Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win32 Malware-gen pops up continuously even though all scans show clea


  • This topic is locked This topic is locked

#1
Umbe

Umbe

    Member

  • Member
  • PipPip
  • 18 posts
Hi, and thanks in advance for any and all help. I'm running Win7 Ultimate 64bit, with Avast Free Antivirus. I've been away from home for a couple of months, and returned to find some malware on my computer. Long story short, I don't know how I got it. Avast pops up with a 'blocked Malicious URL' message every time I connect to the internet, and sometimes does this continuously (eg 7-16 times in the space of a few seconds), but stops completely whenever I disconnect. This (and the fact that Avast terminates my connection to whatever page I was trying to load) is the only real 'symptom' I've been experiencing. The first time I did a full scan with Avast, it brought up a win32 malware-gen. I clicked 'repair', and Avast's scans since then only bring up decompression bombs from a directory with some of my installation files, but won't let me do anything to them. I also ran a boot-time scan with Avast, which came up with one thing (I don't remember exactly what it was, and didn't make a note D: ), which I deleted and did not show in the next boot-time scan. MalwareBytes comes up clean, TrendMicro Anti Threat generally comes up clean, but found ~3 things the other day and claimed to fix them. Spybot also shows clean.

Other 'symptoms' include an error from Microsoft Visual C++ Runtime Library that appears at startup (an application in "C:\Progr..." has "requested that Runtime terminate it in an unusal way"), and the fact that the logitech product registration process is mysteriously crashing at startup. The computer also seems to be generally slower, but not by much.

OTL.txt is attached! I hope this turns out to be a relatively quick fix, seeing as no major problems have shown up yet.

Thanks again for your time,
Umbe

OTL logfile created on: 08/10/2012 11:21:18 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Umberto\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.99 Gb Total Physical Memory | 4.22 Gb Available Physical Memory | 70.45% Memory free
11.98 Gb Paging File | 10.04 Gb Available in Paging File | 83.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70.10 Gb Total Space | 15.75 Gb Free Space | 22.47% Space Free | Partition Type: NTFS
Drive D: | 69.54 Gb Total Space | 36.58 Gb Free Space | 52.61% Space Free | Partition Type: NTFS
Drive H: | 149.05 Gb Total Space | 30.14 Gb Free Space | 20.22% Space Free | Partition Type: NTFS

Computer Name: LORDTINO | User Name: Umberto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/08 10:09:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Umberto\Downloads\OTL.com
PRC - [2012/10/04 17:01:27 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/08/28 05:32:54 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/08/21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/24 12:29:58 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012/02/23 21:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/23 21:22:24 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
PRC - [2011/03/16 01:59:32 | 000,312,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2010/08/23 17:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2010/05/06 03:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2010/05/06 03:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009/02/23 19:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/25 10:42:58 | 000,460,312 | ---- | M] () -- C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012/09/25 10:42:55 | 004,005,912 | ---- | M] () -- C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012/09/25 10:41:39 | 000,578,072 | ---- | M] () -- C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012/09/25 10:41:38 | 000,123,416 | ---- | M] () -- C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012/09/25 10:41:27 | 000,156,712 | ---- | M] () -- C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012/09/25 10:41:26 | 000,275,496 | ---- | M] () -- C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012/09/25 10:41:24 | 002,168,360 | ---- | M] () -- C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2011/09/27 15:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 15:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/05/06 03:56:46 | 000,002,560 | ---- | M] () -- C:\Windows\SysWOW64\CtxfiRes.dll
MOD - [2009/03/26 22:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/09/27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/15 11:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/17 00:40:09 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/10/16 21:15:08 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/03/16 19:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/02/19 21:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/23 19:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Spybot\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 10:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 10:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 10:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 10:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 10:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 10:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/04/13 23:55:24 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 20:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/24 08:37:06 | 000,034,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV:64bit: - [2011/09/02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 07:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 07:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/07/01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/05/06 05:30:52 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010/05/06 05:30:42 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/05/06 05:30:34 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/05/06 05:30:26 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/05/06 05:30:18 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/05/06 05:30:10 | 000,684,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2010/05/06 05:30:02 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/05/06 05:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010/05/06 05:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010/05/06 05:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010/05/06 05:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010/05/06 05:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010/05/06 05:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 21:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE D6 9D E4 5B 34 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{47248E3B-14D4-4A7E-B3A5-85A44B552436}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\..\SearchScopes\{B80B1E17-D8AB-49BF-B337-2168E1C76FAA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = about:blank


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012/10/07 02:02:26 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Umberto\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Logitech Device Detection (Enabled) = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\npLogitechDeviceDetection.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Google Translate = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Cloudy Calculator = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgimceffoceigocablmjdpebeodphgc\6.0.5_0\
CHR - Extension: Google Drive = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.3.0_0\
CHR - Extension: Timer = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd\1.8.0.0_0\
CHR - Extension: Logitech Device Detection = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\
CHR - Extension: Logitech Flow Scroll = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0\
CHR - Extension: Mailto: = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppbppehiogfokmpligejhaepeopajdf\1.23.4_0\
CHR - Extension: NPR Infinite Player = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf\2.1_0\
CHR - Extension: avast! WebRep = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Wolfram|Alpha (Official) = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikmmbnkodelanopcbphjfnnlajjpjpno\1.0.1_0\
CHR - Extension: Google Maps = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Google Mail Checker = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Greyscale = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm\1.0_0\
CHR - Extension: Gmail = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: iReader = C:\Users\Umberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppelffpjgkifjfgnbaaldcehkpajlmbc\1.3.0.3_0\

O1 HOSTS File: ([2011/04/25 06:58:29 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {652853ad-5592-4231-88c6-706613a52e61} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {652853ad-5592-4231-88c6-706613a52e61} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\Umberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.234.4.13 129.234.4.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{454430E9-B63E-4D64-80AE-D12B20BC51EA}: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F70738C8-CD0A-4900-9963-C615323FD871}: DhcpNameServer = 129.234.4.13 129.234.4.9
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a25bce13-fc24-11e0-b689-001fbc0192fd}\Shell - "" = AutoRun
O33 - MountPoints2\{a25bce13-fc24-11e0-b689-001fbc0192fd}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/08 10:50:43 | 000,167,696 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2012/10/08 09:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus
[2012/10/08 09:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot
[2012/10/08 09:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/10/07 20:13:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/10/07 20:11:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/07 20:11:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/10/07 20:11:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/07 20:11:35 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/10/07 18:10:03 | 000,000,000 | ---D | C] -- C:\Users\Umberto\AppData\Roaming\Malwarebytes
[2012/10/07 18:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/07 18:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/10/07 18:09:55 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/07 18:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/07 16:44:44 | 000,000,000 | ---D | C] -- C:\Users\Umberto\Desktop\Virus
[2012/10/07 01:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/10/06 23:15:28 | 000,000,000 | ---D | C] -- C:\Users\Umberto\AppData\Local\Logishrd
[2012/10/06 23:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/10/06 15:53:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTD Toolbar
[2012/01/20 05:48:59 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Umberto\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2012/10/08 11:18:00 | 000,018,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/08 11:18:00 | 000,018,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/08 11:17:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/10/08 11:14:41 | 001,635,192 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/08 11:14:41 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/08 11:14:41 | 000,379,230 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2012/10/08 11:14:41 | 000,363,260 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2012/10/08 11:14:41 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/08 11:14:41 | 000,101,356 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2012/10/08 11:14:41 | 000,096,442 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2012/10/08 11:13:21 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3657994211-3226139569-2225959304-1001UA.job
[2012/10/08 11:10:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/08 11:09:53 | 529,932,287 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/08 10:53:46 | 000,167,696 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2012/10/08 10:48:38 | 000,129,024 | ---- | M] () -- C:\Windows\RegBootClean64.exe
[2012/10/08 09:57:19 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/10/08 09:55:00 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/07 19:54:15 | 000,062,476 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{0000000A-00000000-00000000-00001102-00000005-00311102}.rfx
[2012/10/07 19:54:15 | 000,062,476 | ---- | M] () -- C:\Windows\SysNative\BMXState-{0000000A-00000000-00000000-00001102-00000005-00311102}.rfx
[2012/10/07 19:54:15 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{0000000A-00000000-00000000-00001102-00000005-00311102}.rfx
[2012/10/07 18:15:06 | 000,000,036 | ---- | M] () -- C:\Users\Umberto\AppData\Local\housecall.guid.cache
[2012/10/07 09:52:04 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3657994211-3226139569-2225959304-1001Core.job
[2012/10/07 07:10:54 | 004,971,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/06 23:46:00 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm
[2012/10/06 23:46:00 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm
[2012/10/06 23:40:21 | 000,000,384 | ---- | M] () -- C:\Users\Umberto\Desktop\Uni Internet Port.lnk
[2012/10/06 23:15:35 | 000,001,358 | ---- | M] () -- C:\Users\Umberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk

========== Files Created - No Company Name ==========

[2012/10/08 09:57:19 | 000,002,243 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/10/08 09:55:00 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/07 19:42:50 | 000,129,024 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2012/10/07 18:15:06 | 000,000,036 | ---- | C] () -- C:\Users\Umberto\AppData\Local\housecall.guid.cache
[2012/10/06 23:46:00 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settingsbkup.sfm
[2012/10/06 23:46:00 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settings.sfm
[2012/10/06 23:40:21 | 000,000,384 | ---- | C] () -- C:\Users\Umberto\Desktop\Uni Internet Port.lnk
[2012/10/06 23:15:35 | 000,001,358 | ---- | C] () -- C:\Users\Umberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2012/03/20 03:52:10 | 000,164,864 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012/03/17 07:11:27 | 000,057,344 | ---- | C] () -- C:\Windows\ssui.exe
[2012/03/17 07:06:32 | 000,114,688 | ---- | C] () -- C:\Windows\PKCREGD.EXE
[2012/02/21 19:36:10 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/01/28 00:51:16 | 000,000,132 | ---- | C] () -- C:\Users\Umberto\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/01/20 05:48:59 | 000,099,384 | ---- | C] () -- C:\Users\Umberto\AppData\Roaming\inst.exe
[2012/01/20 05:48:59 | 000,007,859 | ---- | C] () -- C:\Users\Umberto\AppData\Roaming\pcouffin.cat
[2012/01/20 05:48:59 | 000,001,167 | ---- | C] () -- C:\Users\Umberto\AppData\Roaming\pcouffin.inf
[2012/01/20 05:27:59 | 000,001,189 | ---- | C] () -- C:\Users\Umberto\AppData\Roaming\vso_ts_preview.xml
[2012/01/17 05:02:29 | 000,188,928 | ---- | C] () -- C:\Windows\usbitcmd.exe
[2012/01/17 05:02:29 | 000,165,376 | ---- | C] () -- C:\Windows\usbit32.dll
[2012/01/17 05:02:29 | 000,011,776 | ---- | C] () -- C:\Windows\USB Image Tool Helper.dll
[2011/12/25 17:42:19 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011/12/22 19:41:18 | 000,000,070 | ---- | C] () -- C:\Windows\sbwin.ini
[2011/10/23 21:55:58 | 000,000,275 | ---- | C] () -- C:\Users\Umberto\AppData\Local\HamsterVideoConverterSettings.cfg
[2011/10/16 21:18:24 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/10/16 21:18:24 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/10/16 21:17:30 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2011/10/16 19:15:41 | 000,007,628 | ---- | C] () -- C:\Users\Umberto\AppData\Local\Resmon.ResmonCfg
[2011/08/03 11:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/10/23 20:50:20 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\AnvSoft
[2012/04/14 00:26:20 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Ashampoo
[2011/10/20 02:25:52 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Auslogics
[2012/10/07 16:48:33 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Azureus
[2012/05/21 19:44:27 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Canon
[2011/10/19 01:25:41 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/04/12 02:35:18 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\DAEMON Tools Lite
[2012/04/28 01:46:09 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\DVDVideoSoft
[2012/05/05 02:03:06 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Easy Macro Recorder
[2011/12/25 17:47:11 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\FreeBurner
[2011/10/21 20:23:10 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\ImgBurn
[2011/10/16 21:27:18 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Leadertech
[2012/01/11 02:41:00 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Mael
[2012/03/27 06:00:11 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Mount&Blade Warband
[2012/10/07 19:31:57 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Software Informer
[2012/02/03 20:03:23 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/04/12 04:56:05 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\SuperUtils.com
[2012/01/19 01:41:01 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\The Creative Assembly
[2012/01/31 03:16:28 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\UA_HiRISE
[2012/01/20 05:49:00 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Vso
[2012/02/01 03:44:01 | 000,000,000 | ---D | M] -- C:\Users\Umberto\AppData\Roaming\Xilisoft

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:07BF512B

< End of report >

Attached Files

  • Attached File  OTL.Txt   86.23KB   87 downloads

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, does this happen with all browsers or just Chrome ?

I see you have run combofix, could you post the log

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#3
Umbe

Umbe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
I didn't actually run combofix. I was in safe mode, and I started to run it, and a warning came up about the fact that avast was running. Since I was unable to close Avast in safe mode (the program just wouldn't run), I shut the computer down instead of pressing ok, 'abort' not being an option. If you want me to run it, please explain how I ought to do it.

I tried opening up explorer, and, though it took a while, Avast did give one 'malicious url' warning when I opened up an article on NPR. less immediate and not as rapid fire as chrome, but still there.

on TDSSKiller, there were a few more options on the 'change parameters' screen. under 'Objects to scan' there were four boxes, I ticked all of them: System Memory, Services and drivers, boot sectors, loaded modules.

Here's the report:

15:44:12.0224 3796 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:44:12.0396 3796 ============================================================
15:44:12.0396 3796 Current date / time: 2012/10/08 15:44:12.0396
15:44:12.0396 3796 SystemInfo:
15:44:12.0396 3796
15:44:12.0396 3796 OS Version: 6.1.7601 ServicePack: 1.0
15:44:12.0396 3796 Product type: Workstation
15:44:12.0396 3796 ComputerName: LORDTINO
15:44:12.0396 3796 UserName: Umberto
15:44:12.0396 3796 Windows directory: C:\Windows
15:44:12.0396 3796 System windows directory: C:\Windows
15:44:12.0396 3796 Running under WOW64
15:44:12.0396 3796 Processor architecture: Intel x64
15:44:12.0396 3796 Number of processors: 8
15:44:12.0396 3796 Page size: 0x1000
15:44:12.0396 3796 Boot type: Normal boot
15:44:12.0396 3796 ============================================================
15:44:25.0625 3796 BG loaded
15:44:25.0908 3796 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:44:25.0908 3796 Drive \Device\Harddisk1\DR1 - Size: 0x22EF13E000 (139.74 Gb), SectorSize: 0x200, Cylinders: 0x4BB5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:44:25.0923 3796 ============================================================
15:44:25.0923 3796 \Device\Harddisk0\DR0:
15:44:25.0923 3796 MBR partitions:
15:44:25.0923 3796 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
15:44:25.0923 3796 \Device\Harddisk1\DR1:
15:44:25.0923 3796 MBR partitions:
15:44:25.0923 3796 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:44:25.0923 3796 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8C32000
15:44:25.0923 3796 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x8C64800, BlocksNum 0x8B13800
15:44:25.0923 3796 ============================================================
15:44:26.0001 3796 C: <-> \Device\Harddisk1\DR1\Partition2
15:44:26.0048 3796 D: <-> \Device\Harddisk1\DR1\Partition3
15:44:26.0064 3796 H: <-> \Device\Harddisk0\DR0\Partition1
15:44:26.0064 3796 ============================================================
15:44:26.0064 3796 Initialize success
15:44:26.0064 3796 ============================================================
15:44:32.0868 4508 ============================================================
15:44:32.0868 4508 Scan started
15:44:32.0868 4508 Mode: Manual; SigCheck; TDLFS;
15:44:32.0868 4508 ============================================================
15:44:33.0430 4508 ================ Scan system memory ========================
15:44:33.0430 4508 System memory - ok
15:44:33.0430 4508 ================ Scan services =============================
15:44:33.0524 4508 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:44:33.0571 4508 1394ohci - ok
15:44:33.0586 4508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:44:33.0602 4508 ACPI - ok
15:44:33.0618 4508 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:44:33.0649 4508 AcpiPmi - ok
15:44:33.0665 4508 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:44:33.0680 4508 adp94xx - ok
15:44:33.0696 4508 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:44:33.0711 4508 adpahci - ok
15:44:33.0711 4508 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:44:33.0727 4508 adpu320 - ok
15:44:33.0758 4508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:44:33.0790 4508 AeLookupSvc - ok
15:44:33.0805 4508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:44:33.0836 4508 AFD - ok
15:44:33.0852 4508 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:44:33.0868 4508 agp440 - ok
15:44:33.0868 4508 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:44:33.0883 4508 ALG - ok
15:44:33.0899 4508 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:44:33.0915 4508 aliide - ok
15:44:33.0915 4508 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:44:33.0930 4508 amdide - ok
15:44:33.0930 4508 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:44:33.0961 4508 AmdK8 - ok
15:44:33.0961 4508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:44:33.0977 4508 AmdPPM - ok
15:44:33.0993 4508 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:44:34.0008 4508 amdsata - ok
15:44:34.0024 4508 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:44:34.0040 4508 amdsbs - ok
15:44:34.0055 4508 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:44:34.0071 4508 amdxata - ok
15:44:34.0086 4508 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:44:34.0133 4508 AppID - ok
15:44:34.0133 4508 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:44:34.0165 4508 AppIDSvc - ok
15:44:34.0196 4508 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:44:34.0227 4508 Appinfo - ok
15:44:34.0305 4508 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:44:34.0305 4508 Apple Mobile Device - ok
15:44:34.0336 4508 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:44:34.0352 4508 AppMgmt - ok
15:44:34.0368 4508 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:44:34.0383 4508 arc - ok
15:44:34.0383 4508 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:44:34.0399 4508 arcsas - ok
15:44:34.0415 4508 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:44:34.0415 4508 aswFsBlk - ok
15:44:34.0430 4508 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:44:34.0446 4508 aswMonFlt - ok
15:44:34.0461 4508 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:44:34.0461 4508 aswRdr - ok
15:44:34.0477 4508 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:44:34.0493 4508 aswSnx - ok
15:44:34.0508 4508 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:44:34.0524 4508 aswSP - ok
15:44:34.0524 4508 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:44:34.0540 4508 aswTdi - ok
15:44:34.0555 4508 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:44:34.0586 4508 AsyncMac - ok
15:44:34.0602 4508 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:44:34.0618 4508 atapi - ok
15:44:34.0633 4508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:44:34.0680 4508 AudioEndpointBuilder - ok
15:44:34.0680 4508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:44:34.0711 4508 AudioSrv - ok
15:44:34.0743 4508 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:44:34.0758 4508 avast! Antivirus - ok
15:44:34.0790 4508 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:44:34.0805 4508 AxInstSV - ok
15:44:34.0836 4508 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:44:34.0852 4508 b06bdrv - ok
15:44:34.0868 4508 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:44:34.0899 4508 b57nd60a - ok
15:44:34.0930 4508 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:44:34.0946 4508 BDESVC - ok
15:44:34.0961 4508 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:44:34.0993 4508 Beep - ok
15:44:35.0040 4508 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:44:35.0071 4508 BFE - ok
15:44:35.0102 4508 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:44:35.0133 4508 BITS - ok
15:44:35.0149 4508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:44:35.0165 4508 blbdrive - ok
15:44:35.0196 4508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:44:35.0211 4508 Bonjour Service - ok
15:44:35.0227 4508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:44:35.0243 4508 bowser - ok
15:44:35.0243 4508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:44:35.0258 4508 BrFiltLo - ok
15:44:35.0274 4508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:44:35.0274 4508 BrFiltUp - ok
15:44:35.0305 4508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:44:35.0305 4508 Browser - ok
15:44:35.0321 4508 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:44:35.0352 4508 Brserid - ok
15:44:35.0352 4508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:44:35.0368 4508 BrSerWdm - ok
15:44:35.0383 4508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:44:35.0415 4508 BrUsbMdm - ok
15:44:35.0415 4508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:44:35.0430 4508 BrUsbSer - ok
15:44:35.0446 4508 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:44:35.0461 4508 BTHMODEM - ok
15:44:35.0477 4508 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:44:35.0508 4508 bthserv - ok
15:44:35.0540 4508 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:44:35.0571 4508 cdfs - ok
15:44:35.0602 4508 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:44:35.0602 4508 cdrom - ok
15:44:35.0633 4508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:44:35.0665 4508 CertPropSvc - ok
15:44:35.0680 4508 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:44:35.0696 4508 circlass - ok
15:44:35.0711 4508 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:44:35.0727 4508 CLFS - ok
15:44:35.0758 4508 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:44:35.0774 4508 clr_optimization_v2.0.50727_32 - ok
15:44:35.0790 4508 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:44:35.0805 4508 clr_optimization_v2.0.50727_64 - ok
15:44:35.0821 4508 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:44:35.0836 4508 CmBatt - ok
15:44:35.0836 4508 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:44:35.0852 4508 cmdide - ok
15:44:35.0868 4508 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:44:35.0883 4508 CNG - ok
15:44:35.0899 4508 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:44:35.0915 4508 Compbatt - ok
15:44:35.0946 4508 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:44:35.0993 4508 CompositeBus - ok
15:44:36.0008 4508 COMSysApp - ok
15:44:36.0040 4508 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:44:36.0040 4508 crcdisk - ok
15:44:36.0055 4508 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
15:44:36.0071 4508 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
15:44:36.0071 4508 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
15:44:36.0086 4508 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:44:36.0102 4508 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
15:44:36.0102 4508 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
15:44:36.0133 4508 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:44:36.0149 4508 CryptSvc - ok
15:44:36.0180 4508 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:44:36.0211 4508 CSC - ok
15:44:36.0227 4508 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:44:36.0258 4508 CscService - ok
15:44:36.0290 4508 [ 229E3B8F266ABDAFD54E4A372B9D5DDC ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
15:44:36.0290 4508 CT20XUT - ok
15:44:36.0290 4508 [ 229E3B8F266ABDAFD54E4A372B9D5DDC ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
15:44:36.0305 4508 CT20XUT.SYS - ok
15:44:36.0336 4508 [ EB3843A91A10150C9E05607CBCB44090 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
15:44:36.0336 4508 ctac32k - ok
15:44:36.0352 4508 [ BC06EFB59A2316537765462DFE40F764 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
15:44:36.0368 4508 ctaud2k - ok
15:44:36.0399 4508 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:44:36.0415 4508 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
15:44:36.0415 4508 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
15:44:36.0446 4508 [ 63B2B6CE9D3EF182981FB64BD5433DA4 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
15:44:36.0461 4508 CTEXFIFX - ok
15:44:36.0493 4508 [ 63B2B6CE9D3EF182981FB64BD5433DA4 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
15:44:36.0508 4508 CTEXFIFX.SYS - ok
15:44:36.0524 4508 [ 6D115CC80873B85FD80DDA1C41F75A2C ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
15:44:36.0524 4508 CTHWIUT - ok
15:44:36.0524 4508 [ 6D115CC80873B85FD80DDA1C41F75A2C ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
15:44:36.0540 4508 CTHWIUT.SYS - ok
15:44:36.0540 4508 [ EBC9548EF5838CB5AA8F18B3AC28AF12 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
15:44:36.0555 4508 ctprxy2k - ok
15:44:36.0555 4508 [ 459BEE1682121842285C162E2D98D81A ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
15:44:36.0555 4508 ctsfm2k - ok
15:44:36.0586 4508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:44:36.0633 4508 DcomLaunch - ok
15:44:36.0665 4508 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:44:36.0696 4508 defragsvc - ok
15:44:36.0711 4508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:44:36.0758 4508 DfsC - ok
15:44:36.0774 4508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:44:36.0821 4508 Dhcp - ok
15:44:36.0836 4508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:44:36.0868 4508 discache - ok
15:44:36.0883 4508 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:44:36.0899 4508 Disk - ok
15:44:36.0915 4508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:44:36.0930 4508 Dnscache - ok
15:44:36.0946 4508 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:44:36.0993 4508 dot3svc - ok
15:44:37.0008 4508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:44:37.0040 4508 DPS - ok
15:44:37.0071 4508 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:44:37.0086 4508 drmkaud - ok
15:44:37.0118 4508 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:44:37.0118 4508 dtsoftbus01 - ok
15:44:37.0149 4508 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:44:37.0165 4508 DXGKrnl - ok
15:44:37.0180 4508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:44:37.0211 4508 EapHost - ok
15:44:37.0258 4508 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:44:37.0352 4508 ebdrv - ok
15:44:37.0383 4508 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:44:37.0399 4508 EFS - ok
15:44:37.0430 4508 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:44:37.0446 4508 ehRecvr - ok
15:44:37.0461 4508 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:44:37.0477 4508 ehSched - ok
15:44:37.0508 4508 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:44:37.0524 4508 elxstor - ok
15:44:37.0540 4508 [ C26133B6165928FBD156C6FE570F9ED2 ] emupia C:\Windows\system32\drivers\emupia2k.sys
15:44:37.0540 4508 emupia - ok
15:44:37.0555 4508 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:44:37.0571 4508 ErrDev - ok
15:44:37.0602 4508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:44:37.0633 4508 EventSystem - ok
15:44:37.0633 4508 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:44:37.0665 4508 exfat - ok
15:44:37.0680 4508 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:44:37.0711 4508 fastfat - ok
15:44:37.0743 4508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:44:37.0774 4508 Fax - ok
15:44:37.0774 4508 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:44:37.0805 4508 fdc - ok
15:44:37.0821 4508 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:44:37.0852 4508 fdPHost - ok
15:44:37.0868 4508 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:44:37.0899 4508 FDResPub - ok
15:44:37.0899 4508 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:44:37.0915 4508 FileInfo - ok
15:44:37.0930 4508 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:44:37.0961 4508 Filetrace - ok
15:44:37.0961 4508 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:44:37.0977 4508 flpydisk - ok
15:44:37.0993 4508 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:44:38.0008 4508 FltMgr - ok
15:44:38.0040 4508 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:44:38.0071 4508 FontCache - ok
15:44:38.0102 4508 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:44:38.0102 4508 FontCache3.0.0.0 - ok
15:44:38.0133 4508 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:44:38.0149 4508 FsDepends - ok
15:44:38.0165 4508 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:44:38.0180 4508 Fs_Rec - ok
15:44:38.0196 4508 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:44:38.0211 4508 fvevol - ok
15:44:38.0227 4508 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:44:38.0227 4508 gagp30kx - ok
15:44:38.0258 4508 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:44:38.0258 4508 GEARAspiWDM - ok
15:44:38.0274 4508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:44:38.0321 4508 gpsvc - ok
15:44:38.0336 4508 [ A3F010D5DBFB589A3B3288C05C2EA3F9 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
15:44:38.0368 4508 ha20x2k - ok
15:44:38.0383 4508 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:44:38.0399 4508 hcw85cir - ok
15:44:38.0415 4508 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:44:38.0430 4508 HdAudAddService - ok
15:44:38.0461 4508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:44:38.0477 4508 HDAudBus - ok
15:44:38.0493 4508 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:44:38.0493 4508 HidBatt - ok
15:44:38.0508 4508 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:44:38.0524 4508 HidBth - ok
15:44:38.0540 4508 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:44:38.0555 4508 HidIr - ok
15:44:38.0571 4508 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:44:38.0602 4508 hidserv - ok
15:44:38.0633 4508 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:44:38.0649 4508 HidUsb - ok
15:44:38.0665 4508 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:44:38.0696 4508 hkmsvc - ok
15:44:38.0711 4508 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:44:38.0727 4508 HomeGroupListener - ok
15:44:38.0743 4508 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:44:38.0758 4508 HomeGroupProvider - ok
15:44:38.0774 4508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:44:38.0774 4508 HpSAMD - ok
15:44:38.0805 4508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:44:38.0852 4508 HTTP - ok
15:44:38.0868 4508 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:44:38.0883 4508 hwpolicy - ok
15:44:38.0899 4508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:44:38.0915 4508 i8042prt - ok
15:44:38.0930 4508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:44:38.0946 4508 iaStorV - ok
15:44:38.0977 4508 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:44:39.0008 4508 idsvc - ok
15:44:39.0024 4508 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:44:39.0040 4508 iirsp - ok
15:44:39.0055 4508 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:44:39.0086 4508 IKEEXT - ok
15:44:39.0102 4508 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:44:39.0118 4508 intelide - ok
15:44:39.0118 4508 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:44:39.0133 4508 intelppm - ok
15:44:39.0149 4508 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:44:39.0180 4508 IPBusEnum - ok
15:44:39.0196 4508 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:44:39.0227 4508 IpFilterDriver - ok
15:44:39.0258 4508 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:44:39.0290 4508 iphlpsvc - ok
15:44:39.0305 4508 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:44:39.0336 4508 IPMIDRV - ok
15:44:39.0336 4508 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:44:39.0383 4508 IPNAT - ok
15:44:39.0430 4508 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:44:39.0446 4508 iPod Service - ok
15:44:39.0461 4508 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:44:39.0477 4508 IRENUM - ok
15:44:39.0477 4508 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:44:39.0493 4508 isapnp - ok
15:44:39.0508 4508 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:44:39.0524 4508 iScsiPrt - ok
15:44:39.0540 4508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:44:39.0555 4508 kbdclass - ok
15:44:39.0571 4508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:44:39.0571 4508 kbdhid - ok
15:44:39.0586 4508 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:44:39.0586 4508 KeyIso - ok
15:44:39.0602 4508 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:44:39.0618 4508 KSecDD - ok
15:44:39.0633 4508 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:44:39.0649 4508 KSecPkg - ok
15:44:39.0649 4508 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:44:39.0680 4508 ksthunk - ok
15:44:39.0711 4508 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:44:39.0743 4508 KtmRm - ok
15:44:39.0758 4508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:44:39.0790 4508 LanmanServer - ok
15:44:39.0805 4508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:44:39.0852 4508 LanmanWorkstation - ok
15:44:39.0899 4508 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:44:39.0915 4508 LBTServ - ok
15:44:39.0946 4508 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
15:44:39.0946 4508 LEqdUsb - ok
15:44:39.0961 4508 [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
15:44:39.0961 4508 LHidEqd - ok
15:44:39.0961 4508 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:44:39.0977 4508 LHidFilt - ok
15:44:39.0993 4508 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:44:40.0024 4508 lltdio - ok
15:44:40.0040 4508 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:44:40.0086 4508 lltdsvc - ok
15:44:40.0086 4508 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:44:40.0118 4508 lmhosts - ok
15:44:40.0118 4508 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:44:40.0133 4508 LMouFilt - ok
15:44:40.0149 4508 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:44:40.0165 4508 LSI_FC - ok
15:44:40.0180 4508 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:44:40.0180 4508 LSI_SAS - ok
15:44:40.0196 4508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:44:40.0196 4508 LSI_SAS2 - ok
15:44:40.0211 4508 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:44:40.0227 4508 LSI_SCSI - ok
15:44:40.0243 4508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:44:40.0274 4508 luafv - ok
15:44:40.0274 4508 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:44:40.0305 4508 Mcx2Svc - ok
15:44:40.0305 4508 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:44:40.0321 4508 megasas - ok
15:44:40.0336 4508 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:44:40.0352 4508 MegaSR - ok
15:44:40.0368 4508 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:44:40.0399 4508 MMCSS - ok
15:44:40.0415 4508 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:44:40.0446 4508 Modem - ok
15:44:40.0461 4508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:44:40.0477 4508 monitor - ok
15:44:40.0493 4508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:44:40.0508 4508 mouclass - ok
15:44:40.0508 4508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:44:40.0524 4508 mouhid - ok
15:44:40.0540 4508 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:44:40.0540 4508 mountmgr - ok
15:44:40.0571 4508 [ C2AB8358C992183C573A42102715618C ] MP4ConverterAudio C:\Windows\system32\drivers\MP4ConverterAudio.sys
15:44:40.0571 4508 MP4ConverterAudio - ok
15:44:40.0586 4508 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:44:40.0602 4508 mpio - ok
15:44:40.0618 4508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:44:40.0649 4508 mpsdrv - ok
15:44:40.0665 4508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:44:40.0696 4508 MpsSvc - ok
15:44:40.0711 4508 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:44:40.0743 4508 MRxDAV - ok
15:44:40.0758 4508 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:44:40.0774 4508 mrxsmb - ok
15:44:40.0774 4508 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:44:40.0805 4508 mrxsmb10 - ok
15:44:40.0821 4508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:44:40.0836 4508 mrxsmb20 - ok
15:44:40.0836 4508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:44:40.0852 4508 msahci - ok
15:44:40.0852 4508 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:44:40.0868 4508 msdsm - ok
15:44:40.0883 4508 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:44:40.0899 4508 MSDTC - ok
15:44:40.0915 4508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:44:40.0946 4508 Msfs - ok
15:44:40.0946 4508 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:44:40.0977 4508 mshidkmdf - ok
15:44:40.0993 4508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:44:40.0993 4508 msisadrv - ok
15:44:41.0008 4508 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:44:41.0055 4508 MSiSCSI - ok
15:44:41.0055 4508 msiserver - ok
15:44:41.0071 4508 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:44:41.0102 4508 MSKSSRV - ok
15:44:41.0102 4508 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:44:41.0133 4508 MSPCLOCK - ok
15:44:41.0149 4508 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:44:41.0180 4508 MSPQM - ok
15:44:41.0211 4508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:44:41.0227 4508 MsRPC - ok
15:44:41.0227 4508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:44:41.0243 4508 mssmbios - ok
15:44:41.0243 4508 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:44:41.0274 4508 MSTEE - ok
15:44:41.0290 4508 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:44:41.0305 4508 MTConfig - ok
15:44:41.0321 4508 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:44:41.0336 4508 Mup - ok
15:44:41.0352 4508 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:44:41.0399 4508 napagent - ok
15:44:41.0415 4508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:44:41.0430 4508 NativeWifiP - ok
15:44:41.0461 4508 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:44:41.0508 4508 NDIS - ok
15:44:41.0524 4508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:44:41.0555 4508 NdisCap - ok
15:44:41.0571 4508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:44:41.0602 4508 NdisTapi - ok
15:44:41.0618 4508 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:44:41.0649 4508 Ndisuio - ok
15:44:41.0665 4508 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:44:41.0696 4508 NdisWan - ok
15:44:41.0711 4508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:44:41.0743 4508 NDProxy - ok
15:44:41.0758 4508 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:44:41.0805 4508 NetBIOS - ok
15:44:41.0821 4508 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:44:41.0852 4508 NetBT - ok
15:44:41.0868 4508 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:44:41.0883 4508 Netlogon - ok
15:44:41.0930 4508 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:44:41.0977 4508 Netman - ok
15:44:41.0993 4508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:44:42.0024 4508 netprofm - ok
15:44:42.0040 4508 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:44:42.0055 4508 NetTcpPortSharing - ok
15:44:42.0071 4508 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:44:42.0086 4508 nfrd960 - ok
15:44:42.0133 4508 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:44:42.0165 4508 NlaSvc - ok
15:44:42.0196 4508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:44:42.0211 4508 Npfs - ok
15:44:42.0243 4508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:44:42.0290 4508 nsi - ok
15:44:42.0290 4508 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:44:42.0321 4508 nsiproxy - ok
15:44:42.0352 4508 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:44:42.0415 4508 Ntfs - ok
15:44:42.0415 4508 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:44:42.0446 4508 Null - ok
15:44:42.0649 4508 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:44:42.0790 4508 nvlddmkm - ok
15:44:42.0821 4508 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:44:42.0821 4508 nvraid - ok
15:44:42.0836 4508 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:44:42.0852 4508 nvstor - ok
15:44:42.0899 4508 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:44:42.0915 4508 nvsvc - ok
15:44:42.0946 4508 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:44:42.0977 4508 nvUpdatusService - ok
15:44:42.0993 4508 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:44:43.0008 4508 nv_agp - ok
15:44:43.0055 4508 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:44:43.0071 4508 odserv - ok
15:44:43.0086 4508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:44:43.0086 4508 ohci1394 - ok
15:44:43.0118 4508 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:44:43.0133 4508 ose - ok
15:44:43.0149 4508 [ 0E2DE427EBE106E7E5B52869D5C99F68 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
15:44:43.0149 4508 ossrv - ok
15:44:43.0165 4508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:44:43.0180 4508 p2pimsvc - ok
15:44:43.0196 4508 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:44:43.0211 4508 p2psvc - ok
15:44:43.0227 4508 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:44:43.0243 4508 Parport - ok
15:44:43.0258 4508 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:44:43.0274 4508 partmgr - ok
15:44:43.0274 4508 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:44:43.0305 4508 PcaSvc - ok
15:44:43.0305 4508 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:44:43.0321 4508 pci - ok
15:44:43.0336 4508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:44:43.0336 4508 pciide - ok
15:44:43.0352 4508 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:44:43.0368 4508 pcmcia - ok
15:44:43.0368 4508 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:44:43.0383 4508 pcw - ok
15:44:43.0399 4508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:44:43.0430 4508 PEAUTH - ok
15:44:43.0461 4508 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:44:43.0508 4508 PeerDistSvc - ok
15:44:43.0555 4508 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:44:43.0571 4508 PerfHost - ok
15:44:43.0602 4508 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:44:43.0680 4508 pla - ok
15:44:43.0696 4508 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:44:43.0727 4508 PlugPlay - ok
15:44:43.0727 4508 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:44:43.0758 4508 PNRPAutoReg - ok
15:44:43.0758 4508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:44:43.0774 4508 PNRPsvc - ok
15:44:43.0805 4508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:44:43.0836 4508 PolicyAgent - ok
15:44:43.0852 4508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:44:43.0883 4508 Power - ok
15:44:43.0915 4508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:44:43.0946 4508 PptpMiniport - ok
15:44:43.0961 4508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:44:43.0977 4508 Processor - ok
15:44:43.0993 4508 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
15:44:44.0024 4508 ProfSvc - ok
15:44:44.0040 4508 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:44:44.0040 4508 ProtectedStorage - ok
15:44:44.0071 4508 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:44:44.0102 4508 Psched - ok
15:44:44.0149 4508 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:44:44.0196 4508 ql2300 - ok
15:44:44.0211 4508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:44:44.0227 4508 ql40xx - ok
15:44:44.0227 4508 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:44:44.0258 4508 QWAVE - ok
15:44:44.0258 4508 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:44:44.0290 4508 QWAVEdrv - ok
15:44:44.0290 4508 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:44:44.0321 4508 RasAcd - ok
15:44:44.0336 4508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:44:44.0352 4508 RasAgileVpn - ok
15:44:44.0368 4508 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:44:44.0399 4508 RasAuto - ok
15:44:44.0415 4508 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:44:44.0446 4508 Rasl2tp - ok
15:44:44.0461 4508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:44:44.0493 4508 RasMan - ok
15:44:44.0508 4508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:44:44.0540 4508 RasPppoe - ok
15:44:44.0540 4508 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:44:44.0571 4508 RasSstp - ok
15:44:44.0586 4508 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:44:44.0618 4508 rdbss - ok
15:44:44.0633 4508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:44:44.0649 4508 rdpbus - ok
15:44:44.0665 4508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:44:44.0696 4508 RDPCDD - ok
15:44:44.0711 4508 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:44:44.0727 4508 RDPDR - ok
15:44:44.0743 4508 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:44:44.0774 4508 RDPENCDD - ok
15:44:44.0774 4508 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:44:44.0805 4508 RDPREFMP - ok
15:44:44.0836 4508 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:44:44.0883 4508 RdpVideoMiniport - ok
15:44:44.0915 4508 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:44:44.0946 4508 RDPWD - ok
15:44:44.0977 4508 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:44:44.0993 4508 rdyboost - ok
15:44:45.0008 4508 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:44:45.0043 4508 RemoteAccess - ok
15:44:45.0059 4508 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:44:45.0122 4508 RemoteRegistry - ok
15:44:45.0137 4508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:44:45.0184 4508 RpcEptMapper - ok
15:44:45.0215 4508 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:44:45.0247 4508 RpcLocator - ok
15:44:45.0278 4508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:44:45.0309 4508 RpcSs - ok
15:44:45.0340 4508 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:44:45.0356 4508 rspndr - ok
15:44:45.0387 4508 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:44:45.0387 4508 RTL8167 - ok
15:44:45.0418 4508 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:44:45.0450 4508 s3cap - ok
15:44:45.0450 4508 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:44:45.0465 4508 SamSs - ok
15:44:45.0481 4508 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:44:45.0497 4508 sbp2port - ok
15:44:45.0575 4508 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot\SDWinSec.exe
15:44:45.0590 4508 SBSDWSCService - ok
15:44:45.0606 4508 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:44:45.0637 4508 SCardSvr - ok
15:44:45.0653 4508 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:44:45.0684 4508 scfilter - ok
15:44:45.0731 4508 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:44:45.0778 4508 Schedule - ok
15:44:45.0793 4508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:44:45.0825 4508 SCPolicySvc - ok
15:44:45.0872 4508 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:44:45.0903 4508 SDRSVC - ok
15:44:45.0918 4508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:44:45.0950 4508 secdrv - ok
15:44:45.0965 4508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:44:45.0997 4508 seclogon - ok
15:44:46.0012 4508 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:44:46.0043 4508 SENS - ok
15:44:46.0060 4508 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:44:46.0060 4508 SensrSvc - ok
15:44:46.0076 4508 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:44:46.0091 4508 Serenum - ok
15:44:46.0107 4508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:44:46.0123 4508 Serial - ok
15:44:46.0138 4508 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:44:46.0154 4508 sermouse - ok
15:44:46.0185 4508 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:44:46.0216 4508 SessionEnv - ok
15:44:46.0232 4508 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:44:46.0248 4508 sffdisk - ok
15:44:46.0248 4508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:44:46.0263 4508 sffp_mmc - ok
15:44:46.0279 4508 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:44:46.0279 4508 sffp_sd - ok
15:44:46.0294 4508 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:44:46.0310 4508 sfloppy - ok
15:44:46.0341 4508 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:44:46.0373 4508 SharedAccess - ok
15:44:46.0388 4508 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:44:46.0435 4508 ShellHWDetection - ok
15:44:46.0435 4508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:44:46.0451 4508 SiSRaid2 - ok
15:44:46.0466 4508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:44:46.0482 4508 SiSRaid4 - ok
15:44:46.0498 4508 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:44:46.0529 4508 Smb - ok
15:44:46.0544 4508 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:44:46.0576 4508 SNMPTRAP - ok
15:44:46.0576 4508 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:44:46.0591 4508 spldr - ok
15:44:46.0607 4508 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
15:44:46.0638 4508 Spooler - ok
15:44:46.0810 4508 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:44:46.0873 4508 sppsvc - ok
15:44:46.0888 4508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:44:46.0919 4508 sppuinotify - ok
15:44:46.0935 4508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:44:46.0966 4508 srv - ok
15:44:46.0998 4508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:44:47.0013 4508 srv2 - ok
15:44:47.0029 4508 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:44:47.0044 4508 srvnet - ok
15:44:47.0060 4508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:44:47.0091 4508 SSDPSRV - ok
15:44:47.0107 4508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:44:47.0123 4508 SstpSvc - ok
15:44:47.0154 4508 Steam Client Service - ok
15:44:47.0169 4508 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:44:47.0169 4508 stexstor - ok
15:44:47.0201 4508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:44:47.0232 4508 stisvc - ok
15:44:47.0248 4508 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:44:47.0263 4508 storflt - ok
15:44:47.0263 4508 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:44:47.0279 4508 storvsc - ok
15:44:47.0279 4508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:44:47.0294 4508 swenum - ok
15:44:47.0341 4508 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:44:47.0357 4508 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:44:47.0357 4508 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:44:47.0388 4508 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:44:47.0435 4508 swprv - ok
15:44:47.0435 4508 Synth3dVsc - ok
15:44:47.0466 4508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:44:47.0498 4508 SysMain - ok
15:44:47.0513 4508 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:44:47.0529 4508 TabletInputService - ok
15:44:47.0544 4508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:44:47.0576 4508 TapiSrv - ok
15:44:47.0591 4508 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:44:47.0623 4508 TBS - ok
15:44:47.0669 4508 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:44:47.0716 4508 Tcpip - ok
15:44:47.0748 4508 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:44:47.0763 4508 TCPIP6 - ok
15:44:47.0794 4508 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:44:47.0826 4508 tcpipreg - ok
15:44:47.0841 4508 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:44:47.0857 4508 TDPIPE - ok
15:44:47.0873 4508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:44:47.0888 4508 TDTCP - ok
15:44:47.0919 4508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:44:47.0951 4508 tdx - ok
15:44:47.0966 4508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:44:47.0966 4508 TermDD - ok
15:44:47.0998 4508 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:44:48.0029 4508 TermService - ok
15:44:48.0044 4508 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:44:48.0060 4508 Themes - ok
15:44:48.0076 4508 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:44:48.0107 4508 THREADORDER - ok
15:44:48.0123 4508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:44:48.0154 4508 TrkWks - ok
15:44:48.0185 4508 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:44:48.0216 4508 TrustedInstaller - ok
15:44:48.0232 4508 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:44:48.0248 4508 tssecsrv - ok
15:44:48.0279 4508 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:44:48.0294 4508 TsUsbFlt - ok
15:44:48.0294 4508 tsusbhub - ok
15:44:48.0326 4508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:44:48.0357 4508 tunnel - ok
15:44:48.0373 4508 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:44:48.0373 4508 uagp35 - ok
15:44:48.0404 4508 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:44:48.0435 4508 udfs - ok
15:44:48.0435 4508 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:44:48.0466 4508 UI0Detect - ok
15:44:48.0466 4508 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:44:48.0482 4508 uliagpkx - ok
15:44:48.0513 4508 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:44:48.0513 4508 umbus - ok
15:44:48.0529 4508 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:44:48.0544 4508 UmPass - ok
15:44:48.0560 4508 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:44:48.0576 4508 UmRdpService - ok
15:44:48.0623 4508 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
15:44:48.0638 4508 UnlockerDriver5 - ok
15:44:48.0654 4508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:44:48.0685 4508 upnphost - ok
15:44:48.0701 4508 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:44:48.0732 4508 USBAAPL64 - ok
15:44:48.0748 4508 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:44:48.0763 4508 usbccgp - ok
15:44:48.0779 4508 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:44:48.0794 4508 usbcir - ok
15:44:48.0810 4508 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:44:48.0826 4508 usbehci - ok
15:44:48.0841 4508 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:44:48.0857 4508 usbhub - ok
15:44:48.0873 4508 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:44:48.0888 4508 usbohci - ok
15:44:48.0904 4508 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:44:48.0919 4508 usbprint - ok
15:44:48.0935 4508 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:44:48.0951 4508 USBSTOR - ok
15:44:48.0966 4508 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:44:48.0982 4508 usbuhci - ok
15:44:48.0998 4508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:44:49.0029 4508 UxSms - ok
15:44:49.0044 4508 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:44:49.0060 4508 VaultSvc - ok
15:44:49.0060 4508 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:44:49.0077 4508 vdrvroot - ok
15:44:49.0092 4508 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:44:49.0124 4508 vds - ok
15:44:49.0139 4508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:44:49.0155 4508 vga - ok
15:44:49.0155 4508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:44:49.0186 4508 VgaSave - ok
15:44:49.0186 4508 VGPU - ok
15:44:49.0202 4508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:44:49.0217 4508 vhdmp - ok
15:44:49.0233 4508 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:44:49.0233 4508 viaide - ok
15:44:49.0264 4508 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:44:49.0264 4508 vmbus - ok
15:44:49.0280 4508 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:44:49.0295 4508 VMBusHID - ok
15:44:49.0295 4508 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:44:49.0311 4508 volmgr - ok
15:44:49.0342 4508 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:44:49.0358 4508 volmgrx - ok
15:44:49.0374 4508 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:44:49.0389 4508 volsnap - ok
15:44:49.0405 4508 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:44:49.0405 4508 vsmraid - ok
15:44:49.0452 4508 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:44:49.0499 4508 VSS - ok
15:44:49.0514 4508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:44:49.0530 4508 vwifibus - ok
15:44:49.0545 4508 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:44:49.0592 4508 W32Time - ok
15:44:49.0592 4508 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:44:49.0608 4508 WacomPen - ok
15:44:49.0624 4508 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:44:49.0670 4508 WANARP - ok
15:44:49.0670 4508 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:44:49.0702 4508 Wanarpv6 - ok
15:44:49.0733 4508 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:44:49.0780 4508 WatAdminSvc - ok
15:44:49.0811 4508 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:44:49.0874 4508 wbengine - ok
15:44:49.0889 4508 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:44:49.0905 4508 WbioSrvc - ok
15:44:49.0920 4508 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:44:49.0952 4508 wcncsvc - ok
15:44:49.0952 4508 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:44:49.0967 4508 WcsPlugInService - ok
15:44:49.0983 4508 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:44:49.0999 4508 Wd - ok
15:44:50.0014 4508 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:44:50.0030 4508 Wdf01000 - ok
15:44:50.0045 4508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:44:50.0061 4508 WdiServiceHost - ok
15:44:50.0077 4508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:44:50.0077 4508 WdiSystemHost - ok
15:44:50.0108 4508 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:44:50.0139 4508 WebClient - ok
15:44:50.0155 4508 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:44:50.0186 4508 Wecsvc - ok
15:44:50.0202 4508 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:44:50.0233 4508 wercplsupport - ok
15:44:50.0249 4508 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:44:50.0280 4508 WerSvc - ok
15:44:50.0295 4508 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:44:50.0327 4508 WfpLwf - ok
15:44:50.0342 4508 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:44:50.0358 4508 WIMMount - ok
15:44:50.0374 4508 WinDefend - ok
15:44:50.0374 4508 WinHttpAutoProxySvc - ok
15:44:50.0405 4508 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:44:50.0420 4508 Winmgmt - ok
15:44:50.0483 4508 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:44:50.0545 4508 WinRM - ok
15:44:50.0577 4508 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:44:50.0577 4508 WinUsb - ok
15:44:50.0624 4508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:44:50.0655 4508 Wlansvc - ok
15:44:50.0686 4508 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:44:50.0686 4508 WmiAcpi - ok
15:44:50.0702 4508 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:44:50.0733 4508 wmiApSrv - ok
15:44:50.0749 4508 WMPNetworkSvc - ok
15:44:50.0749 4508 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:44:50.0764 4508 WPCSvc - ok
15:44:50.0780 4508 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:44:50.0795 4508 WPDBusEnum - ok
15:44:50.0827 4508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:44:50.0874 4508 ws2ifsl - ok
15:44:50.0889 4508 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:44:50.0905 4508 wscsvc - ok
15:44:50.0905 4508 WSearch - ok
15:44:50.0967 4508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:44:50.0999 4508 wuauserv - ok
15:44:51.0014 4508 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:44:51.0061 4508 WudfPf - ok
15:44:51.0077 4508 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:44:51.0108 4508 WUDFRd - ok
15:44:51.0124 4508 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:44:51.0155 4508 wudfsvc - ok
15:44:51.0217 4508 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:44:51.0249 4508 WwanSvc - ok
15:44:51.0264 4508 ================ Scan global ===============================
15:44:51.0280 4508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:44:51.0295 4508 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:44:51.0311 4508 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:44:51.0327 4508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:44:51.0342 4508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:44:51.0342 4508 [Global] - ok
15:44:51.0342 4508 ================ Scan MBR ==================================
15:44:51.0342 4508 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
15:44:51.0420 4508 \Device\Harddisk0\DR0 - ok
15:44:51.0436 4508 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:44:54.0139 4508 \Device\Harddisk1\DR1 - ok
15:44:54.0139 4508 ================ Scan VBR ==================================
15:44:54.0139 4508 [ 886B6B2D3758F0808A19B330578BE1C3 ] \Device\Harddisk0\DR0\Partition1
15:44:54.0139 4508 \Device\Harddisk0\DR0\Partition1 - ok
15:44:54.0155 4508 [ 33560FE281897E11DAE583C5247B39F2 ] \Device\Harddisk1\DR1\Partition1
15:44:54.0170 4508 \Device\Harddisk1\DR1\Partition1 - ok
15:44:54.0186 4508 [ 274BF57D374991DC407436DE61390EB4 ] \Device\Harddisk1\DR1\Partition2
15:44:54.0217 4508 \Device\Harddisk1\DR1\Partition2 - ok
15:44:54.0233 4508 [ CA632A07F7D71F7AA1B74A7A8503F924 ] \Device\Harddisk1\DR1\Partition3
15:44:54.0264 4508 \Device\Harddisk1\DR1\Partition3 - ok
15:44:54.0264 4508 ================ Scan active images ========================
15:44:54.0264 4508 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
15:44:54.0264 4508 C:\Windows\System32\drivers\atapi.sys - ok
15:44:54.0264 4508 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
15:44:54.0264 4508 C:\Windows\System32\drivers\crashdmp.sys - ok
15:44:54.0280 4508 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
15:44:54.0280 4508 C:\Windows\System32\drivers\Dumpata.sys - ok
15:44:54.0280 4508 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
15:44:54.0280 4508 C:\Windows\System32\drivers\dumpfve.sys - ok
15:44:54.0280 4508 [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys
15:44:54.0280 4508 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
15:44:54.0280 4508 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
15:44:54.0280 4508 C:\Windows\System32\drivers\cdrom.sys - ok
15:44:54.0280 4508 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] C:\Windows\System32\drivers\aswSnx.sys
15:44:54.0280 4508 C:\Windows\System32\drivers\aswSnx.sys - ok
15:44:54.0280 4508 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
15:44:54.0280 4508 C:\Windows\System32\drivers\beep.sys - ok
15:44:54.0280 4508 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
15:44:54.0280 4508 C:\Windows\System32\drivers\null.sys - ok
15:44:54.0295 4508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
15:44:54.0295 4508 C:\Windows\System32\drivers\RDPCDD.sys - ok
15:44:54.0295 4508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
15:44:54.0295 4508 C:\Windows\System32\drivers\vga.sys - ok
15:44:54.0295 4508 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
15:44:54.0295 4508 C:\Windows\System32\drivers\videoprt.sys - ok
15:44:54.0295 4508 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
15:44:54.0295 4508 C:\Windows\System32\drivers\watchdog.sys - ok
15:44:54.0295 4508 [ C3EC420451AC5300A22190AE38418FBA ] C:\Windows\System32\drivers\aswTdi.sys
15:44:54.0295 4508 C:\Windows\System32\drivers\aswTdi.sys - ok
15:44:54.0295 4508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
15:44:54.0295 4508 C:\Windows\System32\drivers\msfs.sys - ok
15:44:54.0311 4508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
15:44:54.0311 4508 C:\Windows\System32\drivers\npfs.sys - ok
15:44:54.0311 4508 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
15:44:54.0311 4508 C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:44:54.0311 4508 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
15:44:54.0311 4508 C:\Windows\System32\drivers\RDPREFMP.sys - ok
15:44:54.0311 4508 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
15:44:54.0311 4508 C:\Windows\System32\drivers\tdi.sys - ok
15:44:54.0311 4508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
15:44:54.0311 4508 C:\Windows\System32\drivers\tdx.sys - ok
15:44:54.0311 4508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
15:44:54.0311 4508 C:\Windows\System32\drivers\afd.sys - ok
15:44:54.0311 4508 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] C:\Windows\System32\drivers\aswRdr2.sys
15:44:54.0311 4508 C:\Windows\System32\drivers\aswRdr2.sys - ok
15:44:54.0327 4508 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
15:44:54.0327 4508 C:\Windows\System32\drivers\netbios.sys - ok
15:44:54.0327 4508 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
15:44:54.0327 4508 C:\Windows\System32\drivers\netbt.sys - ok
15:44:54.0327 4508 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
15:44:54.0327 4508 C:\Windows\System32\drivers\pacer.sys - ok
15:44:54.0327 4508 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
15:44:54.0327 4508 C:\Windows\System32\drivers\wanarp.sys - ok
15:44:54.0327 4508 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
15:44:54.0327 4508 C:\Windows\System32\drivers\wfplwf.sys - ok
15:44:54.0327 4508 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
15:44:54.0327 4508 C:\Windows\System32\drivers\csc.sys - ok
15:44:54.0327 4508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
15:44:54.0327 4508 C:\Windows\System32\drivers\dfsc.sys - ok
15:44:54.0342 4508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
15:44:54.0342 4508 C:\Windows\System32\drivers\discache.sys - ok
15:44:54.0342 4508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
15:44:54.0342 4508 C:\Windows\System32\drivers\mssmbios.sys - ok
15:44:54.0342 4508 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
15:44:54.0342 4508 C:\Windows\System32\drivers\nsiproxy.sys - ok
15:44:54.0342 4508 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
15:44:54.0342 4508 C:\Windows\System32\drivers\rdbss.sys - ok
15:44:54.0342 4508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
15:44:54.0342 4508 C:\Windows\System32\drivers\termdd.sys - ok
15:44:54.0342 4508 [ 9A49D80D65451AF22913AEF772CC3DA9 ] C:\Windows\System32\drivers\aswSP.sys
15:44:54.0342 4508 C:\Windows\System32\drivers\aswSP.sys - ok
15:44:54.0342 4508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
15:44:54.0342 4508 C:\Windows\System32\drivers\blbdrive.sys - ok
15:44:54.0358 4508 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
15:44:54.0358 4508 C:\Windows\System32\drivers\intelppm.sys - ok
15:44:54.0358 4508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
15:44:54.0358 4508 C:\Windows\System32\drivers\tunnel.sys - ok
15:44:54.0358 4508 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
15:44:54.0358 4508 C:\Windows\System32\smss.exe - ok
15:44:54.0358 4508 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
15:44:54.0358 4508 C:\Windows\System32\ntdll.dll - ok
15:44:54.0358 4508 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
15:44:54.0358 4508 C:\Windows\System32\autochk.exe - ok
15:44:54.0358 4508 [ BA0B4889C40380A01ECDF84C227A89C9 ] C:\Windows\System32\drivers\nvlddmkm.sys
15:44:54.0358 4508 C:\Windows\System32\drivers\nvlddmkm.sys - ok
15:44:54.0358 4508 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
15:44:54.0358 4508 C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:44:54.0374 4508 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
15:44:54.0374 4508 C:\Windows\System32\drivers\dxgmms1.sys - ok
15:44:54.0374 4508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
15:44:54.0374 4508 C:\Windows\System32\drivers\hdaudbus.sys - ok
15:44:54.0374 4508 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
15:44:54.0374 4508 C:\Windows\System32\drivers\usbehci.sys - ok
15:44:54.0374 4508 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
15:44:54.0374 4508 C:\Windows\System32\drivers\usbport.sys - ok
15:44:54.0374 4508 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
15:44:54.0374 4508 C:\Windows\System32\drivers\usbuhci.sys - ok
15:44:54.0374 4508 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
15:44:54.0374 4508 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
15:44:54.0374 4508 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
15:44:54.0374 4508 C:\Windows\System32\drivers\Rt64win7.sys - ok
15:44:54.0389 4508 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
15:44:54.0389 4508 C:\Windows\System32\drivers\drmk.sys - ok
15:44:54.0389 4508 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
15:44:54.0389 4508 C:\Windows\System32\drivers\ks.sys - ok
15:44:54.0389 4508 [ BC06EFB59A2316537765462DFE40F764 ] C:\Windows\System32\drivers\ctaud2k.sys
15:44:54.0389 4508 C:\Windows\System32\drivers\ctaud2k.sys - ok
15:44:54.0389 4508 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
15:44:54.0389 4508 C:\Windows\System32\drivers\portcls.sys - ok
15:44:54.0389 4508 [ 0E2DE427EBE106E7E5B52869D5C99F68 ] C:\Windows\System32\drivers\ctoss2k.sys
15:44:54.0389 4508 C:\Windows\System32\drivers\ctoss2k.sys - ok
15:44:54.0389 4508 [ EBC9548EF5838CB5AA8F18B3AC28AF12 ] C:\Windows\System32\drivers\ctprxy2k.sys
15:44:54.0389 4508 C:\Windows\System32\drivers\ctprxy2k.sys - ok
15:44:54.0389 4508 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
15:44:54.0389 4508 C:\Windows\System32\drivers\ksthunk.sys - ok
15:44:54.0405 4508 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
15:44:54.0405 4508 C:\Windows\System32\drivers\1394ohci.sys - ok
15:44:54.0405 4508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
15:44:54.0405 4508 C:\Windows\System32\drivers\i8042prt.sys - ok
15:44:54.0405 4508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
15:44:54.0405 4508 C:\Windows\System32\drivers\kbdclass.sys - ok
15:44:54.0405 4508 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
15:44:54.0405 4508 C:\Windows\System32\drivers\wmiacpi.sys - ok
15:44:54.0405 4508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
15:44:54.0405 4508 C:\Windows\System32\drivers\agilevpn.sys - ok
15:44:54.0405 4508 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
15:44:54.0405 4508 C:\Windows\System32\drivers\CompositeBus.sys - ok
15:44:54.0420 4508 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
15:44:54.0420 4508 C:\Windows\System32\drivers\rasl2tp.sys - ok
15:44:54.0420 4508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
15:44:54.0420 4508 C:\Windows\System32\drivers\ndistapi.sys - ok
15:44:54.0420 4508 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
15:44:54.0420 4508 C:\Windows\System32\drivers\ndiswan.sys - ok
15:44:54.0420 4508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
15:44:54.0420 4508 C:\Windows\System32\drivers\raspppoe.sys - ok
15:44:54.0420 4508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
15:44:54.0420 4508 C:\Windows\System32\drivers\raspptp.sys - ok
15:44:54.0420 4508 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
15:44:54.0420 4508 C:\Windows\System32\drivers\rassstp.sys - ok
15:44:54.0420 4508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
15:44:54.0420 4508 C:\Windows\System32\drivers\rdpbus.sys - ok
15:44:54.0436 4508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
15:44:54.0436 4508 C:\Windows\System32\drivers\mouclass.sys - ok
15:44:54.0436 4508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
15:44:54.0436 4508 C:\Windows\System32\drivers\swenum.sys - ok
15:44:54.0436 4508 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
15:44:54.0436 4508 C:\Windows\System32\drivers\umbus.sys - ok
15:44:54.0436 4508 [ 443D30EB805EEEE1E31C91ADCC82AB89 ] C:\Windows\System32\wininet.dll
15:44:54.0436 4508 C:\Windows\System32\wininet.dll - ok
15:44:54.0436 4508 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
15:44:54.0436 4508 C:\Windows\System32\rpcrt4.dll - ok
15:44:54.0436 4508 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
15:44:54.0436 4508 C:\Windows\System32\drivers\usbhub.sys - ok
15:44:54.0436 4508 [ 40DEAD3648F9673F41360CCFC4CB5100 ] C:\Windows\System32\iertutil.dll
15:44:54.0436 4508 C:\Windows\System32\iertutil.dll - ok
15:44:54.0452 4508 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
15:44:54.0452 4508 C:\Windows\System32\clbcatq.dll - ok
15:44:54.0452 4508 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
15:44:54.0452 4508 C:\Windows\System32\nsi.dll - ok
15:44:54.0452 4508 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
15:44:54.0452 4508 C:\Windows\System32\comdlg32.dll - ok
15:44:54.0452 4508 [ 29CC0EA60A67BCC6CDEB08544556AE55 ] C:\Windows\System32\urlmon.dll
15:44:54.0452 4508 C:\Windows\System32\urlmon.dll - ok
15:44:54.0452 4508 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
15:44:54.0452 4508 C:\Windows\System32\Wldap32.dll - ok
15:44:54.0452 4508 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
15:44:54.0452 4508 C:\Windows\System32\normaliz.dll - ok
15:44:54.0452 4508 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
15:44:54.0452 4508 C:\Windows\System32\advapi32.dll - ok
15:44:54.0467 4508 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
15:44:54.0467 4508 C:\Windows\System32\msvcrt.dll - ok
15:44:54.0467 4508 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
15:44:54.0467 4508 C:\Windows\System32\psapi.dll - ok
15:44:54.0467 4508 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
15:44:54.0467 4508 C:\Windows\System32\imm32.dll - ok
15:44:54.0467 4508 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
15:44:54.0467 4508 C:\Windows\System32\usp10.dll - ok
15:44:54.0467 4508 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
15:44:54.0467 4508 C:\Windows\System32\oleaut32.dll - ok
15:44:54.0467 4508 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
15:44:54.0467 4508 C:\Windows\System32\user32.dll - ok
15:44:54.0467 4508 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
15:44:54.0467 4508 C:\Windows\System32\ole32.dll - ok
15:44:54.0483 4508 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
15:44:54.0483 4508 C:\Windows\System32\shlwapi.dll - ok
15:44:54.0483 4508 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
15:44:54.0483 4508 C:\Windows\System32\setupapi.dll - ok
15:44:54.0483 4508 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
15:44:54.0483 4508 C:\Windows\System32\msctf.dll - ok
15:44:54.0483 4508 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
15:44:54.0483 4508 C:\Windows\System32\gdi32.dll - ok
15:44:54.0483 4508 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
15:44:54.0483 4508 C:\Windows\System32\imagehlp.dll - ok
15:44:54.0483 4508 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
15:44:54.0483 4508 C:\Windows\System32\lpk.dll - ok
15:44:54.0483 4508 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
15:44:54.0483 4508 C:\Windows\System32\sechost.dll - ok
15:44:54.0499 4508 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
15:44:54.0499 4508 C:\Windows\System32\kernel32.dll - ok
15:44:54.0499 4508 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
15:44:54.0499 4508 C:\Windows\System32\shell32.dll - ok
15:44:54.0499 4508 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
15:44:54.0499 4508 C:\Windows\System32\ws2_32.dll - ok
15:44:54.0499 4508 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
15:44:54.0499 4508 C:\Windows\System32\difxapi.dll - ok
15:44:54.0499 4508 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
15:44:54.0499 4508 C:\Windows\System32\devobj.dll - ok
15:44:54.0499 4508 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
15:44:54.0499 4508 C:\Windows\System32\crypt32.dll - ok
15:44:54.0499 4508 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
15:44:54.0499 4508 C:\Windows\System32\cfgmgr32.dll - ok
15:44:54.0514 4508 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
15:44:54.0514 4508 C:\Windows\System32\comctl32.dll - ok
15:44:54.0514 4508 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
15:44:54.0514 4508 C:\Windows\System32\KernelBase.dll - ok
15:44:54.0514 4508 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
15:44:54.0514 4508 C:\Windows\System32\wintrust.dll - ok
15:44:54.0514 4508 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
15:44:54.0514 4508 C:\Windows\System32\msasn1.dll - ok
15:44:54.0514 4508 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
15:44:54.0514 4508 C:\Windows\SysWOW64\normaliz.dll - ok
15:44:54.0514 4508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
15:44:54.0514 4508 C:\Windows\System32\drivers\ndproxy.sys - ok
15:44:54.0514 4508 [ A3F010D5DBFB589A3B3288C05C2EA3F9 ] C:\Windows\System32\drivers\ha20x2k.sys
15:44:54.0514 4508 C:\Windows\System32\drivers\ha20x2k.sys - ok
15:44:54.0530 4508 [ C26133B6165928FBD156C6FE570F9ED2 ] C:\Windows\System32\drivers\emupia2k.sys
15:44:54.0530 4508 C:\Windows\System32\drivers\emupia2k.sys - ok
15:44:54.0530 4508 [ EB3843A91A10150C9E05607CBCB44090 ] C:\Windows\System32\drivers\ctac32k.sys
15:44:54.0530 4508 C:\Windows\System32\drivers\ctac32k.sys - ok
15:44:54.0530 4508 [ 459BEE1682121842285C162E2D98D81A ] C:\Windows\System32\drivers\ctsfm2k.sys
15:44:54.0530 4508 C:\Windows\System32\drivers\ctsfm2k.sys - ok
15:44:54.0530 4508 [ 6D115CC80873B85FD80DDA1C41F75A2C ] C:\Windows\System32\drivers\CTHWIUT.sys
15:44:54.0530 4508 C:\Windows\System32\drivers\CTHWIUT.sys - ok
15:44:54.0530 4508 [ 229E3B8F266ABDAFD54E4A372B9D5DDC ] C:\Windows\System32\drivers\CT20XUT.sys
15:44:54.0530 4508 C:\Windows\System32\drivers\CT20XUT.sys - ok
15:44:54.0530 4508 [ 63B2B6CE9D3EF182981FB64BD5433DA4 ] C:\Windows\System32\drivers\CTEXFIFX.sys
15:44:54.0530 4508 C:\Windows\System32\drivers\CTEXFIFX.sys - ok
15:44:54.0530 4508 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
15:44:54.0530 4508 C:\Windows\System32\drivers\HdAudio.sys - ok
15:44:54.0545 4508 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
15:44:54.0545 4508 C:\Windows\System32\drivers\dxapi.sys - ok
15:44:54.0545 4508 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
15:44:54.0545 4508 C:\Windows\System32\win32k.sys - ok
15:44:54.0545 4508 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
15:44:54.0545 4508 C:\Windows\System32\csrsrv.dll - ok
15:44:54.0545 4508 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
15:44:54.0545 4508 C:\Windows\System32\csrss.exe - ok
15:44:54.0545 4508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
15:44:54.0545 4508 C:\Windows\System32\basesrv.dll - ok
15:44:54.0545 4508 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
15:44:54.0545 4508 C:\Windows\System32\winsrv.dll - ok
15:44:54.0545 4508 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
15:44:54.0545 4508 C:\Windows\System32\drivers\usbccgp.sys - ok
15:44:54.0561 4508 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
15:44:54.0561 4508 C:\Windows\System32\drivers\usbd.sys - ok
15:44:54.0561 4508 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
15:44:54.0561 4508 C:\Windows\System32\drivers\hidparse.sys - ok
15:44:54.0561 4508 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
15:44:54.0561 4508 C:\Windows\System32\drivers\hidclass.sys - ok
15:44:54.0561 4508 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
15:44:54.0561 4508 C:\Windows\System32\drivers\hidusb.sys - ok
15:44:54.0561 4508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
15:44:54.0561 4508 C:\Windows\System32\drivers\kbdhid.sys - ok
15:44:54.0561 4508 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] C:\Windows\System32\drivers\LEqdUsb.sys
15:44:54.0561 4508 C:\Windows\System32\drivers\LEqdUsb.sys - ok
15:44:54.0561 4508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
15:44:54.0561 4508 C:\Windows\System32\drivers\mouhid.sys - ok
15:44:54.0577 4508 [ 3267BC698E29474A8381E68904EB0390 ] C:\Windows\System32\drivers\LHidEqd.sys
15:44:54.0577 4508 C:\Windows\System32\drivers\LHidEqd.sys - ok
15:44:54.0577 4508 [ 241F2648ADF090E2A10095BD6D6F5DCB ] C:\Windows\System32\drivers\LHidFilt.Sys
15:44:54.0577 4508 C:\Windows\System32\drivers\LHidFilt.Sys - ok
15:44:54.0577 4508 [ 342ED5A4B3326014438F36D22D803737 ] C:\Windows\System32\drivers\LMouFilt.Sys
15:44:54.0577 4508 C:\Windows\System32\drivers\LMouFilt.Sys - ok
15:44:54.0577 4508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
15:44:54.0577 4508 C:\Windows\System32\drivers\monitor.sys - ok
15:44:54.0577 4508 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
15:44:54.0577 4508 C:\Windows\System32\tsddd.dll - ok
15:44:54.0577 4508 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
15:44:54.0577 4508 C:\Windows\System32\profapi.dll - ok
15:44:54.0577 4508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
15:44:54.0577 4508 C:\Windows\System32\sxssrv.dll - ok
15:44:54.0592 4508 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
15:44:54.0592 4508 C:\Windows\System32\wininit.exe - ok
15:44:54.0592 4508 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
15:44:54.0592 4508 C:\Windows\System32\cdd.dll - ok
15:44:54.0592 4508 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
15:44:54.0592 4508 C:\Windows\System32\KBDUS.DLL - ok
15:44:54.0592 4508 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
15:44:54.0592 4508 C:\Windows\System32\RpcRtRemote.dll - ok
15:44:54.0592 4508 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
15:44:54.0592 4508 C:\Windows\System32\WlS0WndH.dll - ok
15:44:54.0592 4508 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
15:44:54.0592 4508 C:\Windows\System32\sxs.dll - ok
15:44:54.0592 4508 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
15:44:54.0592 4508 C:\Windows\System32\cryptbase.dll - ok
15:44:54.0608 4508 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
15:44:54.0608 4508 C:\Windows\System32\apphelp.dll - ok
15:44:54.0608 4508 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
15:44:54.0608 4508 C:\Windows\System32\lsasrv.dll - ok
15:44:54.0608 4508 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
15:44:54.0608 4508 C:\Windows\System32\lsass.exe - ok
15:44:54.0608 4508 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
15:44:54.0608 4508 C:\Windows\System32\lsm.exe - ok
15:44:54.0608 4508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
15:44:54.0608 4508 C:\Windows\System32\services.exe - ok
15:44:54.0608 4508 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
15:44:54.0608 4508 C:\Windows\System32\sspicli.dll - ok
15:44:54.0608 4508 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
15:44:54.0608 4508 C:\Windows\System32\sspisrv.dll - ok
15:44:54.0624 4508 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
15:44:54.0624 4508 C:\Windows\System32\scesrv.dll - ok
15:44:54.0624 4508 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
15:44:54.0624 4508 C:\Windows\System32\scext.dll - ok
15:44:54.0624 4508 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
15:44:54.0624 4508 C:\Windows\System32\secur32.dll - ok
15:44:54.0624 4508 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
15:44:54.0624 4508 C:\Windows\System32\sysntfy.dll - ok
15:44:54.0624 4508 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
15:44:54.0624 4508 C:\Windows\System32\wmsgapi.dll - ok
15:44:54.0624 4508 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
15:44:54.0624 4508 C:\Windows\System32\samsrv.dll - ok
15:44:54.0624 4508 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
15:44:54.0624 4508 C:\Windows\System32\winlogon.exe - ok
15:44:54.0639 4508 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
15:44:54.0639 4508 C:\Windows\System32\cryptdll.dll - ok
15:44:54.0639 4508 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
15:44:54.0639 4508 C:\Windows\System32\srvcli.dll - ok
15:44:54.0639 4508 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
15:44:54.0639 4508 C:\Windows\System32\wevtapi.dll - ok
15:44:54.0639 4508 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
15:44:54.0639 4508 C:\Windows\System32\winsta.dll - ok
15:44:54.0639 4508 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
15:44:54.0639 4508 C:\Windows\System32\authz.dll - ok
15:44:54.0639 4508 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
15:44:54.0639 4508 C:\Windows\System32\cngaudit.dll - ok
15:44:54.0639 4508 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
15:44:54.0639 4508 C:\Windows\System32\bcrypt.dll - ok
15:44:54.0655 4508 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
15:44:54.0655 4508 C:\Windows\System32\msprivs.dll - ok
15:44:54.0655 4508 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
15:44:54.0655 4508 C:\Windows\System32\ncrypt.dll - ok
15:44:54.0655 4508 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
15:44:54.0655 4508 C:\Windows\System32\netjoin.dll - ok
15:44:54.0655 4508 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
15:44:54.0655 4508 C:\Windows\System32\negoexts.dll - ok
15:44:54.0655 4508 [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll
15:44:54.0655 4508 C:\Windows\System32\atmfd.dll - ok
15:44:54.0655 4508 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
15:44:54.0655 4508 C:\Windows\System32\cryptsp.dll - ok
15:44:54.0655 4508 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
15:44:54.0655 4508 C:\Windows\System32\kerberos.dll - ok
15:44:54.0670 4508 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
15:44:54.0670 4508 C:\Windows\System32\mswsock.dll - ok
15:44:54.0670 4508 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
15:44:54.0670 4508 C:\Windows\System32\msv1_0.dll - ok
15:44:54.0670 4508 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
15:44:54.0670 4508 C:\Windows\System32\netlogon.dll - ok
15:44:54.0670 4508 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
15:44:54.0670 4508 C:\Windows\System32\wship6.dll - ok
15:44:54.0670 4508 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
15:44:54.0670 4508 C:\Windows\System32\dnsapi.dll - ok
15:44:54.0670 4508 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
15:44:54.0670 4508 C:\Windows\System32\logoncli.dll - ok
15:44:54.0670 4508 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
15:44:54.0670 4508 C:\Windows\System32\schannel.dll - ok
15:44:54.0686 4508 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
15:44:54.0686 4508 C:\Windows\System32\wdigest.dll - ok
15:44:54.0686 4508 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
15:44:54.0686 4508 C:\Windows\System32\rsaenh.dll - ok
15:44:54.0686 4508 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
15:44:54.0686 4508 C:\Windows\System32\TSpkg.dll - ok
15:44:54.0686 4508 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
15:44:54.0686 4508 C:\Windows\System32\bcryptprimitives.dll - ok
15:44:54.0686 4508 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
15:44:54.0686 4508 C:\Windows\System32\pku2u.dll - ok
15:44:54.0686 4508 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
15:44:54.0686 4508 C:\Windows\System32\credssp.dll - ok
15:44:54.0686 4508 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
15:44:54.0686 4508 C:\Windows\System32\efslsaext.dll - ok
15:44:54.0702 4508 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
15:44:54.0702 4508 C:\Windows\System32\scecli.dll - ok
15:44:54.0702 4508 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
15:44:54.0702 4508 C:\Windows\System32\ubpm.dll - ok
15:44:54.0702 4508 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
15:44:54.0702 4508 C:\Windows\System32\SPInf.dll - ok
15:44:54.0702 4508 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
15:44:54.0702 4508 C:\Windows\System32\svchost.exe - ok
15:44:54.0702 4508 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
15:44:54.0702 4508 C:\Windows\System32\umpnpmgr.dll - ok
15:44:54.0702 4508 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
15:44:54.0702 4508 C:\Windows\System32\devrtl.dll - ok
15:44:54.0702 4508 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
15:44:54.0702 4508 C:\Windows\System32\gpapi.dll - ok
15:44:54.0717 4508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
15:44:54.0717 4508 C:\Windows\System32\umpo.dll - ok
15:44:54.0717 4508 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
15:44:54.0717 4508 C:\Windows\System32\userenv.dll - ok
15:44:54.0717 4508 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
15:44:54.0717 4508 C:\Windows\System32\pcwum.dll - ok
15:44:54.0717 4508 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
15:44:54.0717 4508 C:\Windows\System32\powrprof.dll - ok
15:44:54.0717 4508 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] C:\Windows\System32\drivers\aswFsBlk.sys
15:44:54.0717 4508 C:\Windows\System32\drivers\aswFsBlk.sys - ok
15:44:54.0717 4508 [ AA9FDE3D630160B47DAB21BF8250111C ] C:\Windows\System32\drivers\aswMonFlt.sys
15:44:54.0717 4508 C:\Windows\System32\drivers\aswMonFlt.sys - ok
15:44:54.0733 4508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
15:44:54.0733 4508 C:\Windows\System32\drivers\luafv.sys - ok
15:44:54.0733 4508 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
15:44:54.0733 4508 C:\Windows\System32\drivers\WUDFPf.sys - ok
15:44:54.0733 4508 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] C:\Windows\System32\nvvsvc.exe
15:44:54.0733 4508 C:\Windows\System32\nvvsvc.exe - ok
15:44:54.0733 4508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
15:44:54.0733 4508 C:\Windows\System32\rpcss.dll - ok
15:44:54.0733 4508 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
15:44:54.0733 4508 C:\Windows\System32\wtsapi32.dll - ok
15:44:54.0733 4508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
15:44:54.0733 4508 C:\Windows\System32\RpcEpMap.dll - ok
15:44:54.0733 4508 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
15:44:54.0733 4508 C:\Windows\System32\wshqos.dll - ok
15:44:54.0749 4508 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
15:44:54.0749 4508 C:\Windows\System32\WSHTCPIP.DLL - ok
15:44:54.0749 4508 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
15:44:54.0749 4508 C:\Windows\System32\FirewallAPI.dll - ok
15:44:54.0749 4508 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
15:44:54.0749 4508 C:\Windows\System32\version.dll - ok
15:44:54.0749 4508 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
15:44:54.0749 4508 C:\Windows\System32\wevtsvc.dll - ok
15:44:54.0749 4508 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
15:44:54.0749 4508 C:\Windows\System32\audiosrv.dll - ok
15:44:54.0749 4508 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
15:44:54.0749 4508 C:\Windows\System32\avrt.dll - ok
15:44:54.0749 4508 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
15:44:54.0749 4508 C:\Windows\System32\mmcss.dll - ok
15:44:54.0764 4508 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
15:44:54.0764 4508 C:\Windows\System32\MMDevAPI.dll - ok
15:44:54.0764 4508 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
15:44:54.0764 4508 C:\Windows\System32\propsys.dll - ok
15:44:54.0764 4508 [ 5C78838B4D166D1A27DB3A8A820C799A ] C:\Windows\System32\profsvc.dll
15:44:54.0764 4508 C:\Windows\System32\profsvc.dll - ok
15:44:54.0764 4508 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
15:44:54.0764 4508 C:\Windows\System32\audiodg.exe - ok
15:44:54.0764 4508 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
15:44:54.0764 4508 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
15:44:54.0764 4508 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
15:44:54.0764 4508 C:\Windows\System32\ntmarta.dll - ok
15:44:54.0764 4508 [ 07BA6D17E66879018B30B6C3F976EBED ] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:44:54.0764 4508 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe - ok
15:44:54.0780 4508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
15:44:54.0780 4508 C:\Windows\System32\netprofm.dll - ok
15:44:54.0780 4508 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
15:44:54.0780 4508 C:\Windows\SysWOW64\ntdll.dll - ok
15:44:54.0780 4508 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
15:44:54.0780 4508 C:\Windows\System32\wow64.dll - ok
15:44:54.0780 4508 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
15:44:54.0780 4508 C:\Windows\System32\wow64win.dll - ok
15:44:54.0780 4508 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
15:44:54.0780 4508 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
15:44:54.0780 4508 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
15:44:54.0780 4508 C:\Windows\System32\wow64cpu.dll - ok
15:44:54.0780 4508 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
15:44:54.0780 4508 C:\Windows\SysWOW64\kernel32.dll - ok
15:44:54.0795 4508 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
15:44:54.0795 4508 C:\Windows\SysWOW64\KernelBase.dll - ok
15:44:54.0795 4508 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
15:44:54.0795 4508 C:\Windows\SysWOW64\user32.dll - ok
15:44:54.0795 4508 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
15:44:54.0795 4508 C:\Windows\System32\drivers\fltMgr.sys - ok
15:44:54.0795 4508 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
15:44:54.0795 4508 C:\Windows\System32\PSHED.DLL - ok
15:44:54.0795 4508 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
15:44:54.0795 4508 C:\Windows\SysWOW64\gdi32.dll - ok
15:44:54.0795 4508 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
15:44:54.0795 4508 C:\Windows\SysWOW64\lpk.dll - ok
15:44:54.0795 4508 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
15:44:54.0795 4508 C:\Windows\SysWOW64\usp10.dll - ok
15:44:54.0811 4508 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
15:44:54.0811 4508 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
15:44:54.0811 4508 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
15:44:54.0811 4508 C:\Windows\SysWOW64\msvcrt.dll - ok
15:44:54.0811 4508 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
15:44:54.0811 4508 C:\Windows\SysWOW64\advapi32.dll - ok
15:44:54.0811 4508 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
15:44:54.0811 4508 C:\Windows\SysWOW64\rpcrt4.dll - ok
15:44:54.0811 4508 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
15:44:54.0811 4508 C:\Windows\SysWOW64\sechost.dll - ok
15:44:54.0811 4508 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
15:44:54.0811 4508 C:\Windows\SysWOW64\cryptbase.dll - ok
15:44:54.0811 4508 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
15:44:54.0811 4508 C:\Windows\SysWOW64\shell32.dll - ok
15:44:54.0827 4508 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
15:44:54.0827 4508 C:\Windows\SysWOW64\sspicli.dll - ok
15:44:54.0827 4508 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
15:44:54.0827 4508 C:\Windows\SysWOW64\winspool.drv - ok
15:44:54.0827 4508 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
15:44:54.0827 4508 C:\Windows\SysWOW64\shlwapi.dll - ok
15:44:54.0827 4508 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
15:44:54.0827 4508 C:\Windows\SysWOW64\ole32.dll - ok
15:44:54.0827 4508 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
15:44:54.0827 4508 C:\Windows\SysWOW64\dsound.dll - ok
15:44:54.0827 4508 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
15:44:54.0827 4508 C:\Windows\SysWOW64\oleaut32.dll - ok
15:44:54.0827 4508 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
15:44:54.0827 4508 C:\Windows\SysWOW64\powrprof.dll - ok
15:44:54.0842 4508 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
15:44:54.0842 4508 C:\Windows\SysWOW64\setupapi.dll - ok
15:44:54.0842 4508 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
15:44:54.0842 4508 C:\Windows\SysWOW64\winmm.dll - ok
15:44:54.0842 4508 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
15:44:54.0842 4508 C:\Windows\SysWOW64\cfgmgr32.dll - ok
15:44:54.0842 4508 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
15:44:54.0842 4508 C:\Windows\SysWOW64\devobj.dll - ok
15:44:54.0842 4508 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
15:44:54.0842 4508 C:\Windows\SysWOW64\oleacc.dll - ok
15:44:54.0842 4508 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
15:44:54.0842 4508 C:\Windows\SysWOW64\crypt32.dll - ok
15:44:54.0842 4508 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
15:44:54.0842 4508 C:\Windows\SysWOW64\imm32.dll - ok
15:44:54.0858 4508 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
15:44:54.0858 4508 C:\Windows\SysWOW64\msasn1.dll - ok
15:44:54.0858 4508 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
15:44:54.0858 4508 C:\Windows\SysWOW64\msctf.dll - ok
15:44:54.0858 4508 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
15:44:54.0858 4508 C:\Windows\System32\cscsvc.dll - ok
15:44:54.0858 4508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
15:44:54.0858 4508 C:\Windows\System32\gpsvc.dll - ok
15:44:54.0858 4508 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
15:44:54.0858 4508 C:\Windows\System32\nlaapi.dll - ok
15:44:54.0858 4508 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
15:44:54.0858 4508 C:\Windows\System32\themeservice.dll - ok
15:44:54.0858 4508 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
15:44:54.0858 4508 C:\Windows\System32\PeerDist.dll - ok
15:44:54.0874 4508 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
15:44:54.0874 4508 C:\Windows\System32\atl.dll - ok
15:44:54.0874 4508 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
15:44:54.0874 4508 C:\Windows\System32\taskschd.dll - ok
15:44:54.0874 4508 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
15:44:54.0874 4508 C:\Windows\System32\mstask.dll - ok
15:44:54.0874 4508 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
15:44:54.0874 4508 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
15:44:54.0874 4508 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
15:44:54.0874 4508 C:\Windows\System32\dsrole.dll - ok
15:44:54.0874 4508 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
15:44:54.0874 4508 C:\Windows\System32\slc.dll - ok
15:44:54.0874 4508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
15:44:54.0874 4508 C:\Windows\System32\es.dll - ok
15:44:54.0889 4508 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
15:44:54.0889 4508 C:\Windows\System32\comres.dll - ok
15:44:54.0889 4508 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
15:44:54.0889 4508 C:\Windows\System32\authui.dll - ok
15:44:54.0889 4508 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
15:44:54.0889 4508 C:\Windows\System32\LogonUI.exe - ok
15:44:54.0889 4508 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
15:44:54.0889 4508 C:\Windows\System32\adtschema.dll - ok
15:44:54.0889 4508 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
15:44:54.0889 4508 C:\Windows\System32\Sens.dll - ok
15:44:54.0889 4508 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
15:44:54.0889 4508 C:\Windows\System32\cryptui.dll - ok
15:44:54.0889 4508 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
15:44:54.0889 4508 C:\Windows\System32\samlib.dll - ok
15:44:54.0889 4508 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
15:44:54.0889 4508 C:\Windows\System32\shacct.dll - ok
15:44:54.0905 4508 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
15:44:54.0905 4508 C:\Windows\System32\uxtheme.dll - ok
15:44:54.0905 4508 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
15:44:54.0905 4508 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
15:44:54.0905 4508 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
15:44:54.0905 4508 C:\Windows\System32\dui70.dll - ok
15:44:54.0905 4508 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
15:44:54.0905 4508 C:\Windows\System32\duser.dll - ok
15:44:54.0905 4508 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
15:44:54.0905 4508 C:\Windows\System32\SndVolSSO.dll - ok
15:44:54.0905 4508 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
15:44:54.0905 4508 C:\Windows\System32\dwmapi.dll - ok
15:44:54.0920 4508 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
15:44:54.0920 4508 C:\Windows\System32\hid.dll - ok
15:44:54.0920 4508 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
15:44:54.0920 4508 C:\Windows\System32\xmllite.dll - ok
15:44:54.0920 4508 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
15:44:54.0920 4508 C:\Windows\System32\WindowsCodecs.dll - ok
15:44:54.0920 4508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
15:44:54.0920 4508 C:\Windows\System32\uxsms.dll - ok
15:44:54.0920 4508 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
15:44:54.0920 4508 C:\Windows\System32\WUDFPlatform.dll - ok
15:44:54.0920 4508 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
15:44:54.0920 4508 C:\Windows\System32\WUDFSvc.dll - ok
15:44:54.0920 4508 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
15:44:54.0920 4508 C:\Windows\System32\drivers\lltdio.sys - ok
15:44:54.0936 4508 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
15:44:54.0936 4508 C:\Windows\System32\drivers\rspndr.sys - ok
15:44:54.0936 4508 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
15:44:54.0936 4508 C:\Windows\System32\IPHLPAPI.DLL - ok
15:44:54.0936 4508 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
15:44:54.0936 4508 C:\Windows\System32\lmhsvc.dll - ok
15:44:54.0936 4508 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
15:44:54.0936 4508 C:\Windows\System32\nrpsrv.dll - ok
15:44:54.0936 4508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
15:44:54.0936 4508 C:\Windows\System32\nsisvc.dll - ok
15:44:54.0936 4508 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
15:44:54.0936 4508 C:\Windows\System32\winnsi.dll - ok
15:44:54.0936 4508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
15:44:54.0936 4508 C:\Windows\System32\dnsrslvr.dll - ok
15:44:54.0952 4508 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
15:44:54.0952 4508 C:\Windows\System32\winbrand.dll - ok
15:44:54.0952 4508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
15:44:54.0952 4508 C:\Windows\System32\dhcpcore.dll - ok
15:44:54.0952 4508 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
15:44:54.0952 4508 C:\Windows\System32\dhcpcore6.dll - ok
15:44:54.0952 4508 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
15:44:54.0952 4508 C:\Windows\System32\dhcpcsvc.dll - ok
15:44:54.0952 4508 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
15:44:54.0952 4508 C:\Windows\System32\dhcpcsvc6.dll - ok
15:44:54.0952 4508 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
15:44:54.0952 4508 C:\Windows\System32\VaultCredProvider.dll - ok
15:44:54.0952 4508 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:44:54.0952 4508 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:44:54.0967 4508 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
15:44:54.0967 4508 C:\Windows\System32\BioCredProv.dll - ok
15:44:54.0967 4508 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
15:44:54.0967 4508 C:\Windows\System32\winbio.dll - ok
15:44:54.0967 4508 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
15:44:54.0967 4508 C:\Windows\System32\credui.dll - ok
15:44:54.0967 4508 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
15:44:54.0967 4508 C:\Windows\System32\netapi32.dll - ok
15:44:54.0967 4508 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
15:44:54.0967 4508 C:\Windows\System32\vaultcli.dll - ok
15:44:54.0967 4508 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
15:44:54.0967 4508 C:\Windows\System32\netutils.dll - ok
15:44:54.0967 4508 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
15:44:54.0967 4508 C:\Windows\System32\wkscli.dll - ok
15:44:54.0983 4508 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
15:44:54.0983 4508 C:\Windows\System32\samcli.dll - ok
15:44:54.0983 4508 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
15:44:54.0983 4508 C:\Windows\System32\certCredProvider.dll - ok
15:44:54.0983 4508 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
15:44:54.0983 4508 C:\Windows\System32\rasplap.dll - ok
15:44:54.0983 4508 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
15:44:54.0983 4508 C:\Windows\System32\rasapi32.dll - ok
15:44:54.0983 4508 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
15:44:54.0983 4508 C:\Windows\System32\rasman.dll - ok
15:44:54.0983 4508 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
15:44:54.0983 4508 C:\Windows\System32\rtutils.dll - ok
15:44:54.0983 4508 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
15:44:54.0983 4508 C:\Windows\System32\UXInit.dll - ok
15:44:54.0999 4508 [ 278D494931E554F78FFAFFC6D629AB03 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
15:44:54.0999 4508 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
15:44:54.0999 4508 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
15:44:54.0999 4508 C:\Windows\System32\FWPUCLNT.DLL - ok
15:44:54.0999 4508 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
15:44:54.0999 4508 C:\Windows\System32\dnsext.dll - ok
15:44:54.0999 4508 [ E54DA80C33EF737EDFA53C95BAE91C3C ] C:\Windows\System32\nvsvc64.dll
15:44:54.0999 4508 C:\Windows\System32\nvsvc64.dll - ok
15:44:54.0999 4508 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
15:44:54.0999 4508 C:\Windows\System32\imageres.dll - ok
15:44:54.0999 4508 [ 7EDF1E16ED4DD5B7CD397E994BEBF2AC ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
15:44:54.0999 4508 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
15:44:54.0999 4508 [ 04AC21E821F259845BD7367CEE057290 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:44:54.0999 4508 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
15:44:55.0014 4508 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
15:44:55.0014 4508 C:\Windows\System32\mscms.dll - ok
15:44:55.0014 4508 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
15:44:55.0014 4508 C:\Windows\System32\msimg32.dll - ok
15:44:55.0014 4508 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
15:44:55.0014 4508 C:\Windows\System32\winmm.dll - ok
15:44:55.0014 4508 [ E8193D02C73F61CDE7BF7B6D653CD68F ] C:\Windows\System32\nvapi64.dll
15:44:55.0014 4508 C:\Windows\System32\nvapi64.dll - ok
15:44:55.0014 4508 [ 16C75B02658C372655E331E1699A9FC1 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
15:44:55.0014 4508 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
15:44:55.0014 4508 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
15:44:55.0014 4508 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
15:44:55.0030 4508 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
15:44:55.0030 4508 C:\Windows\System32\oleacc.dll - ok
15:44:55.0030 4508 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
15:44:55.0030 4508 C:\Windows\System32\winspool.drv - ok
15:44:55.0030 4508 [ 27880148EEACAD3C92CB0C0B0E5C10E3 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
15:44:55.0030 4508 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
15:44:55.0030 4508 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
15:44:55.0030 4508 C:\Windows\System32\dllhost.exe - ok
15:44:55.0030 4508 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
15:44:55.0030 4508 C:\Windows\System32\IDStore.dll - ok
15:44:55.0030 4508 [ B8FD1C5E3943EA2DD0FDBB46E2F275DE ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
15:44:55.0030 4508 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
15:44:55.0030 4508 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
15:44:55.0030 4508 C:\Windows\SysWOW64\ws2_32.dll - ok
15:44:55.0045 4508 [ 46856447F0EBF2F7B2473660B056B419 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
15:44:55.0045 4508 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
15:44:55.0045 4508 [ 061E11A56CDCAB73188E216280C05D66 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
15:44:55.0045 4508 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
15:44:55.0045 4508 [ 3C1EE2FFFCBEF877934EFDF3A5C3BCB1 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
15:44:55.0045 4508 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
15:44:55.0045 4508 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
15:44:55.0045 4508 C:\Windows\SysWOW64\nsi.dll - ok
15:44:55.0045 4508 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
15:44:55.0045 4508 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
15:44:55.0045 4508 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
15:44:55.0045 4508 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
15:44:55.0045 4508 [ 1D716EB7BCC07F5B1EF442B13A5FDDFE ] C:\Program Files\AVAST Software\Avast\ashBase.dll
15:44:55.0045 4508 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
15:44:55.0061 4508 [ 42A6DC8B861EF5BD6AF8DC2CBD7DF321 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
15:44:55.0061 4508 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
15:44:55.0061 4508 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
15:44:55.0061 4508 C:\Windows\SysWOW64\psapi.dll - ok
15:44:55.0061 4508 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
15:44:55.0061 4508 C:\Windows\SysWOW64\version.dll - ok
15:44:55.0061 4508 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
15:44:55.0061 4508 C:\Windows\SysWOW64\wsock32.dll - ok
15:44:55.0061 4508 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
15:44:55.0061 4508 C:\Windows\SysWOW64\dbghelp.dll - ok
15:44:55.0061 4508 [ 4CC47E4FEA86625FD5419D864E6A16D1 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
15:44:55.0061 4508 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
15:44:55.0061 4508 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
15:44:55.0061 4508 C:\Windows\SysWOW64\netapi32.dll - ok
15:44:55.0077 4508 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
15:44:55.0077 4508 C:\Windows\SysWOW64\netutils.dll - ok
15:44:55.0077 4508 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
15:44:55.0077 4508 C:\Windows\SysWOW64\srvcli.dll - ok
15:44:55.0077 4508 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
15:44:55.0077 4508 C:\Windows\SysWOW64\wkscli.dll - ok
15:44:55.0077 4508 [ 7E118D66ECACCF3299F732ED0F3CE467 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
15:44:55.0077 4508 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
15:44:55.0077 4508 [ DEA2847BFCD2BCCE777C27DB47A69EB8 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
15:44:55.0077 4508 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
15:44:55.0077 4508 [ 2566C94919F8F46215E38F3357011EBF ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
15:44:55.0077 4508 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
15:44:55.0092 4508 [ 3C1513365EFF8D185C5BB2BDEBBE5D3A ] C:\Program Files\AVAST Software\Avast\aswAux.dll
15:44:55.0092 4508 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
15:44:55.0092 4508 [ 3079F9345ED39D0E9DA1D5E8CC407235 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
15:44:55.0092 4508 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
15:44:55.0092 4508 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
15:44:55.0092 4508 C:\Windows\System32\shsvcs.dll - ok
15:44:55.0092 4508 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
15:44:55.0092 4508 C:\Windows\SysWOW64\cscapi.dll - ok
15:44:55.0092 4508 [ 662E62F776A508CA4C997F7DA8007769 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
15:44:55.0092 4508 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
15:44:55.0092 4508 [ 1D445E0FD43BE0F81C07DFFBF6AB92EC ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
15:44:55.0092 4508 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
15:44:55.0092 4508 [ 3A2CF698443EAD2C14CF528B4F2A51A0 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
15:44:55.0092 4508 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
15:44:55.0108 4508 [ C5DBD35CF4EB0CB8E72A7B6DA2EDEA51 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
15:44:55.0108 4508 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
15:44:55.0108 4508 [ 0F84219E9FC89D4FEC963F78E4983E0B ] C:\Program Files\AVAST Software\Avast\aswDld.dll
15:44:55.0108 4508 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
15:44:55.0108 4508 [ 35BD2AABE21E86D760D4FB93225D8BB4 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
15:44:55.0108 4508 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
15:44:55.0108 4508 [ 3B3AD17FAAA838CC0368F0947B5D43DB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
15:44:55.0108 4508 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
15:44:55.0108 4508 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
15:44:55.0108 4508 C:\Windows\SysWOW64\wtsapi32.dll - ok
15:44:55.0108 4508 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
15:44:55.0108 4508 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
15:44:55.0108 4508 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
15:44:55.0108 4508 C:\Windows\SysWOW64\wscisvif.dll - ok
15:44:55.0124 4508 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
15:44:55.0124 4508 C:\Windows\SysWOW64\wscapi.dll - ok
15:44:55.0124 4508 [ 1869C1A8ABB6D3E0B7FA81EE4346DC14 ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswEngin.dll
15:44:55.0124 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswEngin.dll - ok
15:44:55.0124 4508 [ 9AB833956EB46BA28FAE9611569AB921 ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswCmnOS.dll
15:44:55.0124 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswCmnOS.dll - ok
15:44:55.0124 4508 [ 2935740E9E6B71C6D28CDA78E2ECDABD ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswCmnIS.dll
15:44:55.0124 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswCmnIS.dll - ok
15:44:55.0124 4508 [ AA11564CF8C3A8C70D707135264703A8 ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswCmnBS.dll
15:44:55.0124 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswCmnBS.dll - ok
15:44:55.0124 4508 [ 9AE6FE1CBC6D3654D1BE931B331176EC ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswRep.dll
15:44:55.0124 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswRep.dll - ok
15:44:55.0124 4508 [ 45551558282528DD5AD76606D51E6F09 ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswScan.dll
15:44:55.0124 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswScan.dll - ok
15:44:55.0139 4508 [ 6F870133450801AAAF72AAB95AB58F95 ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswFiDb.dll
15:44:55.0139 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswFiDb.dll - ok
15:44:55.0139 4508 [ ED07345C695585E42D06040050EBA922 ] C:\Program Files\AVAST Software\Avast\defs\12100800\algo.dll
15:44:55.0139 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\algo.dll - ok
15:44:55.0139 4508 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
15:44:55.0139 4508 C:\Windows\System32\schedsvc.dll - ok
15:44:55.0139 4508 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
15:44:55.0139 4508 C:\Windows\System32\fveapi.dll - ok
15:44:55.0139 4508 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
15:44:55.0139 4508 C:\Windows\System32\fvecerts.dll - ok
15:44:55.0139 4508 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
15:44:55.0139 4508 C:\Windows\System32\ktmw32.dll - ok
15:44:55.0155 4508 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
15:44:55.0155 4508 C:\Windows\System32\tbs.dll - ok
15:44:55.0155 4508 [ 9B1B3C9FC4011CB5A6C6423ABEEB3793 ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
15:44:55.0155 4508 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
15:44:55.0155 4508 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
15:44:55.0155 4508 C:\Windows\System32\wiarpc.dll - ok
15:44:55.0155 4508 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
15:44:55.0155 4508 C:\Windows\SysWOW64\secur32.dll - ok
15:44:55.0155 4508 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
15:44:55.0155 4508 C:\Windows\System32\taskcomp.dll - ok
15:44:55.0155 4508 [ F89AA2BBF3F764D8B69E47CC34E47939 ] C:\Windows\System32\nvcpl.dll
15:44:55.0155 4508 C:\Windows\System32\nvcpl.dll - ok
15:44:55.0155 4508 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
15:44:55.0155 4508 C:\Windows\System32\KBDUK.DLL - ok
15:44:55.0170 4508 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
15:44:55.0170 4508 C:\Windows\System32\AtBroker.exe - ok
15:44:55.0170 4508 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
15:44:55.0170 4508 C:\Windows\System32\mpr.dll - ok
15:44:55.0170 4508 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
15:44:55.0170 4508 C:\Windows\System32\taskeng.exe - ok
15:44:55.0170 4508 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
15:44:55.0170 4508 C:\Windows\System32\userinit.exe - ok
15:44:55.0170 4508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
15:44:55.0170 4508 C:\Windows\System32\drivers\http.sys - ok
15:44:55.0170 4508 [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe
15:44:55.0170 4508 C:\Windows\System32\spoolsv.exe - ok
15:44:55.0170 4508 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
15:44:55.0170 4508 C:\Windows\System32\TSChannel.dll - ok
15:44:55.0186 4508 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
15:44:55.0186 4508 C:\Windows\System32\dwm.exe - ok
15:44:55.0186 4508 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
15:44:55.0186 4508 C:\Windows\System32\dwmredir.dll - ok
15:44:55.0186 4508 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
15:44:55.0186 4508 C:\Windows\System32\BFE.DLL - ok
15:44:55.0186 4508 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
15:44:55.0186 4508 C:\Windows\System32\taskhost.exe - ok
15:44:55.0186 4508 [ 50D28F3F8B7C17056520C80A29EFE17C ] C:\Windows\System32\lpksetup.exe
15:44:55.0186 4508 C:\Windows\System32\lpksetup.exe - ok
15:44:55.0186 4508 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
15:44:55.0186 4508 C:\Windows\SysWOW64\fltLib.dll - ok
15:44:55.0186 4508 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
15:44:55.0186 4508 C:\Windows\SysWOW64\winsta.dll - ok
15:44:55.0202 4508 [ 545DE96D552AEDCDE95D1C86BDC9B95B ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
15:44:55.0202 4508 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
15:44:55.0202 4508 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
15:44:55.0202 4508 C:\Windows\System32\HotStartUserAgent.dll - ok
15:44:55.0202 4508 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
15:44:55.0202 4508 C:\Windows\System32\PlaySndSrv.dll - ok
15:44:55.0202 4508 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
15:44:55.0202 4508 C:\Windows\System32\MsCtfMonitor.dll - ok
15:44:55.0202 4508 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
15:44:55.0202 4508 C:\Windows\System32\msutb.dll - ok
15:44:55.0202 4508 [ D7BF4E050440CF0B7B2A2596F0F370F3 ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
15:44:55.0202 4508 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
15:44:55.0202 4508 [ 37DAD7CA011038616E067C8F62029FD0 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
15:44:55.0202 4508 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
15:44:55.0217 4508 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
15:44:55.0217 4508 C:\Windows\explorer.exe - ok
15:44:55.0217 4508 [ 8122EE05F327EF470670E2CDDFFEB929 ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
15:44:55.0217 4508 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
15:44:55.0217 4508 [ EFFA04908678EF527EA32B2E2EE6EC93 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
15:44:55.0217 4508 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
15:44:55.0217 4508 [ A5905C582C88AE8D56834CE4A3627FD1 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
15:44:55.0217 4508 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
15:44:55.0217 4508 [ 9207F1A1440EAF18BE0D0C1D487E4F02 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
15:44:55.0217 4508 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
15:44:55.0217 4508 [ 4509D54DF9276534AC433F80E8392206 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
15:44:55.0217 4508 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
15:44:55.0233 4508 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12100800\ArPot.dll
15:44:55.0233 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\ArPot.dll - ok
15:44:55.0233 4508 [ 285AC1245590372A88B75144A8656A5F ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
15:44:55.0233 4508 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
15:44:55.0233 4508 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12100800\exts.dll
15:44:55.0233 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\exts.dll - ok
15:44:55.0233 4508 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
15:44:55.0233 4508 C:\Windows\SysWOW64\cryptsp.dll - ok
15:44:55.0233 4508 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
15:44:55.0233 4508 C:\Windows\SysWOW64\rsaenh.dll - ok
15:44:55.0233 4508 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
15:44:55.0233 4508 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
15:44:55.0233 4508 [ F787D427F7EB96FBA1E495600BB8CD30 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
15:44:55.0233 4508 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
15:44:55.0249 4508 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
15:44:55.0249 4508 C:\Windows\SysWOW64\mswsock.dll - ok
15:44:55.0249 4508 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
15:44:55.0249 4508 C:\Windows\SysWOW64\NapiNSP.dll - ok
15:44:55.0249 4508 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
15:44:55.0249 4508 C:\Windows\SysWOW64\nlaapi.dll - ok
15:44:55.0249 4508 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
15:44:55.0249 4508 C:\Windows\SysWOW64\pnrpnsp.dll - ok
15:44:55.0249 4508 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
15:44:55.0249 4508 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
15:44:55.0249 4508 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
15:44:55.0249 4508 C:\Windows\SysWOW64\dnsapi.dll - ok
15:44:55.0249 4508 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
15:44:55.0249 4508 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
15:44:55.0264 4508 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
15:44:55.0264 4508 C:\Windows\SysWOW64\winnsi.dll - ok
15:44:55.0264 4508 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
15:44:55.0264 4508 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
15:44:55.0264 4508 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
15:44:55.0264 4508 C:\Windows\SysWOW64\winrnr.dll - ok
15:44:55.0264 4508 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
15:44:55.0264 4508 C:\Windows\SysWOW64\rasadhlp.dll - ok
15:44:55.0264 4508 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
15:44:55.0264 4508 C:\Windows\SysWOW64\security.dll - ok
15:44:55.0264 4508 [ 4130D86B0642EFCBB65AD6B2C9BD022E ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
15:44:55.0264 4508 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
15:44:55.0264 4508 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
15:44:55.0264 4508 C:\Windows\SysWOW64\wship6.dll - ok
15:44:55.0280 4508 [ 87F664BF0B8728382D03B2126127DC98 ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswAR.dll
15:44:55.0280 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswAR.dll - ok
15:44:55.0280 4508 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12100800\aswRawFS.dll
15:44:55.0280 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\aswRawFS.dll - ok
15:44:55.0280 4508 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
15:44:55.0280 4508 C:\Windows\System32\ExplorerFrame.dll - ok
15:44:55.0280 4508 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
15:44:55.0280 4508 C:\Windows\System32\dwmcore.dll - ok
15:44:55.0280 4508 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
15:44:55.0280 4508 C:\Windows\System32\d3d10_1.dll - ok
15:44:55.0280 4508 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
15:44:55.0280 4508 C:\Windows\System32\d3d10_1core.dll - ok
15:44:55.0295 4508 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
15:44:55.0295 4508 C:\Windows\System32\dxgi.dll - ok
15:44:55.0295 4508 [ 4449BEDC0A03A01E898363F253DB165E ] C:\Windows\System32\nvwgf2umx.dll
15:44:55.0295 4508 C:\Windows\System32\nvwgf2umx.dll - ok
15:44:55.0295 4508 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
15:44:55.0295 4508 C:\Windows\System32\dpx.dll - ok
15:44:55.0295 4508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
15:44:55.0295 4508 C:\Windows\System32\drivers\bowser.sys - ok
15:44:55.0295 4508 [ C58687487F15A3C14B6A18416F055A5B ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
15:44:55.0295 4508 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
15:44:55.0295 4508 [ 6A16BCE3C09496650BE881C467611653 ] C:\Windows\System32\msi.dll
15:44:55.0295 4508 C:\Windows\System32\msi.dll - ok
15:44:55.0295 4508 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
15:44:55.0295 4508 C:\Windows\System32\EhStorShell.dll - ok
15:44:55.0311 4508 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
15:44:55.0311 4508 C:\Windows\System32\cscui.dll - ok
15:44:55.0311 4508 [ 1B399CC9E24C9D65CEBA5A807C4036D7 ] C:\Program Files\AVAST Software\Avast\snxhk64.dll
15:44:55.0311 4508 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok
15:44:55.0311 4508 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
15:44:55.0311 4508 C:\Windows\System32\cscapi.dll - ok
15:44:55.0311 4508 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
15:44:55.0311 4508 C:\Windows\System32\cscdll.dll - ok
15:44:55.0311 4508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
15:44:55.0311 4508 C:\Windows\System32\drivers\mpsdrv.sys - ok
15:44:55.0311 4508 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
15:44:55.0311 4508 C:\Windows\System32\drivers\mrxsmb.sys - ok
15:44:55.0311 4508 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
15:44:55.0311 4508 C:\Windows\System32\ntshrui.dll - ok
15:44:55.0327 4508 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
15:44:55.0327 4508 C:\Windows\System32\uDWM.dll - ok
15:44:55.0327 4508 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
15:44:55.0327 4508 C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:44:55.0327 4508 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
15:44:55.0327 4508 C:\Windows\System32\IconCodecService.dll - ok
15:44:55.0327 4508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
15:44:55.0327 4508 C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:44:55.0327 4508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
15:44:55.0327 4508 C:\Windows\System32\MPSSVC.dll - ok
15:44:55.0327 4508 [ 7EF47644B74EBE721CC32211D3C35E76 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:44:55.0327 4508 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
15:44:55.0327 4508 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
15:44:55.0327 4508 C:\Windows\System32\wfapigp.dll - ok
15:44:55.0342 4508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
15:44:55.0342 4508 C:\Windows\System32\wkssvc.dll - ok
15:44:55.0342 4508 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
15:44:55.0342 4508 C:\Windows\System32\pcasvc.dll - ok
15:44:55.0342 4508 [ 2B460CA1AC9A2249C92E54E39A8ACF42 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
15:44:55.0342 4508 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
15:44:55.0342 4508 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
15:44:55.0342 4508 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
15:44:55.0342 4508 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:44:55.0342 4508 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:44:55.0342 4508 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
15:44:55.0342 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
15:44:55.0358 4508 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
15:44:55.0358 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
15:44:55.0358 4508 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
15:44:55.0358 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
15:44:55.0358 4508 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
15:44:55.0358 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
15:44:55.0358 4508 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
15:44:55.0358 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
15:44:55.0358 4508 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
15:44:55.0358 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
15:44:55.0358 4508 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
15:44:55.0358 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
15:44:55.0374 4508 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
15:44:55.0374 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
15:44:55.0374 4508 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
15:44:55.0374 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
15:44:55.0374 4508 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
15:44:55.0374 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
15:44:55.0374 4508 [ F8ECB748B53A010464F7A63154D75F56 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
15:44:55.0374 4508 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
15:44:55.0374 4508 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
15:44:55.0374 4508 C:\Windows\SysWOW64\profapi.dll - ok
15:44:55.0374 4508 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
15:44:55.0374 4508 C:\Windows\SysWOW64\dnssd.dll - ok
15:44:55.0374 4508 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
15:44:55.0374 4508 C:\Windows\SysWOW64\userenv.dll - ok
15:44:55.0389 4508 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
15:44:55.0389 4508 C:\Windows\SysWOW64\ntmarta.dll - ok
15:44:55.0389 4508 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
15:44:55.0389 4508 C:\Windows\SysWOW64\Wldap32.dll - ok
15:44:55.0389 4508 [ 2C478E667CE27B2B7142F756CF569A9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
15:44:55.0389 4508 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
15:44:55.0389 4508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
15:44:55.0389 4508 C:\Program Files\Bonjour\mDNSResponder.exe - ok
15:44:55.0389 4508 [ 4F4E2103C7F8A2AB6679071855549C93 ] C:\Windows\SysWOW64\wininet.dll
15:44:55.0389 4508 C:\Windows\SysWOW64\wininet.dll - ok
15:44:55.0389 4508 [ C3674D5D85178762174E9137D3D04480 ] C:\Windows\SysWOW64\urlmon.dll
15:44:55.0389 4508 C:\Windows\SysWOW64\urlmon.dll - ok
15:44:55.0389 4508 [ B27EDA12BAA7255722F38718CB498951 ] C:\Windows\SysWOW64\iertutil.dll
15:44:55.0389 4508 C:\Windows\SysWOW64\iertutil.dll - ok
15:44:55.0405 4508 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
15:44:55.0405 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
15:44:55.0405 4508 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
15:44:55.0405 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
15:44:55.0405 4508 [ F1C09EE3A594B19DD1F4B4AEA9E353C9 ] C:\Windows\System32\comsvcs.dll
15:44:55.0405 4508 C:\Windows\System32\comsvcs.dll - ok
15:44:55.0405 4508 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
15:44:55.0405 4508 C:\Windows\System32\cryptsvc.dll - ok
15:44:55.0405 4508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
15:44:55.0405 4508 C:\Windows\System32\dps.dll - ok
15:44:55.0405 4508 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
15:44:55.0405 4508 C:\Windows\System32\FDResPub.dll - ok
15:44:55.0420 4508 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
15:44:55.0420 4508 C:\Windows\System32\IKEEXT.DLL - ok
15:44:55.0420 4508 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
15:44:55.0420 4508 C:\Windows\System32\WSDApi.dll - ok
15:44:55.0420 4508 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
15:44:55.0420 4508 C:\Windows\System32\aepic.dll - ok
15:44:55.0420 4508 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
15:44:55.0420 4508 C:\Windows\System32\cryptnet.dll - ok
15:44:55.0420 4508 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
15:44:55.0420 4508 C:\Windows\System32\nlasvc.dll - ok
15:44:55.0420 4508 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
15:44:55.0420 4508 C:\Windows\System32\webservices.dll - ok
15:44:55.0420 4508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
15:44:55.0420 4508 C:\Windows\System32\drivers\PEAuth.sys - ok
15:44:55.0436 4508 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
15:44:55.0436 4508 C:\Windows\System32\ncsi.dll - ok
15:44:55.0436 4508 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
15:44:55.0436 4508 C:\Windows\System32\sfc.dll - ok
15:44:55.0436 4508 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
15:44:55.0436 4508 C:\Windows\System32\sfc_os.dll - ok
15:44:55.0436 4508 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
15:44:55.0436 4508 C:\Windows\System32\fundisc.dll - ok
15:44:55.0436 4508 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
15:44:55.0436 4508 C:\Windows\System32\vpnikeapi.dll - ok
15:44:55.0436 4508 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
15:44:55.0436 4508 C:\Windows\System32\winhttp.dll - ok
15:44:55.0436 4508 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
15:44:55.0436 4508 C:\Windows\System32\webio.dll - ok
15:44:55.0452 4508 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
15:44:55.0452 4508 C:\Windows\System32\snmptrap.exe - ok
15:44:55.0452 4508 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
15:44:55.0452 4508 C:\Windows\System32\drivers\secdrv.sys - ok
15:44:55.0452 4508 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
15:44:55.0452 4508 C:\Windows\System32\vssapi.dll - ok
15:44:55.0452 4508 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
15:44:55.0452 4508 C:\Windows\System32\aeevts.dll - ok
15:44:55.0452 4508 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
15:44:55.0452 4508 C:\Windows\System32\ssdpapi.dll - ok
15:44:55.0452 4508 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
15:44:55.0452 4508 C:\Windows\System32\vsstrace.dll - ok
15:44:55.0452 4508 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
15:44:55.0452 4508 C:\Windows\System32\drivers\srvnet.sys - ok
15:44:55.0467 4508 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
15:44:55.0467 4508 C:\Windows\System32\drivers\tcpipreg.sys - ok
15:44:55.0467 4508 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
15:44:55.0467 4508 C:\Windows\System32\wbem\WMIsvc.dll - ok
15:44:55.0467 4508 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
15:44:55.0467 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
15:44:55.0467 4508 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
15:44:55.0467 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
15:44:55.0467 4508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
15:44:55.0467 4508 C:\Windows\System32\wiaservc.dll - ok
15:44:55.0467 4508 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
15:44:55.0467 4508 C:\Windows\System32\wiatrace.dll - ok
15:44:55.0467 4508 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
15:44:55.0467 4508 C:\Windows\SysWOW64\wintrust.dll - ok
15:44:55.0483 4508 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
15:44:55.0483 4508 C:\Windows\System32\wbemcomn.dll - ok
15:44:55.0483 4508 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
15:44:55.0483 4508 C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:44:55.0483 4508 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
15:44:55.0483 4508 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
15:44:55.0483 4508 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
15:44:55.0483 4508 C:\Windows\System32\wbem\fastprox.dll - ok
15:44:55.0483 4508 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
15:44:55.0483 4508 C:\Windows\System32\ntdsapi.dll - ok
15:44:55.0483 4508 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
15:44:55.0483 4508 C:\Windows\System32\wbem\wbemprox.dll - ok
15:44:55.0483 4508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
15:44:55.0483 4508 C:\Windows\System32\sysmain.dll - ok
15:44:55.0499 4508 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
15:44:55.0499 4508 C:\Windows\System32\wbem\wbemcore.dll - ok
15:44:55.0499 4508 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
15:44:55.0499 4508 C:\Windows\System32\wbem\esscli.dll - ok
15:44:55.0499 4508 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
15:44:55.0499 4508 C:\Windows\System32\wbem\wbemsvc.dll - ok
15:44:55.0499 4508 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
15:44:55.0499 4508 C:\Windows\System32\wbem\repdrvfs.dll - ok
15:44:55.0499 4508 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
15:44:55.0499 4508 C:\Windows\System32\wbem\wmiutils.dll - ok
15:44:55.0499 4508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
15:44:55.0499 4508 C:\Windows\System32\trkwks.dll - ok
15:44:55.0514 4508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
15:44:55.0514 4508 C:\Windows\System32\drivers\srv2.sys - ok
15:44:55.0514 4508 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
15:44:55.0514 4508 C:\Windows\System32\iphlpsvc.dll - ok
15:44:55.0514 4508 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
15:44:55.0514 4508 C:\Windows\System32\wscsvc.dll - ok
15:44:55.0514 4508 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
15:44:55.0514 4508 C:\Windows\System32\dbghelp.dll - ok
15:44:55.0514 4508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
15:44:55.0514 4508 C:\Windows\System32\drivers\srv.sys - ok
15:44:55.0514 4508 [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files (x86)\Spybot\SDWinSec.exe
15:44:55.0514 4508 C:\Program Files (x86)\Spybot\SDWinSec.exe - ok
15:44:55.0514 4508 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
15:44:55.0514 4508 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
15:44:55.0530 4508 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
15:44:55.0530 4508 C:\Windows\SysWOW64\clbcatq.dll - ok
15:44:55.0530 4508 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
15:44:55.0530 4508 C:\Windows\SysWOW64\wscproxystub.dll - ok
15:44:55.0530 4508 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
15:44:55.0530 4508 C:\Windows\SysWOW64\msimg32.dll - ok
15:44:55.0530 4508 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
15:44:55.0530 4508 C:\Windows\SysWOW64\wer.dll - ok
15:44:55.0530 4508 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
15:44:55.0530 4508 C:\Windows\SysWOW64\Faultrep.dll - ok
15:44:55.0530 4508 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
15:44:55.0530 4508 C:\Windows\SysWOW64\propsys.dll - ok
15:44:55.0530 4508 [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files (x86)\Spybot\SDMain.exe
15:44:55.0530 4508 C:\Program Files (x86)\Spybot\SDMain.exe - ok
15:44:55.0545 4508 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
15:44:55.0545 4508 C:\Windows\SysWOW64\sxs.dll - ok
15:44:55.0545 4508 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
15:44:55.0545 4508 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
15:44:55.0545 4508 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
15:44:55.0545 4508 C:\Windows\SysWOW64\wbemcomn.dll - ok
15:44:55.0545 4508 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
15:44:55.0545 4508 C:\Windows\System32\sqmapi.dll - ok
15:44:55.0545 4508 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
15:44:55.0545 4508 C:\Windows\System32\PeerDistSh.dll - ok
15:44:55.0545 4508 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
15:44:55.0545 4508 C:\Windows\System32\provsvc.dll - ok
15:44:55.0545 4508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
15:44:55.0545 4508 C:\Windows\System32\sstpsvc.dll - ok
15:44:55.0561 4508 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
15:44:55.0561 4508 C:\Windows\System32\httpapi.dll - ok
15:44:55.0561 4508 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
15:44:55.0561 4508 C:\Windows\System32\msxml6.dll - ok
15:44:55.0561 4508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
15:44:55.0561 4508 C:\Windows\System32\browser.dll - ok
15:44:55.0561 4508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
15:44:55.0561 4508 C:\Windows\System32\srvsvc.dll - ok
15:44:55.0561 4508 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
15:44:55.0561 4508 C:\Windows\System32\wdscore.dll - ok
15:44:55.0561 4508 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
15:44:55.0561 4508 C:\Windows\System32\netmsg.dll - ok
15:44:55.0561 4508 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
15:44:55.0561 4508 C:\Windows\System32\netcfgx.dll - ok
15:44:55.0577 4508 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
15:44:55.0577 4508 C:\Windows\System32\hnetcfg.dll - ok
15:44:55.0577 4508 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
15:44:55.0577 4508 C:\Windows\System32\nci.dll - ok
15:44:55.0577 4508 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
15:44:55.0577 4508 C:\Windows\System32\sscore.dll - ok
15:44:55.0577 4508 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
15:44:55.0577 4508 C:\Program Files\Bonjour\mdnsNSP.dll - ok
15:44:55.0577 4508 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
15:44:55.0577 4508 C:\Windows\System32\clusapi.dll - ok
15:44:55.0577 4508 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
15:44:55.0577 4508 C:\Windows\System32\resutils.dll - ok
15:44:55.0592 4508 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
15:44:55.0592 4508 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
15:44:55.0592 4508 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
15:44:55.0592 4508 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
15:44:55.0592 4508 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
15:44:55.0592 4508 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
15:44:55.0592 4508 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
15:44:55.0592 4508 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
15:44:55.0592 4508 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
15:44:55.0592 4508 C:\Windows\SysWOW64\ntdsapi.dll - ok
15:44:55.0592 4508 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
15:44:55.0592 4508 C:\Windows\System32\rasadhlp.dll - ok
15:44:55.0592 4508 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
15:44:55.0592 4508 C:\Windows\System32\ndiscapCfg.dll - ok
15:44:55.0608 4508 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
15:44:55.0608 4508 C:\Windows\System32\rascfg.dll - ok
15:44:55.0608 4508 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
15:44:55.0608 4508 C:\Windows\System32\mprapi.dll - ok
15:44:55.0608 4508 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
15:44:55.0608 4508 C:\Windows\System32\mprmsg.dll - ok
15:44:55.0608 4508 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
15:44:55.0608 4508 C:\Windows\System32\tcpipcfg.dll - ok
15:44:55.0608 4508 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:44:55.0608 4508 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:44:55.0608 4508 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
15:44:55.0608 4508 C:\Windows\System32\ncobjapi.dll - ok
15:44:55.0608 4508 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
15:44:55.0608 4508 C:\Windows\System32\wbem\wbemess.dll - ok
15:44:55.0624 4508 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
15:44:55.0624 4508 C:\Windows\System32\dimsjob.dll - ok
15:44:55.0624 4508 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
15:44:55.0624 4508 C:\Windows\System32\p2pcollab.dll - ok
15:44:55.0624 4508 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
15:44:55.0624 4508 C:\Windows\System32\QAGENTRT.DLL - ok
15:44:55.0624 4508 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
15:44:55.0624 4508 C:\Windows\System32\fveui.dll - ok
15:44:55.0624 4508 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
15:44:55.0624 4508 C:\Windows\System32\perftrack.dll - ok
15:44:55.0624 4508 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
15:44:55.0624 4508 C:\Windows\System32\wdi.dll - ok
15:44:55.0624 4508 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
15:44:55.0624 4508 C:\Windows\System32\wer.dll - ok
15:44:55.0639 4508 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
15:44:55.0639 4508 C:\Windows\System32\diagperf.dll - ok
15:44:55.0639 4508 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
15:44:55.0639 4508 C:\Windows\System32\appinfo.dll - ok
15:44:55.0639 4508 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
15:44:55.0639 4508 C:\Windows\System32\wuapi.dll - ok
15:44:55.0639 4508 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
15:44:55.0639 4508 C:\Windows\System32\cabinet.dll - ok
15:44:55.0639 4508 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
15:44:55.0639 4508 C:\Windows\System32\wbem\NCProv.dll - ok
15:44:55.0639 4508 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
15:44:55.0639 4508 C:\Windows\System32\wups.dll - ok
15:44:55.0639 4508 [ 8CF4B0337B06CCC624C20EE4C934767E ] C:\Windows\System32\lpksetupproxyserv.dll
15:44:55.0639 4508 C:\Windows\System32\lpksetupproxyserv.dll - ok
15:44:55.0655 4508 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
15:44:55.0655 4508 C:\Windows\System32\runonce.exe - ok
15:44:55.0655 4508 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
15:44:55.0655 4508 C:\Windows\System32\hidserv.dll - ok
15:44:55.0655 4508 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
15:44:55.0655 4508 C:\Windows\System32\wpdbusenum.dll - ok
15:44:55.0655 4508 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
15:44:55.0655 4508 C:\Windows\System32\PortableDeviceApi.dll - ok
15:44:55.0655 4508 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:44:55.0655 4508 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:44:55.0655 4508 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
15:44:55.0655 4508 C:\Windows\System32\npmproxy.dll - ok
15:44:55.0655 4508 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
15:44:55.0655 4508 C:\Windows\System32\Apphlpdm.dll - ok
15:44:55.0670 4508 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
15:44:55.0670 4508 C:\Windows\System32\pnpts.dll - ok
15:44:55.0670 4508 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
15:44:55.0670 4508 C:\Windows\System32\radardt.dll - ok
15:44:55.0670 4508 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
15:44:55.0670 4508 C:\Windows\System32\wdiasqmmodule.dll - ok
15:44:55.0670 4508 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
15:44:55.0670 4508 C:\Windows\SysWOW64\runonce.exe - ok
15:44:55.0670 4508 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
15:44:55.0670 4508 C:\Windows\SysWOW64\uxtheme.dll - ok
15:44:55.0670 4508 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
15:44:55.0670 4508 C:\Windows\SysWOW64\apphelp.dll - ok
15:44:55.0670 4508 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
15:44:55.0670 4508 C:\Windows\SysWOW64\cmd.exe - ok
15:44:55.0686 4508 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
15:44:55.0686 4508 C:\Windows\servicing\TrustedInstaller.exe - ok
15:44:55.0686 4508 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
15:44:55.0686 4508 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
15:44:55.0686 4508 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
15:44:55.0686 4508 C:\Windows\System32\NapiNSP.dll - ok
15:44:55.0686 4508 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
15:44:55.0686 4508 C:\Windows\System32\pnrpnsp.dll - ok
15:44:55.0686 4508 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
15:44:55.0686 4508 C:\Windows\System32\winrnr.dll - ok
15:44:55.0686 4508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
15:44:55.0686 4508 C:\Windows\System32\aelupsvc.dll - ok
15:44:55.0686 4508 [ 25B50D384D3B6EBC782DC544502AB373 ] C:\Windows\System32\jscript.dll
15:44:55.0686 4508 C:\Windows\System32\jscript.dll - ok
15:44:55.0702 4508 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
15:44:55.0702 4508 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
15:44:55.0702 4508 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
15:44:55.0702 4508 C:\Windows\System32\conhost.exe - ok
15:44:55.0702 4508 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
15:44:55.0702 4508 C:\Windows\SysWOW64\winbrand.dll - ok
15:44:55.0702 4508 [ 9CA7760800FF97448511618EAFDF2B36 ] C:\Windows\SysWOW64\ieframe.dll
15:44:55.0702 4508 C:\Windows\SysWOW64\ieframe.dll - ok
15:44:55.0702 4508 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
15:44:55.0702 4508 C:\Windows\SysWOW64\shdocvw.dll - ok
15:44:55.0702 4508 [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\Users\Umberto\AppData\Local\Temp\9ABAD191-0053-425C-AF1F-EA47684591F9.exe
15:44:55.0702 4508 C:\Users\Umberto\AppData\Local\Temp\9ABAD191-0053-425C-AF1F-EA47684591F9.exe - ok
15:44:55.0702 4508 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
15:44:55.0702 4508 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
15:44:55.0717 4508 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
15:44:55.0717 4508 C:\Windows\System32\srclient.dll - ok
15:44:55.0717 4508 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
15:44:55.0717 4508 C:\Windows\System32\spp.dll - ok
15:44:55.0717 4508 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
15:44:55.0717 4508 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
15:44:55.0717 4508 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
15:44:55.0717 4508 C:\Windows\System32\SensApi.dll - ok
15:44:55.0717 4508 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
15:44:55.0717 4508 C:\Windows\System32\sxsstore.dll - ok
15:44:55.0717 4508 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
15:44:55.0717 4508 C:\Windows\servicing\CbsApi.dll - ok
15:44:55.0733 4508 [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
15:44:55.0733 4508 C:\Windows\System32\HelpPaneProxy.dll - ok
15:44:55.0733 4508 [ AC673018A17C72221BCE15F2E75F7392 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
15:44:55.0733 4508 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
15:44:55.0733 4508 [ FB0C84565474C1A39E3CCCCA9ACD634B ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
15:44:55.0733 4508 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
15:44:55.0733 4508 [ 18A2B81F39EA0720478C7DAD3A98B3D9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
15:44:55.0733 4508 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
15:44:55.0733 4508 [ 4B647E5D4F27D7288BE3CBD26ECF990A ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
15:44:55.0733 4508 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
15:44:55.0733 4508 [ 836F670266DFB1B2BD531A059B358D25 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
15:44:55.0733 4508 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
15:44:55.0733 4508 [ B47BC7138241E1B836384D5211AE34C8 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
15:44:55.0733 4508 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
15:44:55.0749 4508 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
15:44:55.0749 4508 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
15:44:55.0749 4508 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
15:44:55.0749 4508 C:\Windows\SysWOW64\comdlg32.dll - ok
15:44:55.0749 4508 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
15:44:55.0749 4508 C:\Windows\SysWOW64\oledlg.dll - ok
15:44:55.0749 4508 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
15:44:55.0749 4508 C:\Windows\SysWOW64\winhttp.dll - ok
15:44:55.0749 4508 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
15:44:55.0749 4508 C:\Windows\AppPatch\AcGenral.dll - ok
15:44:55.0749 4508 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
15:44:55.0749 4508 C:\Windows\SysWOW64\webio.dll - ok
15:44:55.0749 4508 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
15:44:55.0749 4508 C:\Windows\SysWOW64\dwmapi.dll - ok
15:44:55.0764 4508 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
15:44:55.0764 4508 C:\Windows\SysWOW64\mpr.dll - ok
15:44:55.0764 4508 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
15:44:55.0764 4508 C:\Windows\SysWOW64\msacm32.dll - ok
15:44:55.0764 4508 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
15:44:55.0764 4508 C:\Windows\SysWOW64\samcli.dll - ok
15:44:55.0764 4508 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
15:44:55.0764 4508 C:\Windows\SysWOW64\sfc.dll - ok
15:44:55.0764 4508 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
15:44:55.0764 4508 C:\Windows\SysWOW64\sfc_os.dll - ok
15:44:55.0764 4508 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
15:44:55.0764 4508 C:\Windows\SysWOW64\imagehlp.dll - ok
15:44:55.0764 4508 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
15:44:55.0764 4508 C:\Windows\SysWOW64\ncrypt.dll - ok
15:44:55.0780 4508 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
15:44:55.0780 4508 C:\Windows\SysWOW64\bcrypt.dll - ok
15:44:55.0780 4508 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
15:44:55.0780 4508 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
15:44:55.0780 4508 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
15:44:55.0780 4508 C:\Windows\SysWOW64\gpapi.dll - ok
15:44:55.0780 4508 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
15:44:55.0780 4508 C:\Windows\SysWOW64\cryptnet.dll - ok
15:44:55.0780 4508 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
15:44:55.0780 4508 C:\Windows\SysWOW64\SensApi.dll - ok
15:44:55.0780 4508 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
15:44:55.0780 4508 C:\Windows\SysWOW64\credssp.dll - ok
15:44:55.0780 4508 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
15:44:55.0780 4508 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
15:44:55.0795 4508 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
15:44:55.0795 4508 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
15:44:55.0795 4508 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
15:44:55.0795 4508 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
15:44:55.0795 4508 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
15:44:55.0795 4508 C:\Windows\SysWOW64\EhStorShell.dll - ok
15:44:55.0795 4508 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
15:44:55.0795 4508 C:\Windows\SysWOW64\ntshrui.dll - ok
15:44:55.0795 4508 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
15:44:55.0795 4508 C:\Windows\SysWOW64\imageres.dll - ok
15:44:55.0795 4508 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
15:44:55.0795 4508 C:\Windows\SysWOW64\slc.dll - ok
15:44:55.0795 4508 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
15:44:55.0795 4508 C:\Windows\System32\esent.dll - ok
15:44:55.0811 4508 [ 9677563A516ECB35DEEA367D5948D6F2 ] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
15:44:55.0811 4508 C:\Program Files\Logitech\FlowScroll\KhalScroll.exe - ok
15:44:55.0811 4508 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
15:44:55.0811 4508 C:\Windows\System32\umb.dll - ok
15:44:55.0811 4508 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
15:44:55.0811 4508 C:\Windows\System32\localspl.dll - ok
15:44:55.0811 4508 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
15:44:55.0811 4508 C:\Windows\System32\PrintIsolationProxy.dll - ok
15:44:55.0811 4508 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
15:44:55.0811 4508 C:\Windows\System32\spoolss.dll - ok
15:44:55.0811 4508 [ 3353B667E1EF7898B1B936EE631D9FE0 ] C:\Windows\System32\CNMLMA2.DLL
15:44:55.0811 4508 C:\Windows\System32\CNMLMA2.DLL - ok
15:44:55.0811 4508 [ 4DB7376155E964D49AE8296FA36F2290 ] C:\Windows\System32\CNMN6PPM.DLL
15:44:55.0811 4508 C:\Windows\System32\CNMN6PPM.DLL - ok
15:44:55.0827 4508 [ E2B08D19F5F3BDD73A6F046E2B371A41 ] C:\Windows\System32\HPZLLWN7.DLL
15:44:55.0827 4508 C:\Windows\System32\HPZLLWN7.DLL - ok
15:44:55.0827 4508 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
15:44:55.0827 4508 C:\Windows\System32\FXSMON.dll - ok
15:44:55.0827 4508 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
15:44:55.0827 4508 C:\Windows\System32\snmpapi.dll - ok
15:44:55.0827 4508 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
15:44:55.0827 4508 C:\Windows\System32\tcpmon.dll - ok
15:44:55.0827 4508 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
15:44:55.0827 4508 C:\Windows\System32\wsnmp32.dll - ok
15:44:55.0827 4508 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
15:44:55.0827 4508 C:\Windows\System32\usbmon.dll - ok
15:44:55.0827 4508 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
15:44:55.0827 4508 C:\Windows\System32\WSDMon.dll - ok
15:44:55.0842 4508 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
15:44:55.0842 4508 C:\Windows\System32\fdPnp.dll - ok
15:44:55.0842 4508 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
15:44:55.0842 4508 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
15:44:55.0842 4508 [ 345709E87E47A9F028E8973AEC9D3BC2 ] C:\Windows\System32\spool\prtprocs\x64\CNMPDA2.DLL
15:44:55.0842 4508 C:\Windows\System32\spool\prtprocs\x64\CNMPDA2.DLL - ok
15:44:55.0842 4508 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
15:44:55.0842 4508 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
15:44:55.0842 4508 [ 2AC11BE0F5D9A01433732AAB8BA21774 ] C:\Windows\System32\win32spl.dll
15:44:55.0842 4508 C:\Windows\System32\win32spl.dll - ok
15:44:55.0842 4508 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
15:44:55.0842 4508 C:\Windows\System32\inetpp.dll - ok
15:44:55.0858 4508 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
15:44:55.0858 4508 C:\Windows\System32\qmgr.dll - ok
15:44:55.0858 4508 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
15:44:55.0858 4508 C:\Windows\System32\bitsperf.dll - ok
15:44:55.0858 4508 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
15:44:55.0858 4508 C:\Windows\System32\bitsigd.dll - ok
15:44:55.0858 4508 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
15:44:55.0858 4508 C:\Windows\System32\upnp.dll - ok
15:44:55.0858 4508 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
15:44:55.0858 4508 C:\Windows\System32\FntCache.dll - ok
15:44:55.0858 4508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
15:44:55.0858 4508 C:\Windows\System32\ssdpsrv.dll - ok
15:44:55.0858 4508 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
15:44:55.0858 4508 C:\Windows\System32\sppsvc.exe - ok
15:44:55.0874 4508 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
15:44:55.0874 4508 C:\Windows\System32\drivers\spsys.sys - ok
15:44:55.0874 4508 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
15:44:55.0874 4508 C:\Windows\System32\sppwinob.dll - ok
15:44:55.0874 4508 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
15:44:55.0874 4508 C:\Program Files\Windows Defender\MpClient.dll - ok
15:44:55.0874 4508 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
15:44:55.0874 4508 C:\Program Files\Windows Defender\MpSvc.dll - ok
15:44:55.0874 4508 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:44:55.0874 4508 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:44:55.0874 4508 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
15:44:55.0874 4508 C:\Windows\System32\wsock32.dll - ok
15:44:55.0874 4508 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
15:44:55.0874 4508 C:\Windows\System32\wmdrmdev.dll - ok
15:44:55.0874 4508 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
15:44:55.0874 4508 C:\Windows\System32\drmv2clt.dll - ok
15:44:55.0889 4508 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
15:44:55.0889 4508 C:\Windows\System32\mfplat.dll - ok
15:44:55.0889 4508 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
15:44:55.0889 4508 C:\Windows\System32\SearchIndexer.exe - ok
15:44:55.0889 4508 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
15:44:55.0889 4508 C:\Windows\System32\blackbox.dll - ok
15:44:55.0889 4508 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
15:44:55.0889 4508 C:\Windows\System32\tquery.dll - ok
15:44:55.0889 4508 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
15:44:55.0889 4508 C:\Windows\System32\mssrch.dll - ok
15:44:55.0889 4508 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
15:44:55.0889 4508 C:\Windows\System32\wmp.dll - ok
15:44:55.0889 4508 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
15:44:55.0889 4508 C:\Windows\System32\msidle.dll - ok
15:44:55.0905 4508 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
15:44:55.0905 4508 C:\Windows\System32\wmploc.DLL - ok
15:44:55.0905 4508 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
15:44:55.0905 4508 C:\Program Files\Windows Defender\MpRTP.dll - ok
15:44:55.0905 4508 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
15:44:55.0905 4508 C:\Windows\System32\sppobjs.dll - ok
15:44:55.0905 4508 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
15:44:55.0905 4508 C:\Windows\System32\tdh.dll - ok
15:44:55.0905 4508 [ 76A54430EB19471CCB4662BF3888A409 ] C:\Program Files\Internet Explorer\ieproxy.dll
15:44:55.0905 4508 C:\Program Files\Internet Explorer\ieproxy.dll - ok
15:44:55.0905 4508 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
15:44:55.0905 4508 C:\Windows\System32\wmpps.dll - ok
15:44:55.0905 4508 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
15:44:55.0905 4508 C:\Windows\System32\wmpmde.dll - ok
15:44:55.0920 4508 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
15:44:55.0920 4508 C:\Windows\System32\WinSATAPI.dll - ok
15:44:55.0920 4508 [ C99C6E70B3625D0E5600B361007B6CA1 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
15:44:55.0920 4508 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
15:44:55.0920 4508 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
15:44:55.0920 4508 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
15:44:55.0920 4508 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
15:44:55.0920 4508 C:\Windows\System32\MSMPEG2ENC.DLL - ok
15:44:55.0920 4508 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
15:44:55.0920 4508 C:\Windows\System32\devenum.dll - ok
15:44:55.0920 4508 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
15:44:55.0920 4508 C:\Windows\System32\msdmo.dll - ok
15:44:55.0936 4508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
15:44:55.0936 4508 C:\Windows\System32\upnphost.dll - ok
15:44:55.0936 4508 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
15:44:55.0936 4508 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
15:44:55.0936 4508 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
15:44:55.0936 4508 C:\Windows\System32\wbem\wmiprov.dll - ok
15:44:55.0936 4508 [ 78555E35CD15785B9EE62B8C8167A861 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22078A45-C997-4A20-A41F-C6024E323EFF}\mpengine.dll
15:44:55.0936 4508 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22078A45-C997-4A20-A41F-C6024E323EFF}\mpengine.dll - ok
15:44:55.0936 4508 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
15:44:55.0936 4508 C:\Windows\System32\msxml3.dll - ok
15:44:55.0936 4508 [ 8BE5B9C034415C5E4232F109E514A49A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22078A45-C997-4A20-A41F-C6024E323EFF}\mpasbase.vdm
15:44:55.0936 4508 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22078A45-C997-4A20-A41F-C6024E323EFF}\mpasbase.vdm - ok
15:44:55.0936 4508 [ C0EC78DA98539E17EE8335C5DAF3E39C ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22078A45-C997-4A20-A41F-C6024E323EFF}\mpasdlta.vdm
15:44:55.0936 4508 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22078A45-C997-4A20-A41F-C6024E323EFF}\mpasdlta.vdm - ok
15:44:55.0952 4508 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
15:44:55.0952 4508 C:\Windows\System32\en-US\tquery.dll.mui - ok
15:44:55.0952 4508 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
15:44:55.0952 4508 C:\Windows\System32\udhisapi.dll - ok
15:44:55.0952 4508 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
15:44:55.0952 4508 C:\Windows\System32\linkinfo.dll - ok
15:44:55.0952 4508 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
15:44:55.0952 4508 C:\Windows\System32\networkexplorer.dll - ok
15:44:55.0952 4508 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
15:44:55.0952 4508 C:\Windows\System32\drprov.dll - ok
15:44:55.0952 4508 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
15:44:55.0952 4508 C:\Windows\System32\ntlanman.dll - ok
15:44:55.0952 4508 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
15:44:55.0952 4508 C:\Windows\System32\davclnt.dll - ok
15:44:55.0967 4508 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
15:44:55.0967 4508 C:\Windows\System32\davhlpr.dll - ok
15:44:55.0967 4508 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
15:44:55.0967 4508 C:\Program Files\Windows Defender\MsMpLics.dll - ok
15:44:55.0967 4508 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
15:44:55.0967 4508 C:\Windows\System32\wscapi.dll - ok
15:44:55.0967 4508 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
15:44:55.0967 4508 C:\Windows\System32\wscisvif.dll - ok
15:44:55.0967 4508 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
15:44:55.0967 4508 C:\Windows\System32\wscproxystub.dll - ok
15:44:55.0967 4508 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
15:44:55.0967 4508 C:\Windows\System32\SearchProtocolHost.exe - ok
15:44:55.0967 4508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
15:44:55.0967 4508 C:\Windows\System32\wuaueng.dll - ok
15:44:55.0983 4508 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
15:44:55.0983 4508 C:\Windows\System32\msshooks.dll - ok
15:44:55.0983 4508 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
15:44:55.0983 4508 C:\Windows\System32\SearchFilterHost.exe - ok
15:44:55.0983 4508 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
15:44:55.0983 4508 C:\Windows\System32\mscoree.dll - ok
15:44:55.0983 4508 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
15:44:55.0983 4508 C:\Windows\System32\mssprxy.dll - ok
15:44:55.0983 4508 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
15:44:55.0983 4508 C:\Windows\System32\mssph.dll - ok
15:44:55.0983 4508 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
15:44:55.0983 4508 C:\Windows\System32\mapi32.dll - ok
15:44:55.0983 4508 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
15:44:55.0983 4508 C:\Windows\System32\mspatcha.dll - ok
15:44:55.0999 4508 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
15:44:55.0999 4508 C:\Windows\System32\NaturalLanguage6.dll - ok
15:44:55.0999 4508 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
15:44:55.0999 4508 C:\Windows\System32\NlsData0009.dll - ok
15:44:55.0999 4508 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
15:44:55.0999 4508 C:\Windows\System32\NlsLexicons0009.dll - ok
15:44:55.0999 4508 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
15:44:55.0999 4508 C:\Windows\System32\ELSCore.dll - ok
15:44:55.0999 4508 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
15:44:55.0999 4508 C:\Windows\System32\elsTrans.dll - ok
15:44:55.0999 4508 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
15:44:55.0999 4508 C:\Windows\System32\elslad.dll - ok
15:44:55.0999 4508 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
15:44:55.0999 4508 C:\Windows\System32\NlsData0000.dll - ok
15:44:56.0014 4508 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
15:44:56.0014 4508 C:\Windows\System32\wups2.dll - ok
15:44:56.0014 4508 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
15:44:56.0014 4508 C:\Windows\System32\Query.dll - ok
15:44:56.0014 4508 [ A42FBC61385A5F5F444209EE94D89F27 ] C:\Windows\System32\NlsData0021.dll
15:44:56.0014 4508 C:\Windows\System32\NlsData0021.dll - ok
15:44:56.0014 4508 [ E5283AFD7590ECC37F8D62C4D6F1FB48 ] C:\Windows\System32\NlsLexicons0021.dll
15:44:56.0014 4508 C:\Windows\System32\NlsLexicons0021.dll - ok
15:44:56.0014 4508 [ 28943370E3AF1D34D77D22911F891213 ] C:\Windows\System32\NlsData0003.dll
15:44:56.0014 4508 C:\Windows\System32\NlsData0003.dll - ok
15:44:56.0014 4508 [ 4F0429B763D05E721C0DD50693B7EFBE ] C:\Windows\System32\NlsLexicons0003.dll
15:44:56.0014 4508 C:\Windows\System32\NlsLexicons0003.dll - ok
15:44:56.0030 4508 [ 164647BBD819458CE5AA8A8C097B83AC ] C:\Windows\System32\NlsData0007.dll
15:44:56.0030 4508 C:\Windows\System32\NlsData0007.dll - ok
15:44:56.0030 4508 [ 37A2FBCBD0AF846BEF609CBEB61EEA68 ] C:\Windows\System32\NlsLexicons0007.dll
15:44:56.0030 4508 C:\Windows\System32\NlsLexicons0007.dll - ok
15:44:56.0030 4508 [ 0C11E5C76C48B4AD33B91F6FEEAFF51F ] C:\Windows\System32\chtbrkr.dll
15:44:56.0030 4508 C:\Windows\System32\chtbrkr.dll - ok
15:44:56.0030 4508 [ 97BCD420B06B28B1B99CF14FD705FC74 ] C:\Windows\System32\NlsData0011.dll
15:44:56.0030 4508 C:\Windows\System32\NlsData0011.dll - ok
15:44:56.0030 4508 [ F95BEF6D4AFB35CACB8DAF5FF1DF8769 ] C:\Windows\System32\NlsLexicons0011.dll
15:44:56.0030 4508 C:\Windows\System32\NlsLexicons0011.dll - ok
15:44:56.0030 4508 [ 6D6E4767F73E9F489F4D643A95C1D5D8 ] C:\Windows\System32\NlsModels0011.dll
15:44:56.0030 4508 C:\Windows\System32\NlsModels0011.dll - ok
15:44:56.0030 4508 [ 5B5EEF93F8136A8DA20D71731F6518EE ] C:\Windows\System32\korwbrkr.dll
15:44:56.0030 4508 C:\Windows\System32\korwbrkr.dll - ok
15:44:56.0045 4508 [ A39138C1FEF0D5C401BF7FE8488A1F0F ] C:\Windows\System32\chsbrkr.dll
15:44:56.0045 4508 C:\Windows\System32\chsbrkr.dll - ok
15:44:56.0045 4508 [ A094DF70FC58677D79B1E8F045AC2883 ] C:\Windows\System32\NlsData0416.dll
15:44:56.0045 4508 C:\Windows\System32\NlsData0416.dll - ok
15:44:56.0045 4508 [ 371821A1C47A2B80275A23483FA36BB2 ] C:\Windows\System32\NlsLexicons0416.dll
15:44:56.0045 4508 C:\Windows\System32\NlsLexicons0416.dll - ok
15:44:56.0045 4508 [ A9263F43A5F55F8920DEFA5DB13915D3 ] C:\Windows\System32\NlsData001a.dll
15:44:56.0045 4508 C:\Windows\System32\NlsData001a.dll - ok
15:44:56.0045 4508 [ 916A505D363C3864B5B1CF52A43276A2 ] C:\Windows\System32\NlsLexicons001a.dll
15:44:56.0045 4508 C:\Windows\System32\NlsLexicons001a.dll - ok
15:44:56.0045 4508 [ 061A78FEFA0457FD64F62DF791939466 ] C:\Windows\System32\NlsData000a.dll
15:44:56.0045 4508 C:\Windows\System32\NlsData000a.dll - ok
15:44:56.0045 4508 [ CDDF26D22DF0C095BC3DF44BBCDC426C ] C:\Windows\System32\NlsLexicons000a.dll
15:44:56.0045 4508 C:\Windows\System32\NlsLexicons000a.dll - ok
15:44:56.0061 4508 [ 51272A935F4F482A70F2A7D1C3A67AEE ] C:\Windows\System32\NlsData000c.dll
15:44:56.0061 4508 C:\Windows\System32\NlsData000c.dll - ok
15:44:56.0061 4508 [ C2142407A2BE3462247500849B3FF8C7 ] C:\Windows\System32\NlsLexicons000c.dll
15:44:56.0061 4508 C:\Windows\System32\NlsLexicons000c.dll - ok
15:44:56.0061 4508 [ 3E876771ACA0358E6CC5D0D813A4085D ] C:\Windows\System32\NlsData0026.dll
15:44:56.0061 4508 C:\Windows\System32\NlsData0026.dll - ok
15:44:56.0061 4508 [ 925E7FF3C0A2C6BD98892E968F6CB142 ] C:\Windows\System32\NlsLexicons0026.dll
15:44:56.0061 4508 C:\Windows\System32\NlsLexicons0026.dll - ok
15:44:56.0061 4508 [ 2B0605ABC47532155FFBFDC1693317D8 ] C:\Windows\System32\NlsData0010.dll
15:44:56.0061 4508 C:\Windows\System32\NlsData0010.dll - ok
15:44:56.0061 4508 [ 362ACF8F7476637A5F76BE5953F4F258 ] C:\Windows\System32\NlsLexicons0010.dll
15:44:56.0061 4508 C:\Windows\System32\NlsLexicons0010.dll - ok
15:44:56.0061 4508 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
15:44:56.0061 4508 C:\Windows\System32\PhotoMetadataHandler.dll - ok
15:44:56.0077 4508 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
15:44:56.0077 4508 C:\Windows\System32\mf.dll - ok
15:44:56.0077 4508 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
15:44:56.0077 4508 C:\Windows\System32\ksuser.dll - ok
15:44:56.0077 4508 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
15:44:56.0077 4508 C:\Windows\System32\mlang.dll - ok
15:44:56.0077 4508 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
15:44:56.0077 4508 C:\Windows\System32\dssenh.dll - ok
15:44:56.0077 4508 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
15:44:56.0077 4508 C:\Windows\System32\wbem\cimwin32.dll - ok
15:44:56.0077 4508 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
15:44:56.0077 4508 C:\Windows\System32\framedynos.dll - ok
15:44:56.0077 4508 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
15:44:56.0077 4508 C:\Windows\System32\security.dll - ok
15:44:56.0092 4508 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
15:44:56.0092 4508 C:\Windows\System32\browcli.dll - ok
15:44:56.0092 4508 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
15:44:56.0092 4508 C:\Windows\System32\schedcli.dll - ok
15:44:56.0092 4508 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
15:44:56.0092 4508 C:\Windows\System32\wbem\wmipcima.dll - ok
15:44:56.0092 4508 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
15:44:56.0092 4508 C:\Windows\System32\wmi.dll - ok
15:44:56.0092 4508 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
15:44:56.0092 4508 C:\Windows\System32\wbem\WMIADAP.exe - ok
15:44:56.0092 4508 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
15:44:56.0092 4508 C:\Windows\System32\loadperf.dll - ok
15:44:56.0108 4508 [ 76B153B2E0B248461BC0BA6CF0D3D337 ] C:\Windows\System32\NlsData002a.dll
15:44:56.0108 4508 C:\Windows\System32\NlsData002a.dll - ok
15:44:56.0108 4508 [ 5C1ADBE943202ACFEF37F9283C1C2295 ] C:\Windows\System32\NlsLexicons002a.dll
15:44:56.0108 4508 C:\Windows\System32\NlsLexicons002a.dll - ok
15:44:56.0108 4508 [ 3211DAAA9D7D6D723EC5ADC07E739DB8 ] C:\Windows\System32\NlsData001d.dll
15:44:56.0108 4508 C:\Windows\System32\NlsData001d.dll - ok
15:44:56.0108 4508 [ 8CF3DE426173F4C820C9AF0932E6CF58 ] C:\Windows\System32\NlsLexicons001d.dll
15:44:56.0108 4508 C:\Windows\System32\NlsLexicons001d.dll - ok
15:44:56.0108 4508 [ 9BDB62D5C4B3AE8807CB61F7503784E7 ] C:\Windows\System32\NlsData0018.dll
15:44:56.0108 4508 C:\Windows\System32\NlsData0018.dll - ok
15:44:56.0108 4508 [ 3A84190D1D472A3BB9CC4AF141326F13 ] C:\Windows\System32\NlsLexicons0018.dll
15:44:56.0108 4508 C:\Windows\System32\NlsLexicons0018.dll - ok
15:44:56.0108 4508 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
15:44:56.0108 4508 C:\Windows\SysWOW64\devrtl.dll - ok
15:44:56.0124 4508 [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll
15:44:56.0124 4508 C:\Windows\System32\iedkcs32.dll - ok
15:44:56.0124 4508 [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe
15:44:56.0124 4508 C:\Windows\System32\ie4uinit.exe - ok
15:44:56.0124 4508 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
15:44:56.0124 4508 C:\Windows\System32\timedate.cpl - ok
15:44:56.0124 4508 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
15:44:56.0124 4508 C:\Windows\System32\actxprxy.dll - ok
15:44:56.0124 4508 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
15:44:56.0124 4508 C:\Windows\System32\shdocvw.dll - ok
15:44:56.0124 4508 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
15:44:56.0124 4508 C:\Windows\System32\msiltcfg.dll - ok
15:44:56.0124 4508 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
15:44:56.0124 4508 C:\Windows\System32\gameux.dll - ok
15:44:56.0139 4508 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
15:44:56.0139 4508 C:\Windows\System32\msftedit.dll - ok
15:44:56.0140 4508 [ 7CB3ACB163DE051169095DC6507B8977 ] C:\Windows\System32\msls31.dll
15:44:56.0140 4508 C:\Windows\System32\msls31.dll - ok
15:44:56.0140 4508 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
15:44:56.0140 4508 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
15:44:56.0140 4508 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
15:44:56.0140 4508 C:\Windows\System32\DeviceCenter.dll - ok
15:44:56.0140 4508 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
15:44:56.0140 4508 C:\Windows\System32\netshell.dll - ok
15:44:56.0140 4508 [ 393F021E2A9FA19AC94BA4482E32FC6C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
15:44:56.0140 4508 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
15:44:56.0140 4508 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
15:44:56.0140 4508 C:\Windows\SysWOW64\taskschd.dll - ok
15:44:56.0156 4508 [ DF72D700CC33611206675B8A2FD4D4F9 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
15:44:56.0156 4508 C:\Program Files\Logitech\SetPointP\SetPoint.exe - ok
15:44:56.0156 4508 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\95969321.sys
15:44:56.0156 4508 C:\Windows\System32\drivers\95969321.sys - ok
15:44:56.0156 4508 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Umberto\AppData\Local\Google\Update\GoogleUpdate.exe
15:44:56.0156 4508 C:\Users\Umberto\AppData\Local\Google\Update\GoogleUpdate.exe - ok
15:44:56.0156 4508 [ 57EC4DEFC79641D067262F8ECB5C31CD ] C:\Program Files\Logitech\FlowScroll\KHALSmooth.dll
15:44:56.0156 4508 C:\Program Files\Logitech\FlowScroll\KHALSmooth.dll - ok
15:44:56.0156 4508 [ 9D23E61698E33BC4BA1E5B87F3A51410 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
15:44:56.0156 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe - ok
15:44:56.0156 4508 [ 18921ED36B7AB65916C075E234E81930 ] C:\Program Files\Logitech\SetPointP\khalwrapper.dll
15:44:56.0156 4508 C:\Program Files\Logitech\SetPointP\khalwrapper.dll - ok
15:44:56.0156 4508 [ E0E15F209360E4A97ABCC21A486B4AEE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
15:44:56.0156 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe - ok
15:44:56.0171 4508 [ BE165318E0052A91F7EA36F515B5F2B1 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
15:44:56.0171 4508 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
15:44:56.0171 4508 [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
15:44:56.0171 4508 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
15:44:56.0171 4508 [ 69E08A4C8A2A093D71A6FBB7F159D85C ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams_main.dll
15:44:56.0171 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams_main.dll - ok
15:44:56.0171 4508 [ 70E3F0F595B9E3D55D125B1A9D0BD73D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
15:44:56.0171 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe - ok
15:44:56.0171 4508 [ 52425F4F67DE0E8E7149EBC337D1A60A ] C:\Program Files\Logitech\SetPointP\KemUtil.dll
15:44:56.0171 4508 C:\Program Files\Logitech\SetPointP\KemUtil.dll - ok
15:44:56.0171 4508 [ 6962AF1E97D8566E9C3496DC118FD3B7 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_951ab4128654b0c9\mfc90u.dll
15:44:56.0171 4508 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_951ab4128654b0c9\mfc90u.dll - ok
15:44:56.0187 4508 [ 82D73D171BF119B5AAE68BFEFADFE9FE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll
15:44:56.0187 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll - ok
15:44:56.0187 4508 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
15:44:56.0187 4508 C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok
15:44:56.0187 4508 [ DAF22FC1999E1B714ECB2CD563C9A4E6 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client_main.dll
15:44:56.0187 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client_main.dll - ok
15:44:56.0187 4508 [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:44:56.0187 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
15:44:56.0187 4508 [ BAD0D303EF0A519409C625738F3E10A3 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:44:56.0187 4508 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
15:44:56.0187 4508 [ C419DF63E0121D72411285780C2FC6CC ] C:\Windows\Updreg.EXE
15:44:56.0187 4508 C:\Windows\Updreg.EXE - ok
15:44:56.0203 4508 [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
15:44:56.0203 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
15:44:56.0203 4508 [ 28F9344A4ADFE21D1BE8D05B2529DF4A ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
15:44:56.0203 4508 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
15:44:56.0203 4508 [ 423069307FB726E51E2A66F1C3F738FE ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
15:44:56.0203 4508 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll - ok
15:44:56.0203 4508 [ D36DCD24C810EE89360F64A4FB94AF88 ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
15:44:56.0203 4508 C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe - ok
15:44:56.0203 4508 [ 5512238DB69736055565E6F5DE62574A ] C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
15:44:56.0203 4508 C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe - ok
15:44:56.0203 4508 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
15:44:56.0203 4508 C:\Windows\SysWOW64\msvfw32.dll - ok
15:44:56.0203 4508 [ F714FD637AEB84B46CED43F2B3DD917D ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNSU_ENU.dll
15:44:56.0203 4508 C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNSU_ENU.dll - ok
15:44:56.0218 4508 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:44:56.0218 4508 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
15:44:56.0218 4508 [ E2D1853679F5BCCDB9100D02AE8A0444 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
15:44:56.0218 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
15:44:56.0218 4508 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
15:44:56.0218 4508 C:\Windows\SysWOW64\tapi32.dll - ok
15:44:56.0218 4508 [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\SysWOW64\msi.dll
15:44:56.0218 4508 C:\Windows\SysWOW64\msi.dll - ok
15:44:56.0218 4508 [ E1636F57581CAB5D995FD54D2991EF57 ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
15:44:56.0218 4508 C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe - ok
15:44:56.0218 4508 [ AE2523EB48B0401262BEC0A59C1C19C2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreGraphics.dll
15:44:56.0218 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreGraphics.dll - ok
15:44:56.0234 4508 [ 826DDBBCA98F2E6CD1DFE33CEF33994C ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
15:44:56.0234 4508 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
15:44:56.0234 4508 [ C16C054F1E07EE69090B03B5E053BA36 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll
15:44:56.0234 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll - ok
15:44:56.0234 4508 [ 9FA91F22A4F751854DE43304BD1A87B4 ] C:\Program Files\Common Files\Logishrd\Sn1\LU\LULnchr.exe
15:44:56.0234 4508 C:\Program Files\Common Files\Logishrd\Sn1\LU\LULnchr.exe - ok
15:44:56.0234 4508 [ D8D2F54F39A7B26CEF7B8455976D89C3 ] C:\Windows\SysWOW64\CNMNPPM.DLL
15:44:56.0234 4508 C:\Windows\SysWOW64\CNMNPPM.DLL - ok
15:44:56.0234 4508 [ F81F14DC4DD866552DD37398E68FE23F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll
15:44:56.0234 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll - ok
15:44:56.0234 4508 [ 47C1DE0A890613FFCFF1D67648EEDF90 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:44:56.0234 4508 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
15:44:56.0234 4508 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
15:44:56.0234 4508 C:\Windows\SysWOW64\dciman32.dll - ok
15:44:56.0250 4508 [ D9D79F547AE2A70C650DFCFC27AEC0F7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:44:56.0250 4508 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
15:44:56.0250 4508 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
15:44:56.0250 4508 C:\Windows\System32\wdmaud.drv - ok
15:44:56.0250 4508 [ 41E31912E5B6345AAFFC9C82D8980A97 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
15:44:56.0250 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
15:44:56.0250 4508 [ D5A69B24039442FD76B410CD2D7FEB7B ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll
15:44:56.0250 4508 C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll - ok
15:44:56.0250 4508 [ 8D58C34EA1304DAB6D8B16925265B5AA ] C:\Program Files\Common Files\Logishrd\sp6\LU\LULnchr.exe
15:44:56.0250 4508 C:\Program Files\Common Files\Logishrd\sp6\LU\LULnchr.exe - ok
15:44:56.0250 4508 [ D15D7DCB64E24F4D96CF7DD7C9DCDC14 ] C:\Windows\SysWOW64\Ctxfihlp.exe
15:44:56.0250 4508 C:\Windows\SysWOW64\Ctxfihlp.exe - ok
15:44:56.0265 4508 [ 03CC97EC838FBBA69E6E5FD744012C31 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
15:44:56.0265 4508 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe - ok
15:44:56.0265 4508 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
15:44:56.0265 4508 C:\Windows\System32\AudioSes.dll - ok
15:44:56.0265 4508 [ B64F80B64EE7DE4FB68A0FEDA192EE52 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
15:44:56.0265 4508 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
15:44:56.0265 4508 [ A0F110AB73271DA15E6BC314A8C1512A ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
15:44:56.0265 4508 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
15:44:56.0265 4508 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:44:56.0265 4508 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
15:44:56.0265 4508 [ F047AC8029004B2FB94E2429F54617A9 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
15:44:56.0265 4508 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
15:44:56.0265 4508 [ 6063D3802397125CFE5A16A1CCF03021 ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll
15:44:56.0265 4508 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll - ok
15:44:56.0281 4508 [ 98A078F838A70F84E1BD490D7C7675F4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:44:56.0281 4508 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
15:44:56.0281 4508 [ E45989C127C0476A937D6BEAA6E28211 ] C:\Program Files\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe
15:44:56.0281 4508 C:\Program Files\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe - ok
15:44:56.0281 4508 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
15:44:56.0281 4508 C:\Windows\System32\msacm32.drv - ok
15:44:56.0281 4508 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
15:44:56.0281 4508 C:\Windows\SysWOW64\mfc42.dll - ok
15:44:56.0281 4508 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
15:44:56.0281 4508 C:\Windows\SysWOW64\odbc32.dll - ok
15:44:56.0281 4508 [ 4EB19202D44B012387602DB5536FD093 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll
15:44:56.0281 4508 C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll - ok
15:44:56.0296 4508 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
15:44:56.0296 4508 C:\Windows\System32\msacm32.dll - ok
15:44:56.0296 4508 [ D17277381B4522FA34FAE7851E705051 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll
15:44:56.0296 4508 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll - ok
15:44:56.0296 4508 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
15:44:56.0296 4508 C:\Windows\System32\midimap.dll - ok
15:44:56.0296 4508 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\libcurl.dll
15:44:56.0296 4508 C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\libcurl.dll - ok
15:44:56.0296 4508 [ 9CB819197E6B2FD3DC0429E3DC1CCFDD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
15:44:56.0296 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
15:44:56.0296 4508 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
15:44:56.0296 4508 C:\Windows\System32\stobject.dll - ok
15:44:56.0296 4508 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
15:44:56.0296 4508 C:\Windows\SysWOW64\odbcint.dll - ok
15:44:56.0312 4508 [ AF09A713D190B2E9DDFCC2CE89357302 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll
15:44:56.0312 4508 C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll - ok
15:44:56.0312 4508 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
15:44:56.0312 4508 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
15:44:56.0312 4508 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\libeay32.dll
15:44:56.0312 4508 C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\libeay32.dll - ok
15:44:56.0312 4508 [ C006FB1F3FB7944003F3BD4EF7D404F5 ] C:\Windows\System32\CTMLFX64.dll
15:44:56.0312 4508 C:\Windows\System32\CTMLFX64.dll - ok
15:44:56.0312 4508 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
15:44:56.0312 4508 C:\Windows\System32\batmeter.dll - ok
15:44:56.0312 4508 [ E96D522F3805425915D8E4CA385658AC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll
15:44:56.0312 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll - ok
15:44:56.0328 4508 [ B921E683A8AF0AAEE982B1B644A4A700 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\CoreDAV.dll
15:44:56.0328 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\CoreDAV.dll - ok
15:44:56.0328 4508 [ 356656B5EEA8C990238E8FAE5C63395C ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll
15:44:56.0328 4508 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll - ok
15:44:56.0328 4508 [ C753ED3DA24F3FE86F754E08A14E2460 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll
15:44:56.0328 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll - ok
15:44:56.0328 4508 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\ssleay32.dll
15:44:56.0328 4508 C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\ssleay32.dll - ok
15:44:56.0328 4508 [ B29B3761067DFCA210ACF96E5D2C85C8 ] C:\Windows\System32\UDAAPO64.dll
15:44:56.0328 4508 C:\Windows\System32\UDAAPO64.dll - ok
15:44:56.0328 4508 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
15:44:56.0328 4508 C:\Windows\System32\WMALFXGFXDSP.dll - ok
15:44:56.0328 4508 [ 4F5627A1777E75AC742DDE26F86B5D48 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
15:44:56.0328 4508 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
15:44:56.0343 4508 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
15:44:56.0343 4508 C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
15:44:56.0343 4508 [ 1A4E49BBBBCD5CE19F8BF6B5D20AFC68 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll
15:44:56.0343 4508 C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll - ok
15:44:56.0343 4508 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll
15:44:56.0343 4508 C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll - ok
15:44:56.0343 4508 [ 6ABC6575EF4FEA6E7A44F5C61C66C9E1 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll
15:44:56.0343 4508 C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll - ok
15:44:56.0343 4508 [ 89084DD8C7A4C7FCDA50485B33C6C98D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll
15:44:56.0343 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll - ok
15:44:56.0343 4508 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
15:44:56.0343 4508 C:\Windows\System32\d3d9.dll - ok
15:44:56.0359 4508 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
15:44:56.0359 4508 C:\Users\Umberto\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
15:44:56.0359 4508 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
15:44:56.0359 4508 C:\Windows\SysWOW64\msxml3.dll - ok
15:44:56.0359 4508 [ 640389CDDC5B96B755EE6CA2125CEB39 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSUtilities.dll
15:44:56.0359 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSUtilities.dll - ok
15:44:56.0359 4508 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
15:44:56.0359 4508 C:\Windows\SysWOW64\mstask.dll - ok
15:44:56.0359 4508 [ 674779A253E465561BC90E1B8806F8A4 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\LibRainfall.dll
15:44:56.0359 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\LibRainfall.dll - ok
15:44:56.0359 4508 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
15:44:56.0359 4508 C:\Windows\System32\prnfldr.dll - ok
15:44:56.0375 4508 [ 2A632A95433E9719F37AE06BA00543AC ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
15:44:56.0375 4508 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL - ok
15:44:56.0375 4508 [ 9BDD6A060E9F4C0E93BA267EB049740E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
15:44:56.0375 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe - ok
15:44:56.0375 4508 [ D77B93504CAFE32D9051A241BDC21B33 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
15:44:56.0375 4508 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
15:44:56.0375 4508 [ A4865DD58110A6455921D9B4F2D6D991 ] C:\Program Files\AVAST Software\Avast\aswData.dll
15:44:56.0375 4508 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
15:44:56.0375 4508 [ 6DBFCD6270BC91EAEE1CCDFCB02E4378 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
15:44:56.0375 4508 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
15:44:56.0375 4508 [ C678F64DC988A4AACECDDB459FDB7A25 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
15:44:56.0375 4508 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
15:44:56.0375 4508 [ 7C7B8A47FFC43180FD49304A87EA78F5 ] C:\Program Files\Logitech\SetPointP\KemXML.dll
15:44:56.0375 4508 C:\Program Files\Logitech\SetPointP\KemXML.dll - ok
15:44:56.0390 4508 [ 451F41C7FEF78BC7CC6F442F9CDBAE62 ] C:\Program Files\Logitech\SetPointP\kemutb.dll
15:44:56.0390 4508 C:\Program Files\Logitech\SetPointP\kemutb.dll - ok
15:44:56.0390 4508 [ 93B3D6E86E710CEDA136C973D0EDAA42 ] C:\Program Files\Logitech\SetPointP\KemWnd.dll
15:44:56.0390 4508 C:\Program Files\Logitech\SetPointP\KemWnd.dll - ok
15:44:56.0390 4508 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
15:44:56.0390 4508 C:\Windows\System32\DXP.dll - ok
15:44:56.0390 4508 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
15:44:56.0390 4508 C:\Windows\System32\rundll32.exe - ok
15:44:56.0390 4508 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
15:44:56.0390 4508 C:\Windows\SysWOW64\netprofm.dll - ok
15:44:56.0390 4508 [ 5197BFB7F70F44B8C5E56EF7C4F30200 ] C:\Program Files\Logitech\SetPointP\SetPointCOM.dll
15:44:56.0390 4508 C:\Program Files\Logitech\SetPointP\SetPointCOM.dll - ok
15:44:56.0390 4508 [ 91E5D7DF820FB0FE7EAD68C32BEAD0DA ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_92995f253c01eddb\MFC90ENU.DLL
15:44:56.0390 4508 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_92995f253c01eddb\MFC90ENU.DLL - ok
15:44:56.0406 4508 [ 09EAD9CB2346B671F8F079D3472134D8 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
15:44:56.0406 4508 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
15:44:56.0406 4508 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
15:44:56.0406 4508 C:\Windows\System32\l3codeca.acm - ok
15:44:56.0406 4508 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
15:44:56.0406 4508 C:\Windows\System32\AudioEng.dll - ok
15:44:56.0406 4508 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
15:44:56.0406 4508 C:\Windows\SysWOW64\npmproxy.dll - ok
15:44:56.0406 4508 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
15:44:56.0406 4508 C:\Windows\System32\Syncreg.dll - ok
15:44:56.0406 4508 [ 57ACF47B4FA24A6B9464C9919412C411 ] C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
15:44:56.0406 4508 C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll - ok
15:44:56.0406 4508 [ 798387534977217525F11B758B3517AE ] C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll
15:44:56.0406 4508 C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll - ok
15:44:56.0421 4508 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
15:44:56.0421 4508 C:\Windows\System32\AUDIOKSE.dll - ok
15:44:56.0421 4508 [ 45E475FA46D8F04A682EB5EED5476E08 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_9aefdaaa829eb818\ATL90.dll
15:44:56.0421 4508 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_9aefdaaa829eb818\ATL90.dll - ok
15:44:56.0421 4508 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
15:44:56.0421 4508 C:\Windows\ehome\ehSSO.dll - ok
15:44:56.0421 4508 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
15:44:56.0421 4508 C:\Windows\System32\AltTab.dll - ok
15:44:56.0421 4508 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
15:44:56.0421 4508 C:\Windows\System32\d3d8thk.dll - ok
15:44:56.0421 4508 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
15:44:56.0421 4508 C:\Windows\System32\wersvc.dll - ok
15:44:56.0437 4508 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
15:44:56.0437 4508 C:\Windows\System32\pnidui.dll - ok
15:44:56.0437 4508 [ EDEEAA5B121A89425A5DF7AB28E4E544 ] C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll
15:44:56.0437 4508 C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll - ok
15:44:56.0437 4508 [ F152755F131ADFE452D534F4E9383590 ] C:\Windows\System32\Faultrep.dll
15:44:56.0437 4508 C:\Windows\System32\Faultrep.dll - ok
15:44:56.0437 4508 [ 563C4641DAE5355C08DF4DDC4134E196 ] C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll
15:44:56.0437 4508 C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll - ok
15:44:56.0437 4508 [ 754BDBD9A6B351E83A8648AB469E238A ] C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll
15:44:56.0437 4508 C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll - ok
15:44:56.0437 4508 [ B8F7FA586A70918FEC5C768250724635 ] C:\Program Files\Logitech\SetPointP\KemMon.dll
15:44:56.0437 4508 C:\Program Files\Logitech\SetPointP\KemMon.dll - ok
15:44:56.0437 4508 [ 5FEAB868CAEDBBD1B7A145CA8261E4AA ] C:\Windows\SysWOW64\WerFault.exe
15:44:56.0437 4508 C:\Windows\SysWOW64\WerFault.exe - ok
15:44:56.0453 4508 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] C:\Program Files\iPod\bin\iPodService.exe
15:44:56.0453 4508 C:\Program Files\iPod\bin\iPodService.exe - ok
15:44:56.0453 4508 [ FE8797F9DC9A6BBF18D6DB12142ED7E2 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_235.ocx
15:44:56.0453 4508 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_235.ocx - ok
15:44:56.0453 4508 [ 50EFBC0F319C780E67D43AA7DDB12BF3 ] C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe
15:44:56.0453 4508 C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe - ok
15:44:56.0453 4508 [ 3A91AAA7EDC8DE349699BB91A328DC3D ] C:\Program Files\Logitech\SetPointP\KGame.dll
15:44:56.0453 4508 C:\Program Files\Logitech\SetPointP\KGame.dll - ok
15:44:56.0453 4508 [ 8E8C92DD50F6B34907813AFDC0C8F7DD ] C:\Windows\SysWOW64\dbgeng.dll
15:44:56.0453 4508 C:\Windows\SysWOW64\dbgeng.dll - ok
15:44:56.0453 4508 [ C005D9E5DC7841BB5E0C837C5C6DAB97 ] C:\Program Files\Logitech\SetPointP\LCabHandler.dll
15:44:56.0453 4508 C:\Program Files\Logitech\SetPointP\LCabHandler.dll - ok
15:44:56.0453 4508 [ D171FFB6DF8F648BA9022A550B056E00 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
15:44:56.0453 4508 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
15:44:56.0468 4508 [ E0A8EDCE1DFDC9874CD2817F9FC4BDF0 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
15:44:56.0468 4508 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
15:44:56.0468 4508 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
15:44:56.0468 4508 C:\Windows\System32\QUTIL.DLL - ok
15:44:56.0468 4508 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
15:44:56.0468 4508 C:\Windows\System32\WPDShServiceObj.dll - ok
15:44:56.0468 4508 [ 57FDA4B9055A4530C99AF62A76E1ED5E ] C:\Windows\SysWOW64\CTxfispi.exe
15:44:56.0468 4508 C:\Windows\SysWOW64\CTxfispi.exe - ok
15:44:56.0468 4508 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
15:44:56.0468 4508 C:\Windows\System32\PortableDeviceTypes.dll - ok
15:44:56.0468 4508 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
15:44:56.0468 4508 C:\Windows\System32\ActionCenter.dll - ok
15:44:56.0484 4508 [ 3AB88F3E2E26E19460EADC9697C5BC95 ] C:\Windows\SysWOW64\ctosuser.dll
15:44:56.0484 4508 C:\Windows\SysWOW64\ctosuser.dll - ok
15:44:56.0484 4508 [ E249CC925A19500D3BBE7A0366FB33A6 ] C:\Windows\System32\nvd3dumx.dll
15:44:56.0484 4508 C:\Windows\System32\nvd3dumx.dll - ok
15:44:56.0484 4508 [ B593F343C6FAC4A036F8A293CE51EC1C ] C:\Windows\SysWOW64\ctdproxy.dll
15:44:56.0484 4508 C:\Windows\SysWOW64\ctdproxy.dll - ok
15:44:56.0484 4508 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
15:44:56.0484 4508 C:\Windows\SysWOW64\schannel.dll - ok
15:44:56.0484 4508 [ 9409F1C0E7B8B576FEF39B0D60F09E7B ] C:\Windows\SysWOW64\cttele32.dll
15:44:56.0484 4508 C:\Windows\SysWOW64\cttele32.dll - ok
15:44:56.0484 4508 [ 56701773BE1272CDBC9B7A37BBFD082B ] C:\Windows\SysWOW64\piaproxy.dll
15:44:56.0484 4508 C:\Windows\SysWOW64\piaproxy.dll - ok
15:44:56.0484 4508 [ C46CD7EDFE87391C52D39FF512D1B700 ] C:\Windows\SysWOW64\CTxfiSpk.dll
15:44:56.0484 4508 C:\Windows\SysWOW64\CTxfiSpk.dll - ok
15:44:56.0500 4508 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
15:44:56.0500 4508 C:\Windows\SysWOW64\MMDevAPI.dll - ok
15:44:56.0500 4508 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
15:44:56.0500 4508 C:\Windows\System32\cscobj.dll - ok
15:44:56.0500 4508 [ BB3C7E48088D37417EB37F1A9E3D2449 ] C:\Windows\SysWOW64\werui.dll
15:44:56.0500 4508 C:\Windows\SysWOW64\werui.dll - ok
15:44:56.0500 4508 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
15:44:56.0500 4508 C:\Windows\System32\bthprops.cpl - ok
15:44:56.0500 4508 [ EEB2CEF869A786AE94BF85340BA3168C ] C:\Windows\SysWOW64\APOMngr.DLL
15:44:56.0500 4508 C:\Windows\SysWOW64\APOMngr.DLL - ok
15:44:56.0500 4508 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
15:44:56.0500 4508 C:\Windows\SysWOW64\hid.dll - ok
15:44:56.0500 4508 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
15:44:56.0500 4508 C:\Windows\SysWOW64\AudioSes.dll - ok
15:44:56.0515 4508 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
15:44:56.0515 4508 C:\Windows\SysWOW64\dui70.dll - ok
15:44:56.0515 4508 [ 8CE7674EFC391A0D7190BC6DCC88CDFC ] C:\Windows\SysWOW64\CTAPO32.dll
15:44:56.0515 4508 C:\Windows\SysWOW64\CTAPO32.dll - ok
15:44:56.0515 4508 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
15:44:56.0515 4508 C:\Windows\SysWOW64\duser.dll - ok
15:44:56.0515 4508 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
15:44:56.0515 4508 C:\Windows\System32\FXSST.dll - ok
15:44:56.0515 4508 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
15:44:56.0515 4508 C:\Windows\System32\FXSAPI.dll - ok
15:44:56.0515 4508 [ 7EA2CCBCAAB93D036210299D8F543192 ] C:\Windows\SysWOW64\UDAAPO32.dll
15:44:56.0515 4508 C:\Windows\SysWOW64\UDAAPO32.dll - ok
15:44:56.0515 4508 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
15:44:56.0515 4508 C:\Windows\SysWOW64\riched20.dll - ok
15:44:56.0531 4508 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
15:44:56.0531 4508 C:\Windows\SysWOW64\xmllite.dll - ok
15:44:56.0531 4508 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
15:44:56.0531 4508 C:\Windows\System32\srchadmin.dll - ok
15:44:56.0531 4508 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
15:44:56.0531 4508 C:\Windows\System32\FXSRESM.dll - ok
15:44:56.0531 4508 [ 532A5FDEC9938EB069FD0881D9243223 ] C:\Windows\SysWOW64\CTxfiBtn.dll
15:44:56.0531 4508 C:\Windows\SysWOW64\CTxfiBtn.dll - ok
15:44:56.0531 4508 [ CF72CD6216E9E8CA5226F90EDA8ADD76 ] C:\Windows\SysWOW64\CtxfiRes.dll
15:44:56.0531 4508 C:\Windows\SysWOW64\CtxfiRes.dll - ok
15:44:56.0531 4508 [ 3CDA32B42582B7B2B98541698906D57F ] C:\Windows\System32\ieframe.dll
15:44:56.0531 4508 C:\Windows\System32\ieframe.dll - ok
15:44:56.0531 4508 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
15:44:56.0531 4508 C:\Windows\SysWOW64\mscms.dll - ok
15:44:56.0546 4508 [ 695106DF3C15A9EA30069CCECEEC2B66 ] C:\Program Files\AVAST Software\Avast\defs\12100800\uiext.dll
15:44:56.0546 4508 C:\Program Files\AVAST Software\Avast\defs\12100800\uiext.dll - ok
15:44:56.0546 4508 [ 1A76A4D4510A40CAC57C2EBE4D646B6F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\InternetExplorerBookmarkDAV.dll
15:44:56.0546 4508 C:\Program Files (x86)\Common Files\Apple\Internet Services\InternetExplorerBookmarkDAV.dll - ok
15:44:56.0546 4508 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
15:44:56.0546 4508 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
15:44:56.0546 4508 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
15:44:56.0546 4508 C:\Windows\System32\UIAnimation.dll - ok
15:44:56.0546 4508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
15:44:56.0546 4508 C:\Windows\System32\FXSSVC.exe - ok
15:44:56.0546 4508 [ 47B8DEBEC68FACCD026F99CAE8698C93 ] C:\Windows\System32\webcheck.dll
15:44:56.0546 4508 C:\Windows\System32\webcheck.dll - ok
15:44:56.0546 4508 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
15:44:56.0546 4508 C:\Windows\System32\SyncCenter.dll - ok
15:44:56.0562 4508 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
15:44:56.0562 4508 C:\Windows\System32\SearchFolder.dll - ok
15:44:56.0562 4508 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
15:44:56.0562 4508 C:\Windows\System32\imapi2.dll - ok
15:44:56.0562 4508 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
15:44:56.0562 4508 C:\Windows\System32\StructuredQuery.dll - ok
15:44:56.0562 4508 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
15:44:56.0562 4508 C:\Windows\System32\hgcpl.dll - ok
15:44:56.0562 4508 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
15:44:56.0562 4508 C:\Windows\System32\netman.dll - ok
15:44:56.0562 4508 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
15:44:56.0562 4508 C:\Windows\System32\rasdlg.dll - ok
15:44:56.0562 4508 [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll
15:44:56.0562 4508 C:\Windows\System32\mssvp.dll - ok
15:44:56.0578 4508 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
15:44:56.0578 4508 C:\Windows\System32\dot3api.dll - ok
15:44:56.0578 4508 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
15:44:56.0578 4508 C:\Windows\System32\eappcfg.dll - ok
15:44:56.0578 4508 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
15:44:56.0578 4508 C:\Windows\System32\wlanhlp.dll - ok
15:44:56.0578 4508 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
15:44:56.0578 4508 C:\Windows\System32\wlanapi.dll - ok
15:44:56.0578 4508 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
15:44:56.0578 4508 C:\Windows\System32\wlanutil.dll - ok
15:44:56.0578 4508 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
15:44:56.0578 4508 C:\Windows\System32\onex.dll - ok
15:44:56.0578 4508 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
15:44:56.0578 4508 C:\Windows\System32\eappprxy.dll - ok
15:44:56.0593 4508 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
15:44:56.0593 4508 C:\Windows\System32\WWanAPI.dll - ok
15:44:56.0593 4508 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
15:44:56.0593 4508 C:\Windows\System32\wwapi.dll - ok
15:44:56.0593 4508 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
15:44:56.0593 4508 C:\Windows\System32\QAGENT.DLL - ok
15:44:56.0593 4508 ============================================================
15:44:56.0593 4508 Scan finished
15:44:56.0593 4508 ============================================================
15:44:56.0593 4500 Detected object count: 4
15:44:56.0593 4500 Actual detected object count: 4
15:46:11.0803 4500 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:46:11.0803 4500 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:46:11.0803 4500 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:46:11.0803 4500 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:46:11.0803 4500 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
15:46:11.0803 4500 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:46:11.0803 4500 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
15:46:11.0803 4500 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

Edited by Umbe, 08 October 2012 - 08:55 AM.

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How long have you had NPR ?

Based on what you have said and my analysis the NPR only appears within Chrome and not IE

Could you post the NPR link where IE gives the alert and I will check it out (I have Avast)

Also could you post a screenshot of the Avast alert, as that has additional data within it
  • 0

#5
Umbe

Umbe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
had NPR? I mostly check it from my iPad: it isn't even bookmarked on my computer.

first, it was the npr site, not their chrome app or anything like that (I navigated there from google)
second, it isn't dependent on the site (at least it doesn't seem to be) on either chrome or IE. I just loaded the article again (http://www.npr.org/2...toons-helpmates) with no results.
Third, I don't have the exact popup for that, but I just tried going to storycorps (http://storycorps.org/animation/), also with IE, and it popped up immediately. just as a note, this was a bookmark, not a google search.

Attached Thumbnails

  • Storycorps popup.PNG

  • 0

#6
Umbe

Umbe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
just rereading my previous post, and realizing I wasn't very specific. let me explain.

what has been happening with Chrome usually goes something like this:

open chrome
click on facebook bookmark
scroll through FB for a bit, click on somebody's profile
DING Avast alert. occasionally 2 at the same time. the 'Object:' generally something clearly related to the page I am trying to view, the 'Process:' generally clearly related to chrome (and, as you can see, IE when I tried it there), and the 'Infection:' always the same URL:Mal. Webpage stops loading and, if not loaded at all, displays an 'unknown loading error' screen.
Note: it seems to be more likely to happen on media-heavy sites, but that is no guarantee. Moving on...
close all tabs in chrome (which isn't the same as closing chrome, as I have it set to reopen to last configuration of tabs)
open chrome again.
navigate back to the same page as before.
*no Avast message*
Continue browsing

this is NOT specific to facebook, and I have in fact been able to load it, click around, search, do the whole deal, without setting off anything from Avast. this seems to happen with lots of perfectly random sites (eg storycorps).
the times when I was having 6 Avast notifications/second coming up was when I clicked on the 'More Details... > >' button on the popup, or when I tried refreshing the page that caused the notification. the 'more details' effect seems to be over now, though. I just tried it with no effect.

when I said, "I tried opening up explorer, and, though it took a while, Avast did give one 'malicious url' warning when I opened up an article on NPR. less immediate and not as rapid fire as chrome, but still there." I was speaking generally about the difference between Avast notifications coming off of IE vs. those from Chrome. I did not mean that Chrome immediately and repeatedly causes Avast popups when on NPR. I mentioned the fact that it was NPR because I wanted to show that it was a very legit site, not someplace known for setting off antivirus alarms.

I'm sorry for any misunderstanding. And, since English is entirely shortchanged in the area of giving thanks, I'll go with Italian: grazie di cuore.
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Your English is excellent, worry not

OK, there are a lot of booby traps on facebook and google images at the moment. However, I will give your computer a thorough check to ensure that nothing is there

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#8
Umbe

Umbe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
it didn't reboot automatically... don't know if it should have?

in any case, the log:

ComboFix 12-10-08.02 - Umberto 08/10/2012 19:39:49.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6135.4689 [GMT 1:00]
Running from: c:\users\Umberto\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Umberto\AppData\Roaming\inst.exe
c:\users\Umberto\AppData\Roaming\vso_ts_preview.xml
c:\windows\7Loader.TAG
.
.
((((((((((((((((((((((((( Files Created from 2012-09-08 to 2012-10-08 )))))))))))))))))))))))))))))))
.
.
2012-10-08 18:43 . 2012-10-08 18:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-10-08 18:43 . 2012-10-08 18:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-07 18:42 . 2012-10-08 09:48 129024 ----a-w- c:\windows\RegBootClean64.exe
2012-10-07 17:10 . 2012-10-07 17:10 -------- d-----w- c:\users\Umberto\AppData\Roaming\Malwarebytes
2012-10-07 17:09 . 2012-10-07 17:09 -------- d-----w- c:\programdata\Malwarebytes
2012-10-07 17:09 . 2012-10-08 08:55 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-07 17:09 . 2012-09-07 16:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-07 01:09 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-10-07 00:49 . 2012-10-07 00:49 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-10-07 00:48 . 2012-10-07 00:48 -------- d-----w- c:\programdata\McAfee
2012-10-06 22:15 . 2012-10-06 22:15 53248 ----a-r- c:\users\Umberto\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-10-06 22:15 . 2012-10-06 22:15 -------- d-----w- c:\users\Umberto\AppData\Local\Logishrd
2012-10-06 20:03 . 2012-09-19 07:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{22078A45-C997-4A20-A41F-C6024E323EFF}\mpengine.dll
2012-10-06 17:40 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-10-06 14:53 . 2012-10-06 14:53 -------- d-----w- c:\program files (x86)\YTD Toolbar
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-07 00:49 . 2012-04-12 02:16 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-06 22:15 . 2011-10-16 20:27 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-08-31 07:43 . 2011-10-16 23:20 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 09:13 . 2011-10-16 19:58 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-10-16 19:58 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2011-10-16 19:58 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-02-24 03:51 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-10-16 19:58 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-10-16 19:58 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-10-16 19:58 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-10-16 19:58 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-10-16 19:58 285328 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-02-24 59240]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"com.apple.dav.bookmarks.daemon"="c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-23 206240]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-06 25600]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Umberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-10-16 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-10-16 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-05-06 202840]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-06 1417304]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-05-06 94808]
R3 MP4ConverterAudio;MP4ConverterAudio;c:\windows\system32\drivers\MP4ConverterAudio.sys [2012-01-24 34040]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub; [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VGPU;VGPU; [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-16 1255736]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-13 283200]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot\SDWinSec.exe [2009-01-26 1153368]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-05-06 202840]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-06 1417304]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-05-06 94808]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 06972736
*NewlyCreated* - 22069495
*Deregistered* - 06972736
*Deregistered* - 22069495
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3657994211-3226139569-2225959304-1001Core.job
- c:\users\Umberto\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-16 17:57]
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3657994211-3226139569-2225959304-1001UA.job
- c:\users\Umberto\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-16 17:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-16 499608]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"LogiScrollApp"="c:\program files\Logitech\FlowScroll\KhalScroll.exe" [2012-02-08 166680]
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 129.234.4.13 129.234.4.9
TCP: Interfaces\{F70738C8-CD0A-4900-9963-C615323FD871}: DhcpNameServer = 129.234.4.13 129.234.4.9
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{652853ad-5592-4231-88c6-706613a52e61} - (no file)
Toolbar-{652853ad-5592-4231-88c6-706613a52e61} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-22069495.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\0a\00\10\14$0?"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-08 19:45:06
ComboFix-quarantined-files.txt 2012-10-08 18:45
.
Pre-Run: 16,561,762,304 bytes free
Post-Run: 16,297,648,128 bytes free
.
- - End Of File - - EC0F05776D9CD3E1E96BB168A2E2DD49
  • 0

#9
Umbe

Umbe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
still have the problem. I just opened up chrome to discover that every time I typed a letter in the search bar avast gave me a warning. one for each letter. restarted chrome and it's back to normal.
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you synching chrome ?

Could you run Chrome in incognito mode and let me know if the problem persists
  • 0

Advertisements


#11
Umbe

Umbe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
what do you mean by "synching chrome?"

still came up. this time on a google search for 'storycorps'. I didn't have any other program running, and I closed the normal chrome window.

Attached Thumbnails

  • Avast popup 3.PNG

Edited by Umbe, 08 October 2012 - 02:25 PM.

  • 0

#12
Umbe

Umbe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
just got a popup without having chrome open. take a look.

Attached Thumbnails

  • Standalone popup.PNG

  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Intriguing, that normally indicates an MBR infection. Time to dig even deeper

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop ( it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.
Posted Image
Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - - then just rerun the setup file on your desktop

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#14
Umbe

Umbe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
so I ran the scan with all of the boxes ticked, except for the disk drives (which are empty anyway). it didn't find anything, but it did produce a log file: a 199mb .txt! obviously I can't attach it to a post. I'm currently rerunning the scan with fewer boxes ticked (the ones down to 'computer', plus the C drive), and will attach that log once it has finished, if possible.

in the meantime, I've attached the sysinfo.zip.

Attached Files


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No need for the log unless it detected anything

  • Re-run AVPTool
  • Select the Manual Disinfection tab
  • Where it states Step 3 paste in the following disinfection script and press execute

    begin
    SetAVZGuardStatus(True);
    SearchRootkit(true, true);
     DeleteService('88152142');
     StopService('88152142');
     DeleteService('68339146');
     StopService('68339146');
     QuarantineFile('C:\Windows\system32\DRIVERS\88152142.sys','');
     QuarantineFile('C:\Windows\system32\DRIVERS\68339146.sys','');
     DeleteFile('C:\Windows\system32\DRIVERS\68339146.sys');
     BC_DeleteFile('C:\Windows\system32\DRIVERS\68339146.sys');
     DeleteFile('C:\Windows\system32\DRIVERS\88152142.sys');
     BC_DeleteFile('C:\Windows\system32\DRIVERS\88152142.sys');
     BC_DeleteSvc('68339146');
     BC_DeleteSvc('88152142');
    BC_ImportDeletedList;
    BC_ImportAll;
    ExecuteSysClean;
    BC_Activate;
    RebootWindows(true);
    end.

  • Your system will reboot on completion, if it does not please do so yourself
  • On completion please run another analysis scan and attach the zip file

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP