Users\Z220\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll05:53:42.0320 6188 C:\Users\Z220\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll - ok05:53:42.0320 6188 [ F980F2E6E8E68D797CF07434C8DDBF30 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll05:53:42.0320 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll - ok05:53:42.0320 6188 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe05:53:42.0320 6188 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok05:53:42.0320 6188 [ 671E5892CF12C89031FADC6697CBAEDE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\ffcb92605ae455c5763d0cf2afa82ed2\System.Web.ni.dll05:53:42.0320 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\ffcb92605ae455c5763d0cf2afa82ed2\System.Web.ni.dll - ok05:53:42.0335 6188 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll05:53:42.0335 6188 C:\Windows\SysWOW64\wsock32.dll - ok05:53:42.0335 6188 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll05:53:42.0335 6188 C:\Windows\System32\wsock32.dll - ok05:53:42.0335 6188 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll05:53:42.0335 6188 C:\Windows\System32\security.dll - ok05:53:42.0335 6188 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll05:53:42.0335 6188 C:\Windows\SysWOW64\powrprof.dll - ok05:53:42.0335 6188 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll05:53:42.0335 6188 C:\Windows\SysWOW64\security.dll - ok05:53:42.0335 6188 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll05:53:42.0335 6188 C:\Windows\SysWOW64\dssenh.dll - ok05:53:42.0335 6188 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll05:53:42.0335 6188 C:\Windows\System32\dssenh.dll - ok05:53:42.0335 6188 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll05:53:42.0335 6188 C:\Windows\SysWOW64\wmdrmdev.dll - ok05:53:42.0335 6188 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll05:53:42.0335 6188 C:\Windows\System32\wmdrmdev.dll - ok05:53:42.0335 6188 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll05:53:42.0335 6188 C:\Windows\SysWOW64\drmv2clt.dll - ok05:53:42.0351 6188 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll05:53:42.0351 6188 C:\Windows\System32\wscsvc.dll - ok05:53:42.0351 6188 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll05:53:42.0351 6188 C:\Windows\System32\drmv2clt.dll - ok05:53:42.0351 6188 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll05:53:42.0351 6188 C:\Windows\SysWOW64\dbghelp.dll - ok05:53:42.0351 6188 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll05:53:42.0351 6188 C:\Windows\SysWOW64\samcli.dll - ok05:53:42.0351 6188 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll05:53:42.0351 6188 C:\Windows\SysWOW64\logoncli.dll - ok05:53:42.0351 6188 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll05:53:42.0351 6188 C:\Windows\System32\dbghelp.dll - ok05:53:42.0351 6188 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll05:53:42.0351 6188 C:\Windows\SysWOW64\browcli.dll - ok05:53:42.0351 6188 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll05:53:42.0351 6188 C:\Windows\SysWOW64\mfplat.dll - ok05:53:42.0351 6188 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll05:53:42.0351 6188 C:\Windows\System32\mfplat.dll - ok05:53:42.0351 6188 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll05:53:42.0351 6188 C:\Windows\System32\browcli.dll - ok05:53:42.0351 6188 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll05:53:42.0351 6188 C:\Windows\SysWOW64\avrt.dll - ok05:53:42.0366 6188 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll05:53:42.0366 6188 C:\Windows\SysWOW64\schedcli.dll - ok05:53:42.0366 6188 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll05:53:42.0366 6188 C:\Windows\System32\schedcli.dll - ok05:53:42.0366 6188 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll05:53:42.0366 6188 C:\Windows\System32\p2pcollab.dll - ok05:53:42.0366 6188 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL05:53:42.0366 6188 C:\Windows\System32\QAGENTRT.DLL - ok05:53:42.0366 6188 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe05:53:42.0366 6188 C:\Windows\SysWOW64\SearchIndexer.exe - ok05:53:42.0366 6188 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll05:53:42.0366 6188 C:\Windows\SysWOW64\sxs.dll - ok05:53:42.0366 6188 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll05:53:42.0366 6188 C:\Windows\System32\fveui.dll - ok05:53:42.0366 6188 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll05:53:42.0366 6188 C:\Windows\SysWOW64\blackbox.dll - ok05:53:42.0366 6188 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll05:53:42.0366 6188 C:\Windows\System32\blackbox.dll - ok05:53:42.0366 6188 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe05:53:42.0366 6188 C:\Windows\System32\SearchIndexer.exe - ok05:53:42.0382 6188 [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\Windows\SysWOW64\wuapi.dll05:53:42.0382 6188 C:\Windows\SysWOW64\wuapi.dll - ok05:53:42.0382 6188 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll05:53:42.0382 6188 C:\Windows\SysWOW64\tquery.dll - ok05:53:42.0382 6188 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll05:53:42.0382 6188 C:\Windows\System32\wuapi.dll - ok05:53:42.0382 6188 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll05:53:42.0382 6188 C:\Windows\System32\tquery.dll - ok05:53:42.0382 6188 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll05:53:42.0382 6188 C:\Windows\SysWOW64\cabinet.dll - ok05:53:42.0382 6188 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll05:53:42.0382 6188 C:\Windows\System32\cabinet.dll - ok05:53:42.0382 6188 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll05:53:42.0382 6188 C:\Windows\SysWOW64\mssrch.dll - ok05:53:42.0382 6188 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll05:53:42.0382 6188 C:\Windows\SysWOW64\upnp.dll - ok05:53:42.0382 6188 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll05:53:42.0382 6188 C:\Windows\System32\mssrch.dll - ok05:53:42.0382 6188 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll05:53:42.0382 6188 C:\Windows\SysWOW64\winhttp.dll - ok05:53:42.0398 6188 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll05:53:42.0398 6188 C:\Windows\SysWOW64\esent.dll - ok05:53:42.0398 6188 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll05:53:42.0398 6188 C:\Windows\SysWOW64\webio.dll - ok05:53:42.0398 6188 [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll05:53:42.0398 6188 C:\Windows\SysWOW64\wups.dll - ok05:53:42.0398 6188 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll05:53:42.0398 6188 C:\Windows\System32\wups.dll - ok05:53:42.0398 6188 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll05:53:42.0398 6188 C:\Windows\SysWOW64\ssdpapi.dll - ok05:53:42.0398 6188 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll05:53:42.0398 6188 C:\Windows\SysWOW64\msidle.dll - ok05:53:42.0398 6188 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll05:53:42.0398 6188 C:\Windows\System32\msidle.dll - ok05:53:42.0398 6188 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL05:53:42.0398 6188 C:\Windows\SysWOW64\KBDUS.DLL - ok05:53:42.0398 6188 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll05:53:42.0398 6188 C:\Windows\SysWOW64\wmp.dll - ok05:53:42.0398 6188 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll05:53:42.0398 6188 C:\Windows\System32\wmp.dll - ok05:53:42.0398 6188 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll05:53:42.0398 6188 C:\Windows\SysWOW64\dwmapi.dll - ok05:53:42.0413 6188 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL05:53:42.0413 6188 C:\Windows\SysWOW64\wmploc.DLL - ok05:53:42.0413 6188 [ F4079F18F919248CF978BBAEDB139A61 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\interop.Scheduler.dll05:53:42.0413 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\interop.Scheduler.dll - ok05:53:42.0413 6188 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL05:53:42.0413 6188 C:\Windows\System32\wmploc.DLL - ok05:53:42.0413 6188 [ CE5516C7B8EC9948770FF72DB9FB8B96 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\7.0.0.1__d4a591153760ff28\HP.SupportFramework.dll05:53:42.0413 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\7.0.0.1__d4a591153760ff28\HP.SupportFramework.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747482 Share Posted October 28, 2013 part 12: 05:53:42.0413 6188 [ F479C4B55B70A27E509113273DC1E67B ] C:\Program Files\Internet Explorer\ieproxy.dll05:53:42.0413 6188 C:\Program Files\Internet Explorer\ieproxy.dll - ok05:53:42.0413 6188 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll05:53:42.0413 6188 C:\Windows\SysWOW64\provsvc.dll - ok05:53:42.0413 6188 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll05:53:42.0413 6188 C:\Windows\SysWOW64\wmpps.dll - ok05:53:42.0413 6188 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll05:53:42.0413 6188 C:\Windows\System32\wmpps.dll - ok05:53:42.0413 6188 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\SysWOW64\wmpmde.dll05:53:42.0413 6188 C:\Windows\SysWOW64\wmpmde.dll - ok05:53:42.0413 6188 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll05:53:42.0413 6188 C:\Windows\System32\wmpmde.dll - ok05:53:42.0429 6188 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll05:53:42.0429 6188 C:\Windows\SysWOW64\httpapi.dll - ok05:53:42.0429 6188 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll05:53:42.0429 6188 C:\Windows\SysWOW64\pcwum.dll - ok05:53:42.0429 6188 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll05:53:42.0429 6188 C:\Windows\SysWOW64\WinSATAPI.dll - ok05:53:42.0429 6188 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll05:53:42.0429 6188 C:\Windows\System32\WinSATAPI.dll - ok05:53:42.0429 6188 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll05:53:42.0429 6188 C:\Windows\SysWOW64\dxgi.dll - ok05:53:42.0429 6188 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll05:53:42.0429 6188 C:\Windows\SysWOW64\msxml6.dll - ok05:53:42.0429 6188 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL05:53:42.0429 6188 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok05:53:42.0429 6188 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL05:53:42.0429 6188 C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok05:53:42.0429 6188 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL05:53:42.0429 6188 C:\Windows\System32\MSMPEG2ENC.DLL - ok05:53:42.0429 6188 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll05:53:42.0429 6188 C:\Windows\SysWOW64\devenum.dll - ok05:53:42.0444 6188 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll05:53:42.0444 6188 C:\Windows\System32\devenum.dll - ok05:53:42.0444 6188 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll05:53:42.0444 6188 C:\Windows\SysWOW64\winmm.dll - ok05:53:42.0444 6188 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll05:53:42.0444 6188 C:\Windows\System32\msdmo.dll - ok05:53:42.0444 6188 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll05:53:42.0444 6188 C:\Windows\SysWOW64\msdmo.dll - ok05:53:42.0444 6188 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll05:53:42.0444 6188 C:\Windows\SysWOW64\upnphost.dll - ok05:53:42.0444 6188 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll05:53:42.0444 6188 C:\Windows\System32\upnphost.dll - ok05:53:42.0444 6188 [ 6AAF3BECE2C3D17091BCEF37C5A82AC0 ] C:\Windows\SysWOW64\mmc.exe05:53:42.0444 6188 C:\Windows\SysWOW64\mmc.exe - ok05:53:42.0444 6188 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll05:53:42.0444 6188 C:\Windows\SysWOW64\perfos.dll - ok05:53:42.0444 6188 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll05:53:42.0444 6188 C:\Windows\System32\wbem\wmiprov.dll - ok05:53:42.0444 6188 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll05:53:42.0444 6188 C:\Windows\SysWOW64\wmi.dll - ok05:53:42.0460 6188 [ F24D69C3F5E98ABEE59ECCB0E2DF820E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll05:53:42.0460 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll - ok05:53:42.0460 6188 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui05:53:42.0460 6188 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok05:53:42.0460 6188 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui05:53:42.0460 6188 C:\Windows\System32\en-US\tquery.dll.mui - ok05:53:42.0460 6188 [ 2003E9B15E1C502B146DAD2E383AC1E3 ] C:\Windows\SysWOW64\schtasks.exe05:53:42.0460 6188 C:\Windows\SysWOW64\schtasks.exe - ok05:53:42.0460 6188 [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe05:53:42.0460 6188 C:\Windows\System32\schtasks.exe - ok05:53:42.0460 6188 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll05:53:42.0460 6188 C:\Windows\System32\udhisapi.dll - ok05:53:42.0460 6188 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\SysWOW64\udhisapi.dll05:53:42.0460 6188 C:\Windows\SysWOW64\udhisapi.dll - ok05:53:42.0460 6188 [ C7BC97E988324F5963CD7401C22E8024 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe05:53:42.0460 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe - ok05:53:42.0460 6188 [ AF51D4FE088A3EFA5303B36FFFD0581B ] C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe05:53:42.0460 6188 C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe - ok05:53:42.0460 6188 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll05:53:42.0460 6188 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok05:53:42.0476 6188 [ 37B6EBA4E783A0B25F3FE05EF86722CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll05:53:42.0476 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok05:53:42.0476 6188 [ 33A77D477EF9D7A5C65A950129DF2E47 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll05:53:42.0476 6188 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok05:53:42.0476 6188 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll05:53:42.0476 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok05:53:42.0476 6188 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll05:53:42.0476 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok05:53:42.0476 6188 [ D144849E9B48A7DFB942281ED7EDB1C1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll05:53:42.0476 6188 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll - ok05:53:42.0476 6188 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll05:53:42.0476 6188 C:\Windows\SysWOW64\vssapi.dll - ok05:53:42.0476 6188 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll05:53:42.0476 6188 C:\Windows\SysWOW64\atl.dll - ok05:53:42.0476 6188 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll05:53:42.0476 6188 C:\Windows\SysWOW64\vsstrace.dll - ok05:53:42.0476 6188 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll05:53:42.0476 6188 C:\Windows\SysWOW64\samlib.dll - ok05:53:42.0476 6188 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll05:53:42.0491 6188 C:\Windows\SysWOW64\es.dll - ok05:53:42.0491 6188 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe05:53:42.0491 6188 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok05:53:42.0491 6188 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe05:53:42.0491 6188 C:\Windows\System32\SearchProtocolHost.exe - ok05:53:42.0491 6188 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll05:53:42.0491 6188 C:\Windows\SysWOW64\msshooks.dll - ok05:53:42.0491 6188 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll05:53:42.0491 6188 C:\Windows\System32\msshooks.dll - ok05:53:42.0491 6188 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe05:53:42.0491 6188 C:\Windows\SysWOW64\SearchFilterHost.exe - ok05:53:42.0491 6188 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe05:53:42.0491 6188 C:\Windows\System32\SearchFilterHost.exe - ok05:53:42.0491 6188 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll05:53:42.0491 6188 C:\Windows\System32\wuaueng.dll - ok05:53:42.0491 6188 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\SysWOW64\mspatcha.dll05:53:42.0491 6188 C:\Windows\SysWOW64\mspatcha.dll - ok05:53:42.0491 6188 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll05:53:42.0491 6188 C:\Windows\System32\mspatcha.dll - ok05:53:42.0507 6188 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll05:53:42.0507 6188 C:\Windows\SysWOW64\mssprxy.dll - ok05:53:42.0507 6188 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll05:53:42.0507 6188 C:\Windows\System32\mssprxy.dll - ok05:53:42.0507 6188 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll05:53:42.0507 6188 C:\Windows\SysWOW64\mssph.dll - ok05:53:42.0507 6188 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll05:53:42.0507 6188 C:\Windows\System32\mssph.dll - ok05:53:42.0507 6188 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll05:53:42.0507 6188 C:\Windows\SysWOW64\mapi32.dll - ok05:53:42.0507 6188 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll05:53:42.0507 6188 C:\Windows\System32\mapi32.dll - ok05:53:42.0507 6188 [ DC72ADE29F40EEFD38E35ED8A4D1F8F1 ] C:\Windows\SysWOW64\xmlfilter.dll05:53:42.0507 6188 C:\Windows\SysWOW64\xmlfilter.dll - ok05:53:42.0507 6188 [ 86C6E8597094BD9F2CF0E5F841641F4E ] C:\Windows\System32\xmlfilter.dll05:53:42.0507 6188 C:\Windows\System32\xmlfilter.dll - ok05:53:42.0507 6188 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\SysWOW64\NaturalLanguage6.dll05:53:42.0507 6188 C:\Windows\SysWOW64\NaturalLanguage6.dll - ok05:53:42.0507 6188 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll05:53:42.0507 6188 C:\Windows\System32\NaturalLanguage6.dll - ok05:53:42.0507 6188 [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\SysWOW64\NlsData0009.dll05:53:42.0507 6188 C:\Windows\SysWOW64\NlsData0009.dll - ok05:53:42.0522 6188 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll05:53:42.0522 6188 C:\Windows\System32\NlsData0009.dll - ok05:53:42.0522 6188 [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\SysWOW64\NlsLexicons0009.dll05:53:42.0522 6188 C:\Windows\SysWOW64\NlsLexicons0009.dll - ok05:53:42.0522 6188 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll05:53:42.0522 6188 C:\Windows\System32\NlsLexicons0009.dll - ok05:53:42.0522 6188 [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\SysWOW64\ELSCore.dll05:53:42.0522 6188 C:\Windows\SysWOW64\ELSCore.dll - ok05:53:42.0522 6188 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll05:53:42.0522 6188 C:\Windows\System32\ELSCore.dll - ok05:53:42.0522 6188 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll05:53:42.0522 6188 C:\Windows\System32\elsTrans.dll - ok05:53:42.0522 6188 [ 7B3FD36359DE5D2EE49D213CCAD13427 ] C:\Windows\SysWOW64\elsTrans.dll05:53:42.0522 6188 C:\Windows\SysWOW64\elsTrans.dll - ok05:53:42.0522 6188 [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\SysWOW64\elslad.dll05:53:42.0522 6188 C:\Windows\SysWOW64\elslad.dll - ok05:53:42.0522 6188 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll05:53:42.0522 6188 C:\Windows\System32\elslad.dll - ok05:53:42.0522 6188 [ 61B33014F2D2A4F9553F6EF64FB82E31 ] C:\Windows\SysWOW64\NlsData000c.dll05:53:42.0522 6188 C:\Windows\SysWOW64\NlsData000c.dll - ok05:53:42.0538 6188 [ 51272A935F4F482A70F2A7D1C3A67AEE ] C:\Windows\System32\NlsData000c.dll05:53:42.0538 6188 C:\Windows\System32\NlsData000c.dll - ok05:53:42.0538 6188 [ AC7D0114246661B1E29A0939039157C5 ] C:\Windows\SysWOW64\NlsLexicons000c.dll05:53:42.0538 6188 C:\Windows\SysWOW64\NlsLexicons000c.dll - ok05:53:42.0538 6188 [ C2142407A2BE3462247500849B3FF8C7 ] C:\Windows\System32\NlsLexicons000c.dll05:53:42.0538 6188 C:\Windows\System32\NlsLexicons000c.dll - ok05:53:42.0538 6188 [ 555F35AF3B56EAAE367D767B9E2F1E8B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll05:53:42.0538 6188 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll - ok05:53:42.0538 6188 [ 28CAAA8B3DAC4604B6871F311C6B9F49 ] C:\Windows\SysWOW64\NlsData0000.dll05:53:42.0538 6188 C:\Windows\SysWOW64\NlsData0000.dll - ok05:53:42.0538 6188 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll05:53:42.0538 6188 C:\Windows\System32\NlsData0000.dll - ok05:53:42.0538 6188 [ A79FFFBA93697FB09584F11BD09AB636 ] C:\Windows\SysWOW64\NlsData0018.dll05:53:42.0538 6188 C:\Windows\SysWOW64\NlsData0018.dll - ok05:53:42.0538 6188 [ 9BDB62D5C4B3AE8807CB61F7503784E7 ] C:\Windows\System32\NlsData0018.dll05:53:42.0538 6188 C:\Windows\System32\NlsData0018.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747484 Share Posted October 28, 2013 part 13: 05:53:42.0538 6188 [ A4308D8E2B90C3365B124AD2448ED1A2 ] C:\Windows\SysWOW64\NlsLexicons0018.dll05:53:42.0538 6188 C:\Windows\SysWOW64\NlsLexicons0018.dll - ok05:53:42.0554 6188 [ 3A84190D1D472A3BB9CC4AF141326F13 ] C:\Windows\System32\NlsLexicons0018.dll05:53:42.0554 6188 C:\Windows\System32\NlsLexicons0018.dll - ok05:53:42.0554 6188 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll05:53:42.0554 6188 C:\Windows\SysWOW64\wmsgapi.dll - ok05:53:42.0554 6188 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll05:53:42.0554 6188 C:\Windows\System32\wups2.dll - ok05:53:42.0554 6188 [ C7A572160F9FFA4363E7C90A91C1ACCB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\439eb22c3f6967beb8a3364626883423\System.Xml.ni.dll05:53:42.0554 6188 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\439eb22c3f6967beb8a3364626883423\System.Xml.ni.dll - ok05:53:42.0554 6188 [ 41132124BA846F34829F56ACF7C935B9 ] C:\Program Files (x86)\Hewlett-Packard\HP Ceement\CeeUtil.dll05:53:42.0554 6188 C:\Program Files (x86)\Hewlett-Packard\HP Ceement\CeeUtil.dll - ok05:53:42.0554 6188 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll05:53:42.0554 6188 C:\Windows\SysWOW64\tapi32.dll - ok05:53:42.0554 6188 [ 613BF4820361543956909043A265C6AC ] C:\Windows\SysWOW64\tapisrv.dll05:53:42.0554 6188 C:\Windows\SysWOW64\tapisrv.dll - ok05:53:42.0554 6188 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll05:53:42.0554 6188 C:\Windows\System32\tapisrv.dll - ok05:53:42.0554 6188 [ FA010336DB6FC6352A5056DD3E212CA8 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe05:53:42.0554 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok05:53:42.0554 6188 [ FBF8259AEB2AD54BDC93B83C550B2348 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll05:53:42.0554 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll - ok05:53:42.0569 6188 [ E6F0F0253BB410AEE8B071E77A9CD201 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll - ok05:53:42.0569 6188 [ 681C2614A2732E37A12BDE5192D95CA0 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll - ok05:53:42.0569 6188 [ 56260EB61D3C58797EC00AC1B9013585 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll - ok05:53:42.0569 6188 [ 82B105EDDE5BA70077AB0C62FE206651 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll - ok05:53:42.0569 6188 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\SysWOW64\wdigest.dll05:53:42.0569 6188 C:\Windows\SysWOW64\wdigest.dll - ok05:53:42.0569 6188 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll05:53:42.0569 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok05:53:42.0569 6188 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe05:53:42.0569 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok05:53:42.0569 6188 [ DD50D698711D9435BF46E2EFDABB06CA ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll - ok05:53:42.0569 6188 [ 5077C374979D8CCEC42CBD6780D53795 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\SoapServerService.dll05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\SoapServerService.dll - ok05:53:42.0585 6188 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll05:53:42.0585 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok05:53:42.0585 6188 [ 478B4083DD336A5C7FE26C9AD8C4672E ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\PartialFWUpdateService.dll05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\PartialFWUpdateService.dll - ok05:53:42.0585 6188 [ 0FC90F5E6A200DA235465495CB9F60E5 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\IPRefreshService.dll05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\IPRefreshService.dll - ok05:53:42.0585 6188 [ 878908FA24416D3EA1FA0708646B6D2D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ComEventHandler.dll05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ComEventHandler.dll - ok05:53:42.0585 6188 [ BC8D16DB1D85981ECD25B4A53C5E2B0A ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\HistoryEventHandler.dll05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\HistoryEventHandler.dll - ok05:53:42.0585 6188 [ DD1724F38102A558DBB5E9241730D64C ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll - ok05:53:42.0585 6188 [ FF514B17CA850FCE3D0FAB1ACE22B1AC ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WMIEventHandler.dll05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WMIEventHandler.dll - ok05:53:42.0585 6188 [ C07E8CDC6FF4129DEA6FBAF3CC372C29 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WinLogEventHandler.dll05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WinLogEventHandler.dll - ok05:53:42.0585 6188 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll05:53:42.0585 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok05:53:42.0600 6188 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll05:53:42.0600 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok05:53:42.0600 6188 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe05:53:42.0600 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok05:53:42.0600 6188 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll05:53:42.0600 6188 C:\Windows\SysWOW64\sfc.dll - ok05:53:42.0600 6188 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll05:53:42.0600 6188 C:\Windows\SysWOW64\sfc_os.dll - ok05:53:42.0600 6188 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll05:53:42.0600 6188 C:\Windows\SysWOW64\SndVolSSO.dll - ok05:53:42.0600 6188 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll05:53:42.0600 6188 C:\Windows\SysWOW64\hid.dll - ok05:53:42.0600 6188 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl05:53:42.0600 6188 C:\Windows\SysWOW64\timedate.cpl - ok05:53:42.0600 6188 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl05:53:42.0600 6188 C:\Windows\System32\timedate.cpl - ok05:53:42.0600 6188 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\SysWOW64\shsvcs.dll05:53:42.0600 6188 C:\Windows\SysWOW64\shsvcs.dll - ok05:53:42.0600 6188 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll05:53:42.0600 6188 C:\Windows\SysWOW64\actxprxy.dll - ok05:53:42.0616 6188 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll05:53:42.0616 6188 C:\Windows\System32\actxprxy.dll - ok05:53:42.0616 6188 [ 23B001185B7C3CB1F4BDEB143E6B45B7 ] C:\Windows\System32\shdocvw.dll05:53:42.0616 6188 C:\Windows\System32\shdocvw.dll - ok05:53:42.0616 6188 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll05:53:42.0616 6188 C:\Windows\SysWOW64\shacct.dll - ok05:53:42.0616 6188 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll05:53:42.0616 6188 C:\Windows\SysWOW64\msftedit.dll - ok05:53:42.0616 6188 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll05:53:42.0616 6188 C:\Windows\System32\msftedit.dll - ok05:53:42.0616 6188 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll05:53:42.0616 6188 C:\Windows\SysWOW64\msls31.dll - ok05:53:42.0616 6188 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll05:53:42.0616 6188 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok05:53:42.0616 6188 [ E904178851A6A44BFA97E064EF779E9D ] C:\Windows\SysWOW64\authui.dll05:53:42.0616 6188 C:\Windows\SysWOW64\authui.dll - ok05:53:42.0616 6188 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll05:53:42.0616 6188 C:\Windows\SysWOW64\cryptui.dll - ok05:53:42.0616 6188 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll05:53:42.0616 6188 C:\Windows\SysWOW64\gameux.dll - ok05:53:42.0632 6188 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll05:53:42.0632 6188 C:\Windows\System32\gameux.dll - ok05:53:42.0632 6188 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll05:53:42.0632 6188 C:\Windows\SysWOW64\wer.dll - ok05:53:42.0632 6188 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll05:53:42.0632 6188 C:\Windows\System32\msiltcfg.dll - ok05:53:42.0632 6188 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll05:53:42.0632 6188 C:\Windows\SysWOW64\msiltcfg.dll - ok05:53:42.0632 6188 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll05:53:42.0632 6188 C:\Windows\SysWOW64\msi.dll - ok05:53:42.0632 6188 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll05:53:42.0632 6188 C:\Windows\System32\msi.dll - ok05:53:42.0632 6188 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll05:53:42.0632 6188 C:\Windows\SysWOW64\linkinfo.dll - ok05:53:42.0632 6188 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll05:53:42.0632 6188 C:\Windows\System32\linkinfo.dll - ok05:53:42.0632 6188 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll05:53:42.0632 6188 C:\Windows\System32\DeviceCenter.dll - ok05:53:42.0632 6188 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll05:53:42.0632 6188 C:\Windows\SysWOW64\networkexplorer.dll - ok05:53:42.0632 6188 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll05:53:42.0632 6188 C:\Windows\System32\networkexplorer.dll - ok05:53:42.0647 6188 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll05:53:42.0647 6188 C:\Windows\SysWOW64\drprov.dll - ok05:53:42.0647 6188 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll05:53:42.0647 6188 C:\Windows\System32\drprov.dll - ok05:53:42.0647 6188 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll05:53:42.0647 6188 C:\Windows\SysWOW64\ntlanman.dll - ok05:53:42.0647 6188 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll05:53:42.0647 6188 C:\Windows\System32\ntlanman.dll - ok05:53:42.0647 6188 [ EAF4712B706936C0B10D3B5319B37E81 ] C:\Windows\SysWOW64\davclnt.dll05:53:42.0647 6188 C:\Windows\SysWOW64\davclnt.dll - ok05:53:42.0647 6188 [ B32AB94A432289AC2DF77A3DCAD32EED ] C:\Windows\System32\davclnt.dll05:53:42.0647 6188 C:\Windows\System32\davclnt.dll - ok05:53:42.0647 6188 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll05:53:42.0647 6188 C:\Windows\System32\davhlpr.dll - ok05:53:42.0647 6188 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll05:53:42.0647 6188 C:\Windows\SysWOW64\davhlpr.dll - ok05:53:42.0647 6188 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe05:53:42.0647 6188 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok05:53:42.0647 6188 [ 195145237BE4B95227B8FD6F3D1283BC ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe05:53:42.0647 6188 C:\Program Files\NVIDIA Corporation\nview\nwiz.exe - ok05:53:42.0663 6188 [ 59AF838A39A377C6F7DD387748C5DE87 ] C:\Program Files\Total Defense\Internet Security Suite\casc.exe05:53:42.0663 6188 C:\Program Files\Total Defense\Internet Security Suite\casc.exe - ok05:53:42.0663 6188 [ FEF06E14E7105AD2769A614F45502540 ] C:\Program Files\NVIDIA Corporation\nview\nView64.dll05:53:42.0663 6188 C:\Program Files\NVIDIA Corporation\nview\nView64.dll - ok05:53:42.0663 6188 [ 79C982EF9198EB4B1A6AFDFA5D269E4D ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe05:53:42.0663 6188 C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe - ok05:53:42.0663 6188 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\05378752.sys05:53:42.0663 6188 C:\Windows\System32\drivers\05378752.sys - ok05:53:42.0663 6188 [ DF9CAA5B27E64551AC045FFB46F55629 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe05:53:42.0663 6188 C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe - ok05:53:42.0663 6188 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe05:53:42.0663 6188 C:\Windows\SysWOW64\rundll32.exe - ok05:53:42.0663 6188 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe05:53:42.0663 6188 C:\Windows\System32\rundll32.exe - ok05:53:42.0663 6188 [ 2F5B3AFA626DD53225E86BF34CB80EB1 ] C:\Windows\SysWOW64\ElbyCDIO.dll05:53:42.0663 6188 C:\Windows\SysWOW64\ElbyCDIO.dll - ok05:53:42.0663 6188 [ 1F74B33DC1296273C07F329466B8BE0F ] C:\Windows\SysWOW64\en-US\runonce.exe.mui05:53:42.0663 6188 C:\Windows\SysWOW64\en-US\runonce.exe.mui - ok05:53:42.0678 6188 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll05:53:42.0678 6188 C:\Windows\SysWOW64\ExplorerFrame.dll - ok05:53:42.0678 6188 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll05:53:42.0678 6188 C:\Windows\SysWOW64\duser.dll - ok05:53:42.0678 6188 [ 8433BDAC7D756F47B60A25B713E1CDD1 ] C:\Program Files\Total Defense\Internet Security Suite\ccemail.dll05:53:42.0678 6188 C:\Program Files\Total Defense\Internet Security Suite\ccemail.dll - ok05:53:42.0678 6188 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll05:53:42.0678 6188 C:\Windows\SysWOW64\dui70.dll - ok05:53:42.0678 6188 [ D5E18BA95F9E7D787D25EF07AC68603E ] C:\Windows\SysWOW64\tzres.dll05:53:42.0678 6188 C:\Windows\SysWOW64\tzres.dll - ok05:53:42.0678 6188 [ 8FD0EC6EB52F9EFE15B7A605C827932C ] C:\Windows\System32\Defrag.exe05:53:42.0678 6188 C:\Windows\System32\Defrag.exe - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747485 Share Posted October 28, 2013 part 14: 05:53:42.0678 6188 [ 42771387FE5EAE8211F7000859157620 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.dll05:53:42.0678 6188 C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.dll - ok05:53:42.0678 6188 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll05:53:42.0678 6188 C:\Windows\AppPatch\AcLayers.dll - ok05:53:42.0678 6188 [ 2041012726EF7C95ED51C15C56545A7F ] C:\Windows\SysWOW64\net1.exe05:53:42.0678 6188 C:\Windows\SysWOW64\net1.exe - ok05:53:42.0678 6188 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll05:53:42.0678 6188 C:\Windows\SysWOW64\d3d9.dll - ok05:53:42.0694 6188 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll05:53:42.0694 6188 C:\Windows\System32\d3d9.dll - ok05:53:42.0694 6188 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll05:53:42.0694 6188 C:\Windows\SysWOW64\d3d8thk.dll - ok05:53:42.0694 6188 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll05:53:42.0694 6188 C:\Windows\System32\d3d8thk.dll - ok05:53:42.0694 6188 [ F2E76C84BD0211103113A0BC4A835A7D ] C:\Windows\SysWOW64\TRACERT.EXE05:53:42.0694 6188 C:\Windows\SysWOW64\TRACERT.EXE - ok05:53:42.0694 6188 [ BF484058640D08AC23C4498002223B8F ] C:\Windows\System32\nvd3dumx.dll05:53:42.0694 6188 C:\Windows\System32\nvd3dumx.dll - ok05:53:42.0694 6188 [ 7E067D5C3EF2BB87B3E07DCD61286390 ] C:\Windows\AppPatch\acwow64.dll05:53:42.0694 6188 C:\Windows\AppPatch\acwow64.dll - ok05:53:42.0694 6188 [ B8DD4F4747E37DC6EEB4BDC22AE270F8 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDialog.dll05:53:42.0694 6188 C:\Program Files (x86)\SlySoft\AnyDVD\AnyDialog.dll - ok05:53:42.0694 6188 [ AFC329AF2E9AF235C7ABA8D6D63C40FE ] C:\Program Files\NVIDIA Corporation\nview\nView.dll05:53:42.0694 6188 C:\Program Files\NVIDIA Corporation\nview\nView.dll - ok05:53:42.0694 6188 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll05:53:42.0694 6188 C:\Windows\SysWOW64\comdlg32.dll - ok05:53:42.0694 6188 [ B976D45A3DE9B915E6A0625D89BF6529 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp.dll05:53:42.0694 6188 C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp.dll - ok05:53:42.0710 6188 [ 33B26FA5DBEB69FFAB703EDCB4E6DE4A ] C:\Windows\SysWOW64\qdvd.dll05:53:42.0710 6188 C:\Windows\SysWOW64\qdvd.dll - ok05:53:42.0710 6188 [ B35B2DF377BB08844EA7A30D40FED7E7 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe05:53:42.0710 6188 C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe - ok05:53:42.0710 6188 [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui05:53:42.0710 6188 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok05:53:42.0710 6188 [ 766A9085EC0A0CA37B6905EE092D9D16 ] C:\Program Files\Total Defense\Internet Security Suite\issimages.dll05:53:42.0710 6188 C:\Program Files\Total Defense\Internet Security Suite\issimages.dll - ok05:53:42.0710 6188 [ A45CB10FC8C4DCA23F96FE4D334F64FE ] C:\Windows\SysWOW64\msxml3r.dll05:53:42.0710 6188 C:\Windows\SysWOW64\msxml3r.dll - ok05:53:42.0710 6188 [ 973131EB99BE1E19DAC502CB724E72A5 ] C:\Windows\System32\qdvd.dll05:53:42.0710 6188 C:\Windows\System32\qdvd.dll - ok05:53:42.0710 6188 [ F245764C6292A7364F4A9EC688430C47 ] C:\Program Files\Total Defense\Internet Security Suite\Parental Controls\capcbo.dll05:53:42.0710 6188 C:\Program Files\Total Defense\Internet Security Suite\Parental Controls\capcbo.dll - ok05:53:42.0710 6188 [ 8E19E70B4549D28E413FF04767BC6853 ] C:\Program Files\Total Defense\Internet Security Suite\caentitlementdll.dll05:53:42.0710 6188 C:\Program Files\Total Defense\Internet Security Suite\caentitlementdll.dll - ok05:53:42.0710 6188 [ 1E4B20432D6CB47A219A9049000F5E09 ] C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe05:53:42.0710 6188 C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe - ok05:53:42.0725 6188 [ D0267EABA2147D97D696A69131DC1AA8 ] C:\Program Files\Total Defense\Internet Security Suite\ccdynamiccontent.dll05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\ccdynamiccontent.dll - ok05:53:42.0725 6188 [ 87816DF335990F58C0844BE8AB1976DE ] C:\Program Files\Total Defense\Internet Security Suite\ccissprd.dll05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\ccissprd.dll - ok05:53:42.0725 6188 [ 0C43FC1A5DF9CD2984508BCEA169C7FB ] C:\Windows\SysWOW64\nvapi.dll05:53:42.0725 6188 C:\Windows\SysWOW64\nvapi.dll - ok05:53:42.0725 6188 [ FE889875746F7E51CE79A516E1AAE86F ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\AntiSpamPBO.dll05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\AntiSpamPBO.dll - ok05:53:42.0725 6188 [ 9DF9BF62BBA3B7CD60A0002848443310 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphishbo.dll05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphishbo.dll - ok05:53:42.0725 6188 [ DEED9A789137833A1CEEE1B1501829FA ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\sitefilter.dll05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\sitefilter.dll - ok05:53:42.0725 6188 [ A005676B30AEB3C7703C317D992B193A ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe05:53:42.0725 6188 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok05:53:42.0725 6188 [ CBC8C9B3298F292F9DEBDCD16281688D ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphupd.exe05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphupd.exe - ok05:53:42.0725 6188 [ 16E5353520281CE35F441F0EE3397E86 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe05:53:42.0725 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe - ok05:53:42.0741 6188 [ 0E245A12C90A46C6CFD2FC1291F6E0AF ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll05:53:42.0741 6188 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok05:53:42.0741 6188 [ 30C43B8DF6B5E3AB01696CA902D95875 ] C:\Program Files\Total Defense\Internet Security Suite\commonbo.dll05:53:42.0741 6188 C:\Program Files\Total Defense\Internet Security Suite\commonbo.dll - ok05:53:42.0741 6188 [ 433BDD755D73E7FA75FCE69F9EAD4809 ] C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe05:53:42.0741 6188 C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe - ok05:53:42.0741 6188 [ 6A964389E2DA5046982CD5FFC3276CAA ] C:\Program Files\NVIDIA Corporation\nview\nvShell.dll05:53:42.0741 6188 C:\Program Files\NVIDIA Corporation\nview\nvShell.dll - ok05:53:42.0741 6188 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll05:53:42.0741 6188 C:\Windows\SysWOW64\wscisvif.dll - ok05:53:42.0741 6188 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll05:53:42.0741 6188 C:\Windows\SysWOW64\wscapi.dll - ok05:53:42.0741 6188 [ 9DBC4D7C09DD0F51BCA0464E907ACE9D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\MeProv.dll05:53:42.0741 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\MeProv.dll - ok05:53:42.0741 6188 [ 210F667167ADED94A124CA8EC078E31D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\WsmanClient.dll05:53:42.0741 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\WsmanClient.dll - ok05:53:42.0741 6188 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll05:53:42.0741 6188 C:\Windows\System32\wscapi.dll - ok05:53:42.0756 6188 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll05:53:42.0756 6188 C:\Windows\System32\wscisvif.dll - ok05:53:42.0756 6188 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll05:53:42.0756 6188 C:\Windows\SysWOW64\wshqos.dll - ok05:53:42.0756 6188 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll05:53:42.0756 6188 C:\Windows\SysWOW64\stobject.dll - ok05:53:42.0756 6188 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll05:53:42.0756 6188 C:\Windows\System32\stobject.dll - ok05:53:42.0756 6188 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll05:53:42.0756 6188 C:\Windows\SysWOW64\batmeter.dll - ok05:53:42.0756 6188 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll05:53:42.0756 6188 C:\Windows\System32\batmeter.dll - ok05:53:42.0756 6188 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll05:53:42.0756 6188 C:\Windows\SysWOW64\prnfldr.dll - ok05:53:42.0756 6188 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll05:53:42.0756 6188 C:\Windows\System32\prnfldr.dll - ok05:53:42.0756 6188 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll05:53:42.0756 6188 C:\Windows\SysWOW64\fundisc.dll - ok05:53:42.0756 6188 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll05:53:42.0756 6188 C:\Windows\SysWOW64\fdProxy.dll - ok05:53:42.0756 6188 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll05:53:42.0756 6188 C:\Windows\System32\fdProxy.dll - ok05:53:42.0772 6188 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll05:53:42.0772 6188 C:\Windows\System32\AudioSes.dll - ok05:53:42.0772 6188 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll05:53:42.0772 6188 C:\Windows\System32\DXP.dll - ok05:53:42.0772 6188 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll05:53:42.0772 6188 C:\Windows\SysWOW64\Syncreg.dll - ok05:53:42.0772 6188 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll05:53:42.0772 6188 C:\Windows\System32\Syncreg.dll - ok05:53:42.0772 6188 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll05:53:42.0772 6188 C:\Windows\ehome\ehSSO.dll - ok05:53:42.0772 6188 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll05:53:42.0772 6188 C:\Windows\SysWOW64\AltTab.dll - ok05:53:42.0772 6188 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll05:53:42.0772 6188 C:\Windows\System32\AltTab.dll - ok05:53:42.0772 6188 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll05:53:42.0772 6188 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok05:53:42.0772 6188 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll05:53:42.0772 6188 C:\Windows\System32\WPDShServiceObj.dll - ok05:53:42.0772 6188 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll05:53:42.0772 6188 C:\Windows\System32\wbem\wmipcima.dll - ok05:53:42.0788 6188 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll05:53:42.0788 6188 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok05:53:42.0788 6188 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll05:53:42.0788 6188 C:\Windows\System32\PortableDeviceTypes.dll - ok05:53:42.0788 6188 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll05:53:42.0788 6188 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok05:53:42.0788 6188 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll05:53:42.0788 6188 C:\Windows\SysWOW64\pnidui.dll - ok05:53:42.0788 6188 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll05:53:42.0788 6188 C:\Windows\System32\pnidui.dll - ok05:53:42.0788 6188 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL05:53:42.0788 6188 C:\Windows\SysWOW64\QUTIL.DLL - ok05:53:42.0788 6188 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL05:53:42.0788 6188 C:\Windows\System32\QUTIL.DLL - ok05:53:42.0788 6188 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll05:53:42.0788 6188 C:\Windows\SysWOW64\ncsi.dll - ok05:53:42.0788 6188 [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\SysWOW64\cscobj.dll05:53:42.0788 6188 C:\Windows\SysWOW64\cscobj.dll - ok05:53:42.0788 6188 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll05:53:42.0788 6188 C:\Windows\System32\cscobj.dll - ok05:53:42.0803 6188 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll05:53:42.0803 6188 C:\Windows\SysWOW64\netcfgx.dll - ok05:53:42.0803 6188 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll05:53:42.0803 6188 C:\Windows\SysWOW64\srchadmin.dll - ok05:53:42.0803 6188 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll05:53:42.0803 6188 C:\Windows\System32\netcfgx.dll - ok05:53:42.0803 6188 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll05:53:42.0803 6188 C:\Windows\System32\srchadmin.dll - ok05:53:42.0803 6188 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll05:53:42.0803 6188 C:\Windows\SysWOW64\dot3api.dll - ok05:53:42.0803 6188 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll05:53:42.0803 6188 C:\Windows\System32\dot3api.dll - ok05:53:42.0803 6188 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll05:53:42.0803 6188 C:\Windows\SysWOW64\eappcfg.dll - ok05:53:42.0803 6188 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll05:53:42.0803 6188 C:\Windows\System32\eappcfg.dll - ok05:53:42.0803 6188 [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\SysWOW64\webcheck.dll05:53:42.0803 6188 C:\Windows\SysWOW64\webcheck.dll - ok05:53:42.0803 6188 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll05:53:42.0803 6188 C:\Windows\SysWOW64\wlanhlp.dll - ok05:53:42.0819 6188 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll05:53:42.0819 6188 C:\Windows\System32\webcheck.dll - ok05:53:42.0819 6188 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll05:53:42.0819 6188 C:\Windows\System32\wlanhlp.dll - ok05:53:42.0819 6188 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll05:53:42.0819 6188 C:\Windows\SysWOW64\mlang.dll - ok05:53:42.0819 6188 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll05:53:42.0819 6188 C:\Windows\SysWOW64\wlanapi.dll - ok05:53:42.0819 6188 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll05:53:42.0819 6188 C:\Windows\SysWOW64\wlanutil.dll - ok05:53:42.0819 6188 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\SysWOW64\onex.dll05:53:42.0819 6188 C:\Windows\SysWOW64\onex.dll - ok05:53:42.0819 6188 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll05:53:42.0819 6188 C:\Windows\System32\onex.dll - ok05:53:42.0819 6188 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\SysWOW64\eappprxy.dll05:53:42.0819 6188 C:\Windows\SysWOW64\eappprxy.dll - ok05:53:42.0819 6188 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll05:53:42.0819 6188 C:\Windows\System32\eappprxy.dll - ok05:53:42.0819 6188 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll05:53:42.0819 6188 C:\Windows\SysWOW64\hnetcfg.dll - ok05:53:42.0834 6188 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll05:53:42.0834 6188 C:\Windows\System32\hnetcfg.dll - ok05:53:42.0834 6188 [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\SysWOW64\mssvp.dll05:53:42.0834 6188 C:\Windows\SysWOW64\mssvp.dll - ok05:53:42.0834 6188 [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll05:53:42.0834 6188 C:\Windows\System32\mssvp.dll - ok05:53:42.0834 6188 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll05:53:42.0834 6188 C:\Windows\SysWOW64\SyncCenter.dll - ok05:53:42.0834 6188 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll05:53:42.0834 6188 C:\Windows\System32\SyncCenter.dll - ok05:53:42.0834 6188 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe05:53:42.0834 6188 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok05:53:42.0834 6188 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll05:53:42.0834 6188 C:\Windows\SysWOW64\ActionCenter.dll - ok05:53:42.0834 6188 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll05:53:42.0834 6188 C:\Program Files\Windows Media Player\wmpnssci.dll - ok05:53:42.0834 6188 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll05:53:42.0834 6188 C:\Windows\System32\ActionCenter.dll - ok05:53:42.0834 6188 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll05:53:42.0834 6188 C:\Windows\SysWOW64\WWanAPI.dll - ok05:53:42.0850 6188 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll05:53:42.0850 6188 C:\Windows\System32\WWanAPI.dll - ok05:53:42.0850 6188 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll05:53:42.0850 6188 C:\Windows\SysWOW64\wwapi.dll - ok Link to post Share on other sites More sharing options...
chooki Posted October 28, 2013 Author ID:747487 Share Posted October 28, 2013 part 15: 05:53:42.0850 6188 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll05:53:42.0850 6188 C:\Windows\SysWOW64\imapi2.dll - ok05:53:42.0850 6188 [ 12395E528456DFE82979ACFEA96D290C ] C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui05:53:42.0850 6188 C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui - ok05:53:42.0850 6188 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll05:53:42.0850 6188 C:\Windows\System32\imapi2.dll - ok05:53:42.0850 6188 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL05:53:42.0850 6188 C:\Windows\SysWOW64\QAGENT.DLL - ok05:53:42.0850 6188 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL05:53:42.0850 6188 C:\Windows\System32\QAGENT.DLL - ok05:53:42.0850 6188 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl05:53:42.0850 6188 C:\Windows\SysWOW64\bthprops.cpl - ok05:53:42.0850 6188 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl05:53:42.0850 6188 C:\Windows\System32\bthprops.cpl - ok05:53:42.0866 6188 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll05:53:42.0866 6188 C:\Windows\SysWOW64\hgcpl.dll - ok05:53:42.0866 6188 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll05:53:42.0866 6188 C:\Windows\System32\hgcpl.dll - ok05:53:42.0866 6188 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll05:53:42.0866 6188 C:\Windows\System32\ListSvc.dll - ok05:53:42.0866 6188 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\SysWOW64\P2P.dll05:53:42.0866 6188 C:\Windows\SysWOW64\P2P.dll - ok05:53:42.0866 6188 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll05:53:42.0866 6188 C:\Windows\System32\P2P.dll - ok05:53:42.0866 6188 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll05:53:42.0866 6188 C:\Windows\System32\IdListen.dll - ok05:53:42.0866 6188 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll05:53:42.0866 6188 C:\Windows\SysWOW64\p2pcollab.dll - ok05:53:42.0866 6188 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll05:53:42.0866 6188 C:\Windows\System32\pnrpsvc.dll - ok05:53:42.0866 6188 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll05:53:42.0866 6188 C:\Windows\System32\hgprint.dll - ok05:53:42.0866 6188 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll05:53:42.0866 6188 C:\Windows\SysWOW64\sqmapi.dll - ok05:53:42.0881 6188 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll05:53:42.0881 6188 C:\Windows\System32\p2psvc.dll - ok05:53:42.0881 6188 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\SysWOW64\P2PGraph.dll05:53:42.0881 6188 C:\Windows\SysWOW64\P2PGraph.dll - ok05:53:42.0881 6188 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll05:53:42.0881 6188 C:\Windows\System32\P2PGraph.dll - ok05:53:42.0881 6188 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll05:53:42.0881 6188 C:\Windows\System32\FXSST.dll - ok05:53:42.0881 6188 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll05:53:42.0881 6188 C:\Windows\SysWOW64\FXSAPI.dll - ok05:53:42.0881 6188 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll05:53:42.0881 6188 C:\Windows\System32\FXSAPI.dll - ok05:53:42.0881 6188 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll05:53:42.0881 6188 C:\Windows\SysWOW64\FXSRESM.dll - ok05:53:42.0881 6188 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll05:53:42.0881 6188 C:\Windows\System32\FXSRESM.dll - ok05:53:42.0881 6188 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe05:53:42.0881 6188 C:\Windows\System32\FXSSVC.exe - ok05:53:42.0881 6188 ============================================================05:53:42.0881 6188 Scan finished05:53:42.0881 6188 ============================================================05:53:42.0897 6180 Detected object count: 105:53:42.0897 6180 Actual detected object count: 105:54:58.0684 6180 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user05:54:58.0684 6180 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip ======================================================================================== ark.txt: GMER 2.1.19163 - http://www.gmer.netRootkit scan 2013-10-29 06:11:01Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 INTEL_SS rev.335t 223.57GBRunning: vh5jpc8s.exe; Driver: C:\Users\Z220\AppData\Local\Temp\pgldipow.sys---- Threads - GMER 2.1 ----Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4484] 000007fefb802a7cThread C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4512] 000007feea91d618Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4428] 000007fef9315124---- EOF - GMER 2.1 ---- ==================================================================================== ** I am unable to upload the malicious file as it exceeds the 5 megabyte maximum. It's 7 meg already zipped and I don't know how to split it. Many thanks, chooki Link to post Share on other sites More sharing options...
Psychotic Posted October 29, 2013 ID:747665 Share Posted October 29, 2013 Check the suspicious fiel with VirusTotal: Scan file(s) via VirusTotalPlease check the file in the code box via VirustotalClick browsecopy the following into the search boxyour suspicious file here!and click open.click Send File.please be patinet until the file is uploade completely. If you get the message File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:click on Reanalyse. Wait until Current status: Finished appears. Now, copy the link from within your browser´s adress bar and poste it here. CombofixCombofix should only be run when adviced by a team member!LinkImportant - Save the file to your desktop! Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work. Run Combofix.exeWhen finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this. Link to post Share on other sites More sharing options...
chooki Posted October 29, 2013 Author ID:747673 Share Posted October 29, 2013 ok, I will get to it. Link to post Share on other sites More sharing options...
chooki Posted October 29, 2013 Author ID:747679 Share Posted October 29, 2013 virus total: https://www.virustotal.com/en/file/b19e0a4855ce7af346ae67a2479a3826d54909793f923bf48498394e2c02dfb0/analysis/1383033734/ Link to post Share on other sites More sharing options...
chooki Posted October 29, 2013 Author ID:747696 Share Posted October 29, 2013 Even though I stopped the antivirus from starting at bootup, certain components of it still ran until I rebooted twice more. Even then, the antivirus prompted me whether to block or allow "Freeware Implementation Of reg.exe" and "NirCmd". I allowed them. Combofix.txt: ComboFix 13-10-28.01 - Z220 29/10/2013 19:21:21.1.8 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.16329.14324 [GMT 11:00]Running from: c:\users\Z220\Desktop\ComboFix.exeAV: Total Defense Anti-Virus *Enabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}FW: Total Defense Personal Firewall *Enabled* {6F8E4568-E0DA-DA91-5F44-FD1E1B727591}SP: Total Defense Anti-Virus *Enabled/Updated* {ECD425A9-8C8F-D447-4EAB-6F599E267857}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\wininit.ini..((((((((((((((((((((((((( Files Created from 2013-09-28 to 2013-10-29 )))))))))))))))))))))))))))))))..2013-10-29 08:26 . 2013-10-29 08:26 -------- d-----w- c:\users\Default\AppData\Local\temp2013-10-29 08:17 . 2013-10-29 08:17 16712 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS2013-10-27 06:24 . 2013-10-27 06:25 -------- d-----w- c:\programdata\Recovery2013-10-26 07:43 . 2013-10-26 07:43 12872 ----a-w- c:\windows\system32\bootdelete.exe2013-10-26 07:33 . 2013-10-26 07:43 -------- d-----w- c:\programdata\HitmanPro2013-10-26 02:00 . 2013-10-26 02:00 -------- d-----w- c:\programdata\Kingsoft2013-10-26 01:34 . 2013-10-26 01:34 -------- d-----w- c:\programdata\SysReveal2013-10-26 01:23 . 2013-10-26 01:24 25088 ----a-w- c:\windows\SysWow64\drivers\dvqGGvc.sys2013-10-26 01:12 . 2013-10-26 01:12 35712 ----a-w- c:\windows\SysWow64\drivers\Lpc0GR7b.sys2013-10-25 10:12 . 2013-10-25 10:12 -------- d-----w- c:\programdata\Norton2013-10-25 10:08 . 2013-10-25 10:08 56832 ----a-w- c:\windows\SysWow64\drivers\RKD.sys2013-10-25 09:43 . 2010-08-23 06:07 29752 ----a-w- c:\windows\system32\drivers\rspSanity64.sys2013-10-25 06:16 . 2013-10-25 06:16 -------- d-----w- c:\programdata\Sony2013-10-25 06:16 . 2013-10-25 06:16 -------- d-----w- c:\program files (x86)\Sony2013-10-24 08:14 . 2013-10-24 08:14 -------- d-----w- c:\program files (x86)\MSECache2013-10-23 10:18 . 2013-10-23 10:18 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys2013-10-23 10:18 . 2013-10-23 10:18 -------- d-----w- c:\programdata\AVG SafeGuard toolbar2013-10-23 04:12 . 2013-10-23 04:12 -------- d-----w- c:\windows\ERUNT2013-10-23 04:11 . 2013-10-23 04:11 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2013-10-23 03:40 . 2013-10-23 03:40 116440 ----a-w- c:\windows\system32\drivers\48230029.sys2013-10-23 03:39 . 2013-10-23 03:39 91352 ----a-w- c:\windows\system32\drivers\3E5D0FD8.sys2013-10-23 03:16 . 2013-10-23 03:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-10-23 03:16 . 2013-04-04 03:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-10-23 01:55 . 2013-10-28 03:40 -------- d-----w- c:\program files\Malwarebytes Anti-Exploit2013-10-23 01:55 . 2013-07-15 17:41 743248 ----a-w- c:\windows\SysWow64\msvcp100d.dll2013-10-23 01:55 . 2013-07-15 17:41 1858896 ----a-w- c:\windows\system32\msvcr100d.dll2013-10-23 01:55 . 2013-07-15 17:41 1498960 ----a-w- c:\windows\SysWow64\msvcr100d.dll2013-10-23 01:55 . 2013-07-15 17:41 1014096 ----a-w- c:\windows\system32\msvcp100d.dll2013-10-22 07:17 . 2013-10-22 07:17 -------- d-----w- C:\Program Files(x86)2013-10-22 06:53 . 2013-10-22 06:53 -------- d-----w- c:\programdata\Easy CD-DA Extractor2013-10-22 06:53 . 2013-10-22 06:53 -------- d-----w- c:\program files\Easy CD-DA Extractor 152013-10-21 06:39 . 2013-10-21 06:39 -------- d-----w- c:\programdata\vsosdk2013-10-21 02:44 . 2013-10-21 02:44 -------- d-----w- c:\program files (x86)\Convert AVI to MP42013-10-21 02:39 . 2013-10-23 09:10 -------- d-----w- c:\programdata\VSO2013-10-21 02:39 . 2013-10-21 04:48 -------- d-----w- c:\program files (x86)\VSO2013-10-21 02:11 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\Gabest2013-10-21 02:11 . 2011-05-30 13:42 240640 ----a-w- c:\windows\SysWow64\xvidvfw.dll2013-10-21 02:11 . 2011-05-30 13:42 255488 ----a-w- c:\windows\system32\xvidvfw.dll2013-10-21 02:11 . 2011-05-23 09:52 153088 ----a-w- c:\windows\SysWow64\xvid.ax2013-10-21 02:11 . 2011-05-23 07:49 173568 ----a-w- c:\windows\system32\xvid.ax2013-10-21 02:11 . 2011-05-23 07:46 645632 ----a-w- c:\windows\SysWow64\xvidcore.dll2013-10-21 02:11 . 2011-05-23 07:45 696832 ----a-w- c:\windows\system32\xvidcore.dll2013-10-21 02:11 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\Xvid2013-10-21 02:10 . 2013-10-21 02:10 -------- d-----w- c:\program files (x86)\AviSynth 2.52013-10-21 02:09 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\AVI ReComp2013-10-21 00:57 . 2013-10-21 00:57 -------- d-----w- c:\program files\Handbrake2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\programdata\ArcSoft2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\program files (x86)\ArcSoft2013-10-21 00:34 . 2013-10-21 00:34 -------- d-----w- c:\programdata\Aiseesoft Studio2013-10-21 00:34 . 2013-10-21 00:34 -------- d-----w- c:\program files (x86)\Aiseesoft Studio2013-10-21 00:25 . 2013-10-22 07:27 -------- d-----w- c:\programdata\SlySoft2013-10-21 00:25 . 2013-10-22 07:26 -------- d-----w- c:\program files (x86)\SlySoft2013-10-17 05:26 . 2013-10-28 09:09 -------- d-----w- C:\P&Plus2013-10-17 04:21 . 2013-10-17 04:20 265736 ----a-w- c:\windows\SysWow64\cfgmig32.exe2013-10-17 04:21 . 2013-10-17 04:20 1424904 ----a-w- c:\windows\SysWow64\cfgmig32.dll2013-10-17 04:21 . 2013-10-17 04:20 1424904 ----a-w- c:\windows\system32\cfgmig32.dll2013-10-17 04:21 . 2013-09-03 12:01 3213712 ----a-w- c:\windows\SysWow64\mdmcls32.exe2013-10-17 04:21 . 2013-09-03 12:01 3213712 ----a-w- c:\windows\system32\mdmcls32.exe2013-10-17 04:21 . 2013-09-03 07:22 2992528 ----a-w- c:\windows\SysWow64\winsflte.dll2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files (x86)\CA2013-10-17 04:05 . 2013-09-03 12:09 2763152 ----a-w- c:\windows\SysWow64\svcprs32.exe2013-10-17 04:05 . 2013-09-03 12:05 291728 ----a-w- c:\windows\SysWow64\winsfinst_x64.exe2013-10-17 04:05 . 2013-09-03 12:05 100752 ----a-w- c:\windows\SysWow64\winsfinst.exe2013-10-17 04:05 . 2013-09-03 12:03 4110736 ----a-w- c:\windows\SysWow64\win32cpr.dll2013-10-17 04:05 . 2002-01-01 03:02 7440 ----a-w- c:\windows\SysWow64\sporder.dll2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files (x86)\Common Files\InstallShield2013-10-17 04:05 . 2013-10-17 04:20 -------- d-----w- c:\program files\ISSThirdParty2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files\Total Defense2013-10-17 04:05 . 2013-10-17 04:22 -------- d-----w- c:\programdata\CA2013-10-17 00:22 . 2013-10-17 00:22 -------- d-----w- c:\programdata\EPSON2013-10-16 15:12 . 2013-10-24 11:41 27256 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys2013-10-16 09:52 . 2013-10-16 09:52 -------- d-----w- c:\programdata\Sophos2013-10-15 06:16 . 2013-10-26 12:44 -------- d-----w- c:\program files\CCleaner2013-10-15 00:48 . 2013-10-15 01:35 -------- d-----w- c:\program files (x86)\Defender Pro Quick Scanner2013-10-14 23:07 . 2013-10-14 23:07 -------- d-----w- c:\program files\Enigma Software Group2013-10-14 23:06 . 2013-10-14 23:06 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard2013-10-14 10:22 . 2013-10-14 10:22 -------- d-----w- c:\programdata\Malwarebytes2013-10-14 10:22 . 2013-10-23 03:47 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-10-13 09:21 . 2013-10-13 09:21 -------- d-----w- c:\program files\MPC-HC2013-10-13 06:16 . 2013-10-13 06:18 -------- d-----w- c:\program files (x86)\Microsoft Works2013-10-13 06:16 . 2013-10-13 06:16 -------- d-----w- c:\windows\PCHEALTH2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----w- c:\program files\Microsoft Office2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 82013-10-13 06:15 . 2013-10-13 06:29 -------- d-----w- c:\programdata\Microsoft Help2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----r- C:\MSOCache2013-10-12 21:58 . 2013-10-12 21:58 -------- d-----w- c:\users\Public\Creative2013-10-12 21:31 . 2013-10-12 21:31 -------- d-----w- c:\windows\SysWow64\Wat2013-10-12 21:31 . 2013-10-12 21:31 -------- d-----w- c:\windows\system32\Wat2013-10-12 21:10 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll2013-10-12 12:50 . 2013-02-20 11:14 495888 ----a-w- c:\windows\system32\drivers\e1c62x64.sys2013-10-12 12:50 . 2012-12-05 16:21 73032 ----a-w- c:\windows\system32\e1cmsg.dll2013-10-12 12:50 . 2012-11-13 17:07 101224 ----a-w- c:\windows\system32\NicInstC.dll2013-10-12 12:50 . 2013-10-12 12:50 316736 ----a-w- c:\windows\system32\PRONtObj.dll2013-10-12 12:50 . 2013-10-12 12:50 163400 ----a-w- c:\windows\system32\drivers\iANSW60e.sys2013-10-12 12:07 . 2013-10-12 12:07 -------- d-----w- c:\programdata\{A5CCDB92-FA53-47D1-89E6-32B82D86621A}2013-10-12 11:59 . 2013-10-15 01:34 -------- d-----w- c:\windows\system32\appmgmt2013-10-12 10:03 . 2013-10-12 10:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy2013-10-12 10:02 . 2013-10-17 03:51 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 22013-10-12 09:22 . 2013-10-12 09:22 -------- d-----w- c:\program files (x86)\MSXML 4.02013-10-12 09:20 . 2013-10-12 09:20 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-10-12 08:44 . 2013-09-25 14:46 80541720 ----a-w- c:\windows\system32\MRT.exe2013-10-12 08:29 . 2013-10-12 08:29 -------- d-----w- c:\program files\WinRAR2013-10-12 06:31 . 2013-10-12 06:31 -------- d-----w- c:\program files (x86)\Microsoft Silverlight2013-10-12 04:45 . 2012-06-08 18:09 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll2013-10-12 04:45 . 2013-10-12 04:45 -------- d-----w- C:\Intel2013-10-12 04:45 . 2011-08-23 20:52 117248 ----a-w- c:\windows\system32\HPMUIDir.exe2013-10-12 04:45 . 2013-10-12 04:48 -------- d-----w- c:\program files\Hewlett-Packard2013-10-12 04:45 . 2013-10-12 12:07 -------- d-----w- c:\program files (x86)\Hewlett-Packard2013-10-12 04:38 . 2013-10-12 04:38 96768 ----a-w- c:\windows\system32\fsutil.exe2013-10-12 04:38 . 2013-10-12 04:38 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS2013-10-12 04:38 . 2013-10-12 04:38 74240 ----a-w- c:\windows\SysWow64\fsutil.exe2013-10-12 04:38 . 2013-10-12 04:38 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys2013-10-12 04:38 . 2013-10-12 04:38 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys2013-10-12 04:38 . 2013-10-12 04:38 2565632 ----a-w- c:\windows\system32\esent.dll2013-10-12 04:38 . 2013-10-12 04:38 189824 ----a-w- c:\windows\system32\drivers\storport.sys2013-10-12 04:38 . 2013-10-12 04:38 1699328 ----a-w- c:\windows\SysWow64\esent.dll2013-10-12 04:38 . 2013-10-12 04:38 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys2013-10-12 04:38 . 2013-10-12 04:38 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys2013-10-12 04:38 . 2013-10-12 04:38 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys2013-10-12 04:37 . 2013-10-12 04:37 376688 ----a-w- c:\windows\system32\drivers\netio.sys2013-10-12 04:37 . 2013-10-12 04:37 503808 ----a-w- c:\windows\system32\srcore.dll2013-10-12 04:37 . 2013-10-12 04:37 43008 ----a-w- c:\windows\SysWow64\srclient.dll2013-10-12 04:36 . 2013-10-12 04:36 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll2013-10-12 04:36 . 2013-10-12 04:36 2048 ----a-w- c:\windows\system32\msxml3r.dll..(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-09-03 03:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe2013-08-29 01:48 . 2013-10-11 15:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll2013-07-31 11:23 . 2013-07-31 11:23 139352 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys2013-07-31 11:23 . 2013-07-31 11:23 139352 ----a-w- c:\windows\system32\drivers\AnyDVD.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVD.exe" [2013-10-25 94296].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-06-08 291648]"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-05-02 132440].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]"NoDevMgrUpdate"= 0 (0x0)"NoDFSTab"= 0 (0x0)"NoEncryptOnMove"= 0 (0x0)"NoResolveTrack"= 0 (0x0)"NoStartMenuSubFolders"= 0 (0x0).[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoDevMgrUpdate"= 0 (0x0)"NoDFSTab"= 0 (0x0)"NoEncryptOnMove"= 0 (0x0)"NoResolveTrack"= 0 (0x0)"NoStartMenuSubFolders"= 0 (0x0).[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"DisableLocalMachineRun"= 0 (0x0)"DisableLocalMachineRunOnce"= 0 (0x0)"DisableCurrentUserRun"= 0 (0x0)"DisableCurrentUserRunOnce"= 0 (0x0)"NoFile"= 0 (0x0)"HideClock"= 0 (0x0)"NoDevMgrUpdate"= 0 (0x0)"NoDFSTab"= 0 (0x0)"NoEncryptOnMove"= 0 (0x0)"NoResolveTrack"= 0 (0x0)"NoStartMenuSubFolders"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]2011-02-24 03:33 79368 ----a-w- c:\windows\System32\UmxWNP.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux1"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]@="".R1 1UnHooker;1UnHooker;c:\windows\system32\DRIVERS\1UnHooker.sys;c:\windows\SYSNATIVE\DRIVERS\1UnHooker.sys [x]R1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\RUN\a2ddax64.sys;c:\eek\RUN\a2ddax64.sys [x]R2 CAAMSvc;CAAMSvc;c:\program files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe;c:\program files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [x]R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]R2 UmxEngine;TM Engine;c:\program files\CA\SharedComponents\TMEngine\UmxEngine.exe;c:\program files\CA\SharedComponents\TMEngine\UmxEngine.exe [x]R3 aswArKrn;aswArKrn;c:\users\Z220\AppData\Local\Temp\aswArKrn.sys;c:\users\Z220\AppData\Local\Temp\aswArKrn.sys [x]R3 cleanhlp;cleanhlp;c:\eek\Run\cleanhlp64.sys;c:\eek\Run\cleanhlp64.sys [x]R3 DarkSpy;DarkSpy;c:\windows\system32\DarkSpyKernel.sys;c:\windows\SYSNATIVE\DarkSpyKernel.sys [x]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]R3 FilterMon;FilterMon;c:\users\Z220\Desktop\anti rootkit apps\x64\FilterMon.sys;c:\users\Z220\Desktop\anti rootkit apps\x64\FilterMon.sys [x]R3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM60x64.sys;c:\windows\SYSNATIVE\drivers\ifM60x64.sys [x]R3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP60X64.sys;c:\windows\SYSNATIVE\drivers\ifP60X64.sys [x]R3 Lpc0GR7b;BlackBox SR2; [x]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]R3 pwalker;Process Walker Driver;c:\users\Z220\Desktop\anti rootkit apps\New folder\pwalker.sys;c:\users\Z220\Desktop\anti rootkit apps\New folder\pwalker.sys [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]R3 rspSanity;rspSanity;c:\windows\system32\DRIVERS\rspSanity64.sys;c:\windows\SYSNATIVE\DRIVERS\rspSanity64.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]S0 KmxAMRT;KmxAMRT;c:\windows\system32\DRIVERS\KmxAMRT.sys;c:\windows\SYSNATIVE\DRIVERS\KmxAMRT.sys [x]S0 KmxFw;KmxFw;c:\windows\System32\DRIVERS\kmxfw.sys;c:\windows\SYSNATIVE\DRIVERS\kmxfw.sys [x]S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files\Malwarebytes Anti-Exploit\MBAE.sys;c:\program files\Malwarebytes Anti-Exploit\MBAE.sys [x]S1 KmxAgent;KmxAgent;c:\windows\system32\DRIVERS\kmxagent.sys;c:\windows\SYSNATIVE\DRIVERS\kmxagent.sys [x]S1 KmxCfg;KmxCfg;c:\windows\system32\DRIVERS\kmxcfg.sys;c:\windows\SYSNATIVE\DRIVERS\kmxcfg.sys [x]S1 KmxFile;KmxFile;c:\windows\system32\DRIVERS\KmxFile.sys;c:\windows\SYSNATIVE\DRIVERS\KmxFile.sys [x]S1 KmxFilter;HIPS Core Filter Driver;c:\windows\system32\DRIVERS\KmxFilter.sys;c:\windows\SYSNATIVE\DRIVERS\KmxFilter.sys [x]S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]S2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\Total Defense\Internet Security Suite\ccschedulersvc.exe;c:\program files\Total Defense\Internet Security Suite\ccschedulersvc.exe [x]S2 CtHdaSvc;Sound Blaster Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x]S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]S2 KmxCF;KmxCF;c:\windows\system32\DRIVERS\KmxCF.sys;c:\windows\SYSNATIVE\DRIVERS\KmxCF.sys [x]S2 KmxSbx;KmxSbx;c:\windows\system32\DRIVERS\KmxSbx.sys;c:\windows\SYSNATIVE\DRIVERS\KmxSbx.sys [x]S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S2 WinSvchostManagerSrv;WinSvchostManagerSrv;c:\windows\SysWOW64\cfgmig32.exe;c:\windows\SysWOW64\cfgmig32.exe [x]S3 cthda;Sound Blaster HDAudio;c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x]S3 cthdb;SB Recon3D PCIe Audio Bus Filter;c:\windows\system32\DRIVERS\cthdb.sys;c:\windows\SYSNATIVE\DRIVERS\cthdb.sys [x]S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]..Contents of the 'Scheduled Tasks' folder.2013-10-28 c:\windows\Tasks\HPCeeScheduleForZ220.job- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15].2013-10-29 c:\windows\Tasks\Malwarebytes Anti-Exploit.job- c:\program files\Malwarebytes Anti-Exploit\mbae-loader.exe [2013-10-23 22:48]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-06-05 2716960]"cctray"="c:\program files\Total Defense\Internet Security Suite\casc.exe" [2013-10-17 2733576].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"=c:\windows\System32\UmxSbxExA64.dll.------- Supplementary Scan -------.uStart Page = https://www.google.com.au/uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 198.142.0.51 211.29.132.12 198.142.235.14..------- File Associations -------.inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1.- - - - ORPHANS REMOVED - - - -.SafeBoot-07589289.sysSafeBoot-48829666.sysSafeBoot-CleanHlpSafeBoot-CleanHlp.sysAddRemove-{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A} - c:\program files (x86)\InstallShield Installation Information\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}\setup.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-10-29 19:28:22ComboFix-quarantined-files.txt 2013-10-29 08:28.Pre-Run: 169,453,965,312 bytes freePost-Run: 169,285,218,304 bytes free.- - End Of File - - C4A02DD0465594C7508EACE1F78B6066 Link to post Share on other sites More sharing options...
Psychotic Posted October 29, 2013 ID:747699 Share Posted October 29, 2013 Scan with ESET Online ScanPlease go to here to run the online scannner from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activex control to installClick StartMake sure that the option Remove found threats is unticked Click on Advanced Settings and ensure these options are ticked:Scan for potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth Technology[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic. Link to post Share on other sites More sharing options...
chooki Posted October 29, 2013 Author ID:747707 Share Posted October 29, 2013 ESET found only these: C:\Users\Z220\Desktop\malware\x264 Video Codecs XP-Win7.zip Win32/Sathurbot.A TrojanC:\Users\Z220\Desktop\malware\x264 Video Codecs XP-Win7.exe Win32/Sathurbot.A Trojan These are the files I tried to upload to Malwarebytes for examination but they exceed the 5MB maximum filesize so I couldn't. Combofix created a new folder called Qoobox and there are a few quarantined files and folders in it. Link to post Share on other sites More sharing options...
Psychotic Posted October 29, 2013 ID:747717 Share Posted October 29, 2013 I know that this folder has been created, that´s ok.You don´t need to uplaod the file as it is well knwon by other antivirus program manufacturers (as you can see within the Virustotal log file) There is no more malware on your system... Then we can do the cleanup - if you are facing any issues, report that immediately.Delete junk with adwCleanerPlease download AdwCleaner to your desktop.Run adwcleaner.exe Hit Scan and wait for the scan to finish. Confirm the message but don´t uncheck anything. Hit Clean When the run is finished, it will open up a text file Please post its contents within your next reply You´ll find the log file at C:\AdwCleaner[s1].txt alsoSecurityCheckPlease download SecurityCheck: LINK1 LINK2 Save it to your desktop, start it and follow the instructions in the window. After the scan finished the (checkup.txt) will open. Copy its content to your thread. Scan with Farbar´s Service ScannerPlease download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:Internet Services Windows Firewall System Restore Security Center Windows Update Windows Defender [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply. Link to post Share on other sites More sharing options...
Recommended Posts