Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

No luck so far removing trojan JS/medfos.b [Solved]


  • This topic is locked This topic is locked

#1
SneakyReek

SneakyReek

    Member

  • Member
  • PipPip
  • 12 posts
Hi there,

Very happy I was able to find this forum and grateful that there's a community like this online to help in such situations.

My issue is that my system is currently infected with the trojan JS/medfos.b. I was alerted to this via Microsoft Security Essentials constantly popping up saying that it was quarantining this file. I've removed the quarantined files numerous times but it's not addressing the problem of removing the trojan itself.

I've downloaded and run Hitman Pro, Malware Bytes, and Rootkit removal tool but none of these programs can find an issue so the trojan is still on my system. Also, I know it is present on my system as I have had my webpages redirected to random product sites on occasion and MSE has also quarantined it twice during the typing of this message.

Any and all help is greatly appreciated!

Below is my OTL Log:

OTL logfile created on: 11/29/2012 1:26:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cary\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.96 Gb Total Physical Memory | 5.54 Gb Available Physical Memory | 69.57% Memory free
15.92 Gb Paging File | 13.32 Gb Available in Paging File | 83.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.52 Gb Total Space | 547.81 Gb Free Space | 58.81% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 190.06 Gb Free Space | 63.76% Space Free | Partition Type: NTFS

Computer Name: CARY-PC | User Name: Cary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/29 13:26:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cary\Desktop\OTL.exe
PRC - [2012/10/29 17:54:02 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/10/25 16:52:52 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/08 16:11:15 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012/10/06 00:39:24 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/03 16:06:20 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/05 03:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/12/16 11:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/12/16 11:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/12/16 10:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/07/09 01:36:12 | 002,932,224 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
PRC - [2011/01/23 18:39:39 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe
PRC - [2011/01/23 18:39:37 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe
PRC - [2010/02/18 17:27:40 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
PRC - [2009/08/28 03:45:56 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/15 18:23:52 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4a443c775f768ede71bde8e10f50ec0b\IAStorUtil.ni.dll
MOD - [2012/11/15 18:23:52 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e88f87e9200afb5ede994c89c92e22b8\IAStorCommon.ni.dll
MOD - [2012/11/15 16:39:04 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
MOD - [2012/11/15 16:39:01 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/15 16:38:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/15 16:38:43 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/15 16:38:36 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/15 16:38:33 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/15 16:38:31 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/15 16:38:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/15 16:38:28 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/10/29 17:53:49 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/10/25 16:52:52 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/10/25 16:52:51 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/10/25 16:52:51 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/10/25 16:52:51 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/10/25 16:52:51 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/10/08 16:11:14 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2011/12/16 16:17:00 | 000,246,272 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2011/08/17 14:45:34 | 000,074,240 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2011/01/23 18:39:39 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe
MOD - [2011/01/23 18:39:37 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe
MOD - [2010/04/05 04:56:20 | 000,094,359 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\epoemdll.dll
MOD - [2010/04/05 04:56:19 | 000,045,221 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\epstring.dll
MOD - [2010/04/05 04:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\epwizres.dll
MOD - [2010/04/05 04:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\epwizard.dll
MOD - [2010/04/05 04:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\customui.dll
MOD - [2010/04/05 04:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\epfunct.dll
MOD - [2010/04/05 04:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\eputil.dll
MOD - [2010/04/05 04:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\imagutil.dll
MOD - [2010/04/01 11:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\lxeddrs.dll
MOD - [2010/04/01 11:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\lxedscw.dll
MOD - [2009/05/27 06:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\lxeddatr.dll
MOD - [2009/04/07 13:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\iptk.dll
MOD - [2009/03/09 23:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\lxedcaps.dll
MOD - [2009/03/02 08:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark S600 Series\lxedptp.dll
MOD - [2009/02/20 00:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXEDsmr.dll
MOD - [2009/02/20 00:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEDsm.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/12/08 15:38:24 | 000,607,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/06/29 09:51:26 | 000,171,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2010/04/14 13:01:15 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxedcoms.exe -- (lxed_device)
SRV:64bit: - [2010/04/14 13:01:07 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxedserv.exe -- (lxedCATSCustConnectService)
SRV:64bit: - [2010/04/06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/10/29 17:54:02 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/25 16:52:52 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/08 16:11:15 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/06 00:39:24 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/21 21:56:56 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/07/21 21:56:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/07/21 21:56:00 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/04/26 14:03:36 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012/02/13 10:24:48 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/12/16 11:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/12/16 11:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/16 10:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/08/30 14:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/07/09 01:36:12 | 002,932,224 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices)
SRV - [2010/04/14 13:01:07 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxedserv.exe -- (lxedCATSCustConnectService)
SRV - [2010/04/14 13:00:56 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxedcoms.exe -- (lxed_device)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/28 03:45:56 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/05/12 11:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012/04/18 09:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/13 10:34:12 | 000,550,560 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/02/13 10:33:24 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/02/13 10:33:12 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/02/13 10:32:42 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/02/13 10:32:24 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/02/13 10:32:12 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/02/13 10:31:54 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/02/13 10:31:42 | 000,339,616 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/02/07 03:01:00 | 003,538,432 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/01/05 03:58:48 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/05 03:58:48 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/05 03:58:48 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/12/07 18:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2011/11/29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/10 00:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/11/02 09:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011/08/11 14:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/08/08 21:42:36 | 000,315,696 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/07/19 17:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011/06/28 16:04:40 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/11/17 15:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/04/27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV - [2012/11/27 23:35:31 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012/11/27 23:35:21 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 61 13 95 D0 67 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {2D5B7C7D-BF41-4088-9999-79A865E2D5E2}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2D5B7C7D-BF41-4088-9999-79A865E2D5E2}: "URL" = http://www.bing.com/...=SPLBR1&pc=SPLH
IE - HKCU\..\SearchScopes\{7651627A-2DED-4d3e-941F-0384B6092435}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{E0A72744-2E83-40d0-B397-1FFD9C09832D}: "URL" = http://search.yahoo....evm&type=IEBDSV
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: {468bd646-46f6-42b0-95c6-6992a53bee09}:2.0.14
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/29 17:54:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/29 17:54:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/07/21 22:20:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cary\AppData\Roaming\Mozilla\Extensions
[2012/11/28 12:50:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\y5i3oof0.default\extensions
[2012/11/29 11:34:36 | 000,004,062 | ---- | M] () (No name found) -- C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\y5i3oof0.default\extensions\{468bd646-46f6-42b0-95c6-6992a53bee09}.xpi
[2012/11/26 10:05:33 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\y5i3oof0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/29 17:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/29 17:54:02 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/22 09:55:10 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/21 13:34:48 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxedmon.exe] C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [rdints] C:\Users\Cary\AppData\Roaming\rdints.dll (Fujitsu Component Limited)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BF666AE-756D-4347-AAC0-3A45CF3A589B}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{672f7847-d3bf-11e1-b3a4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{672f7847-d3bf-11e1-b3a4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{eed99dc1-d8c7-11e1-bbea-9cb70dc821d4}\Shell - "" = AutoRun
O33 - MountPoints2\{eed99dc1-d8c7-11e1-bbea-9cb70dc821d4}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/29 13:26:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cary\Desktop\OTL.exe
[2012/11/29 13:19:11 | 000,000,000 | ---D | C] -- C:\Users\Cary\AppData\Roaming\Malwarebytes
[2012/11/29 13:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/29 13:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/29 13:19:02 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/11/29 13:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/29 13:18:17 | 010,669,952 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Cary\Desktop\mbam-setup-1.65.1.1000.exe
[2012/11/29 13:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2012/11/29 13:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012/11/29 13:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/11/29 12:59:50 | 009,105,176 | ---- | C] (SurfRight B.V.) -- C:\Users\Cary\Desktop\HitmanPro36_x64.exe
[2012/11/29 12:59:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/29 11:34:27 | 000,000,000 | R--D | C] -- C:\Users\Cary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012/11/27 23:40:42 | 000,000,000 | ---D | C] -- C:\Users\Cary\AppData\Local\ElevatedDiagnostics
[2012/11/27 15:17:48 | 000,000,000 | ---D | C] -- C:\Users\Cary\AppData\Local\SCE
[2012/11/27 15:17:36 | 000,000,000 | ---D | C] -- C:\Crash
[2012/11/27 15:17:35 | 000,000,000 | ---D | C] -- C:\Users\Cary\AppData\Local\Sony Online Entertainment
[2012/11/19 10:38:21 | 000,491,008 | ---- | C] (Fujitsu Component Limited) -- C:\Users\Cary\AppData\Roaming\rdints.dll
[2012/11/17 11:37:12 | 000,000,000 | ---D | C] -- C:\Users\Cary\Desktop\Resumes
[2012/11/01 20:35:49 | 000,000,000 | ---D | C] -- C:\Users\Cary\AppData\Roaming\fltk.org
[2012/11/01 20:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org
[2012/11/01 20:35:47 | 000,000,000 | ---D | C] -- C:\Users\Cary\Documents\Amnesia
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/29 13:26:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cary\Desktop\OTL.exe
[2012/11/29 13:19:05 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/29 13:18:24 | 010,669,952 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Cary\Desktop\mbam-setup-1.65.1.1000.exe
[2012/11/29 13:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/29 13:00:21 | 009,105,176 | ---- | M] (SurfRight B.V.) -- C:\Users\Cary\Desktop\HitmanPro36_x64.exe
[2012/11/29 11:41:26 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/29 11:41:26 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/29 11:41:14 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/29 11:41:14 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/29 11:41:14 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/29 11:34:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/29 11:34:00 | 2117,451,775 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/27 23:35:31 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2012/11/27 23:35:31 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2012/11/27 15:17:01 | 000,002,504 | ---- | M] () -- C:\Users\Cary\Desktop\PlanetSide 2.lnk
[2012/11/27 15:16:51 | 008,074,528 | ---- | M] () -- C:\Users\Cary\Desktop\PS2_setup.exe
[2012/11/19 10:38:23 | 000,491,008 | ---- | M] (Fujitsu Component Limited) -- C:\Users\Cary\AppData\Roaming\rdints.dll
[2012/11/15 16:35:21 | 000,311,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/08 18:07:41 | 001,178,553 | ---- | M] () -- C:\Users\Cary\Desktop\SCAN0001.pdf
[2012/11/03 15:18:09 | 000,051,290 | ---- | M] () -- C:\Users\Cary\Desktop\michelle_gg-shutterfly-photo-book-offer-2-options.pdf
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/29 13:19:05 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/27 23:32:18 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2012/11/27 15:17:01 | 000,002,534 | ---- | C] () -- C:\Users\Cary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk
[2012/11/27 15:17:01 | 000,002,504 | ---- | C] () -- C:\Users\Cary\Desktop\PlanetSide 2.lnk
[2012/11/27 15:16:47 | 008,074,528 | ---- | C] () -- C:\Users\Cary\Desktop\PS2_setup.exe
[2012/11/15 00:08:04 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 00:03:40 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/08 18:07:41 | 001,178,553 | ---- | C] () -- C:\Users\Cary\Desktop\SCAN0001.pdf
[2012/11/03 15:18:09 | 000,051,290 | ---- | C] () -- C:\Users\Cary\Desktop\michelle_gg-shutterfly-photo-book-offer-2-options.pdf
[2012/10/06 00:39:25 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/10/06 00:39:23 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/08 16:17:54 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxedcomx.dll
[2012/08/08 16:17:54 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\LXEDinst.dll
[2012/08/08 16:17:53 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedserv.dll
[2012/08/08 16:17:53 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedusb1.dll
[2012/08/08 16:17:53 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedhbn3.dll
[2012/08/08 16:17:53 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedpmui.dll
[2012/08/08 16:17:53 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedcoms.exe
[2012/08/08 16:17:53 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedlmpm.dll
[2012/08/08 16:17:53 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedinpa.dll
[2012/08/08 16:17:53 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxediesc.dll
[2012/08/08 16:17:53 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedih.exe
[2012/08/08 16:17:53 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxedins.dll
[2012/08/08 16:17:53 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxedinsb.dll
[2012/08/08 16:17:53 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxedcu.dll
[2012/08/08 16:17:53 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxedinsr.dll
[2012/08/08 16:17:53 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxedcub.dll
[2012/08/08 16:17:53 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxedjswr.dll
[2012/08/08 16:17:53 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxedcur.dll
[2012/08/08 16:17:52 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedcomc.dll
[2012/08/08 16:17:52 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedcfg.exe
[2012/08/08 16:17:52 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxedcomm.dll
[2012/08/08 16:14:05 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEDsm.dll
[2012/08/08 16:14:05 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXEDsmr.dll
[2012/07/21 23:21:06 | 000,775,586 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/07/21 22:06:07 | 000,000,486 | ---- | C] () -- C:\Windows\DEMO.INI
[2012/07/21 22:03:33 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012/07/21 21:57:09 | 000,007,594 | ---- | C] () -- C:\Windows\SysWow64\xFiMB2CfgUninstall32.ini
[2012/07/21 21:57:09 | 000,005,135 | ---- | C] () -- C:\Windows\SysWow64\cfgfx.ini
[2012/07/21 21:57:09 | 000,002,775 | ---- | C] () -- C:\Windows\FF08_Render_Spk.ini
[2012/07/21 21:57:09 | 000,002,411 | ---- | C] () -- C:\Windows\FF08_Render_Hp.ini
[2012/07/21 21:57:09 | 000,002,267 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2012/07/21 21:57:09 | 000,001,542 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2012/07/21 21:57:04 | 000,001,202 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2012/07/21 21:57:04 | 000,001,101 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2012/07/21 21:57:04 | 000,001,092 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2012/07/21 21:57:03 | 000,246,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012/07/21 21:57:03 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012/07/21 21:53:45 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/12/08 15:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/07/22 11:38:24 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\Avid
[2012/11/01 20:35:49 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\fltk.org
[2012/10/05 20:46:06 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\GameFly
[2012/09/25 21:26:32 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\Kalypso Media
[2012/07/22 15:09:26 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\MotioninJoy
[2012/08/12 13:10:26 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\MPEG Streamclip
[2012/10/06 00:28:04 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\Origin
[2012/07/22 11:37:11 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\PACE Anti-Piracy
[2012/07/29 18:36:40 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\six-updater
[2012/07/29 15:11:19 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\six-zsync
[2012/11/28 00:03:09 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\Splashtop
[2012/09/26 20:31:15 | 000,000,000 | ---D | M] -- C:\Users\Cary\AppData\Roaming\tropico 4

========== Purity Check ==========



< End of report >

Thanks again!
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello SneakyReek and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O33 - MountPoints2\{672f7847-d3bf-11e1-b3a4-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{672f7847-d3bf-11e1-b3a4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
    O33 - MountPoints2\{eed99dc1-d8c7-11e1-bbea-9cb70dc821d4}\Shell - "" = AutoRun
    O33 - MountPoints2\{eed99dc1-d8c7-11e1-bbea-9cb70dc821d4}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [emtytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\\ folder) in the form of \"TDSSKiller.[Version]_[Date]_[Time]_log.txt\". Please copy and paste its contents on your next reply.

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
  • TDSSKiller log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
SneakyReek

SneakyReek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Thank you again for your assistance with this. The OTL log produced the following:

========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{672f7847-d3bf-11e1-b3a4-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{672f7847-d3bf-11e1-b3a4-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{672f7847-d3bf-11e1-b3a4-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{672f7847-d3bf-11e1-b3a4-806e6f6e6963}\ not found.
File D:\Run.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eed99dc1-d8c7-11e1-bbea-9cb70dc821d4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eed99dc1-d8c7-11e1-bbea-9cb70dc821d4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eed99dc1-d8c7-11e1-bbea-9cb70dc821d4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eed99dc1-d8c7-11e1-bbea-9cb70dc821d4}\ not found.
File F:\LaunchU3.exe -a not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Cary\Desktop\cmd.bat deleted successfully.
C:\Users\Cary\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
Error: Unable to interpret <[emtytemp]> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 11302012_103114

(Note: After reboot I received the following error: "there was a problem starting c:users\cary\appdata\roaming\rdints.dll Access is denied". Currently my recycle bin and Documents ans settings are locked and access is denied)
  • 0

#4
SneakyReek

SneakyReek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
TDSSKiller Log:

10:38:01.0355 3160 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:38:01.0932 3160 ============================================================
10:38:01.0932 3160 Current date / time: 2012/11/30 10:38:01.0932
10:38:01.0932 3160 SystemInfo:
10:38:01.0932 3160
10:38:01.0932 3160 OS Version: 6.1.7601 ServicePack: 1.0
10:38:01.0932 3160 Product type: Workstation
10:38:01.0932 3160 ComputerName: CARY-PC
10:38:01.0932 3160 UserName: Cary
10:38:01.0932 3160 Windows directory: C:\Windows
10:38:01.0932 3160 System windows directory: C:\Windows
10:38:01.0932 3160 Running under WOW64
10:38:01.0932 3160 Processor architecture: Intel x64
10:38:01.0932 3160 Number of processors: 8
10:38:01.0932 3160 Page size: 0x1000
10:38:01.0932 3160 Boot type: Normal boot
10:38:01.0932 3160 ============================================================
10:38:02.0135 3160 BG loaded
10:38:02.0541 3160 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:38:02.0556 3160 Drive \Device\Harddisk0\DR0 - Size: 0xE8E1300000 (931.52 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:38:02.0650 3160 ============================================================
10:38:02.0650 3160 \Device\Harddisk1\DR1:
10:38:02.0650 3160 MBR partitions:
10:38:02.0650 3160 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D000
10:38:02.0650 3160 \Device\Harddisk0\DR0:
10:38:02.0650 3160 MBR partitions:
10:38:02.0650 3160 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74708800
10:38:02.0650 3160 ============================================================
10:38:02.0681 3160 C: <-> \Device\Harddisk0\DR0\Partition1
10:38:02.0712 3160 E: <-> \Device\Harddisk1\DR1\Partition1
10:38:02.0712 3160 ============================================================
10:38:02.0712 3160 Initialize success
10:38:02.0712 3160 ============================================================
10:39:30.0132 5572 ============================================================
10:39:30.0132 5572 Scan started
10:39:30.0132 5572 Mode: Manual; SigCheck; TDLFS;
10:39:30.0132 5572 ============================================================
10:39:31.0068 5572 ================ Scan services =============================
10:39:31.0286 5572 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:39:31.0396 5572 1394ohci - ok
10:39:31.0427 5572 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:39:31.0427 5572 ACPI - ok
10:39:31.0442 5572 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:39:31.0520 5572 AcpiPmi - ok
10:39:31.0661 5572 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:39:31.0676 5572 AdobeARMservice - ok
10:39:31.0832 5572 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:39:31.0864 5572 AdobeFlashPlayerUpdateSvc - ok
10:39:31.0895 5572 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:39:31.0926 5572 adp94xx - ok
10:39:31.0942 5572 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:39:31.0957 5572 adpahci - ok
10:39:31.0973 5572 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:39:31.0973 5572 adpu320 - ok
10:39:32.0020 5572 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:39:32.0144 5572 AeLookupSvc - ok
10:39:32.0176 5572 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:39:32.0222 5572 AFD - ok
10:39:32.0238 5572 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:39:32.0269 5572 agp440 - ok
10:39:32.0300 5572 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:39:32.0378 5572 ALG - ok
10:39:32.0394 5572 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:39:32.0410 5572 aliide - ok
10:39:32.0425 5572 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:39:32.0441 5572 amdide - ok
10:39:32.0456 5572 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:39:32.0488 5572 AmdK8 - ok
10:39:32.0503 5572 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:39:32.0534 5572 AmdPPM - ok
10:39:32.0581 5572 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:39:32.0581 5572 amdsata - ok
10:39:32.0612 5572 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:39:32.0628 5572 amdsbs - ok
10:39:32.0644 5572 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:39:32.0659 5572 amdxata - ok
10:39:32.0690 5572 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:39:32.0846 5572 AppID - ok
10:39:32.0846 5572 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:39:32.0893 5572 AppIDSvc - ok
10:39:32.0924 5572 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:39:32.0956 5572 Appinfo - ok
10:39:32.0971 5572 [ BA957E7ACD2B44FA3B01FAA64F6A9060 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
10:39:32.0987 5572 AppleCharger - ok
10:39:32.0987 5572 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
10:39:33.0049 5572 AppleChargerSrv - ok
10:39:33.0065 5572 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:39:33.0080 5572 arc - ok
10:39:33.0096 5572 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:39:33.0096 5572 arcsas - ok
10:39:33.0143 5572 Aspi32 - ok
10:39:33.0283 5572 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:39:33.0299 5572 aspnet_state - ok
10:39:33.0330 5572 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:39:33.0361 5572 AsyncMac - ok
10:39:33.0408 5572 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:39:33.0424 5572 atapi - ok
10:39:33.0455 5572 [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
10:39:33.0455 5572 AthBTPort - ok
10:39:33.0486 5572 [ 379A6AB7F2AD8FC61B1306767083D705 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
10:39:33.0486 5572 AtherosSvc - ok
10:39:33.0611 5572 [ B03F91737AEF778B12C2B8413D8DBEE7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:39:33.0658 5572 athr - ok
10:39:33.0689 5572 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:39:33.0736 5572 AudioEndpointBuilder - ok
10:39:33.0751 5572 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:39:33.0767 5572 AudioSrv - ok
10:39:33.0814 5572 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:39:33.0892 5572 AxInstSV - ok
10:39:33.0923 5572 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:39:33.0970 5572 b06bdrv - ok
10:39:33.0985 5572 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:39:34.0001 5572 b57nd60a - ok
10:39:34.0032 5572 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:39:34.0079 5572 BDESVC - ok
10:39:34.0079 5572 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:39:34.0126 5572 Beep - ok
10:39:34.0188 5572 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:39:34.0219 5572 BFE - ok
10:39:34.0250 5572 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:39:34.0313 5572 BITS - ok
10:39:34.0328 5572 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:39:34.0344 5572 blbdrive - ok
10:39:34.0360 5572 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:39:34.0375 5572 bowser - ok
10:39:34.0391 5572 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:39:34.0469 5572 BrFiltLo - ok
10:39:34.0469 5572 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:39:34.0484 5572 BrFiltUp - ok
10:39:34.0516 5572 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:39:34.0531 5572 Browser - ok
10:39:34.0562 5572 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:39:34.0609 5572 Brserid - ok
10:39:34.0625 5572 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:39:34.0640 5572 BrSerWdm - ok
10:39:34.0656 5572 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:39:34.0687 5572 BrUsbMdm - ok
10:39:34.0703 5572 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:39:34.0718 5572 BrUsbSer - ok
10:39:34.0765 5572 [ C05ED3246C06EC56F10D85B0304CD09E ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
10:39:34.0765 5572 BTATH_A2DP - ok
10:39:34.0781 5572 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
10:39:34.0796 5572 btath_avdt - ok
10:39:34.0843 5572 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
10:39:34.0843 5572 BTATH_BUS - ok
10:39:34.0859 5572 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
10:39:34.0859 5572 BTATH_HCRP - ok
10:39:34.0890 5572 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
10:39:34.0906 5572 BTATH_LWFLT - ok
10:39:34.0921 5572 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
10:39:34.0921 5572 BTATH_RCP - ok
10:39:34.0968 5572 [ 13BDB661991ACF40ADCB09BD64A8CBEF ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
10:39:34.0984 5572 BtFilter - ok
10:39:35.0015 5572 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:39:35.0077 5572 BthEnum - ok
10:39:35.0077 5572 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:39:35.0108 5572 BTHMODEM - ok
10:39:35.0124 5572 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:39:35.0155 5572 BthPan - ok
10:39:35.0171 5572 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:39:35.0233 5572 BTHPORT - ok
10:39:35.0280 5572 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:39:35.0311 5572 bthserv - ok
10:39:35.0342 5572 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:39:35.0374 5572 BTHUSB - ok
10:39:35.0405 5572 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:39:35.0420 5572 cdfs - ok
10:39:35.0483 5572 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:39:35.0498 5572 cdrom - ok
10:39:35.0530 5572 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:39:35.0561 5572 CertPropSvc - ok
10:39:35.0592 5572 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:39:35.0608 5572 circlass - ok
10:39:35.0654 5572 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:39:35.0670 5572 CLFS - ok
10:39:35.0748 5572 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:39:35.0764 5572 clr_optimization_v2.0.50727_32 - ok
10:39:35.0826 5572 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:39:35.0857 5572 clr_optimization_v2.0.50727_64 - ok
10:39:35.0951 5572 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:39:36.0013 5572 clr_optimization_v4.0.30319_32 - ok
10:39:36.0029 5572 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:39:36.0044 5572 clr_optimization_v4.0.30319_64 - ok
10:39:36.0060 5572 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:39:36.0076 5572 CmBatt - ok
10:39:36.0076 5572 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:39:36.0091 5572 cmdide - ok
10:39:36.0122 5572 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:39:36.0138 5572 CNG - ok
10:39:36.0154 5572 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:39:36.0154 5572 Compbatt - ok
10:39:36.0185 5572 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:39:36.0200 5572 CompositeBus - ok
10:39:36.0200 5572 COMSysApp - ok
10:39:36.0232 5572 cpuz135 - ok
10:39:36.0247 5572 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:39:36.0263 5572 crcdisk - ok
10:39:36.0341 5572 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
10:39:36.0356 5572 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:39:36.0356 5572 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:39:36.0403 5572 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
10:39:36.0450 5572 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:39:36.0450 5572 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:39:36.0481 5572 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:39:36.0512 5572 CryptSvc - ok
10:39:36.0575 5572 [ 7DAA33AAEE034AE62EF631A3F13A027B ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
10:39:36.0622 5572 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
10:39:36.0622 5572 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
10:39:36.0684 5572 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:39:36.0715 5572 DcomLaunch - ok
10:39:36.0746 5572 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:39:36.0762 5572 defragsvc - ok
10:39:36.0793 5572 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:39:36.0824 5572 DfsC - ok
10:39:36.0856 5572 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:39:36.0902 5572 Dhcp - ok
10:39:36.0902 5572 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:39:36.0934 5572 discache - ok
10:39:36.0980 5572 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:39:36.0980 5572 Disk - ok
10:39:37.0012 5572 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:39:37.0043 5572 Dnscache - ok
10:39:37.0074 5572 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:39:37.0090 5572 dot3svc - ok
10:39:37.0121 5572 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:39:37.0152 5572 DPS - ok
10:39:37.0199 5572 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:39:37.0214 5572 drmkaud - ok
10:39:37.0277 5572 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:39:37.0292 5572 DXGKrnl - ok
10:39:37.0339 5572 [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
10:39:37.0339 5572 e1cexpress - ok
10:39:37.0370 5572 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:39:37.0402 5572 EapHost - ok
10:39:37.0480 5572 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:39:37.0542 5572 ebdrv - ok
10:39:37.0573 5572 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:39:37.0604 5572 EFS - ok
10:39:37.0667 5572 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:39:37.0698 5572 ehRecvr - ok
10:39:37.0729 5572 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:39:37.0745 5572 ehSched - ok
10:39:37.0760 5572 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:39:37.0776 5572 elxstor - ok
10:39:37.0807 5572 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:39:37.0838 5572 ErrDev - ok
10:39:37.0870 5572 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:39:37.0901 5572 EventSystem - ok
10:39:37.0901 5572 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:39:37.0932 5572 exfat - ok
10:39:37.0948 5572 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:39:37.0963 5572 fastfat - ok
10:39:38.0010 5572 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:39:38.0041 5572 Fax - ok
10:39:38.0057 5572 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:39:38.0072 5572 fdc - ok
10:39:38.0104 5572 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:39:38.0135 5572 fdPHost - ok
10:39:38.0150 5572 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:39:38.0182 5572 FDResPub - ok
10:39:38.0197 5572 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:39:38.0213 5572 FileInfo - ok
10:39:38.0228 5572 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:39:38.0244 5572 Filetrace - ok
10:39:38.0306 5572 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:39:38.0322 5572 FLEXnet Licensing Service - ok
10:39:38.0369 5572 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:39:38.0384 5572 flpydisk - ok
10:39:38.0416 5572 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:39:38.0416 5572 FltMgr - ok
10:39:38.0462 5572 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:39:38.0494 5572 FontCache - ok
10:39:38.0540 5572 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:39:38.0603 5572 FontCache3.0.0.0 - ok
10:39:38.0618 5572 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:39:38.0618 5572 FsDepends - ok
10:39:38.0650 5572 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:39:38.0665 5572 Fs_Rec - ok
10:39:38.0728 5572 [ AE6F0A6562D3ECCD613DE1FD8612AC4E ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
10:39:38.0806 5572 Futuremark SystemInfo Service - ok
10:39:38.0837 5572 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:39:38.0868 5572 fvevol - ok
10:39:38.0884 5572 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:39:38.0884 5572 gagp30kx - ok
10:39:38.0915 5572 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
10:39:38.0946 5572 gdrv - ok
10:39:38.0993 5572 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:39:39.0024 5572 gpsvc - ok
10:39:39.0055 5572 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
10:39:39.0071 5572 GVTDrv64 - ok
10:39:39.0102 5572 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:39:39.0118 5572 hcw85cir - ok
10:39:39.0164 5572 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:39:39.0180 5572 HdAudAddService - ok
10:39:39.0180 5572 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:39:39.0196 5572 HDAudBus - ok
10:39:39.0196 5572 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:39:39.0211 5572 HidBatt - ok
10:39:39.0227 5572 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:39:39.0227 5572 HidBth - ok
10:39:39.0242 5572 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:39:39.0274 5572 HidIr - ok
10:39:39.0305 5572 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:39:39.0336 5572 hidserv - ok
10:39:39.0352 5572 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:39:39.0367 5572 HidUsb - ok
10:39:39.0398 5572 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:39:39.0430 5572 hkmsvc - ok
10:39:39.0461 5572 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:39:39.0492 5572 HomeGroupListener - ok
10:39:39.0523 5572 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:39:39.0554 5572 HomeGroupProvider - ok
10:39:39.0570 5572 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:39:39.0586 5572 HpSAMD - ok
10:39:39.0617 5572 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:39:39.0648 5572 HTTP - ok
10:39:39.0664 5572 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:39:39.0664 5572 hwpolicy - ok
10:39:39.0695 5572 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:39:39.0710 5572 i8042prt - ok
10:39:39.0757 5572 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:39:39.0757 5572 iaStor - ok
10:39:39.0835 5572 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:39:39.0866 5572 IAStorDataMgrSvc - ok
10:39:39.0882 5572 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:39:39.0898 5572 iaStorV - ok
10:39:39.0929 5572 [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
10:39:39.0976 5572 ICCS ( UnsignedFile.Multi.Generic ) - warning
10:39:39.0976 5572 ICCS - detected UnsignedFile.Multi.Generic (1)
10:39:40.0038 5572 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
10:39:40.0085 5572 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:39:40.0085 5572 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:39:40.0132 5572 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:39:40.0147 5572 idsvc - ok
10:39:40.0178 5572 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:39:40.0194 5572 iirsp - ok
10:39:40.0225 5572 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:39:40.0272 5572 IKEEXT - ok
10:39:40.0397 5572 [ ACACD1B925D448558C1C9D0258749451 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:39:40.0444 5572 IntcAzAudAddService - ok
10:39:40.0537 5572 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:39:41.0099 5572 Intel® Capability Licensing Service Interface - ok
10:39:41.0130 5572 [ D7B978F4504D3DA95A21002863D0E7EE ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
10:39:41.0130 5572 Intel® PROSet Monitoring Service - ok
10:39:41.0177 5572 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:39:41.0177 5572 intelide - ok
10:39:41.0192 5572 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:39:41.0224 5572 intelppm - ok
10:39:41.0239 5572 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:39:41.0286 5572 IPBusEnum - ok
10:39:41.0317 5572 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:39:41.0348 5572 IpFilterDriver - ok
10:39:41.0380 5572 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:39:41.0411 5572 iphlpsvc - ok
10:39:41.0442 5572 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:39:41.0473 5572 IPMIDRV - ok
10:39:41.0489 5572 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:39:41.0520 5572 IPNAT - ok
10:39:41.0520 5572 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:39:41.0582 5572 IRENUM - ok
10:39:41.0598 5572 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:39:41.0598 5572 isapnp - ok
10:39:41.0614 5572 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:39:41.0629 5572 iScsiPrt - ok
10:39:41.0660 5572 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:39:41.0660 5572 iusb3hcs - ok
10:39:41.0692 5572 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
10:39:41.0707 5572 iusb3hub - ok
10:39:41.0723 5572 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:39:41.0738 5572 iusb3xhc - ok
10:39:41.0801 5572 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
10:39:41.0801 5572 jhi_service - ok
10:39:41.0816 5572 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:39:41.0816 5572 kbdclass - ok
10:39:41.0832 5572 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:39:41.0832 5572 kbdhid - ok
10:39:41.0832 5572 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:39:41.0848 5572 KeyIso - ok
10:39:41.0863 5572 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:39:41.0879 5572 KSecDD - ok
10:39:41.0894 5572 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:39:41.0894 5572 KSecPkg - ok
10:39:41.0910 5572 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:39:41.0926 5572 ksthunk - ok
10:39:41.0957 5572 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:39:42.0019 5572 KtmRm - ok
10:39:42.0035 5572 [ B8040D3B97B16B89701E31A17353856C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
10:39:42.0050 5572 L1C - ok
10:39:42.0082 5572 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:39:42.0097 5572 LanmanServer - ok
10:39:42.0144 5572 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:39:42.0160 5572 LanmanWorkstation - ok
10:39:42.0191 5572 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:39:42.0222 5572 lltdio - ok
10:39:42.0253 5572 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:39:42.0316 5572 lltdsvc - ok
10:39:42.0316 5572 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:39:42.0331 5572 lmhosts - ok
10:39:42.0425 5572 [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:39:42.0456 5572 LMS - ok
10:39:42.0487 5572 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:39:42.0503 5572 LSI_FC - ok
10:39:42.0503 5572 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:39:42.0518 5572 LSI_SAS - ok
10:39:42.0550 5572 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:39:42.0550 5572 LSI_SAS2 - ok
10:39:42.0581 5572 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:39:42.0596 5572 LSI_SCSI - ok
10:39:42.0612 5572 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:39:42.0643 5572 luafv - ok
10:39:42.0737 5572 [ D6CDF198518B8428B66AAD8F7BABC3BE ] lxedCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxedserv.exe
10:39:42.0752 5572 lxedCATSCustConnectService - ok
10:39:42.0768 5572 lxed_device - ok
10:39:42.0799 5572 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:39:42.0815 5572 MBAMProtector - ok
10:39:42.0846 5572 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:39:42.0862 5572 MBAMScheduler - ok
10:39:42.0877 5572 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:39:42.0893 5572 MBAMService - ok
10:39:42.0893 5572 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
10:39:42.0908 5572 MBfilt - ok
10:39:42.0924 5572 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:39:42.0955 5572 Mcx2Svc - ok
10:39:42.0971 5572 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:39:42.0986 5572 megasas - ok
10:39:43.0033 5572 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:39:43.0049 5572 MegaSR - ok
10:39:43.0064 5572 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:39:43.0080 5572 MEIx64 - ok
10:39:43.0096 5572 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:39:43.0142 5572 MMCSS - ok
10:39:43.0189 5572 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:39:43.0220 5572 Modem - ok
10:39:43.0236 5572 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:39:43.0267 5572 monitor - ok
10:39:43.0345 5572 [ C030F9E822A057C1A7A9BB4EA3E8877E ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
10:39:43.0408 5572 MotioninJoyXFilter - ok
10:39:43.0423 5572 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:39:43.0423 5572 mouclass - ok
10:39:43.0439 5572 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:39:43.0439 5572 mouhid - ok
10:39:43.0486 5572 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:39:43.0486 5572 mountmgr - ok
10:39:43.0548 5572 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:39:43.0595 5572 MozillaMaintenance - ok
10:39:43.0642 5572 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:39:43.0642 5572 MpFilter - ok
10:39:43.0704 5572 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:39:43.0720 5572 mpio - ok
10:39:43.0766 5572 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:39:43.0798 5572 mpsdrv - ok
10:39:43.0829 5572 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:39:43.0876 5572 MpsSvc - ok
10:39:43.0891 5572 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:39:43.0938 5572 MRxDAV - ok
10:39:43.0985 5572 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:39:44.0016 5572 mrxsmb - ok
10:39:44.0032 5572 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:39:44.0047 5572 mrxsmb10 - ok
10:39:44.0063 5572 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:39:44.0078 5572 mrxsmb20 - ok
10:39:44.0094 5572 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:39:44.0110 5572 msahci - ok
10:39:44.0172 5572 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:39:44.0172 5572 msdsm - ok
10:39:44.0203 5572 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:39:44.0234 5572 MSDTC - ok
10:39:44.0266 5572 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:39:44.0281 5572 Msfs - ok
10:39:44.0297 5572 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:39:44.0328 5572 mshidkmdf - ok
10:39:44.0359 5572 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:39:44.0375 5572 msisadrv - ok
10:39:44.0406 5572 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:39:44.0468 5572 MSiSCSI - ok
10:39:44.0468 5572 msiserver - ok
10:39:44.0515 5572 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:39:44.0546 5572 MSKSSRV - ok
10:39:44.0640 5572 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:39:44.0640 5572 MsMpSvc - ok
10:39:44.0671 5572 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:39:44.0718 5572 MSPCLOCK - ok
10:39:44.0718 5572 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:39:44.0765 5572 MSPQM - ok
10:39:44.0812 5572 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:39:44.0827 5572 MsRPC - ok
10:39:44.0858 5572 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:39:44.0858 5572 mssmbios - ok
10:39:44.0890 5572 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:39:44.0936 5572 MSTEE - ok
10:39:44.0936 5572 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:39:44.0952 5572 MTConfig - ok
10:39:45.0030 5572 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:39:45.0046 5572 Mup - ok
10:39:45.0092 5572 [ 97CCA67FCDABB8441149F04B34ABF510 ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys
10:39:45.0108 5572 mvs91xx - ok
10:39:45.0139 5572 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:39:45.0170 5572 napagent - ok
10:39:45.0264 5572 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:39:45.0295 5572 NativeWifiP - ok
10:39:45.0358 5572 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:39:45.0373 5572 NDIS - ok
10:39:45.0404 5572 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:39:45.0436 5572 NdisCap - ok
10:39:45.0763 5572 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:39:45.0794 5572 NdisTapi - ok
10:39:45.0826 5572 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:39:45.0857 5572 Ndisuio - ok
10:39:45.0888 5572 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:39:45.0904 5572 NdisWan - ok
10:39:45.0935 5572 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:39:45.0966 5572 NDProxy - ok
10:39:46.0013 5572 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:39:46.0044 5572 NetBIOS - ok
10:39:46.0122 5572 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:39:46.0169 5572 NetBT - ok
10:39:46.0200 5572 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:39:46.0200 5572 Netlogon - ok
10:39:46.0247 5572 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:39:46.0278 5572 Netman - ok
10:39:46.0294 5572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:46.0340 5572 NetMsmqActivator - ok
10:39:46.0340 5572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:46.0356 5572 NetPipeActivator - ok
10:39:46.0372 5572 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:39:46.0403 5572 netprofm - ok
10:39:46.0403 5572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:46.0403 5572 NetTcpActivator - ok
10:39:46.0418 5572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:46.0418 5572 NetTcpPortSharing - ok
10:39:46.0465 5572 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:39:46.0465 5572 nfrd960 - ok
10:39:46.0512 5572 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:39:46.0512 5572 NisDrv - ok
10:39:46.0559 5572 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:39:46.0574 5572 NisSrv - ok
10:39:46.0606 5572 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:39:46.0637 5572 NlaSvc - ok
10:39:46.0652 5572 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:39:46.0668 5572 Npfs - ok
10:39:46.0730 5572 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:39:46.0793 5572 nsi - ok
10:39:46.0824 5572 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:39:46.0855 5572 nsiproxy - ok
10:39:46.0918 5572 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:39:46.0949 5572 Ntfs - ok
10:39:46.0964 5572 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:39:46.0996 5572 Null - ok
10:39:47.0074 5572 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:39:47.0074 5572 NVHDA - ok
10:39:47.0432 5572 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:39:47.0542 5572 nvlddmkm - ok
10:39:47.0557 5572 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:39:47.0573 5572 nvraid - ok
10:39:47.0604 5572 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:39:47.0604 5572 nvstor - ok
10:39:47.0666 5572 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
10:39:47.0682 5572 nvsvc - ok
10:39:47.0729 5572 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:39:47.0744 5572 nvUpdatusService - ok
10:39:47.0776 5572 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:39:47.0791 5572 nv_agp - ok
10:39:47.0916 5572 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:39:47.0932 5572 odserv - ok
10:39:47.0963 5572 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:39:47.0978 5572 ohci1394 - ok
10:39:48.0010 5572 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:39:48.0025 5572 ose - ok
10:39:48.0056 5572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:39:48.0103 5572 p2pimsvc - ok
10:39:48.0119 5572 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:39:48.0134 5572 p2psvc - ok
10:39:48.0259 5572 [ F7BAC457D6AE2F7E18FA69C8180A7843 ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
10:39:48.0306 5572 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - warning
10:39:48.0306 5572 PaceLicenseDServices - detected UnsignedFile.Multi.Generic (1)
10:39:48.0337 5572 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:39:48.0368 5572 Parport - ok
10:39:48.0384 5572 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:39:48.0400 5572 partmgr - ok
10:39:48.0415 5572 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:39:48.0446 5572 PcaSvc - ok
10:39:48.0462 5572 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:39:48.0478 5572 pci - ok
10:39:48.0509 5572 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:39:48.0524 5572 pciide - ok
10:39:48.0540 5572 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:39:48.0556 5572 pcmcia - ok
10:39:48.0571 5572 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:39:48.0587 5572 pcw - ok
10:39:48.0618 5572 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:39:48.0649 5572 PEAUTH - ok
10:39:48.0743 5572 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:39:48.0774 5572 PerfHost - ok
10:39:48.0836 5572 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:39:48.0883 5572 pla - ok
10:39:48.0930 5572 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:39:48.0961 5572 PlugPlay - ok
10:39:49.0008 5572 PnkBstrA - ok
10:39:49.0008 5572 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:39:49.0039 5572 PNRPAutoReg - ok
10:39:49.0086 5572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:39:49.0086 5572 PNRPsvc - ok
10:39:49.0148 5572 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:39:49.0242 5572 PolicyAgent - ok
10:39:49.0258 5572 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:39:49.0304 5572 Power - ok
10:39:49.0336 5572 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:39:49.0382 5572 PptpMiniport - ok
10:39:49.0398 5572 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:39:49.0429 5572 Processor - ok
10:39:49.0460 5572 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:39:49.0476 5572 ProfSvc - ok
10:39:49.0492 5572 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:39:49.0492 5572 ProtectedStorage - ok
10:39:49.0554 5572 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:39:49.0616 5572 Psched - ok
10:39:49.0679 5572 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:39:49.0726 5572 ql2300 - ok
10:39:49.0757 5572 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:39:49.0757 5572 ql40xx - ok
10:39:49.0804 5572 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:39:49.0819 5572 QWAVE - ok
10:39:49.0835 5572 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:39:49.0897 5572 QWAVEdrv - ok
10:39:49.0944 5572 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:39:49.0975 5572 RasAcd - ok
10:39:50.0022 5572 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:39:50.0038 5572 RasAgileVpn - ok
10:39:50.0053 5572 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:39:50.0100 5572 RasAuto - ok
10:39:50.0162 5572 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:39:50.0178 5572 Rasl2tp - ok
10:39:50.0225 5572 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:39:50.0256 5572 RasMan - ok
10:39:50.0272 5572 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:39:50.0303 5572 RasPppoe - ok
10:39:50.0334 5572 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:39:50.0365 5572 RasSstp - ok
10:39:50.0396 5572 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:39:50.0443 5572 rdbss - ok
10:39:50.0459 5572 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:39:50.0459 5572 rdpbus - ok
10:39:50.0474 5572 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:39:50.0506 5572 RDPCDD - ok
10:39:50.0521 5572 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:39:50.0568 5572 RDPENCDD - ok
10:39:50.0584 5572 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:39:50.0599 5572 RDPREFMP - ok
10:39:50.0630 5572 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:39:50.0662 5572 RDPWD - ok
10:39:50.0708 5572 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:39:50.0708 5572 rdyboost - ok
10:39:50.0740 5572 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:39:50.0755 5572 RemoteAccess - ok
10:39:50.0786 5572 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:39:50.0818 5572 RemoteRegistry - ok
10:39:50.0864 5572 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:39:50.0880 5572 RFCOMM - ok
10:39:50.0896 5572 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:39:50.0911 5572 RpcEptMapper - ok
10:39:50.0958 5572 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:39:50.0989 5572 RpcLocator - ok
10:39:51.0005 5572 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:39:51.0036 5572 RpcSs - ok
10:39:51.0052 5572 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:39:51.0067 5572 rspndr - ok
10:39:51.0067 5572 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:39:51.0083 5572 SamSs - ok
10:39:51.0083 5572 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:39:51.0098 5572 sbp2port - ok
10:39:51.0130 5572 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:39:51.0145 5572 SCardSvr - ok
10:39:51.0161 5572 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:39:51.0208 5572 scfilter - ok
10:39:51.0270 5572 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:39:51.0317 5572 Schedule - ok
10:39:51.0332 5572 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:39:51.0348 5572 SCPolicySvc - ok
10:39:51.0364 5572 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:39:51.0410 5572 SDRSVC - ok
10:39:51.0426 5572 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:39:51.0457 5572 secdrv - ok
10:39:51.0488 5572 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:39:51.0520 5572 seclogon - ok
10:39:51.0535 5572 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:39:51.0582 5572 SENS - ok
10:39:51.0582 5572 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:39:51.0629 5572 SensrSvc - ok
10:39:51.0691 5572 [ 84AC127242DD3CCDE02F9A4673214B1F ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
10:39:51.0910 5572 Sentinel64 - ok
10:39:51.0910 5572 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:39:51.0941 5572 Serenum - ok
10:39:51.0972 5572 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:39:51.0988 5572 Serial - ok
10:39:52.0019 5572 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:39:52.0066 5572 sermouse - ok
10:39:52.0097 5572 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:39:52.0128 5572 SessionEnv - ok
10:39:52.0144 5572 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:39:52.0175 5572 sffdisk - ok
10:39:52.0175 5572 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:39:52.0190 5572 sffp_mmc - ok
10:39:52.0222 5572 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:39:52.0237 5572 sffp_sd - ok
10:39:52.0237 5572 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:39:52.0253 5572 sfloppy - ok
10:39:52.0300 5572 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:39:52.0346 5572 SharedAccess - ok
10:39:52.0378 5572 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:39:52.0393 5572 ShellHWDetection - ok
10:39:52.0424 5572 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:39:52.0424 5572 SiSRaid2 - ok
10:39:52.0456 5572 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:39:52.0471 5572 SiSRaid4 - ok
10:39:52.0518 5572 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:39:52.0565 5572 Smb - ok
10:39:52.0612 5572 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:39:52.0627 5572 SNMPTRAP - ok
10:39:52.0627 5572 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:39:52.0643 5572 spldr - ok
10:39:52.0674 5572 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:39:52.0690 5572 Spooler - ok
10:39:52.0768 5572 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:39:52.0814 5572 sppsvc - ok
10:39:52.0830 5572 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:39:52.0861 5572 sppuinotify - ok
10:39:52.0924 5572 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:39:52.0955 5572 srv - ok
10:39:53.0017 5572 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:39:53.0048 5572 srv2 - ok
10:39:53.0080 5572 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:39:53.0080 5572 srvnet - ok
10:39:53.0111 5572 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:39:53.0158 5572 SSDPSRV - ok
10:39:53.0204 5572 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:39:53.0220 5572 SstpSvc - ok
10:39:53.0251 5572 Steam Client Service - ok
10:39:53.0360 5572 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:39:53.0376 5572 Stereo Service - ok
10:39:53.0423 5572 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:39:53.0423 5572 stexstor - ok
10:39:53.0438 5572 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:39:53.0470 5572 stisvc - ok
10:39:53.0485 5572 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:39:53.0485 5572 swenum - ok
10:39:53.0532 5572 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:39:53.0563 5572 swprv - ok
10:39:53.0657 5572 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:39:53.0719 5572 SysMain - ok
10:39:53.0750 5572 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:39:53.0766 5572 TabletInputService - ok
10:39:53.0797 5572 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:39:53.0844 5572 TapiSrv - ok
10:39:53.0906 5572 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:39:53.0938 5572 TBS - ok
10:39:53.0984 5572 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:39:54.0031 5572 Tcpip - ok
10:39:54.0047 5572 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:39:54.0078 5572 TCPIP6 - ok
10:39:54.0094 5572 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:39:54.0125 5572 tcpipreg - ok
10:39:54.0140 5572 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:39:54.0187 5572 TDPIPE - ok
10:39:54.0218 5572 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:39:54.0250 5572 TDTCP - ok
10:39:54.0281 5572 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:39:54.0296 5572 tdx - ok
10:39:54.0312 5572 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:39:54.0328 5572 TermDD - ok
10:39:54.0343 5572 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:39:54.0390 5572 TermService - ok
10:39:54.0421 5572 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:39:54.0437 5572 Themes - ok
10:39:54.0468 5572 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:39:54.0484 5572 THREADORDER - ok
10:39:54.0515 5572 [ 8DD33A57339ADAE34CDB12994ACBC50F ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
10:39:54.0593 5572 Tpkd - ok
10:39:54.0593 5572 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:39:54.0624 5572 TrkWks - ok
10:39:54.0686 5572 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:39:54.0718 5572 TrustedInstaller - ok
10:39:54.0733 5572 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:39:54.0764 5572 tssecsrv - ok
10:39:54.0811 5572 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:39:54.0842 5572 TsUsbFlt - ok
10:39:54.0874 5572 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:39:54.0905 5572 tunnel - ok
10:39:54.0905 5572 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:39:54.0920 5572 uagp35 - ok
10:39:54.0952 5572 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:39:54.0983 5572 udfs - ok
10:39:55.0014 5572 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:39:55.0014 5572 UI0Detect - ok
10:39:55.0045 5572 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:39:55.0045 5572 uliagpkx - ok
10:39:55.0076 5572 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:39:55.0092 5572 umbus - ok
10:39:55.0108 5572 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:39:55.0123 5572 UmPass - ok
10:39:55.0186 5572 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:39:55.0186 5572 UNS - ok
10:39:55.0248 5572 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:39:55.0295 5572 upnphost - ok
10:39:55.0326 5572 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:39:55.0342 5572 usbccgp - ok
10:39:55.0373 5572 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:39:55.0388 5572 usbcir - ok
10:39:55.0420 5572 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:39:55.0435 5572 usbehci - ok
10:39:55.0466 5572 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:39:55.0498 5572 usbhub - ok
10:39:55.0513 5572 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:39:55.0529 5572 usbohci - ok
10:39:55.0529 5572 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:39:55.0560 5572 usbprint - ok
10:39:55.0607 5572 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:39:55.0622 5572 usbscan - ok
10:39:55.0638 5572 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:39:55.0669 5572 USBSTOR - ok
10:39:55.0685 5572 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:39:55.0716 5572 usbuhci - ok
10:39:55.0732 5572 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:39:55.0763 5572 UxSms - ok
10:39:55.0778 5572 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:39:55.0778 5572 VaultSvc - ok
10:39:55.0794 5572 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:39:55.0794 5572 vdrvroot - ok
10:39:55.0825 5572 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:39:55.0856 5572 vds - ok
10:39:55.0872 5572 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:39:55.0888 5572 vga - ok
10:39:55.0888 5572 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:39:55.0919 5572 VgaSave - ok
10:39:55.0934 5572 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:39:55.0950 5572 vhdmp - ok
10:39:55.0966 5572 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:39:55.0981 5572 viaide - ok
10:39:55.0981 5572 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:39:55.0981 5572 volmgr - ok
10:39:56.0012 5572 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:39:56.0028 5572 volmgrx - ok
10:39:56.0044 5572 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:39:56.0044 5572 volsnap - ok
10:39:56.0075 5572 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:39:56.0090 5572 vsmraid - ok
10:39:56.0153 5572 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:39:56.0184 5572 VSS - ok
10:39:56.0200 5572 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:39:56.0215 5572 vwifibus - ok
10:39:56.0231 5572 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:39:56.0246 5572 vwififlt - ok
10:39:56.0278 5572 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:39:56.0309 5572 W32Time - ok
10:39:56.0324 5572 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:39:56.0340 5572 WacomPen - ok
10:39:56.0356 5572 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:39:56.0387 5572 WANARP - ok
10:39:56.0402 5572 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:39:56.0418 5572 Wanarpv6 - ok
10:39:56.0465 5572 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:39:56.0496 5572 WatAdminSvc - ok
10:39:56.0512 5572 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:39:56.0590 5572 wbengine - ok
10:39:56.0605 5572 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:39:56.0605 5572 WbioSrvc - ok
10:39:56.0636 5572 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:39:56.0683 5572 wcncsvc - ok
10:39:56.0683 5572 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:39:56.0714 5572 WcsPlugInService - ok
10:39:56.0730 5572 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:39:56.0746 5572 Wd - ok
10:39:56.0777 5572 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:39:56.0792 5572 Wdf01000 - ok
10:39:56.0808 5572 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:39:56.0902 5572 WdiServiceHost - ok
10:39:56.0902 5572 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:39:56.0902 5572 WdiSystemHost - ok
10:39:56.0933 5572 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:39:56.0964 5572 WebClient - ok
10:39:56.0964 5572 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:39:56.0980 5572 Wecsvc - ok
10:39:56.0995 5572 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:39:57.0042 5572 wercplsupport - ok
10:39:57.0058 5572 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:39:57.0073 5572 WerSvc - ok
10:39:57.0104 5572 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:39:57.0120 5572 WfpLwf - ok
10:39:57.0136 5572 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:39:57.0151 5572 WIMMount - ok
10:39:57.0151 5572 WinDefend - ok
10:39:57.0151 5572 WinHttpAutoProxySvc - ok
10:39:57.0214 5572 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:39:57.0229 5572 Winmgmt - ok
10:39:57.0307 5572 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:39:57.0338 5572 WinRM - ok
10:39:57.0385 5572 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:39:57.0401 5572 Wlansvc - ok
10:39:57.0526 5572 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:39:57.0541 5572 wlidsvc - ok
10:39:57.0572 5572 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:39:57.0588 5572 WmiAcpi - ok
10:39:57.0635 5572 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:39:57.0650 5572 wmiApSrv - ok
10:39:57.0682 5572 WMPNetworkSvc - ok
10:39:57.0697 5572 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:39:57.0728 5572 WPCSvc - ok
10:39:57.0760 5572 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:39:57.0775 5572 WPDBusEnum - ok
10:39:57.0791 5572 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:39:57.0822 5572 ws2ifsl - ok
10:39:57.0853 5572 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:39:57.0884 5572 wscsvc - ok
10:39:57.0884 5572 WSearch - ok
10:39:57.0978 5572 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:39:58.0009 5572 wuauserv - ok
10:39:58.0025 5572 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:39:58.0056 5572 WudfPf - ok
10:39:58.0087 5572 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:39:58.0103 5572 WUDFRd - ok
10:39:58.0134 5572 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:39:58.0150 5572 wudfsvc - ok
10:39:58.0181 5572 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:39:58.0212 5572 WwanSvc - ok
10:39:58.0228 5572 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
10:39:58.0243 5572 xusb21 - ok
10:39:58.0259 5572 ================ Scan global ===============================
10:39:58.0274 5572 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:39:58.0306 5572 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:39:58.0321 5572 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:39:58.0337 5572 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:39:58.0368 5572 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:39:58.0368 5572 [Global] - ok
10:39:58.0368 5572 ================ Scan MBR ==================================
10:39:58.0384 5572 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:40:00.0458 5572 \Device\Harddisk1\DR1 - ok
10:40:00.0458 5572 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:40:00.0505 5572 \Device\Harddisk0\DR0 - ok
10:40:00.0505 5572 ================ Scan VBR ==================================
10:40:00.0505 5572 [ D099B8EAE79A33A9E2ED7EF7A20652F6 ] \Device\Harddisk1\DR1\Partition1
10:40:00.0505 5572 \Device\Harddisk1\DR1\Partition1 - ok
10:40:00.0505 5572 [ EC4D2833BA070A335F2908B3F281854D ] \Device\Harddisk0\DR0\Partition1
10:40:00.0521 5572 \Device\Harddisk0\DR0\Partition1 - ok
10:40:00.0521 5572 ================ Scan active images ========================
10:40:00.0521 5572 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\crashdmp.sys - ok
10:40:00.0521 5572 [ C224331A54571C8C9162F7714400BBBD ] C:\Windows\System32\drivers\iaStor.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\iaStor.sys - ok
10:40:00.0521 5572 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\dumpfve.sys - ok
10:40:00.0521 5572 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\beep.sys - ok
10:40:00.0521 5572 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\cdrom.sys - ok
10:40:00.0521 5572 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\null.sys - ok
10:40:00.0521 5572 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\RDPCDD.sys - ok
10:40:00.0521 5572 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\vga.sys - ok
10:40:00.0521 5572 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
10:40:00.0521 5572 C:\Windows\System32\drivers\videoprt.sys - ok
10:40:00.0536 5572 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\watchdog.sys - ok
10:40:00.0536 5572 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:40:00.0536 5572 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\RDPREFMP.sys - ok
10:40:00.0536 5572 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\msfs.sys - ok
10:40:00.0536 5572 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\npfs.sys - ok
10:40:00.0536 5572 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\tdi.sys - ok
10:40:00.0536 5572 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\tdx.sys - ok
10:40:00.0536 5572 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\afd.sys - ok
10:40:00.0536 5572 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\netbt.sys - ok
10:40:00.0536 5572 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
10:40:00.0536 5572 C:\Windows\System32\drivers\wfplwf.sys - ok
10:40:00.0552 5572 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\pacer.sys - ok
10:40:00.0552 5572 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\netbios.sys - ok
10:40:00.0552 5572 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\vwififlt.sys - ok
10:40:00.0552 5572 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\wanarp.sys - ok
10:40:00.0552 5572 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\termdd.sys - ok
10:40:00.0552 5572 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\discache.sys - ok
10:40:00.0552 5572 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\mssmbios.sys - ok
10:40:00.0552 5572 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\nsiproxy.sys - ok
10:40:00.0552 5572 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\rdbss.sys - ok
10:40:00.0552 5572 [ BA957E7ACD2B44FA3B01FAA64F6A9060 ] C:\Windows\System32\drivers\AppleCharger.sys
10:40:00.0552 5572 C:\Windows\System32\drivers\AppleCharger.sys - ok
10:40:00.0568 5572 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
10:40:00.0568 5572 C:\Windows\System32\drivers\blbdrive.sys - ok
10:40:00.0568 5572 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
10:40:00.0568 5572 C:\Windows\System32\drivers\dfsc.sys - ok
10:40:00.0568 5572 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
10:40:00.0568 5572 C:\Windows\System32\drivers\tunnel.sys - ok
10:40:00.0568 5572 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
10:40:00.0568 5572 C:\Windows\System32\ntdll.dll - ok
10:40:00.0568 5572 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
10:40:00.0568 5572 C:\Windows\System32\smss.exe - ok
10:40:00.0568 5572 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\Windows\System32\drivers\nvlddmkm.sys
10:40:00.0568 5572 C:\Windows\System32\drivers\nvlddmkm.sys - ok
10:40:00.0568 5572 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
10:40:00.0568 5572 C:\Windows\System32\autochk.exe - ok
10:40:00.0568 5572 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
10:40:00.0568 5572 C:\Windows\System32\drivers\dxgkrnl.sys - ok
10:40:00.0568 5572 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
10:40:00.0568 5572 C:\Windows\System32\drivers\dxgmms1.sys - ok
10:40:00.0583 5572 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\hdaudbus.sys - ok
10:40:00.0583 5572 [ 1008CD90DA2198FFD250298DEB9DF160 ] C:\Windows\System32\drivers\iusb3xhc.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\iusb3xhc.sys - ok
10:40:00.0583 5572 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\usbd.sys - ok
10:40:00.0583 5572 [ 6B01B7414A105B9E51652089A03027CF ] C:\Windows\System32\drivers\HECIx64.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\HECIx64.sys - ok
10:40:00.0583 5572 [ EAFCB4551836FF44EE775CEDDFA7A77E ] C:\Windows\System32\drivers\e1c62x64.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\e1c62x64.sys - ok
10:40:00.0583 5572 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\usbehci.sys - ok
10:40:00.0583 5572 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\usbport.sys - ok
10:40:00.0583 5572 [ B03F91737AEF778B12C2B8413D8DBEE7 ] C:\Windows\System32\drivers\athrx.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\athrx.sys - ok
10:40:00.0583 5572 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\vwifibus.sys - ok
10:40:00.0583 5572 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
10:40:00.0583 5572 C:\Windows\System32\drivers\1394ohci.sys - ok
10:40:00.0599 5572 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\agilevpn.sys - ok
10:40:00.0599 5572 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\CompositeBus.sys - ok
10:40:00.0599 5572 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\i8042prt.sys - ok
10:40:00.0599 5572 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\intelppm.sys - ok
10:40:00.0599 5572 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\kbdclass.sys - ok
10:40:00.0599 5572 [ B8040D3B97B16B89701E31A17353856C ] C:\Windows\System32\drivers\L1C62x64.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\L1C62x64.sys - ok
10:40:00.0599 5572 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\mouclass.sys - ok
10:40:00.0599 5572 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\wmiacpi.sys - ok
10:40:00.0599 5572 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
10:40:00.0599 5572 C:\Windows\System32\drivers\ndistapi.sys - ok
10:40:00.0614 5572 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
10:40:00.0614 5572 C:\Windows\System32\drivers\ndiswan.sys - ok
10:40:00.0614 5572 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
10:40:00.0614 5572 C:\Windows\System32\drivers\rasl2tp.sys - ok
10:40:00.0614 5572 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
10:40:00.0614 5572 C:\Windows\System32\drivers\raspppoe.sys - ok
10:40:00.0614 5572 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
10:40:00.0614 5572 C:\Windows\System32\drivers\raspptp.sys - ok
10:40:00.0614 5572 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
10:40:00.0614 5572 C:\Windows\System32\nsi.dll - ok
10:40:00.0614 5572 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
10:40:00.0614 5572 C:\Windows\System32\ws2_32.dll - ok
10:40:00.0614 5572 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
10:40:00.0614 5572 C:\Windows\System32\drivers\rassstp.sys - ok
10:40:00.0614 5572 [ E6B734A37ADE36FE1A77035F4E484C8C ] C:\Windows\System32\drivers\btath_bus.sys
10:40:00.0614 5572 C:\Windows\System32\drivers\btath_bus.sys - ok
10:40:00.0614 5572 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
10:40:00.0614 5572 C:\Windows\System32\drivers\ks.sys - ok
10:40:00.0614 5572 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
10:40:00.0614 5572 C:\Windows\System32\drivers\swenum.sys - ok
10:40:00.0630 5572 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
10:40:00.0630 5572 C:\Windows\System32\drivers\umbus.sys - ok
10:40:00.0630 5572 [ D25968D163EC487A50C8C6A91D4134B4 ] C:\Windows\System32\iertutil.dll
10:40:00.0630 5572 C:\Windows\System32\iertutil.dll - ok
10:40:00.0630 5572 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
10:40:00.0630 5572 C:\Windows\System32\usp10.dll - ok
10:40:00.0630 5572 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
10:40:00.0630 5572 C:\Windows\System32\drivers\usbhub.sys - ok
10:40:00.0630 5572 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
10:40:00.0630 5572 C:\Windows\System32\ole32.dll - ok
10:40:00.0630 5572 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
10:40:00.0630 5572 C:\Windows\System32\sechost.dll - ok
10:40:00.0630 5572 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
10:40:00.0630 5572 C:\Windows\System32\clbcatq.dll - ok
10:40:00.0630 5572 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
10:40:00.0630 5572 C:\Windows\System32\imm32.dll - ok
10:40:00.0630 5572 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
10:40:00.0630 5572 C:\Windows\System32\psapi.dll - ok
10:40:00.0630 5572 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
10:40:00.0630 5572 C:\Windows\System32\drivers\ndproxy.sys - ok
10:40:00.0646 5572 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
10:40:00.0646 5572 C:\Windows\System32\rpcrt4.dll - ok
10:40:00.0646 5572 [ A19DB004D954BBC9C4EC125711E1D1C2 ] C:\Windows\System32\wininet.dll
10:40:00.0646 5572 C:\Windows\System32\wininet.dll - ok
10:40:00.0646 5572 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
10:40:00.0646 5572 C:\Windows\System32\kernel32.dll - ok
10:40:00.0646 5572 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
10:40:00.0646 5572 C:\Windows\System32\msctf.dll - ok
10:40:00.0646 5572 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
10:40:00.0646 5572 C:\Windows\System32\comdlg32.dll - ok
10:40:00.0646 5572 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
10:40:00.0646 5572 C:\Windows\System32\msvcrt.dll - ok
10:40:00.0646 5572 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
10:40:00.0646 5572 C:\Windows\System32\shlwapi.dll - ok
10:40:00.0646 5572 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
10:40:00.0646 5572 C:\Windows\System32\difxapi.dll - ok
10:40:00.0646 5572 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
10:40:00.0646 5572 C:\Windows\System32\shell32.dll - ok
10:40:00.0646 5572 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
10:40:00.0646 5572 C:\Windows\System32\normaliz.dll - ok
10:40:00.0661 5572 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
10:40:00.0661 5572 C:\Windows\System32\setupapi.dll - ok
10:40:00.0661 5572 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
10:40:00.0661 5572 C:\Windows\System32\gdi32.dll - ok
10:40:00.0661 5572 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
10:40:00.0661 5572 C:\Windows\System32\lpk.dll - ok
10:40:00.0661 5572 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
10:40:00.0661 5572 C:\Windows\System32\user32.dll - ok
10:40:00.0661 5572 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
10:40:00.0661 5572 C:\Windows\System32\Wldap32.dll - ok
10:40:00.0661 5572 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
10:40:00.0661 5572 C:\Windows\System32\advapi32.dll - ok
10:40:00.0661 5572 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
10:40:00.0661 5572 C:\Windows\System32\imagehlp.dll - ok
10:40:00.0661 5572 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
10:40:00.0661 5572 C:\Windows\System32\oleaut32.dll - ok
10:40:00.0661 5572 [ E519FD2CE6D57062400537C95C3B17FD ] C:\Windows\System32\urlmon.dll
10:40:00.0661 5572 C:\Windows\System32\urlmon.dll - ok
10:40:00.0661 5572 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
10:40:00.0661 5572 C:\Windows\System32\KernelBase.dll - ok
10:40:00.0677 5572 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
10:40:00.0677 5572 C:\Windows\System32\comctl32.dll - ok
10:40:00.0677 5572 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
10:40:00.0677 5572 C:\Windows\System32\crypt32.dll - ok
10:40:00.0677 5572 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
10:40:00.0677 5572 C:\Windows\System32\wintrust.dll - ok
10:40:00.0677 5572 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
10:40:00.0677 5572 C:\Windows\System32\cfgmgr32.dll - ok
10:40:00.0677 5572 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
10:40:00.0677 5572 C:\Windows\System32\devobj.dll - ok
10:40:00.0677 5572 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
10:40:00.0677 5572 C:\Windows\System32\msasn1.dll - ok
10:40:00.0677 5572 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
10:40:00.0677 5572 C:\Windows\System32\drivers\drmk.sys - ok
10:40:00.0677 5572 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] C:\Windows\System32\drivers\iusb3hub.sys
10:40:00.0677 5572 C:\Windows\System32\drivers\iusb3hub.sys - ok
10:40:00.0677 5572 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
10:40:00.0677 5572 C:\Windows\System32\drivers\ksthunk.sys - ok
10:40:00.0677 5572 [ 102806B360D0E6BC6E55BF47EF655D43 ] C:\Windows\System32\drivers\nvhda64v.sys
10:40:00.0677 5572 C:\Windows\System32\drivers\nvhda64v.sys - ok
10:40:00.0692 5572 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
10:40:00.0692 5572 C:\Windows\System32\drivers\portcls.sys - ok
10:40:00.0692 5572 [ ACACD1B925D448558C1C9D0258749451 ] C:\Windows\System32\drivers\RTKVHD64.sys
10:40:00.0692 5572 C:\Windows\System32\drivers\RTKVHD64.sys - ok
10:40:00.0692 5572 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
10:40:00.0692 5572 C:\Windows\System32\drivers\HdAudio.sys - ok
10:40:00.0692 5572 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] C:\Windows\System32\drivers\MBfilt64.sys
10:40:00.0692 5572 C:\Windows\System32\drivers\MBfilt64.sys - ok
10:40:00.0692 5572 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
10:40:00.0692 5572 C:\Windows\SysWOW64\normaliz.dll - ok
10:40:00.0692 5572 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
10:40:00.0692 5572 C:\Windows\System32\drivers\dxapi.sys - ok
10:40:00.0692 5572 [ 34B419EDEAC6F12B34908DE3758F98C9 ] C:\Windows\System32\win32k.sys
10:40:00.0692 5572 C:\Windows\System32\win32k.sys - ok
10:40:00.0692 5572 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
10:40:00.0692 5572 C:\Windows\System32\csrsrv.dll - ok
10:40:00.0692 5572 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
10:40:00.0692 5572 C:\Windows\System32\csrss.exe - ok
10:40:00.0692 5572 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
10:40:00.0692 5572 C:\Windows\System32\basesrv.dll - ok
10:40:00.0708 5572 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
10:40:00.0708 5572 C:\Windows\System32\winsrv.dll - ok
10:40:00.0708 5572 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\usbccgp.sys - ok
10:40:00.0708 5572 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\hidparse.sys - ok
10:40:00.0708 5572 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\hidclass.sys - ok
10:40:00.0708 5572 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\hidusb.sys - ok
10:40:00.0708 5572 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\mouhid.sys - ok
10:40:00.0708 5572 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\kbdhid.sys - ok
10:40:00.0708 5572 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\monitor.sys - ok
10:40:00.0708 5572 [ 13BDB661991ACF40ADCB09BD64A8CBEF ] C:\Windows\System32\drivers\btfilter.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\btfilter.sys - ok
10:40:00.0708 5572 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
10:40:00.0708 5572 C:\Windows\System32\drivers\bthport.sys - ok
10:40:00.0724 5572 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
10:40:00.0724 5572 C:\Windows\System32\drivers\BTHUSB.SYS - ok
10:40:00.0724 5572 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
10:40:00.0724 5572 C:\Windows\System32\sxssrv.dll - ok
10:40:00.0724 5572 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
10:40:00.0724 5572 C:\Windows\System32\tsddd.dll - ok
10:40:00.0724 5572 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
10:40:00.0724 5572 C:\Windows\System32\wininit.exe - ok
10:40:00.0724 5572 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
10:40:00.0724 5572 C:\Windows\System32\cdd.dll - ok
10:40:00.0724 5572 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
10:40:00.0724 5572 C:\Windows\System32\KBDUS.DLL - ok
10:40:00.0724 5572 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
10:40:00.0724 5572 C:\Windows\System32\profapi.dll - ok
10:40:00.0724 5572 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
10:40:00.0724 5572 C:\Windows\System32\RpcRtRemote.dll - ok
10:40:00.0724 5572 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
10:40:00.0724 5572 C:\Windows\System32\sxs.dll - ok
10:40:00.0724 5572 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
10:40:00.0724 5572 C:\Windows\System32\WlS0WndH.dll - ok
10:40:00.0739 5572 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
10:40:00.0739 5572 C:\Windows\System32\cryptbase.dll - ok
10:40:00.0739 5572 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
10:40:00.0739 5572 C:\Windows\System32\apphelp.dll - ok
10:40:00.0739 5572 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
10:40:00.0739 5572 C:\Windows\System32\lsasrv.dll - ok
10:40:00.0739 5572 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
10:40:00.0739 5572 C:\Windows\System32\lsass.exe - ok
10:40:00.0739 5572 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
10:40:00.0739 5572 C:\Windows\System32\lsm.exe - ok
10:40:00.0739 5572 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
10:40:00.0739 5572 C:\Windows\System32\services.exe - ok
10:40:00.0739 5572 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
10:40:00.0739 5572 C:\Windows\System32\sspicli.dll - ok
10:40:00.0739 5572 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
10:40:00.0739 5572 C:\Windows\System32\sspisrv.dll - ok
10:40:00.0739 5572 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
10:40:00.0739 5572 C:\Windows\System32\cryptdll.dll - ok
10:40:00.0739 5572 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
10:40:00.0739 5572 C:\Windows\System32\samsrv.dll - ok
10:40:00.0755 5572 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
10:40:00.0755 5572 C:\Windows\System32\scesrv.dll - ok
10:40:00.0755 5572 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
10:40:00.0755 5572 C:\Windows\System32\scext.dll - ok
10:40:00.0755 5572 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
10:40:00.0755 5572 C:\Windows\System32\secur32.dll - ok
10:40:00.0755 5572 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
10:40:00.0755 5572 C:\Windows\System32\sysntfy.dll - ok
10:40:00.0755 5572 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
10:40:00.0755 5572 C:\Windows\System32\wevtapi.dll - ok
10:40:00.0755 5572 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
10:40:00.0755 5572 C:\Windows\System32\wmsgapi.dll - ok
10:40:00.0755 5572 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
10:40:00.0755 5572 C:\Windows\System32\cngaudit.dll - ok
10:40:00.0755 5572 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
10:40:00.0755 5572 C:\Windows\System32\srvcli.dll - ok
10:40:00.0755 5572 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
10:40:00.0755 5572 C:\Windows\System32\authz.dll - ok
10:40:00.0755 5572 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
10:40:00.0755 5572 C:\Windows\System32\ncrypt.dll - ok
10:40:00.0770 5572 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
10:40:00.0770 5572 C:\Windows\System32\bcrypt.dll - ok
10:40:00.0770 5572 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
10:40:00.0770 5572 C:\Windows\System32\msprivs.dll - ok
10:40:00.0770 5572 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
10:40:00.0770 5572 C:\Windows\System32\netjoin.dll - ok
10:40:00.0770 5572 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
10:40:00.0770 5572 C:\Windows\System32\kerberos.dll - ok
10:40:00.0770 5572 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
10:40:00.0770 5572 C:\Windows\System32\negoexts.dll - ok
10:40:00.0770 5572 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
10:40:00.0770 5572 C:\Windows\System32\cryptsp.dll - ok
10:40:00.0770 5572 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
10:40:00.0770 5572 C:\Windows\System32\mswsock.dll - ok
10:40:00.0770 5572 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
10:40:00.0770 5572 C:\Windows\System32\msv1_0.dll - ok
10:40:00.0770 5572 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
10:40:00.0770 5572 C:\Windows\System32\wship6.dll - ok
10:40:00.0786 5572 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
10:40:00.0786 5572 C:\Windows\System32\dnsapi.dll - ok
10:40:00.0786 5572 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
10:40:00.0786 5572 C:\Windows\System32\netlogon.dll - ok
10:40:00.0786 5572 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
10:40:00.0786 5572 C:\Windows\System32\winlogon.exe - ok
10:40:00.0786 5572 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
10:40:00.0786 5572 C:\Windows\System32\drivers\bthenum.sys - ok
10:40:00.0786 5572 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
10:40:00.0786 5572 C:\Windows\System32\drivers\rfcomm.sys - ok
10:40:00.0786 5572 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
10:40:00.0786 5572 C:\Windows\System32\winsta.dll - ok
10:40:00.0786 5572 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
10:40:00.0786 5572 C:\Windows\System32\logoncli.dll - ok
10:40:00.0786 5572 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
10:40:00.0786 5572 C:\Windows\System32\schannel.dll - ok
10:40:00.0786 5572 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
10:40:00.0786 5572 C:\Windows\System32\wdigest.dll - ok
10:40:00.0786 5572 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
10:40:00.0786 5572 C:\Windows\System32\drivers\bthpan.sys - ok
10:40:00.0802 5572 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
10:40:00.0802 5572 C:\Windows\System32\rsaenh.dll - ok
10:40:00.0802 5572 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
10:40:00.0802 5572 C:\Windows\System32\pku2u.dll - ok
10:40:00.0802 5572 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
10:40:00.0802 5572 C:\Windows\System32\TSpkg.dll - ok
10:40:00.0802 5572 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
10:40:00.0802 5572 C:\Windows\System32\bcryptprimitives.dll - ok
10:40:00.0802 5572 [ 918434C02A5A8ED1DD1B16A2FF16409C ] C:\Windows\System32\LIVESSP.DLL
10:40:00.0802 5572 C:\Windows\System32\LIVESSP.DLL - ok
10:40:00.0802 5572 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
10:40:00.0802 5572 C:\Windows\System32\credssp.dll - ok
10:40:00.0802 5572 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
10:40:00.0802 5572 C:\Windows\System32\efslsaext.dll - ok
10:40:00.0802 5572 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
10:40:00.0802 5572 C:\Windows\System32\scecli.dll - ok
10:40:00.0802 5572 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
10:40:00.0802 5572 C:\Windows\System32\ubpm.dll - ok
10:40:00.0802 5572 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
10:40:00.0802 5572 C:\Windows\System32\svchost.exe - ok
10:40:00.0817 5572 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
10:40:00.0817 5572 C:\Windows\System32\umpnpmgr.dll - ok
10:40:00.0817 5572 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
10:40:00.0817 5572 C:\Windows\System32\devrtl.dll - ok
10:40:00.0817 5572 [ C05ED3246C06EC56F10D85B0304CD09E ] C:\Windows\System32\drivers\btath_a2dp.sys
10:40:00.0817 5572 C:\Windows\System32\drivers\btath_a2dp.sys - ok
10:40:00.0817 5572 [ 2D27F7A831657D63AFC78E5E78DCA83F ] C:\Windows\System32\drivers\btath_avdt.sys
10:40:00.0817 5572 C:\Windows\System32\drivers\btath_avdt.sys - ok
10:40:00.0817 5572 [ FB3833E63FF602B69C2FF085846DCF43 ] C:\Windows\System32\drivers\btath_hcrp.sys
10:40:00.0817 5572 C:\Windows\System32\drivers\btath_hcrp.sys - ok
10:40:00.0817 5572 [ ABCD3C16CA850A7594CEB9AD5D966810 ] C:\Windows\System32\drivers\btath_rcp.sys
10:40:00.0817 5572 C:\Windows\System32\drivers\btath_rcp.sys - ok
10:40:00.0817 5572 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
10:40:00.0817 5572 C:\Windows\System32\SPInf.dll - ok
10:40:00.0817 5572 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
10:40:00.0817 5572 C:\Windows\System32\userenv.dll - ok
10:40:00.0817 5572 [ BCC09E0B0362741D0C084828A1B950F3 ] C:\Windows\System32\drivers\btath_flt.sys
10:40:00.0817 5572 C:\Windows\System32\drivers\btath_flt.sys - ok
10:40:00.0817 5572 [ 371A11C1333BA526263A987A93ACDE3D ] C:\Windows\System32\drivers\btath_lwflt.sys
10:40:00.0817 5572 C:\Windows\System32\drivers\btath_lwflt.sys - ok
10:40:00.0833 5572 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
10:40:00.0833 5572 C:\Windows\System32\gpapi.dll - ok
10:40:00.0833 5572 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
10:40:00.0833 5572 C:\Windows\System32\umpo.dll - ok
10:40:00.0833 5572 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
10:40:00.0833 5572 C:\Windows\System32\pcwum.dll - ok
10:40:00.0833 5572 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
10:40:00.0833 5572 C:\Windows\System32\powrprof.dll - ok
10:40:00.0833 5572 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
10:40:00.0833 5572 C:\Windows\System32\drivers\luafv.sys - ok
10:40:00.0833 5572 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
10:40:00.0833 5572 C:\Windows\System32\drivers\mbam.sys - ok
10:40:00.0833 5572 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
10:40:00.0833 5572 C:\Windows\System32\drivers\WUDFPf.sys - ok
10:40:00.0833 5572 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] C:\Windows\System32\nvvsvc.exe
10:40:00.0833 5572 C:\Windows\System32\nvvsvc.exe - ok
10:40:00.0833 5572 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
10:40:00.0833 5572 C:\Windows\System32\wtsapi32.dll - ok
10:40:00.0833 5572 [ F0359F7CE712D69ACEF0886BDB4792ED ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:40:00.0833 5572 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
10:40:00.0848 5572 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
10:40:00.0848 5572 C:\Windows\SysWOW64\ntdll.dll - ok
10:40:00.0848 5572 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
10:40:00.0848 5572 C:\Windows\System32\wow64.dll - ok
10:40:00.0848 5572 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
10:40:00.0848 5572 C:\Windows\System32\wow64cpu.dll - ok
10:40:00.0848 5572 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
10:40:00.0848 5572 C:\Windows\System32\wow64win.dll - ok
10:40:00.0848 5572 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
10:40:00.0848 5572 C:\Windows\SysWOW64\kernel32.dll - ok
10:40:00.0848 5572 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
10:40:00.0848 5572 C:\Windows\SysWOW64\KernelBase.dll - ok
10:40:00.0848 5572 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
10:40:00.0848 5572 C:\Windows\SysWOW64\msvcrt.dll - ok
10:40:00.0848 5572 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
10:40:00.0848 5572 C:\Windows\SysWOW64\version.dll - ok
10:40:00.0848 5572 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
10:40:00.0848 5572 C:\Windows\SysWOW64\setupapi.dll - ok
10:40:00.0848 5572 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
10:40:00.0848 5572 C:\Windows\SysWOW64\cfgmgr32.dll - ok
10:40:00.0864 5572 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\rpcrt4.dll - ok
10:40:00.0864 5572 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\advapi32.dll - ok
10:40:00.0864 5572 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\cryptbase.dll - ok
10:40:00.0864 5572 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\sechost.dll - ok
10:40:00.0864 5572 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\sspicli.dll - ok
10:40:00.0864 5572 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\gdi32.dll - ok
10:40:00.0864 5572 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\user32.dll - ok
10:40:00.0864 5572 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\lpk.dll - ok
10:40:00.0864 5572 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\usp10.dll - ok
10:40:00.0864 5572 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
10:40:00.0864 5572 C:\Windows\SysWOW64\oleaut32.dll - ok
10:40:00.0880 5572 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
10:40:00.0880 5572 C:\Windows\SysWOW64\ole32.dll - ok
10:40:00.0880 5572 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
10:40:00.0880 5572 C:\Windows\SysWOW64\devobj.dll - ok
10:40:00.0880 5572 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
10:40:00.0880 5572 C:\Windows\SysWOW64\imm32.dll - ok
10:40:00.0880 5572 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
10:40:00.0880 5572 C:\Windows\SysWOW64\msctf.dll - ok
10:40:00.0880 5572 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
10:40:00.0880 5572 C:\Windows\SysWOW64\winspool.drv - ok
10:40:00.0880 5572 [ 145E7826A07D98628924A9B06F6273AB ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
10:40:00.0880 5572 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
10:40:00.0880 5572 [ 7AD857422AFA068A39A4B4BBF7FCC49C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
10:40:00.0880 5572 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
10:40:00.0880 5572 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
10:40:00.0880 5572 C:\Windows\SysWOW64\wintrust.dll - ok
10:40:00.0880 5572 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
10:40:00.0880 5572 C:\Windows\SysWOW64\crypt32.dll - ok
10:40:00.0880 5572 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
10:40:00.0880 5572 C:\Windows\SysWOW64\msasn1.dll - ok
10:40:00.0895 5572 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
10:40:00.0895 5572 C:\Windows\System32\RpcEpMap.dll - ok
10:40:00.0895 5572 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
10:40:00.0895 5572 C:\Windows\System32\rpcss.dll - ok
10:40:00.0895 5572 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
10:40:00.0895 5572 C:\Windows\System32\wshqos.dll - ok
10:40:00.0895 5572 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
10:40:00.0895 5572 C:\Windows\System32\WSHTCPIP.DLL - ok
10:40:00.0895 5572 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
10:40:00.0895 5572 C:\Windows\System32\LogonUI.exe - ok
10:40:00.0895 5572 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
10:40:00.0895 5572 C:\Windows\SysWOW64\ntmarta.dll - ok
10:40:00.0895 5572 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
10:40:00.0895 5572 C:\Windows\SysWOW64\Wldap32.dll - ok
10:40:00.0895 5572 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
10:40:00.0895 5572 C:\Windows\SysWOW64\devrtl.dll - ok
10:40:00.0895 5572 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
10:40:00.0895 5572 C:\Windows\SysWOW64\SPInf.dll - ok
10:40:00.0895 5572 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:40:00.0895 5572 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
10:40:00.0911 5572 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
10:40:00.0911 5572 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
10:40:00.0911 5572 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
10:40:00.0911 5572 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
10:40:00.0911 5572 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
10:40:00.0911 5572 C:\Windows\System32\version.dll - ok
10:40:00.0911 5572 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
10:40:00.0911 5572 C:\Windows\System32\FirewallAPI.dll - ok
10:40:00.0911 5572 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
10:40:00.0911 5572 C:\Windows\System32\authui.dll - ok
10:40:00.0911 5572 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
10:40:00.0911 5572 C:\Windows\System32\ntmarta.dll - ok
10:40:00.0911 5572 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
10:40:00.0911 5572 C:\Windows\System32\cryptui.dll - ok
10:40:00.0911 5572 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
10:40:00.0911 5572 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
10:40:00.0911 5572 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
10:40:00.0911 5572 C:\Windows\System32\propsys.dll - ok
10:40:00.0911 5572 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
10:40:00.0911 5572 C:\Windows\System32\samlib.dll - ok
10:40:00.0926 5572 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
10:40:00.0926 5572 C:\Windows\System32\shacct.dll - ok
10:40:00.0926 5572 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
10:40:00.0926 5572 C:\Windows\System32\uxtheme.dll - ok
10:40:00.0926 5572 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
10:40:00.0926 5572 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
10:40:00.0926 5572 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
10:40:00.0926 5572 C:\Windows\System32\dui70.dll - ok
10:40:00.0926 5572 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
10:40:00.0926 5572 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
10:40:00.0926 5572 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
10:40:00.0926 5572 C:\Windows\System32\duser.dll - ok
10:40:00.0926 5572 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
10:40:00.0926 5572 C:\Windows\System32\wevtsvc.dll - ok
10:40:00.0926 5572 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
10:40:00.0926 5572 C:\Windows\System32\audiosrv.dll - ok
10:40:00.0926 5572 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
10:40:00.0926 5572 C:\Windows\System32\avrt.dll - ok
10:40:00.0926 5572 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
10:40:00.0926 5572 C:\Windows\System32\mmcss.dll - ok
10:40:00.0942 5572 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
10:40:00.0942 5572 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
10:40:00.0942 5572 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
10:40:00.0942 5572 C:\Windows\System32\fltLib.dll - ok
10:40:00.0942 5572 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
10:40:00.0942 5572 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
10:40:00.0942 5572 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
10:40:00.0942 5572 C:\Windows\System32\drivers\MpFilter.sys - ok
10:40:00.0942 5572 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
10:40:00.0942 5572 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
10:40:00.0942 5572 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5C908D7E-6A62-4D21-A6B1-394F49761485}\mpengine.dll
10:40:00.0942 5572 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5C908D7E-6A62-4D21-A6B1-394F49761485}\mpengine.dll - ok
10:40:00.0942 5572 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
10:40:00.0942 5572 C:\Windows\System32\hid.dll - ok
10:40:00.0942 5572 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
10:40:00.0942 5572 C:\Windows\System32\SndVolSSO.dll - ok
10:40:00.0942 5572 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
10:40:00.0942 5572 C:\Windows\System32\dwmapi.dll - ok
10:40:00.0942 5572 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
10:40:00.0942 5572 C:\Windows\System32\MMDevAPI.dll - ok
10:40:00.0958 5572 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
10:40:00.0958 5572 C:\Windows\System32\xmllite.dll - ok
10:40:00.0958 5572 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
10:40:00.0958 5572 C:\Windows\System32\WindowsCodecs.dll - ok
10:40:00.0958 5572 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
10:40:00.0958 5572 C:\Windows\System32\wlansvc.dll - ok
10:40:00.0958 5572 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
10:40:00.0958 5572 C:\Windows\System32\winbrand.dll - ok
10:40:00.0958 5572 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
10:40:00.0958 5572 C:\Windows\System32\audiodg.exe - ok
10:40:00.0958 5572 [ 7DAA33AAEE034AE62EF631A3F13A027B ] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
10:40:00.0958 5572 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe - ok
10:40:00.0958 5572 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
10:40:00.0958 5572 C:\Windows\SysWOW64\shell32.dll - ok
10:40:00.0958 5572 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
10:40:00.0958 5572 C:\Windows\SysWOW64\shlwapi.dll - ok
10:40:00.0958 5572 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
10:40:00.0958 5572 C:\Windows\SysWOW64\dsound.dll - ok
10:40:00.0973 5572 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
10:40:00.0973 5572 C:\Windows\System32\VaultCredProvider.dll - ok
10:40:00.0973 5572 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:40:00.0973 5572 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:40:00.0973 5572 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
10:40:00.0973 5572 C:\Windows\System32\BioCredProv.dll - ok
10:40:00.0973 5572 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
10:40:00.0973 5572 C:\Windows\System32\winbio.dll - ok
10:40:00.0973 5572 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
10:40:00.0973 5572 C:\Windows\System32\credui.dll - ok
10:40:00.0973 5572 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
10:40:00.0973 5572 C:\Windows\System32\netapi32.dll - ok
10:40:00.0973 5572 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
10:40:00.0973 5572 C:\Windows\System32\netutils.dll - ok
10:40:00.0973 5572 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
10:40:00.0973 5572 C:\Windows\System32\vaultcli.dll - ok
10:40:00.0973 5572 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
10:40:00.0973 5572 C:\Windows\System32\wkscli.dll - ok
10:40:00.0973 5572 [ 37E6CD1EA235DB6F61020C270D6769F5 ] C:\Windows\System32\AthCredentialProvider.dll
10:40:00.0973 5572 C:\Windows\System32\AthCredentialProvider.dll - ok
10:40:00.0989 5572 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
10:40:00.0989 5572 C:\Windows\System32\samcli.dll - ok
10:40:00.0989 5572 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
10:40:00.0989 5572 C:\Windows\System32\msvcr100.dll - ok
10:40:00.0989 5572 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
10:40:00.0989 5572 C:\Windows\System32\bthprops.cpl - ok
10:40:00.0989 5572 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
10:40:00.0989 5572 C:\Windows\System32\msimg32.dll - ok
10:40:00.0989 5572 [ 1A4E30CA294A0BD00BA207DD36AE6DA1 ] C:\Program Files (x86)\Bluetooth Suite\en-US\BtvStack.exe.mui
10:40:00.0989 5572 C:\Program Files (x86)\Bluetooth Suite\en-US\BtvStack.exe.mui - ok
10:40:00.0989 5572 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
10:40:00.0989 5572 C:\Windows\System32\certCredProvider.dll - ok
10:40:00.0989 5572 [ FB25067C233B686B50F29ABD688B2A6D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
10:40:00.0989 5572 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
10:40:00.0989 5572 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
10:40:00.0989 5572 C:\Windows\System32\rasplap.dll - ok
10:40:00.0989 5572 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
10:40:00.0989 5572 C:\Windows\System32\rasapi32.dll - ok
10:40:01.0004 5572 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
10:40:01.0004 5572 C:\Windows\System32\rasman.dll - ok
10:40:01.0004 5572 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
10:40:01.0004 5572 C:\Windows\System32\rtutils.dll - ok
10:40:01.0004 5572 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
10:40:01.0004 5572 C:\Windows\SysWOW64\powrprof.dll - ok
10:40:01.0004 5572 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
10:40:01.0004 5572 C:\Windows\SysWOW64\winmm.dll - ok
10:40:01.0004 5572 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
10:40:01.0004 5572 C:\Windows\SysWOW64\oleacc.dll - ok
10:40:01.0004 5572 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
10:40:01.0004 5572 C:\Windows\System32\adtschema.dll - ok
10:40:01.0004 5572 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
10:40:01.0004 5572 C:\Windows\System32\drivers\fltMgr.sys - ok
10:40:01.0004 5572 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
10:40:01.0004 5572 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
10:40:01.0004 5572 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
10:40:01.0004 5572 C:\Windows\System32\PSHED.DLL - ok
10:40:01.0004 5572 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
10:40:01.0004 5572 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
10:40:01.0020 5572 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
10:40:01.0020 5572 C:\Windows\System32\gpsvc.dll - ok
10:40:01.0020 5572 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
10:40:01.0020 5572 C:\Windows\System32\nlaapi.dll - ok
10:40:01.0020 5572 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
10:40:01.0020 5572 C:\Windows\System32\profsvc.dll - ok
10:40:01.0020 5572 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
10:40:01.0020 5572 C:\Windows\System32\atl.dll - ok
10:40:01.0020 5572 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
10:40:01.0020 5572 C:\Windows\System32\dsrole.dll - ok
10:40:01.0020 5572 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
10:40:01.0020 5572 C:\Windows\System32\slc.dll - ok
10:40:01.0020 5572 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
10:40:01.0020 5572 C:\Windows\System32\themeservice.dll - ok
10:40:01.0020 5572 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
10:40:01.0020 5572 C:\Windows\System32\oleacc.dll - ok
10:40:01.0020 5572 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
10:40:01.0020 5572 C:\Windows\System32\UIAutomationCore.dll - ok
10:40:01.0020 5572 [ DF3E3167B03804F32AD274C33F77B308 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
10:40:01.0020 5572 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
10:40:01.0036 5572 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
10:40:01.0036 5572 C:\Windows\System32\UXInit.dll - ok
10:40:01.0036 5572 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
10:40:01.0036 5572 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
10:40:01.0036 5572 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
10:40:01.0036 5572 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
10:40:01.0036 5572 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
10:40:01.0036 5572 C:\Windows\System32\imageres.dll - ok
10:40:01.0036 5572 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
10:40:01.0036 5572 C:\Windows\System32\wscapi.dll - ok
10:40:01.0036 5572 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
10:40:01.0036 5572 C:\Windows\System32\IPHLPAPI.DLL - ok
10:40:01.0036 5572 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
10:40:01.0036 5572 C:\Windows\System32\conhost.exe - ok
10:40:01.0036 5572 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
10:40:01.0036 5572 C:\Windows\System32\cabinet.dll - ok
10:40:01.0036 5572 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
10:40:01.0036 5572 C:\Windows\System32\p2pcollab.dll - ok
10:40:01.0036 5572 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
10:40:01.0036 5572 C:\Windows\System32\QAGENTRT.DLL - ok
10:40:01.0051 5572 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
10:40:01.0051 5572 C:\Windows\System32\fveui.dll - ok
10:40:01.0051 5572 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
10:40:01.0051 5572 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
10:40:01.0051 5572 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
10:40:01.0051 5572 C:\Windows\System32\slwga.dll - ok
10:40:01.0051 5572 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
10:40:01.0051 5572 C:\Windows\System32\sppc.dll - ok
10:40:01.0051 5572 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
10:40:01.0051 5572 C:\Windows\System32\comres.dll - ok
10:40:01.0051 5572 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
10:40:01.0051 5572 C:\Windows\System32\es.dll - ok
10:40:01.0051 5572 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
10:40:01.0051 5572 C:\Windows\System32\Sens.dll - ok
10:40:01.0051 5572 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
10:40:01.0051 5572 C:\Windows\System32\netprofm.dll - ok
10:40:01.0051 5572 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
10:40:01.0051 5572 C:\Windows\System32\MPSSVC.dll - ok
10:40:01.0051 5572 [ 4CE5C4F80620D6DBBB054003EAD71F95 ] C:\Windows\System32\nvsvc64.dll
10:40:01.0051 5572 C:\Windows\System32\nvsvc64.dll - ok
10:40:01.0067 5572 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
10:40:01.0067 5572 C:\Windows\System32\mscms.dll - ok
10:40:01.0067 5572 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
10:40:01.0067 5572 C:\Windows\System32\winmm.dll - ok
10:40:01.0067 5572 [ E6E9DC01812ABA16DBAE5EFA4EF63E57 ] C:\Windows\System32\nvapi64.dll
10:40:01.0067 5572 C:\Windows\System32\nvapi64.dll - ok
10:40:01.0067 5572 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\Windows\System32\nvsvcr.dll
10:40:01.0067 5572 C:\Windows\System32\nvsvcr.dll - ok
10:40:01.0067 5572 [ 11205381BBBF98F0CA1C672056808B8F ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
10:40:01.0067 5572 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
10:40:01.0067 5572 [ BC2A18841494B3756894627FF279C65E ] C:\Windows\System32\nvcpl.dll
10:40:01.0067 5572 C:\Windows\System32\nvcpl.dll - ok
10:40:01.0067 5572 [ C765A8406048E3094501ED8F17BFA4D6 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
10:40:01.0067 5572 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
10:40:01.0067 5572 [ 3B3DE5C189F896A7961A12BA74851BCB ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
10:40:01.0067 5572 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
10:40:01.0067 5572 [ 40965B72A0A33DDB8423B85F93E4C136 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
10:40:01.0067 5572 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
10:40:01.0082 5572 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
10:40:01.0082 5572 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
10:40:01.0082 5572 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
10:40:01.0082 5572 C:\Windows\System32\winspool.drv - ok
10:40:01.0082 5572 [ C946428303FDBD85D6F17C9F104938D7 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
10:40:01.0082 5572 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
10:40:01.0082 5572 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
10:40:01.0082 5572 C:\Windows\System32\uxsms.dll - ok
10:40:01.0082 5572 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
10:40:01.0082 5572 C:\Windows\System32\winnsi.dll - ok
10:40:01.0082 5572 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
10:40:01.0082 5572 C:\Windows\System32\WUDFPlatform.dll - ok
10:40:01.0082 5572 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
10:40:01.0082 5572 C:\Windows\System32\WUDFSvc.dll - ok
10:40:01.0082 5572 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
10:40:01.0082 5572 C:\Windows\System32\drivers\lltdio.sys - ok
10:40:01.0082 5572 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
10:40:01.0082 5572 C:\Windows\System32\drivers\ndisuio.sys - ok
10:40:01.0082 5572 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
10:40:01.0082 5572 C:\Windows\System32\drivers\nwifi.sys - ok
10:40:01.0098 5572 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
10:40:01.0098 5572 C:\Windows\System32\drivers\rspndr.sys - ok
10:40:01.0098 5572 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
10:40:01.0098 5572 C:\Windows\System32\dhcpcore.dll - ok
10:40:01.0098 5572 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
10:40:01.0098 5572 C:\Windows\System32\lmhsvc.dll - ok
10:40:01.0098 5572 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
10:40:01.0098 5572 C:\Windows\System32\nrpsrv.dll - ok
10:40:01.0098 5572 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
10:40:01.0098 5572 C:\Windows\System32\nsisvc.dll - ok
10:40:01.0098 5572 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
10:40:01.0098 5572 C:\Windows\System32\dnsrslvr.dll - ok
10:40:01.0098 5572 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
10:40:01.0098 5572 C:\Windows\System32\eapphost.dll - ok
10:40:01.0098 5572 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
10:40:01.0098 5572 C:\Windows\System32\eapsvc.dll - ok
10:40:01.0098 5572 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
10:40:01.0098 5572 C:\Windows\System32\keyiso.dll - ok
10:40:01.0098 5572 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
10:40:01.0098 5572 C:\Windows\System32\FWPUCLNT.DLL - ok
10:40:01.0114 5572 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
10:40:01.0114 5572 C:\Windows\System32\dhcpcore6.dll - ok
10:40:01.0114 5572 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
10:40:01.0114 5572 C:\Windows\System32\umb.dll - ok
10:40:01.0114 5572 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
10:40:01.0114 5572 C:\Windows\System32\wlanmsm.dll - ok
10:40:01.0114 5572 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
10:40:01.0114 5572 C:\Windows\System32\dhcpcsvc.dll - ok
10:40:01.0114 5572 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
10:40:01.0114 5572 C:\Windows\System32\dnsext.dll - ok
10:40:01.0114 5572 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
10:40:01.0114 5572 C:\Windows\System32\wlansec.dll - ok
10:40:01.0114 5572 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
10:40:01.0114 5572 C:\Windows\System32\dhcpcsvc6.dll - ok
10:40:01.0114 5572 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
10:40:01.0114 5572 C:\Windows\System32\eappcfg.dll - ok
10:40:01.0114 5572 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
10:40:01.0114 5572 C:\Windows\System32\eappprxy.dll - ok
10:40:01.0114 5572 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
10:40:01.0114 5572 C:\Windows\System32\onex.dll - ok
10:40:01.0129 5572 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
10:40:01.0129 5572 C:\Windows\System32\wlgpclnt.dll - ok
10:40:01.0129 5572 [ 47B8B745BFE0A0CB70120C8D08E2492F ] C:\Windows\System32\nvumdshimx.dll
10:40:01.0129 5572 C:\Windows\System32\nvumdshimx.dll - ok
10:40:01.0129 5572 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
10:40:01.0129 5572 C:\Windows\System32\dllhost.exe - ok
10:40:01.0129 5572 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
10:40:01.0129 5572 C:\Windows\System32\IDStore.dll - ok
10:40:01.0129 5572 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
10:40:01.0129 5572 C:\Windows\System32\AtBroker.exe - ok
10:40:01.0129 5572 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
10:40:01.0129 5572 C:\Windows\System32\mpr.dll - ok
10:40:01.0129 5572 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
10:40:01.0129 5572 C:\Windows\System32\userinit.exe - ok
10:40:01.0129 5572 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
10:40:01.0129 5572 C:\Windows\System32\l2gpstore.dll - ok
10:40:01.0129 5572 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
10:40:01.0129 5572 C:\Windows\System32\wlanutil.dll - ok
10:40:01.0129 5572 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
10:40:01.0129 5572 C:\Windows\System32\WinSCard.dll - ok
10:40:01.0145 5572 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
10:40:01.0145 5572 C:\Windows\System32\msxml6.dll - ok
10:40:01.0145 5572 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
10:40:01.0145 5572 C:\Windows\System32\dwm.exe - ok
10:40:01.0145 5572 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
10:40:01.0145 5572 C:\Windows\System32\shsvcs.dll - ok
10:40:01.0145 5572 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
10:40:01.0145 5572 C:\Windows\System32\wlanext.exe - ok
10:40:01.0145 5572 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
10:40:01.0145 5572 C:\Windows\System32\schedsvc.dll - ok
10:40:01.0145 5572 [ 94D64D2689EFD7677B8520B89B6068E6 ] C:\Program Files (x86)\Atheros\AthIhvWlanExt.dll
10:40:01.0145 5572 C:\Program Files (x86)\Atheros\AthIhvWlanExt.dll - ok
10:40:01.0145 5572 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
10:40:01.0145 5572 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
10:40:01.0145 5572 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
10:40:01.0145 5572 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
10:40:01.0145 5572 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
10:40:01.0145 5572 C:\Windows\System32\ktmw32.dll - ok
10:40:01.0145 5572 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
10:40:01.0145 5572 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
10:40:01.0160 5572 [ 4EAB195B664063873EBEFD4E4846E235 ] C:\Program Files (x86)\Atheros\AthIhvWpaP2p.dll
10:40:01.0160 5572 C:\Program Files (x86)\Atheros\AthIhvWpaP2p.dll - ok
10:40:01.0160 5572 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
10:40:01.0160 5572 C:\Windows\System32\wlanapi.dll - ok
10:40:01.0160 5572 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
10:40:01.0160 5572 C:\Windows\System32\fveapi.dll - ok
10:40:01.0160 5572 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
10:40:01.0160 5572 C:\Windows\System32\fvecerts.dll - ok
10:40:01.0160 5572 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
10:40:01.0160 5572 C:\Windows\System32\netcfgx.dll - ok
10:40:01.0160 5572 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
10:40:01.0160 5572 C:\Windows\System32\tbs.dll - ok
10:40:01.0160 5572 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
10:40:01.0160 5572 C:\Windows\System32\wiarpc.dll - ok
10:40:01.0160 5572 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
10:40:01.0160 5572 C:\Windows\System32\taskcomp.dll - ok
10:40:01.0160 5572 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
10:40:01.0160 5572 C:\Windows\System32\drivers\http.sys - ok
10:40:01.0160 5572 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
10:40:01.0160 5572 C:\Windows\System32\taskhost.exe - ok
10:40:01.0176 5572 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
10:40:01.0176 5572 C:\Windows\System32\MsCtfMonitor.dll - ok
10:40:01.0176 5572 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
10:40:01.0176 5572 C:\Windows\System32\msutb.dll - ok
10:40:01.0176 5572 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
10:40:01.0176 5572 C:\Windows\System32\PlaySndSrv.dll - ok
10:40:01.0176 5572 [ 4A3BD2BB1B55C39AB71EF4C9B9DCE815 ] C:\Windows\System32\DFDWiz.exe
10:40:01.0176 5572 C:\Windows\System32\DFDWiz.exe - ok
10:40:01.0176 5572 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
10:40:01.0176 5572 C:\Windows\System32\spoolsv.exe - ok
10:40:01.0176 5572 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
10:40:01.0176 5572 C:\Windows\System32\BFE.DLL - ok
10:40:01.0176 5572 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
10:40:01.0176 5572 C:\Windows\System32\HotStartUserAgent.dll - ok
10:40:01.0176 5572 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
10:40:01.0176 5572 C:\Windows\System32\drivers\bowser.sys - ok
10:40:01.0176 5572 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
10:40:01.0176 5572 C:\Windows\System32\drivers\mpsdrv.sys - ok
10:40:01.0176 5572 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
10:40:01.0176 5572 C:\Windows\System32\wfapigp.dll - ok
10:40:01.0192 5572 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
10:40:01.0192 5572 C:\Windows\System32\pcasvc.dll - ok
10:40:01.0192 5572 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
10:40:01.0192 5572 C:\Windows\System32\snmptrap.exe - ok
10:40:01.0192 5572 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
10:40:01.0192 5572 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
10:40:01.0192 5572 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
10:40:01.0192 5572 C:\Windows\System32\provsvc.dll - ok
10:40:01.0192 5572 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
10:40:01.0192 5572 C:\Windows\System32\sstpsvc.dll - ok
10:40:01.0192 5572 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
10:40:01.0192 5572 C:\Windows\explorer.exe - ok
10:40:01.0192 5572 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
10:40:01.0192 5572 C:\Windows\System32\ExplorerFrame.dll - ok
10:40:01.0192 5572 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
10:40:01.0192 5572 C:\Windows\System32\drivers\mrxsmb.sys - ok
10:40:01.0192 5572 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
10:40:01.0192 5572 C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:40:01.0192 5572 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
10:40:01.0192 5572 C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:40:01.0207 5572 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
10:40:01.0207 5572 C:\Windows\System32\wkssvc.dll - ok
10:40:01.0207 5572 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
10:40:01.0207 5572 C:\Windows\System32\dwmcore.dll - ok
10:40:01.0207 5572 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
10:40:01.0207 5572 C:\Windows\System32\dwmredir.dll - ok
10:40:01.0207 5572 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
10:40:01.0207 5572 C:\Windows\System32\d3d10_1.dll - ok
10:40:01.0207 5572 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
10:40:01.0207 5572 C:\Windows\System32\d3d10_1core.dll - ok
10:40:01.0207 5572 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
10:40:01.0207 5572 C:\Windows\System32\dxgi.dll - ok
10:40:01.0207 5572 [ 80ED288D61ABCBB9B2DD3FCDDBB71E1E ] C:\Windows\System32\nvwgf2umx.dll
10:40:01.0207 5572 C:\Windows\System32\nvwgf2umx.dll - ok
10:40:01.0207 5572 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
10:40:01.0207 5572 C:\Windows\System32\EhStorShell.dll - ok
10:40:01.0207 5572 [ 84AC127242DD3CCDE02F9A4673214B1F ] C:\Windows\System32\drivers\sentinel64.sys
10:40:01.0207 5572 C:\Windows\System32\drivers\sentinel64.sys - ok
10:40:01.0223 5572 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:40:01.0223 5572 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
10:40:01.0223 5572 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
10:40:01.0223 5572 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
10:40:01.0223 5572 [ 379A6AB7F2AD8FC61B1306767083D705 ] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
10:40:01.0223 5572 C:\Program Files (x86)\Bluetooth Suite\AdminService.exe - ok
10:40:01.0223 5572 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
10:40:01.0223 5572 C:\Windows\System32\msvcp100.dll - ok
10:40:01.0223 5572 [ 76168DD534E0ADF0F30F0CA809525FCE ] C:\Windows\System32\mfc100u.dll
10:40:01.0223 5572 C:\Windows\System32\mfc100u.dll - ok
10:40:01.0223 5572 [ 91D051930E1AC33FBD9014FF3CB9B5BD ] C:\Windows\System32\mfc100enu.dll
10:40:01.0223 5572 C:\Windows\System32\mfc100enu.dll - ok
10:40:01.0223 5572 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
10:40:01.0223 5572 C:\Windows\System32\cryptsvc.dll - ok
10:40:01.0223 5572 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
10:40:01.0223 5572 C:\Windows\System32\dps.dll - ok
10:40:01.0223 5572 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
10:40:01.0223 5572 C:\Windows\System32\taskschd.dll - ok
10:40:01.0223 5572 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
10:40:01.0223 5572 C:\Windows\System32\cryptnet.dll - ok
10:40:01.0238 5572 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:40:01.0238 5572 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
10:40:01.0238 5572 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
10:40:01.0238 5572 C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe - ok
10:40:01.0238 5572 [ D7B978F4504D3DA95A21002863D0E7EE ] C:\Windows\System32\IPROSetMonitor.exe
10:40:01.0238 5572 C:\Windows\System32\IPROSetMonitor.exe - ok
10:40:01.0238 5572 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
10:40:01.0238 5572 C:\Windows\SysWOW64\nsi.dll - ok
10:40:01.0238 5572 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
10:40:01.0238 5572 C:\Windows\SysWOW64\ws2_32.dll - ok
10:40:01.0238 5572 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
10:40:01.0238 5572 C:\Windows\System32\cscapi.dll - ok
10:40:01.0238 5572 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
10:40:01.0238 5572 C:\Windows\System32\ntshrui.dll - ok
10:40:01.0238 5572 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
10:40:01.0238 5572 C:\Windows\System32\IconCodecService.dll - ok
10:40:01.0238 5572 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
10:40:01.0238 5572 C:\Windows\System32\vssapi.dll - ok
10:40:01.0238 5572 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
10:40:01.0238 5572 C:\Windows\System32\vsstrace.dll - ok
10:40:01.0254 5572 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
10:40:01.0254 5572 C:\Windows\System32\esent.dll - ok
10:40:01.0254 5572 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
10:40:01.0254 5572 C:\Windows\System32\uDWM.dll - ok
10:40:01.0254 5572 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
10:40:01.0254 5572 C:\Windows\SysWOW64\msvcp100.dll - ok
10:40:01.0254 5572 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
10:40:01.0254 5572 C:\Windows\SysWOW64\msvcr100.dll - ok
10:40:01.0254 5572 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
10:40:01.0254 5572 C:\Windows\SysWOW64\mswsock.dll - ok
10:40:01.0254 5572 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
10:40:01.0254 5572 C:\Windows\SysWOW64\wship6.dll - ok
10:40:01.0254 5572 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
10:40:01.0254 5572 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
10:40:01.0254 5572 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
10:40:01.0254 5572 C:\Windows\SysWOW64\dnsapi.dll - ok
10:40:01.0254 5572 [ 835BFF67EBD89BCE0B13460B2A56C53E ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
10:40:01.0254 5572 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
10:40:01.0254 5572 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
10:40:01.0254 5572 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
10:40:01.0270 5572 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
10:40:01.0270 5572 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
10:40:01.0270 5572 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
10:40:01.0270 5572 C:\Windows\SysWOW64\psapi.dll - ok
10:40:01.0270 5572 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
10:40:01.0270 5572 C:\Windows\SysWOW64\rasadhlp.dll - ok
10:40:01.0270 5572 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
10:40:01.0270 5572 C:\Windows\SysWOW64\winnsi.dll - ok
10:40:01.0270 5572 [ D6CDF198518B8428B66AAD8F7BABC3BE ] C:\Windows\System32\spool\drivers\x64\3\lxedserv.exe
10:40:01.0270 5572 C:\Windows\System32\spool\drivers\x64\3\lxedserv.exe - ok
10:40:01.0270 5572 [ 3C062EC08FF1A2870847439F34450E7C ] C:\Windows\System32\lxedcoms.exe
10:40:01.0270 5572 C:\Windows\System32\lxedcoms.exe - ok
10:40:01.0270 5572 [ 32C5DF01878550F320CDAB8645700BC8 ] C:\Windows\System32\lxedserv.dll
10:40:01.0270 5572 C:\Windows\System32\lxedserv.dll - ok
10:40:01.0270 5572 [ D381E5F2003A550D9BE774CE7DF2E2E7 ] C:\Windows\System32\lxedinpa.dll
10:40:01.0270 5572 C:\Windows\System32\lxedinpa.dll - ok
10:40:01.0270 5572 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:40:01.0270 5572 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
10:40:01.0270 5572 [ 5C7FFCCA7489AD7F4980F4ABB0A6A9DC ] C:\Windows\System32\lxediesc.dll
10:40:01.0270 5572 C:\Windows\System32\lxediesc.dll - ok
10:40:01.0285 5572 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
10:40:01.0285 5572 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
10:40:01.0285 5572 [ 6ECE65F3C2BAC3D2514F12EE913980EC ] C:\Windows\System32\lxedusb1.dll
10:40:01.0285 5572 C:\Windows\System32\lxedusb1.dll - ok
10:40:01.0285 5572 [ CD6B3A4B1D1909B05616D5D20209825F ] C:\Windows\System32\lxedhbn3.dll
10:40:01.0285 5572 C:\Windows\System32\lxedhbn3.dll - ok
10:40:01.0285 5572 [ B3E20079B7719ADD343DC3238292D9A5 ] C:\Windows\System32\LXEDhcp.dll
10:40:01.0285 5572 C:\Windows\System32\LXEDhcp.dll - ok
10:40:01.0285 5572 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
10:40:01.0285 5572 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
10:40:01.0285 5572 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
10:40:01.0285 5572 C:\Windows\System32\NapiNSP.dll - ok
10:40:01.0285 5572 [ 0A888754C63C3A5D8CD8F7492C62B40D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
10:40:01.0285 5572 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
10:40:01.0285 5572 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
10:40:01.0285 5572 C:\Windows\System32\pnrpnsp.dll - ok
10:40:01.0285 5572 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
10:40:01.0285 5572 C:\Windows\System32\winrnr.dll - ok
10:40:01.0301 5572 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
10:40:01.0301 5572 C:\Windows\System32\wshbth.dll - ok
10:40:01.0301 5572 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
10:40:01.0301 5572 C:\Windows\SysWOW64\profapi.dll - ok
10:40:01.0301 5572 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
10:40:01.0301 5572 C:\Windows\SysWOW64\userenv.dll - ok
10:40:01.0301 5572 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
10:40:01.0301 5572 C:\Windows\SysWOW64\wtsapi32.dll - ok
10:40:01.0301 5572 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
10:40:01.0301 5572 C:\Windows\System32\rasadhlp.dll - ok
10:40:01.0301 5572 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:40:01.0301 5572 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
10:40:01.0301 5572 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
10:40:01.0301 5572 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
10:40:01.0301 5572 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
10:40:01.0301 5572 C:\Windows\SysWOW64\cryptsp.dll - ok
10:40:01.0301 5572 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
10:40:01.0301 5572 C:\Windows\SysWOW64\mpr.dll - ok
10:40:01.0301 5572 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
10:40:01.0301 5572 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
10:40:01.0316 5572 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
10:40:01.0316 5572 C:\Windows\System32\ncsi.dll - ok
10:40:01.0316 5572 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
10:40:01.0316 5572 C:\Windows\System32\nlasvc.dll - ok
10:40:01.0316 5572 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
10:40:01.0316 5572 C:\Windows\System32\winhttp.dll - ok
10:40:01.0316 5572 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
10:40:01.0316 5572 C:\Windows\SysWOW64\rsaenh.dll - ok
10:40:01.0316 5572 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
10:40:01.0316 5572 C:\Windows\System32\webio.dll - ok
10:40:01.0316 5572 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
10:40:01.0316 5572 C:\Windows\System32\ssdpapi.dll - ok
10:40:01.0316 5572 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
10:40:01.0316 5572 C:\Windows\SysWOW64\winsta.dll - ok
10:40:01.0316 5572 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
10:40:01.0316 5572 C:\Windows\SysWOW64\apphelp.dll - ok
10:40:01.0316 5572 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
10:40:01.0316 5572 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
10:40:01.0316 5572 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
10:40:01.0316 5572 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
10:40:01.0332 5572 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
10:40:01.0332 5572 C:\Windows\SysWOW64\uxtheme.dll - ok
10:40:01.0332 5572 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
10:40:01.0332 5572 C:\Windows\SysWOW64\dwmapi.dll - ok
10:40:01.0332 5572 [ F7BAC457D6AE2F7E18FA69C8180A7843 ] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
10:40:01.0332 5572 C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe - ok
10:40:01.0332 5572 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
10:40:01.0332 5572 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
10:40:01.0332 5572 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
10:40:01.0332 5572 C:\Windows\System32\drivers\PEAuth.sys - ok
10:40:01.0332 5572 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
10:40:01.0332 5572 C:\Windows\System32\aepic.dll - ok
10:40:01.0332 5572 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] C:\Windows\SysWOW64\PnkBstrA.exe
10:40:01.0332 5572 C:\Windows\SysWOW64\PnkBstrA.exe - ok
10:40:01.0332 5572 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
10:40:01.0332 5572 C:\Windows\SysWOW64\sfc.dll - ok
10:40:01.0332 5572 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
10:40:01.0332 5572 C:\Windows\System32\sfc.dll - ok
10:40:01.0348 5572 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
10:40:01.0348 5572 C:\Windows\System32\sfc_os.dll - ok
10:40:01.0348 5572 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
10:40:01.0348 5572 C:\Windows\SysWOW64\sfc_os.dll - ok
10:40:01.0348 5572 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
10:40:01.0348 5572 C:\Windows\SysWOW64\wevtapi.dll - ok
10:40:01.0348 5572 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
10:40:01.0348 5572 C:\Windows\System32\drivers\secdrv.sys - ok
10:40:01.0348 5572 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
10:40:01.0348 5572 C:\Windows\System32\drivers\srvnet.sys - ok
10:40:01.0348 5572 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
10:40:01.0348 5572 C:\Windows\SysWOW64\wsock32.dll - ok
10:40:01.0348 5572 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
10:40:01.0348 5572 C:\Windows\SysWOW64\svchost.exe - ok
10:40:01.0348 5572 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
10:40:01.0348 5572 C:\Windows\System32\drivers\tcpipreg.sys - ok
10:40:01.0348 5572 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
10:40:01.0348 5572 C:\Windows\System32\wiaservc.dll - ok
10:40:01.0348 5572 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
10:40:01.0348 5572 C:\Windows\System32\sysmain.dll - ok
10:40:01.0363 5572 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
10:40:01.0363 5572 C:\Windows\System32\wbem\WMIsvc.dll - ok
10:40:01.0363 5572 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
10:40:01.0363 5572 C:\Windows\System32\trkwks.dll - ok
10:40:01.0363 5572 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll
10:40:01.0363 5572 C:\Windows\SysWOW64\wiatrace.dll - ok
10:40:01.0363 5572 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
10:40:01.0363 5572 C:\Windows\System32\wiatrace.dll - ok
10:40:01.0363 5572 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
10:40:01.0363 5572 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
10:40:01.0363 5572 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
10:40:01.0363 5572 C:\Windows\SysWOW64\secur32.dll - ok
10:40:01.0363 5572 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
10:40:01.0363 5572 C:\Windows\SysWOW64\credssp.dll - ok
10:40:01.0363 5572 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
10:40:01.0363 5572 C:\Windows\SysWOW64\msv1_0.dll - ok
10:40:01.0363 5572 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
10:40:01.0363 5572 C:\Windows\SysWOW64\cryptdll.dll - ok
10:40:01.0363 5572 [ 98F138897EF4246381D197CB81846D62 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:40:01.0363 5572 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
10:40:01.0379 5572 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
10:40:01.0379 5572 C:\Windows\System32\aeevts.dll - ok
10:40:01.0379 5572 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
10:40:01.0379 5572 C:\Windows\SysWOW64\SensApi.dll - ok
10:40:01.0379 5572 [ 57B736E990BA15568FAFAE9262C0AE6B ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
10:40:01.0379 5572 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
10:40:01.0379 5572 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
10:40:01.0379 5572 C:\Windows\System32\SensApi.dll - ok
10:40:01.0379 5572 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
10:40:01.0379 5572 C:\Windows\SysWOW64\wbemcomn.dll - ok
10:40:01.0379 5572 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
10:40:01.0379 5572 C:\Windows\SysWOW64\netapi32.dll - ok
10:40:01.0379 5572 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
10:40:01.0379 5572 C:\Windows\System32\wbemcomn.dll - ok
10:40:01.0379 5572 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
10:40:01.0379 5572 C:\Windows\SysWOW64\netutils.dll - ok
10:40:01.0379 5572 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
10:40:01.0379 5572 C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:40:01.0394 5572 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
10:40:01.0394 5572 C:\Windows\SysWOW64\srvcli.dll - ok
10:40:01.0394 5572 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
10:40:01.0394 5572 C:\Windows\SysWOW64\wkscli.dll - ok
10:40:01.0394 5572 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
10:40:01.0394 5572 C:\Windows\SysWOW64\samcli.dll - ok
10:40:01.0394 5572 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\SysWOW64\wbem\WmiDcPrv.dll
10:40:01.0394 5572 C:\Windows\SysWOW64\wbem\WmiDcPrv.dll - ok
10:40:01.0394 5572 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
10:40:01.0394 5572 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
10:40:01.0394 5572 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
10:40:01.0394 5572 C:\Windows\SysWOW64\winhttp.dll - ok
10:40:01.0394 5572 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
10:40:01.0394 5572 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
10:40:01.0394 5572 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
10:40:01.0394 5572 C:\Windows\SysWOW64\webio.dll - ok
10:40:01.0394 5572 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
10:40:01.0394 5572 C:\Windows\System32\wbem\fastprox.dll - ok
10:40:01.0394 5572 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
10:40:01.0394 5572 C:\Windows\SysWOW64\ntdsapi.dll - ok
10:40:01.0410 5572 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
10:40:01.0410 5572 C:\Windows\System32\ntdsapi.dll - ok
10:40:01.0410 5572 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
10:40:01.0410 5572 C:\Windows\System32\drivers\srv2.sys - ok
10:40:01.0410 5572 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
10:40:01.0410 5572 C:\Windows\System32\iphlpsvc.dll - ok
10:40:01.0410 5572 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
10:40:01.0410 5572 C:\Windows\System32\drivers\srv.sys - ok
10:40:01.0410 5572 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
10:40:01.0410 5572 C:\Windows\SysWOW64\FirewallAPI.dll - ok
10:40:01.0410 5572 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
10:40:01.0410 5572 C:\Windows\SysWOW64\rtutils.dll - ok
10:40:01.0410 5572 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
10:40:01.0410 5572 C:\Windows\SysWOW64\sqmapi.dll - ok
10:40:01.0410 5572 [ E2102B5AC1303C2E045B926B9C745F6F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
10:40:01.0410 5572 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
10:40:01.0410 5572 [ A1CF0ED4315C7EBFF0B8E86C36B86FE6 ] C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll
10:40:01.0410 5572 C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll - ok
10:40:01.0426 5572 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
10:40:01.0426 5572 C:\Windows\System32\wbem\wbemprox.dll - ok
10:40:01.0426 5572 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
10:40:01.0426 5572 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
10:40:01.0426 5572 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
10:40:01.0426 5572 C:\Windows\SysWOW64\msxml3.dll - ok
10:40:01.0426 5572 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
10:40:01.0426 5572 C:\Windows\System32\msxml3.dll - ok
10:40:01.0426 5572 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
10:40:01.0426 5572 C:\Windows\System32\sqmapi.dll - ok
10:40:01.0426 5572 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
10:40:01.0426 5572 C:\Windows\SysWOW64\wdscore.dll - ok
10:40:01.0426 5572 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
10:40:01.0426 5572 C:\Windows\System32\wdscore.dll - ok
10:40:01.0426 5572 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
10:40:01.0426 5572 C:\Windows\SysWOW64\vssapi.dll - ok
10:40:01.0426 5572 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
10:40:01.0426 5572 C:\Windows\SysWOW64\vsstrace.dll - ok
10:40:01.0426 5572 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
10:40:01.0426 5572 C:\Windows\System32\srvsvc.dll - ok
10:40:01.0441 5572 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
10:40:01.0441 5572 C:\Windows\System32\browser.dll - ok
10:40:01.0441 5572 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
10:40:01.0441 5572 C:\Windows\System32\netmsg.dll - ok
10:40:01.0441 5572 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\SysWOW64\netmsg.dll
10:40:01.0441 5572 C:\Windows\SysWOW64\netmsg.dll - ok
10:40:01.0441 5572 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
10:40:01.0441 5572 C:\Windows\SysWOW64\netcfgx.dll - ok
10:40:01.0441 5572 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
10:40:01.0441 5572 C:\Windows\SysWOW64\hnetcfg.dll - ok
10:40:01.0441 5572 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
10:40:01.0441 5572 C:\Windows\SysWOW64\propsys.dll - ok
10:40:01.0441 5572 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
10:40:01.0441 5572 C:\Windows\SysWOW64\actxprxy.dll - ok
10:40:01.0441 5572 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
10:40:01.0441 5572 C:\Windows\System32\actxprxy.dll - ok
10:40:01.0441 5572 [ 5EFF0DDD2E96EECECEBA084F694ED917 ] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
10:40:01.0441 5572 C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll - ok
10:40:01.0441 5572 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
10:40:01.0441 5572 C:\Windows\SysWOW64\ntshrui.dll - ok
10:40:01.0457 5572 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
10:40:01.0457 5572 C:\Windows\SysWOW64\cscapi.dll - ok
10:40:01.0457 5572 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
10:40:01.0457 5572 C:\Windows\SysWOW64\slc.dll - ok
10:40:01.0457 5572 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
10:40:01.0457 5572 C:\Windows\System32\hnetcfg.dll - ok
10:40:01.0457 5572 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\SysWOW64\sscore.dll
10:40:01.0457 5572 C:\Windows\SysWOW64\sscore.dll - ok
10:40:01.0457 5572 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
10:40:01.0457 5572 C:\Windows\System32\sscore.dll - ok
10:40:01.0457 5572 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll
10:40:01.0457 5572 C:\Windows\SysWOW64\clusapi.dll - ok
10:40:01.0457 5572 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
10:40:01.0457 5572 C:\Windows\System32\clusapi.dll - ok
10:40:01.0457 5572 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll
10:40:01.0457 5572 C:\Windows\SysWOW64\resutils.dll - ok
10:40:01.0457 5572 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
10:40:01.0457 5572 C:\Windows\System32\resutils.dll - ok
10:40:01.0457 5572 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
10:40:01.0457 5572 C:\Windows\SysWOW64\netprofm.dll - ok
10:40:01.0472 5572 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
10:40:01.0472 5572 C:\Windows\System32\wbem\wbemcore.dll - ok
10:40:01.0472 5572 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll
10:40:01.0472 5572 C:\Windows\SysWOW64\wbem\esscli.dll - ok
10:40:01.0472 5572 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
10:40:01.0472 5572 C:\Windows\System32\wbem\esscli.dll - ok
10:40:01.0472 5572 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
10:40:01.0472 5572 C:\Windows\System32\wbem\wbemsvc.dll - ok
10:40:01.0472 5572 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
10:40:01.0472 5572 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
10:40:01.0472 5572 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
10:40:01.0472 5572 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
10:40:01.0472 5572 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
10:40:01.0472 5572 C:\Windows\System32\wbem\wmiutils.dll - ok
10:40:01.0472 5572 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
10:40:01.0472 5572 C:\Windows\System32\wbem\repdrvfs.dll - ok
10:40:01.0472 5572 [ 499147F015E87AC2C2EBAA368F6BFE96 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
10:40:01.0472 5572 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
10:40:01.0472 5572 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
10:40:01.0472 5572 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
10:40:01.0488 5572 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
10:40:01.0488 5572 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
10:40:01.0488 5572 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
10:40:01.0488 5572 C:\Windows\System32\npmproxy.dll - ok
10:40:01.0488 5572 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
10:40:01.0488 5572 C:\Windows\SysWOW64\nlaapi.dll - ok
10:40:01.0488 5572 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
10:40:01.0488 5572 C:\Windows\SysWOW64\npmproxy.dll - ok
10:40:01.0488 5572 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
10:40:01.0488 5572 C:\Windows\SysWOW64\gpapi.dll - ok
10:40:01.0488 5572 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
10:40:01.0488 5572 C:\Windows\SysWOW64\SearchIndexer.exe - ok
10:40:01.0488 5572 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
10:40:01.0488 5572 C:\Windows\System32\SearchIndexer.exe - ok
10:40:01.0488 5572 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
10:40:01.0488 5572 C:\Windows\SysWOW64\tquery.dll - ok
10:40:01.0488 5572 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
10:40:01.0488 5572 C:\Windows\System32\tquery.dll - ok
10:40:01.0488 5572 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
10:40:01.0488 5572 C:\Windows\SysWOW64\mssrch.dll - ok
10:40:01.0504 5572 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
10:40:01.0504 5572 C:\Windows\System32\mssrch.dll - ok
10:40:01.0504 5572 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
10:40:01.0504 5572 C:\Windows\SysWOW64\esent.dll - ok
10:40:01.0504 5572 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
10:40:01.0504 5572 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
10:40:01.0504 5572 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
10:40:01.0504 5572 C:\Windows\System32\appinfo.dll - ok
10:40:01.0504 5572 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
10:40:01.0504 5572 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
10:40:01.0504 5572 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
10:40:01.0504 5572 C:\Windows\SysWOW64\wdi.dll - ok
10:40:01.0504 5572 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
10:40:01.0504 5572 C:\Windows\System32\wdi.dll - ok
10:40:01.0504 5572 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
10:40:01.0504 5572 C:\Windows\System32\bthserv.dll - ok
10:40:01.0504 5572 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
10:40:01.0504 5572 C:\Windows\System32\diagperf.dll - ok
10:40:01.0504 5572 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
10:40:01.0504 5572 C:\Windows\System32\perftrack.dll - ok
10:40:01.0519 5572 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll
10:40:01.0519 5572 C:\Windows\SysWOW64\hidserv.dll - ok
10:40:01.0519 5572 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
10:40:01.0519 5572 C:\Windows\System32\pnpts.dll - ok
10:40:01.0519 5572 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
10:40:01.0519 5572 C:\Windows\System32\shfolder.dll - ok
10:40:01.0519 5572 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
10:40:01.0519 5572 C:\Windows\SysWOW64\shfolder.dll - ok
10:40:01.0519 5572 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
10:40:01.0519 5572 C:\Windows\System32\hidserv.dll - ok
10:40:01.0519 5572 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
10:40:01.0519 5572 C:\Windows\SysWOW64\hid.dll - ok
10:40:01.0519 5572 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
10:40:01.0519 5572 C:\Windows\SysWOW64\wer.dll - ok
10:40:01.0519 5572 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll
10:40:01.0519 5572 C:\Windows\SysWOW64\radardt.dll - ok
10:40:01.0519 5572 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
10:40:01.0519 5572 C:\Windows\System32\wer.dll - ok
10:40:01.0519 5572 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
10:40:01.0519 5572 C:\Windows\System32\wpdbusenum.dll - ok
10:40:01.0535 5572 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
10:40:01.0535 5572 C:\Windows\System32\radardt.dll - ok
10:40:01.0535 5572 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
10:40:01.0535 5572 C:\Windows\SysWOW64\dllhost.exe - ok
10:40:01.0535 5572 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
10:40:01.0535 5572 C:\Windows\System32\wdiasqmmodule.dll - ok
10:40:01.0535 5572 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
10:40:01.0535 5572 C:\Windows\SysWOW64\shacct.dll - ok
10:40:01.0535 5572 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll
10:40:01.0535 5572 C:\Windows\SysWOW64\Apphlpdm.dll - ok
10:40:01.0535 5572 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
10:40:01.0535 5572 C:\Windows\SysWOW64\IDStore.dll - ok
10:40:01.0535 5572 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
10:40:01.0535 5572 C:\Windows\System32\Apphlpdm.dll - ok
10:40:01.0535 5572 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
10:40:01.0535 5572 C:\Windows\SysWOW64\runonce.exe - ok
10:40:01.0535 5572 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
10:40:01.0535 5572 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
10:40:01.0535 5572 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:40:01.0535 5572 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:40:01.0550 5572 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
10:40:01.0550 5572 C:\Windows\System32\ncobjapi.dll - ok
10:40:01.0550 5572 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
10:40:01.0550 5572 C:\Windows\SysWOW64\ncobjapi.dll - ok
10:40:01.0550 5572 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
10:40:01.0550 5572 C:\Windows\System32\wbem\wbemess.dll - ok
10:40:01.0550 5572 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
10:40:01.0550 5572 C:\Windows\SysWOW64\msidle.dll - ok
10:40:01.0550 5572 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
10:40:01.0550 5572 C:\Windows\System32\msidle.dll - ok
10:40:01.0550 5572 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
10:40:01.0550 5572 C:\Windows\SysWOW64\NapiNSP.dll - ok
10:40:01.0550 5572 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
10:40:01.0550 5572 C:\Windows\SysWOW64\KBDUS.DLL - ok
10:40:01.0550 5572 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
10:40:01.0550 5572 C:\Windows\SysWOW64\mssprxy.dll - ok
10:40:01.0550 5572 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
10:40:01.0550 5572 C:\Windows\System32\mssprxy.dll - ok
10:40:01.0550 5572 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\SysWOW64\ndiscapCfg.dll
10:40:01.0550 5572 C:\Windows\SysWOW64\ndiscapCfg.dll - ok
10:40:01.0566 5572 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
10:40:01.0566 5572 C:\Windows\System32\ndiscapCfg.dll - ok
10:40:01.0566 5572 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\SysWOW64\rascfg.dll
10:40:01.0566 5572 C:\Windows\SysWOW64\rascfg.dll - ok
10:40:01.0566 5572 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
10:40:01.0566 5572 C:\Windows\System32\PortableDeviceApi.dll - ok
10:40:01.0566 5572 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
10:40:01.0566 5572 C:\Windows\System32\rascfg.dll - ok
10:40:01.0566 5572 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
10:40:01.0566 5572 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
10:40:01.0566 5572 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
10:40:01.0566 5572 C:\Windows\System32\en-US\tquery.dll.mui - ok
10:40:01.0566 5572 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
10:40:01.0566 5572 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok
10:40:01.0566 5572 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
10:40:01.0566 5572 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
10:40:01.0566 5572 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
10:40:01.0566 5572 C:\Windows\SysWOW64\mprapi.dll - ok
10:40:01.0582 5572 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
10:40:01.0582 5572 C:\Windows\System32\mprapi.dll - ok
10:40:01.0582 5572 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
10:40:01.0582 5572 C:\Windows\SysWOW64\dimsjob.dll - ok
10:40:01.0582 5572 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
10:40:01.0582 5572 C:\Windows\System32\dimsjob.dll - ok
10:40:01.0582 5572 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll
10:40:01.0582 5572 C:\Windows\SysWOW64\mprmsg.dll - ok
10:40:01.0582 5572 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
10:40:01.0582 5572 C:\Windows\SysWOW64\taskschd.dll - ok
10:40:01.0582 5572 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
10:40:01.0582 5572 C:\Windows\System32\mprmsg.dll - ok
10:40:01.0582 5572 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
10:40:01.0582 5572 C:\Windows\System32\runonce.exe - ok
10:40:01.0582 5572 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\SysWOW64\tcpipcfg.dll
10:40:01.0582 5572 C:\Windows\SysWOW64\tcpipcfg.dll - ok
10:40:01.0582 5572 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll
10:40:01.0582 5572 C:\Windows\SysWOW64\pautoenr.dll - ok
10:40:01.0582 5572 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
10:40:01.0582 5572 C:\Windows\System32\tcpipcfg.dll - ok
10:40:01.0597 5572 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
10:40:01.0597 5572 C:\Windows\System32\pautoenr.dll - ok
10:40:01.0597 5572 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
10:40:01.0597 5572 C:\Windows\SysWOW64\certcli.dll - ok
10:40:01.0597 5572 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
10:40:01.0597 5572 C:\Windows\System32\certcli.dll - ok
10:40:01.0597 5572 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
10:40:01.0597 5572 C:\Windows\SysWOW64\atl.dll - ok
10:40:01.0597 5572 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
10:40:01.0597 5572 C:\Windows\SysWOW64\clbcatq.dll - ok
10:40:01.0597 5572 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
10:40:01.0597 5572 C:\Windows\SysWOW64\bcrypt.dll - ok
10:40:01.0597 5572 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
10:40:01.0597 5572 C:\Windows\SysWOW64\wshbth.dll - ok
10:40:01.0597 5572 [ 20C7F2ADAE249D6708941BC8CDD9735F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{95D7F076-652A-40A1-8B84-101C100017D8}\gapaengine.dll
10:40:01.0597 5572 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{95D7F076-652A-40A1-8B84-101C100017D8}\gapaengine.dll - ok
10:40:01.0597 5572 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll
10:40:01.0597 5572 C:\Windows\SysWOW64\CertEnroll.dll - ok
10:40:01.0597 5572 [ D729084195C952B7ED14AA6DA4B44DCA ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{95D7F076-652A-40A1-8B84-101C100017D8}\nisfull.vdm
10:40:01.0597 5572 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{95D7F076-652A-40A1-8B84-101C100017D8}\nisfull.vdm - ok
10:40:01.0613 5572 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
10:40:01.0613 5572 C:\Windows\System32\nci.dll - ok
10:40:01.0613 5572 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
10:40:01.0613 5572 C:\Windows\System32\CertEnroll.dll - ok
10:40:01.0613 5572 [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\Windows\SysWOW64\urlmon.dll
10:40:01.0613 5572 C:\Windows\SysWOW64\urlmon.dll - ok
10:40:01.0613 5572 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll
10:40:01.0613 5572 C:\Windows\SysWOW64\nci.dll - ok
10:40:01.0613 5572 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
10:40:01.0613 5572 C:\Windows\SysWOW64\ncrypt.dll - ok
10:40:01.0613 5572 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
10:40:01.0613 5572 C:\Windows\System32\wlaninst.dll - ok
10:40:01.0613 5572 [ 3178C47DB9F1615E5334029607BD3459 ] C:\Windows\SysWOW64\iertutil.dll
10:40:01.0613 5572 C:\Windows\SysWOW64\iertutil.dll - ok
10:40:01.0613 5572 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
10:40:01.0613 5572 C:\Windows\SysWOW64\dsrole.dll - ok
10:40:01.0613 5572 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\SysWOW64\wlaninst.dll
10:40:01.0613 5572 C:\Windows\SysWOW64\wlaninst.dll - ok
10:40:01.0613 5572 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
10:40:01.0613 5572 C:\Windows\System32\wwaninst.dll - ok
10:40:01.0628 5572 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
10:40:01.0628 5572 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
10:40:01.0628 5572 [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\Windows\SysWOW64\wininet.dll
10:40:01.0628 5572 C:\Windows\SysWOW64\wininet.dll - ok
10:40:01.0628 5572 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
10:40:01.0628 5572 C:\Windows\System32\rundll32.exe - ok
10:40:01.0628 5572 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
10:40:01.0628 5572 C:\Windows\SysWOW64\rundll32.exe - ok
10:40:01.0628 5572 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
10:40:01.0628 5572 C:\Windows\SysWOW64\cmd.exe - ok
10:40:01.0628 5572 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
10:40:01.0628 5572 C:\Windows\SysWOW64\msxml6.dll - ok
10:40:01.0628 5572 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
10:40:01.0628 5572 C:\Windows\SysWOW64\xmllite.dll - ok
10:40:01.0628 5572 [ A03CF3838775E0801A0894C8BACD2E56 ] C:\Windows\SysWOW64\wbem\WMIC.exe
10:40:01.0628 5572 C:\Windows\SysWOW64\wbem\WMIC.exe - ok
10:40:01.0628 5572 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
10:40:01.0628 5572 C:\Program Files\Windows Defender\MpClient.dll - ok
10:40:01.0628 5572 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
10:40:01.0628 5572 C:\Windows\SysWOW64\pnrpnsp.dll - ok
10:40:01.0644 5572 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
10:40:01.0644 5572 C:\Windows\SysWOW64\winrnr.dll - ok
10:40:01.0644 5572 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
10:40:01.0644 5572 C:\Windows\SysWOW64\samlib.dll - ok
10:40:01.0644 5572 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
10:40:01.0644 5572 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
10:40:01.0644 5572 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
10:40:01.0644 5572 C:\Windows\SysWOW64\cryptnet.dll - ok
10:40:01.0644 5572 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
10:40:01.0644 5572 C:\Windows\SysWOW64\es.dll - ok
10:40:01.0644 5572 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
10:40:01.0644 5572 C:\Windows\SysWOW64\apisetschema.dll - ok
10:40:01.0644 5572 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
10:40:01.0644 5572 C:\Windows\System32\aelupsvc.dll - ok
10:40:01.0644 5572 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
10:40:01.0644 5572 C:\Windows\SysWOW64\winbrand.dll - ok
10:40:01.0644 5572 [ A6B73FCB9496DB101F3066CAF5A7DA4B ] C:\Windows\SysWOW64\ieframe.dll
10:40:01.0644 5572 C:\Windows\SysWOW64\ieframe.dll - ok
10:40:01.0644 5572 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
10:40:01.0644 5572 C:\Windows\SysWOW64\shdocvw.dll - ok
10:40:01.0660 5572 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll
10:40:01.0660 5572 C:\Windows\SysWOW64\spfileq.dll - ok
10:40:01.0660 5572 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
10:40:01.0660 5572 C:\Windows\System32\spfileq.dll - ok
10:40:01.0660 5572 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
10:40:01.0660 5572 C:\Windows\System32\SearchProtocolHost.exe - ok
10:40:01.0660 5572 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
10:40:01.0660 5572 C:\Windows\SysWOW64\msshooks.dll - ok
10:40:01.0660 5572 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
10:40:01.0660 5572 C:\Windows\System32\msshooks.dll - ok
10:40:01.0660 5572 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
10:40:01.0660 5572 C:\Windows\SysWOW64\SearchFilterHost.exe - ok
10:40:01.0660 5572 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
10:40:01.0660 5572 C:\Windows\System32\SearchFilterHost.exe - ok
10:40:01.0660 5572 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Cary\AppData\Local\Temp\57C2FA71-FB07-4B8D-94FF-B9B5EB0E9097.exe
10:40:01.0660 5572 C:\Users\Cary\AppData\Local\Temp\57C2FA71-FB07-4B8D-94FF-B9B5EB0E9097.exe - ok
10:40:01.0660 5572 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
10:40:01.0660 5572 C:\Windows\SysWOW64\mscoree.dll - ok
10:40:01.0675 5572 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
10:40:01.0675 5572 C:\Windows\System32\mscoree.dll - ok
10:40:01.0675 5572 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
10:40:01.0675 5572 C:\Windows\SysWOW64\imagehlp.dll - ok
10:40:01.0675 5572 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
10:40:01.0675 5572 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
10:40:01.0675 5572 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
10:40:01.0675 5572 C:\Windows\SysWOW64\mssph.dll - ok
10:40:01.0675 5572 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
10:40:01.0675 5572 C:\Windows\System32\mssph.dll - ok
10:40:01.0675 5572 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
10:40:01.0675 5572 C:\Windows\SysWOW64\mapi32.dll - ok
10:40:01.0675 5572 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
10:40:01.0675 5572 C:\Windows\System32\mapi32.dll - ok
10:40:01.0675 5572 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
10:40:01.0675 5572 C:\Windows\SysWOW64\authz.dll - ok
10:40:01.0675 5572 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
10:40:01.0675 5572 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
10:40:01.0675 5572 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
10:40:01.0675 5572 C:\Windows\SysWOW64\EhStorShell.dll - ok
10:40:01.0691 5572 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
10:40:01.0691 5572 C:\Windows\SysWOW64\imageres.dll - ok
10:40:01.0691 5572 [ B6663FC132F0262A5EF48DB2D0187DE3 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
10:40:01.0691 5572 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
10:40:01.0691 5572 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
10:40:01.0691 5572 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
10:40:01.0691 5572 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
10:40:01.0691 5572 C:\Windows\SysWOW64\comdlg32.dll - ok
10:40:01.0691 5572 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
10:40:01.0691 5572 C:\Windows\SysWOW64\msimg32.dll - ok
10:40:01.0691 5572 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll
10:40:01.0691 5572 C:\Windows\SysWOW64\oleaccrc.dll - ok
10:40:01.0691 5572 [ 4CA55FCA3E0D247C6B96BA8857AE2E2E ] C:\Windows\SysWOW64\tzres.dll
10:40:01.0691 5572 C:\Windows\SysWOW64\tzres.dll - ok
10:40:01.0691 5572 [ AE0A2DE2BB518D204F94DDCF93BBCC4C ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
10:40:01.0691 5572 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
10:40:01.0691 5572 [ B720B4D1C97FBE02BE32812B580F1849 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
10:40:01.0691 5572 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
10:40:01.0691 5572 [ EC248BC9C9C225FD289F250756503146 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
10:40:01.0691 5572 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
10:40:01.0706 5572 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
10:40:01.0706 5572 C:\Windows\System32\ie4uinit.exe - ok
10:40:01.0706 5572 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
10:40:01.0706 5572 C:\Windows\System32\iedkcs32.dll - ok
10:40:01.0706 5572 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
10:40:01.0706 5572 C:\Windows\SysWOW64\SndVolSSO.dll - ok
10:40:01.0706 5572 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
10:40:01.0706 5572 C:\Windows\SysWOW64\MMDevAPI.dll - ok
10:40:01.0706 5572 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
10:40:01.0706 5572 C:\Windows\SysWOW64\timedate.cpl - ok
10:40:01.0706 5572 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
10:40:01.0706 5572 C:\Windows\System32\timedate.cpl - ok
10:40:01.0706 5572 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
10:40:01.0706 5572 C:\Windows\System32\shdocvw.dll - ok
10:40:01.0706 5572 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
10:40:01.0706 5572 C:\Windows\System32\linkinfo.dll - ok
10:40:01.0706 5572 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
10:40:01.0706 5572 C:\Windows\SysWOW64\linkinfo.dll - ok
10:40:01.0706 5572 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
10:40:01.0706 5572 C:\Windows\SysWOW64\gameux.dll - ok
10:40:01.0722 5572 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
10:40:01.0722 5572 C:\Windows\System32\gameux.dll - ok
10:40:01.0722 5572 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
10:40:01.0722 5572 C:\Windows\SysWOW64\msftedit.dll - ok
10:40:01.0722 5572 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
10:40:01.0722 5572 C:\Windows\System32\msftedit.dll - ok
10:40:01.0722 5572 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
10:40:01.0722 5572 C:\Windows\SysWOW64\msls31.dll - ok
10:40:01.0722 5572 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
10:40:01.0722 5572 C:\Windows\System32\msls31.dll - ok
10:40:01.0722 5572 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
10:40:01.0722 5572 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
10:40:01.0722 5572 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll
10:40:01.0722 5572 C:\Windows\SysWOW64\authui.dll - ok
10:40:01.0722 5572 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
10:40:01.0722 5572 C:\Windows\SysWOW64\cryptui.dll - ok
10:40:01.0722 5572 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\44399287.sys
10:40:01.0722 5572 C:\Windows\System32\drivers\44399287.sys - ok
10:40:01.0722 5572 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
10:40:01.0722 5572 C:\Windows\SysWOW64\msiltcfg.dll - ok
10:40:01.0738 5572 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
10:40:01.0738 5572 C:\Windows\System32\msiltcfg.dll - ok
10:40:01.0738 5572 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
10:40:01.0738 5572 C:\Windows\SysWOW64\msi.dll - ok
10:40:01.0738 5572 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
10:40:01.0738 5572 C:\Windows\System32\msi.dll - ok
10:40:01.0738 5572 [ 1F590BA022251AF63ED0CD0DAFD49052 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:40:01.0738 5572 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
10:40:01.0738 5572 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
10:40:01.0738 5572 C:\Windows\System32\DeviceCenter.dll - ok
10:40:01.0738 5572 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
10:40:01.0738 5572 C:\Windows\SysWOW64\thumbcache.dll - ok
10:40:01.0738 5572 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
10:40:01.0738 5572 C:\Windows\System32\thumbcache.dll - ok
10:40:01.0738 5572 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
10:40:01.0738 5572 C:\Windows\SysWOW64\networkexplorer.dll - ok
10:40:01.0738 5572 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
10:40:01.0738 5572 C:\Windows\System32\networkexplorer.dll - ok
10:40:01.0738 5572 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
10:40:01.0738 5572 C:\Windows\System32\dsound.dll - ok
10:40:01.0753 5572 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
10:40:01.0753 5572 C:\Windows\SysWOW64\msutb.dll - ok
10:40:01.0753 5572 [ 048FA2F7B7F5292ABD6FE52D360708AB ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
10:40:01.0753 5572 C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - ok
10:40:01.0753 5572 [ 8942FD2FC4FD4898F9BE5915F577FFF1 ] C:\Windows\System32\AmbRunE.dll
10:40:01.0753 5572 C:\Windows\System32\AmbRunE.dll - ok
10:40:01.0753 5572 [ 3E63C282A2BD6F59478B0B021F399BF6 ] C:\Windows\System32\THXCfg64.dll
10:40:01.0753 5572 C:\Windows\System32\THXCfg64.dll - ok
10:40:01.0753 5572 [ 8D60A8491CEA908706D894AE642600B2 ] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
10:40:01.0753 5572 C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll - ok
10:40:01.0753 5572 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
10:40:01.0753 5572 C:\Windows\SysWOW64\drprov.dll - ok
10:40:01.0753 5572 [ 574C1FBC726C89FAF309332E17D029CC ] C:\Windows\SysWOW64\AmbRunE.dll
10:40:01.0753 5572 C:\Windows\SysWOW64\AmbRunE.dll - ok
10:40:01.0753 5572 [ F282E6109982A4ABDD925BA3F6EE04AB ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
10:40:01.0753 5572 C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - ok
10:40:01.0753 5572 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
10:40:01.0753 5572 C:\Windows\System32\drprov.dll - ok
10:40:01.0769 5572 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
10:40:01.0769 5572 C:\Windows\SysWOW64\oledlg.dll - ok
10:40:01.0769 5572 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
10:40:01.0769 5572 C:\Windows\System32\oledlg.dll - ok
10:40:01.0769 5572 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
10:40:01.0769 5572 C:\Windows\SysWOW64\ntlanman.dll - ok
10:40:01.0769 5572 [ CE11ED9EE56ABE8F2DB3DED5449FDAAB ] C:\Windows\System32\APOMgr64.DLL
10:40:01.0769 5572 C:\Windows\System32\APOMgr64.DLL - ok
10:40:01.0769 5572 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
10:40:01.0769 5572 C:\Windows\SysWOW64\riched20.dll - ok
10:40:01.0769 5572 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
10:40:01.0769 5572 C:\Windows\SysWOW64\bthprops.cpl - ok
10:40:01.0769 5572 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
10:40:01.0769 5572 C:\Windows\System32\ntlanman.dll - ok
10:40:01.0769 5572 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
10:40:01.0769 5572 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
10:40:01.0769 5572 [ D58638F319ABB696699E47D437C2A330 ] C:\Program Files (x86)\Bluetooth Suite\utils.dll
10:40:01.0769 5572 C:\Program Files (x86)\Bluetooth Suite\utils.dll - ok
10:40:01.0769 5572 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
10:40:01.0769 5572 C:\Program Files\Microsoft Security Client\msseces.exe - ok
10:40:01.0784 5572 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
10:40:01.0784 5572 C:\Windows\SysWOW64\AudioSes.dll - ok
10:40:01.0784 5572 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
10:40:01.0784 5572 C:\Windows\SysWOW64\davclnt.dll - ok
10:40:01.0784 5572 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
10:40:01.0784 5572 C:\Windows\System32\davclnt.dll - ok
10:40:01.0784 5572 [ 5CD34838AA8F06E689552DB4A906E18F ] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
10:40:01.0784 5572 C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll - ok
10:40:01.0784 5572 [ CA372B30D5E537004FBCBE66D3445490 ] C:\Program Files (x86)\Bluetooth Suite\phonebook.dll
10:40:01.0784 5572 C:\Program Files (x86)\Bluetooth Suite\phonebook.dll - ok
10:40:01.0784 5572 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
10:40:01.0784 5572 C:\Windows\SysWOW64\duser.dll - ok
10:40:01.0784 5572 [ 8EC27A36269C77447EAE648D9E550549 ] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
10:40:01.0784 5572 C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll - ok
10:40:01.0784 5572 [ 86DB6EDF01F015CFB5B88E2E97267042 ] C:\Program Files (x86)\Bluetooth Suite\goep.dll
10:40:01.0784 5572 C:\Program Files (x86)\Bluetooth Suite\goep.dll - ok
10:40:01.0784 5572 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
10:40:01.0784 5572 C:\Windows\System32\AudioSes.dll - ok
10:40:01.0784 5572 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
10:40:01.0784 5572 C:\Windows\System32\RtkCfg64.dll - ok
10:40:01.0800 5572 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
10:40:01.0800 5572 C:\Windows\SysWOW64\davhlpr.dll - ok
10:40:01.0800 5572 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
10:40:01.0800 5572 C:\Windows\System32\davhlpr.dll - ok
10:40:01.0800 5572 [ CF8CE8E1CF73A91F339B67A259416B16 ] C:\Windows\System32\MBAPO64.dll
10:40:01.0800 5572 C:\Windows\System32\MBAPO64.dll - ok
10:40:01.0800 5572 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
10:40:01.0800 5572 C:\Windows\SysWOW64\dui70.dll - ok
10:40:01.0800 5572 [ CF76C15D7372C36388E3D18F35A629F6 ] C:\Windows\System32\RtkAPO64.dll
10:40:01.0800 5572 C:\Windows\System32\RtkAPO64.dll - ok
10:40:01.0800 5572 [ 966B1DECC801A1ECEDE5BA7FFAEB2CD2 ] C:\Program Files (x86)\Bluetooth Suite\BTBIP.dll
10:40:01.0800 5572 C:\Program Files (x86)\Bluetooth Suite\BTBIP.dll - ok
10:40:01.0800 5572 [ 7BDEEB9AC71A42B474078FA5E516FD21 ] C:\Program Files (x86)\Bluetooth Suite\SesMgr.dll
10:40:01.0800 5572 C:\Program Files (x86)\Bluetooth Suite\SesMgr.dll - ok
10:40:01.0800 5572 [ 5C975E12A7ED0C7F31A72C28B029DBFD ] C:\Windows\System32\MBTHX64.dll
10:40:01.0800 5572 C:\Windows\System32\MBTHX64.dll - ok
10:40:01.0800 5572 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
10:40:01.0800 5572 C:\Windows\SysWOW64\wdmaud.drv - ok
10:40:01.0800 5572 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll
10:40:01.0800 5572 C:\Windows\SysWOW64\AudioEng.dll - ok
10:40:01.0816 5572 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
10:40:01.0816 5572 C:\Windows\System32\AudioEng.dll - ok
10:40:01.0816 5572 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
10:40:01.0816 5572 C:\Windows\System32\wdmaud.drv - ok
10:40:01.0816 5572 [ 415AAC74B0FED6DE61F08F275B850A03 ] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
10:40:01.0816 5572 C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll - ok
10:40:01.0816 5572 [ 6563FE02DDCF62B9E08B9588D2E62B8B ] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
10:40:01.0816 5572 C:\Program Files (x86)\Bluetooth Suite\Sync.dll - ok
10:40:01.0816 5572 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
10:40:01.0816 5572 C:\Windows\SysWOW64\ksuser.dll - ok
10:40:01.0816 5572 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
10:40:01.0816 5572 C:\Windows\System32\ksuser.dll - ok
10:40:01.0816 5572 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
10:40:01.0816 5572 C:\Windows\SysWOW64\avrt.dll - ok
10:40:01.0816 5572 [ F0C0E634E410FA03F62803A01A6A8FAF ] C:\Program Files (x86)\Bluetooth Suite\BPP.dll
10:40:01.0816 5572 C:\Program Files (x86)\Bluetooth Suite\BPP.dll - ok
10:40:01.0816 5572 [ 629218E61F698011382B193C05016D86 ] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
10:40:01.0816 5572 C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll - ok
10:40:01.0831 5572 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
10:40:01.0831 5572 C:\Windows\System32\msacm32.dll - ok
10:40:01.0831 5572 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
10:40:01.0831 5572 C:\Windows\System32\msacm32.drv - ok
10:40:01.0831 5572 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
10:40:01.0831 5572 C:\Windows\SysWOW64\msacm32.dll - ok
10:40:01.0831 5572 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
10:40:01.0831 5572 C:\Windows\SysWOW64\msacm32.drv - ok
10:40:01.0831 5572 [ 9E48FF4677E19815126282DF9282A65D ] C:\Program Files (x86)\Bluetooth Suite\gatts.dll
10:40:01.0831 5572 C:\Program Files (x86)\Bluetooth Suite\gatts.dll - ok
10:40:01.0831 5572 [ 24755A775D5A05CD5AAE7C9B50E2D1FA ] C:\Program Files (x86)\Bluetooth Suite\sim.dll
10:40:01.0831 5572 C:\Program Files (x86)\Bluetooth Suite\sim.dll - ok
10:40:01.0831 5572 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
10:40:01.0831 5572 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
10:40:01.0831 5572 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
10:40:01.0831 5572 C:\Windows\System32\wsock32.dll - ok
10:40:01.0831 5572 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
10:40:01.0831 5572 C:\Windows\SysWOW64\mfc100u.dll - ok
10:40:01.0831 5572 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll
10:40:01.0831 5572 C:\Windows\SysWOW64\UIAnimation.dll - ok
10:40:01.0847 5572 [ B9DBFE1E7069767D8281B6A899914540 ] C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe
10:40:01.0847 5572 C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe - ok
10:40:01.0847 5572 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
10:40:01.0847 5572 C:\Windows\System32\UIAnimation.dll - ok
10:40:01.0847 5572 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
10:40:01.0847 5572 C:\Windows\System32\midimap.dll - ok
10:40:01.0847 5572 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
10:40:01.0847 5572 C:\Windows\SysWOW64\midimap.dll - ok
10:40:01.0847 5572 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
10:40:01.0847 5572 C:\Windows\SysWOW64\mfc100enu.dll - ok
10:40:01.0847 5572 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
10:40:01.0847 5572 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
10:40:01.0847 5572 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
10:40:01.0847 5572 C:\Windows\System32\riched20.dll - ok
10:40:01.0847 5572 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll
10:40:01.0847 5572 C:\Windows\SysWOW64\AUDIOKSE.dll - ok
10:40:01.0847 5572 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
10:40:01.0847 5572 C:\Windows\System32\AUDIOKSE.dll - ok
10:40:01.0862 5572 [ 5DA62EACF4D18101D572698D7DACA58B ] C:\Program Files (x86)\Bluetooth Suite\BtCommonRes.dll
10:40:01.0862 5572 C:\Program Files (x86)\Bluetooth Suite\BtCommonRes.dll - ok
10:40:01.0862 5572 [ CAB0C359C004CCA6C433F6CD3841BD39 ] C:\Program Files (x86)\Lexmark S600 Series\LXEDcfg.dll
10:40:01.0862 5572 C:\Program Files (x86)\Lexmark S600 Series\LXEDcfg.dll - ok
10:40:01.0862 5572 [ 42CA972B319D219135CA9ACD4B4FD2C1 ] C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe
10:40:01.0862 5572 C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe - ok
10:40:01.0862 5572 [ 75EB974222F293159427F9A77A5F3C6A ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll
10:40:01.0862 5572 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll - ok
10:40:01.0862 5572 [ 7E6CA0FBCFDD2B6E2D99EDD8B673A192 ] C:\Windows\System32\MBWrp64.dll
10:40:01.0862 5572 C:\Windows\System32\MBWrp64.dll - ok
10:40:01.0862 5572 [ 8BC7F8F0B7AE856D910B3FDD895EC50E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
10:40:01.0862 5572 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
10:40:01.0862 5572 [ F40FF25FFCE5BD187EA33BD9395BCC05 ] C:\Program Files (x86)\Lexmark S600 Series\lxedscw.dll
10:40:01.0862 5572 C:\Program Files (x86)\Lexmark S600 Series\lxedscw.dll - ok
10:40:01.0862 5572 [ 60A24CA5E2D760F4F619F1D1FE62FB27 ] C:\Program Files (x86)\Steam\Steam.exe
10:40:01.0862 5572 C:\Program Files (x86)\Steam\Steam.exe - ok
10:40:01.0862 5572 [ F643EB5793DC85D37429D4F4EE967ED6 ] C:\Program Files (x86)\Lexmark S600 Series\lxedcomx.dll
10:40:01.0862 5572 C:\Program Files (x86)\Lexmark S600 Series\lxedcomx.dll - ok
10:40:01.0862 5572 [ 2317588DA43635E4ACBE58AA91AFF152 ] C:\Program Files (x86)\Lexmark S600 Series\lxeddatr.dll
10:40:01.0862 5572 C:\Program Files (x86)\Lexmark S600 Series\lxeddatr.dll - ok
10:40:01.0878 5572 [ 68F546B58CFBBC1213B051C1B8EA1126 ] C:\Program Files (x86)\Lexmark S600 Series\epwizard.dll
10:40:01.0878 5572 C:\Program Files (x86)\Lexmark S600 Series\epwizard.dll - ok
10:40:01.0878 5572 [ 93041736961E33317C5005684D9F2105 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
10:40:01.0878 5572 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll - ok
10:40:01.0878 5572 [ 4B23CF47416B870BAD0C24367CF15A5F ] C:\Program Files (x86)\Lexmark S600 Series\customui.dll
10:40:01.0878 5572 C:\Program Files (x86)\Lexmark S600 Series\customui.dll - ok
10:40:01.0878 5572 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
10:40:01.0878 5572 C:\Windows\System32\WMALFXGFXDSP.dll - ok
10:40:01.0878 5572 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
10:40:01.0878 5572 C:\Windows\System32\localspl.dll - ok
10:40:01.0878 5572 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
10:40:01.0878 5572 C:\Windows\SysWOW64\mfplat.dll - ok
10:40:01.0878 5572 [ E96343A324492A99A38EC391BEFE1D59 ] C:\Program Files (x86)\Lexmark S600 Series\eputil.dll
10:40:01.0878 5572 C:\Program Files (x86)\Lexmark S600 Series\eputil.dll - ok
10:40:01.0878 5572 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
10:40:01.0878 5572 C:\Windows\System32\spoolss.dll - ok
10:40:01.0878 5572 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
10:40:01.0878 5572 C:\Windows\SysWOW64\SyncCenter.dll - ok
10:40:01.0894 5572 [ 6A487076B1A7A9818CEC1CCF4EB61112 ] C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
10:40:01.0894 5572 C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe - ok
10:40:01.0894 5572 [ 9C7902ADAC3FB5E4AD438CD099951214 ] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
10:40:01.0894 5572 C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll - ok
10:40:01.0894 5572 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
10:40:01.0894 5572 C:\Windows\System32\mfplat.dll - ok
10:40:01.0894 5572 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
10:40:01.0894 5572 C:\Windows\System32\SyncCenter.dll - ok
10:40:01.0894 5572 [ E02A512F30FC2A02A9CADEEC375FC969 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe
10:40:01.0894 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe - ok
10:40:01.0894 5572 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
10:40:01.0894 5572 C:\Windows\System32\PrintIsolationProxy.dll - ok
10:40:01.0894 5572 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
10:40:01.0894 5572 C:\Windows\System32\FXSMON.dll - ok
10:40:01.0894 5572 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
10:40:01.0894 5572 C:\Windows\SysWOW64\mfc42.dll - ok
10:40:01.0894 5572 [ 6D615EF27B40EA511FEE7109C00828D1 ] C:\Windows\SysWOW64\lxedlmpm.dll
10:40:01.0894 5572 C:\Windows\SysWOW64\lxedlmpm.dll - ok
10:40:01.0894 5572 [ 3BAB1C64C3C02F09C8CB4F3962D45BA0 ] C:\Windows\System32\lxedlmpm.dll
10:40:01.0894 5572 C:\Windows\System32\lxedlmpm.dll - ok
10:40:01.0909 5572 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
10:40:01.0909 5572 C:\Windows\SysWOW64\odbc32.dll - ok
10:40:01.0909 5572 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:40:01.0909 5572 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:40:01.0909 5572 [ 59C3B7AC7A2C19043F7BD393BC66FAFE ] C:\Program Files (x86)\Lexmark S600 Series\imagutil.dll
10:40:01.0909 5572 C:\Program Files (x86)\Lexmark S600 Series\imagutil.dll - ok
10:40:01.0909 5572 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:40:01.0909 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:40:01.0909 5572 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\SysWOW64\WlS0WndH.dll
10:40:01.0909 5572 C:\Windows\SysWOW64\WlS0WndH.dll - ok
10:40:01.0909 5572 [ FECC6977944FC212772173C86AA9B0C0 ] C:\Program Files (x86)\Lexmark S600 Series\ltwvc215u.dll
10:40:01.0909 5572 C:\Program Files (x86)\Lexmark S600 Series\ltwvc215u.dll - ok
10:40:01.0909 5572 [ 0E67B5018A7FEA608D46466EDCAC89C1 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
10:40:01.0909 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe - ok
10:40:01.0909 5572 [ F24A3379567365B1CD4E9167ADF4B763 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CTAudSeu.dll
10:40:01.0909 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CTAudSeu.dll - ok
10:40:01.0909 5572 [ 0F544B46F9966F29D05E0F998297C7E7 ] C:\Windows\SysWOW64\lxedcomc.dll
10:40:01.0909 5572 C:\Windows\SysWOW64\lxedcomc.dll - ok
10:40:01.0925 5572 [ C419DF63E0121D72411285780C2FC6CC ] C:\Windows\Updreg.EXE
10:40:01.0925 5572 C:\Windows\Updreg.EXE - ok
10:40:01.0925 5572 [ F5BCE1C11BA2F018E07C3BB6CA4EC3F6 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CTAudEp.dll
10:40:01.0925 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CTAudEp.dll - ok
10:40:01.0925 5572 [ 3ABE3CC7706EDD33C12C5A99B8727053 ] C:\Windows\System32\lxedcomc.dll
10:40:01.0925 5572 C:\Windows\System32\lxedcomc.dll - ok
10:40:01.0925 5572 [ 766AE515B1749F2141E418CC6C08515B ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
10:40:01.0925 5572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
10:40:01.0925 5572 [ 75DE43A4302967C786A0DA65C649F1A0 ] C:\Program Files (x86)\Lexmark S600 Series\ltkrn15u.dll
10:40:01.0925 5572 C:\Program Files (x86)\Lexmark S600 Series\ltkrn15u.dll - ok
10:40:01.0925 5572 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:40:01.0925 5572 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:40:01.0925 5572 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
10:40:01.0925 5572 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
10:40:01.0925 5572 [ A555EC9827745E760BBABB7C6D4CE37F ] C:\Program Files\Internet Explorer\ieproxy.dll
10:40:01.0925 5572 C:\Program Files\Internet Explorer\ieproxy.dll - ok
10:40:01.0925 5572 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
10:40:01.0925 5572 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
10:40:01.0940 5572 [ B24D0FAA1B49F78A39BB4AD37536816E ] C:\Windows\SysWOW64\lxedcoms.exe
10:40:01.0940 5572 C:\Windows\SysWOW64\lxedcoms.exe - ok
10:40:01.0940 5572 [ 6364FA7D825B600251A4D1DE7D6FF695 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
10:40:01.0940 5572 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok
10:40:01.0940 5572 [ ABAAC2BDA49E97F2682E777036E02DB0 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CTIniFu.dll
10:40:01.0940 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CTIniFu.dll - ok
10:40:01.0940 5572 [ E60E9D5F229CB8DA347D48ADD6E8DC47 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
10:40:01.0940 5572 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
10:40:01.0940 5572 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
10:40:01.0940 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
10:40:01.0940 5572 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:40:01.0940 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
10:40:01.0940 5572 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\SysWOW64\mfc42u.dll
10:40:01.0940 5572 C:\Windows\SysWOW64\mfc42u.dll - ok
10:40:01.0940 5572 [ 80505248EBD079CB692FC2FF0BF5D754 ] C:\Program Files (x86)\Lexmark S600 Series\ltdis15u.dll
10:40:01.0940 5572 C:\Program Files (x86)\Lexmark S600 Series\ltdis15u.dll - ok
10:40:01.0940 5572 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
10:40:01.0940 5572 C:\Windows\SysWOW64\msvcp60.dll - ok
10:40:01.0956 5572 [ 44491323891EE2CDEDD31E96449B9E78 ] C:\Program Files (x86)\Lexmark S600 Series\ltfil15u.dll
10:40:01.0956 5572 C:\Program Files (x86)\Lexmark S600 Series\ltfil15u.dll - ok
10:40:01.0956 5572 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
10:40:01.0956 5572 C:\Windows\SysWOW64\stobject.dll - ok
10:40:01.0956 5572 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
10:40:01.0956 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
10:40:01.0956 5572 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
10:40:01.0956 5572 C:\Windows\System32\stobject.dll - ok
10:40:01.0956 5572 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:40:01.0956 5572 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
10:40:01.0956 5572 [ 4958B3E422A04D055A1A2BE9B5A625BC ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
10:40:01.0956 5572 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok
10:40:01.0956 5572 [ 3271A2285738336D273CB0E850C4F9CC ] C:\Program Files (x86)\Lexmark S600 Series\ltimgclr15u.dll
10:40:01.0956 5572 C:\Program Files (x86)\Lexmark S600 Series\ltimgclr15u.dll - ok
10:40:01.0956 5572 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
10:40:01.0956 5572 C:\Windows\SysWOW64\odbcint.dll - ok
10:40:01.0956 5572 [ 5F380A33FE12E6ECF932C2B0366069FC ] C:\Windows\SysWOW64\lxedserv.dll
10:40:01.0956 5572 C:\Windows\SysWOW64\lxedserv.dll - ok
10:40:01.0972 5572 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
10:40:01.0972 5572 C:\Windows\SysWOW64\batmeter.dll - ok
10:40:01.0972 5572 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
10:40:01.0972 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
10:40:01.0972 5572 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:40:01.0972 5572 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
10:40:01.0972 5572 [ 63309E61AAC7A09A40218A8AECFF6B26 ] C:\Program Files (x86)\Steam\Steam.dll
10:40:01.0972 5572 C:\Program Files (x86)\Steam\Steam.dll - ok
10:40:01.0972 5572 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
10:40:01.0972 5572 C:\Windows\System32\batmeter.dll - ok
10:40:01.0972 5572 [ 5FDBB18ADA8E8B8D15AA8F85D8231CF1 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanel.crl
10:40:01.0972 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanel.crl - ok
10:40:01.0972 5572 [ B80E544DFA36295CB3C4B6D2673BA49B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll
10:40:01.0972 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll - ok
10:40:01.0972 5572 [ D1514E24D2CE523F3D4DEAFDEC50DE9F ] C:\Program Files (x86)\Lexmark S600 Series\ltimgutl15u.dll
10:40:01.0972 5572 C:\Program Files (x86)\Lexmark S600 Series\ltimgutl15u.dll - ok
10:40:01.0972 5572 [ 018FE7935604F87605026B2448E2722D ] C:\Windows\SysWOW64\lxedinpa.dll
10:40:01.0972 5572 C:\Windows\SysWOW64\lxedinpa.dll - ok
10:40:01.0987 5572 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:40:01.0987 5572 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
10:40:01.0987 5572 [ 026C4BDA4BEA5EE666AFD2270FF7368B ] C:\Program Files (x86)\Lexmark S600 Series\epfunct.dll
10:40:01.0987 5572 C:\Program Files (x86)\Lexmark S600 Series\epfunct.dll - ok
10:40:01.0987 5572 [ 478B2775651ECB9425E7501DFC109278 ] C:\Windows\SysWOW64\lxediesc.dll
10:40:01.0987 5572 C:\Windows\SysWOW64\lxediesc.dll - ok
10:40:01.0987 5572 [ 5278E5CDD2535FDBC010F0F695BC4215 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXLgcy.dll
10:40:01.0987 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXLgcy.dll - ok
10:40:01.0987 5572 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
10:40:01.0987 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
10:40:01.0987 5572 [ 32B80EC0484302CC125CF13A893A1512 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
10:40:01.0987 5572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
10:40:01.0987 5572 [ 3329E733706B889DE2AF3E01732B0EFE ] C:\Program Files (x86)\Creative\ShareDLL\CADI\CtCadiEp.dll
10:40:01.0987 5572 C:\Program Files (x86)\Creative\ShareDLL\CADI\CtCadiEp.dll - ok
10:40:01.0987 5572 [ 9FF26EEE720B38BCEE6F66972523B50F ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\CTLoadRs.dll
10:40:01.0987 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\CTLoadRs.dll - ok
10:40:01.0987 5572 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
10:40:01.0987 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
10:40:02.0003 5572 [ A2F608F2BF88A122ABD43648B9B22BDE ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
10:40:02.0003 5572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
10:40:02.0003 5572 [ D458B563613E898EE7C627359AF5973D ] C:\Windows\SysWOW64\Nlsdl.dll
10:40:02.0003 5572 C:\Windows\SysWOW64\Nlsdl.dll - ok
10:40:02.0003 5572 [ F66CD16866E656F35130A67566721C4D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4a443c775f768ede71bde8e10f50ec0b\IAStorUtil.ni.dll
10:40:02.0003 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4a443c775f768ede71bde8e10f50ec0b\IAStorUtil.ni.dll - ok
10:40:02.0003 5572 [ 1AEC974324027429423378ADA9E35AF6 ] C:\Program Files (x86)\Lexmark S600 Series\epwizres.dll
10:40:02.0003 5572 C:\Program Files (x86)\Lexmark S600 Series\epwizres.dll - ok
10:40:02.0003 5572 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
10:40:02.0003 5572 C:\Windows\SysWOW64\prnfldr.dll - ok
10:40:02.0003 5572 [ 7E9A589A73E89332B3F2D801A0B1B7F6 ] C:\Windows\SysWOW64\lxedusb1.dll
10:40:02.0003 5572 C:\Windows\SysWOW64\lxedusb1.dll - ok
10:40:02.0003 5572 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
10:40:02.0003 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
10:40:02.0003 5572 [ D787E5B51864099F4CC5BA0FBBA30775 ] C:\Windows\SysWOW64\CmdRtr.DLL
10:40:02.0003 5572 C:\Windows\SysWOW64\CmdRtr.DLL - ok
10:40:02.0003 5572 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
10:40:02.0003 5572 C:\Windows\System32\prnfldr.dll - ok
10:40:02.0018 5572 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
10:40:02.0018 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
10:40:02.0018 5572 [ BE9580A0F3F4377BF45990CA595B398B ] C:\Program Files (x86)\Lexmark S600 Series\epstring.dll
10:40:02.0018 5572 C:\Program Files (x86)\Lexmark S600 Series\epstring.dll - ok
10:40:02.0018 5572 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
10:40:02.0018 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok
10:40:02.0018 5572 [ BD6FD544C228D4BE0F33E3685A70E406 ] C:\Windows\SysWOW64\APOMngr.DLL
10:40:02.0018 5572 C:\Windows\SysWOW64\APOMngr.DLL - ok
10:40:02.0018 5572 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
10:40:02.0018 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok
10:40:02.0018 5572 [ 2DBAD1C00A95674AA34BAE88C3B66DDD ] C:\Windows\SysWOW64\lxedhbn3.dll
10:40:02.0018 5572 C:\Windows\SysWOW64\lxedhbn3.dll - ok
10:40:02.0018 5572 [ 3DF290691D8593212CE22D05D157F273 ] C:\Program Files (x86)\Lexmark S600 Series\epoemdll.dll
10:40:02.0018 5572 C:\Program Files (x86)\Lexmark S600 Series\epoemdll.dll - ok
10:40:02.0018 5572 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
10:40:02.0018 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
10:40:02.0018 5572 [ A7532E66EA2F168A0970E829D8986423 ] C:\Program Files (x86)\Steam\dbghelp.dll
10:40:02.0018 5572 C:\Program Files (x86)\Steam\dbghelp.dll - ok
10:40:02.0034 5572 [ 5BF0BFDA62DD7A3A512F09A9EE31E8BB ] C:\Program Files (x86)\Lexmark S600 Series\ltimgcor15u.dll
10:40:02.0034 5572 C:\Program Files (x86)\Lexmark S600 Series\ltimgcor15u.dll - ok
10:40:02.0034 5572 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
10:40:02.0034 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
10:40:02.0034 5572 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll
10:40:02.0034 5572 C:\Windows\SysWOW64\fundisc.dll - ok
10:40:02.0034 5572 [ 173C217E677C4B0C4F8A6D54BA13BF9B ] C:\Program Files (x86)\Steam\CSERHelper.dll
10:40:02.0034 5572 C:\Program Files (x86)\Steam\CSERHelper.dll - ok
10:40:02.0034 5572 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
10:40:02.0034 5572 C:\Windows\System32\fundisc.dll - ok
10:40:02.0034 5572 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
10:40:02.0034 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok
10:40:02.0034 5572 [ 695C32D334146AD25A2E6305DD3175A2 ] C:\Program Files (x86)\Lexmark S600 Series\ltimgsfx15u.dll
10:40:02.0034 5572 C:\Program Files (x86)\Lexmark S600 Series\ltimgsfx15u.dll - ok
10:40:02.0034 5572 [ 78B476DB024D3245E1E159E50DBB305F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
10:40:02.0034 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll - ok
10:40:02.0034 5572 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
10:40:02.0034 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
10:40:02.0050 5572 [ 2BF1EEE51F39345FF049FADC775591BC ] C:\Program Files (x86)\Steam\SteamUI.dll
10:40:02.0050 5572 C:\Program Files (x86)\Steam\SteamUI.dll - ok
10:40:02.0050 5572 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll
10:40:02.0050 5572 C:\Windows\SysWOW64\fdProxy.dll - ok
10:40:02.0050 5572 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
10:40:02.0050 5572 C:\Windows\System32\fdProxy.dll - ok
10:40:02.0050 5572 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
10:40:02.0050 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok
10:40:02.0050 5572 [ CD9704754C0160EEB636BF3E340CAB9A ] C:\Program Files (x86)\Lexmark S600 Series\ltimgefx15u.dll
10:40:02.0050 5572 C:\Program Files (x86)\Lexmark S600 Series\ltimgefx15u.dll - ok
10:40:02.0050 5572 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
10:40:02.0050 5572 C:\Windows\SysWOW64\provsvc.dll - ok
10:40:02.0050 5572 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
10:40:02.0050 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
10:40:02.0050 5572 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
10:40:02.0050 5572 C:\Windows\System32\DXP.dll - ok
10:40:02.0050 5572 [ E874BF2FAC3FCB24A542794A732D907B ] C:\Program Files (x86)\Steam\tier0_s.dll
10:40:02.0050 5572 C:\Program Files (x86)\Steam\tier0_s.dll - ok
10:40:02.0050 5572 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
10:40:02.0050 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
10:40:02.0065 5572 [ 8EDACE1D540666E2909DBBDA5E07B40E ] C:\Program Files (x86)\Lexmark S600 Series\ltefx15u.dll
10:40:02.0065 5572 C:\Program Files (x86)\Lexmark S600 Series\ltefx15u.dll - ok
10:40:02.0065 5572 [ 80A5C0D5971A40B3A5C8566C215FA601 ] C:\Windows\SysWOW64\AMBSpiE.exe
10:40:02.0065 5572 C:\Windows\SysWOW64\AMBSpiE.exe - ok
10:40:02.0065 5572 [ AD9122FA42CA24AA79AC831DACED35F7 ] C:\Windows\System32\AMBSpiE.exe
10:40:02.0065 5572 C:\Windows\System32\AMBSpiE.exe - ok
10:40:02.0065 5572 [ 105AE484F5EF260D21D71C1DC12859E7 ] C:\Program Files (x86)\Steam\vstdlib_s.dll
10:40:02.0065 5572 C:\Program Files (x86)\Steam\vstdlib_s.dll - ok
10:40:02.0065 5572 [ 8BA16887C3E15F735D81F6470EB3C49F ] C:\Program Files (x86)\Lexmark S600 Series\iptk.dll
10:40:02.0065 5572 C:\Program Files (x86)\Lexmark S600 Series\iptk.dll - ok
10:40:02.0065 5572 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
10:40:02.0065 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
10:40:02.0065 5572 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
10:40:02.0065 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
10:40:02.0065 5572 [ C10D6A7784E12BF0BE4799F675F614C2 ] C:\Program Files (x86)\Lexmark S600 Series\pdflib.dll
10:40:02.0065 5572 C:\Program Files (x86)\Lexmark S600 Series\pdflib.dll - ok
10:40:02.0065 5572 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
10:40:02.0065 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
10:40:02.0081 5572 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
10:40:02.0081 5572 C:\Windows\SysWOW64\Syncreg.dll - ok
10:40:02.0081 5572 [ 9A43C3E58A3504D270AD76163BFD0E54 ] C:\Program Files (x86)\Steam\crashhandler.dll
10:40:02.0081 5572 C:\Program Files (x86)\Steam\crashhandler.dll - ok
10:40:02.0081 5572 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
10:40:02.0081 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
10:40:02.0081 5572 [ 858716CED10DBBF0BC5748F71ED2F59D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
10:40:02.0081 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll - ok
10:40:02.0081 5572 [ 2E551E92B8600FF8219435AEFB749BE3 ] C:\Program Files (x86)\Steam\bin\FileSystem_Steam.dll
10:40:02.0081 5572 C:\Program Files (x86)\Steam\bin\FileSystem_Steam.dll - ok
10:40:02.0081 5572 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
10:40:02.0081 5572 C:\Windows\System32\Syncreg.dll - ok
10:40:02.0081 5572 [ 57E8C7791AB2596AFB8EE1273C2DF1F8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
10:40:02.0081 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
10:40:02.0081 5572 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
10:40:02.0081 5572 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
10:40:02.0081 5572 [ 9170C065FC76758E5D317B8FBA884F0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
10:40:02.0081 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll - ok
10:40:02.0096 5572 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
10:40:02.0096 5572 C:\Windows\ehome\ehSSO.dll - ok
10:40:02.0096 5572 [ 60C70229150374DFF9B658454DD3F67E ] C:\Program Files (x86)\Steam\bin\vgui2_s.dll
10:40:02.0096 5572 C:\Program Files (x86)\Steam\bin\vgui2_s.dll - ok
10:40:02.0096 5572 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
10:40:02.0096 5572 C:\Windows\SysWOW64\opengl32.dll - ok
10:40:02.0096 5572 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
10:40:02.0096 5572 C:\Windows\SysWOW64\ActionCenter.dll - ok
10:40:02.0096 5572 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
10:40:02.0096 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
10:40:02.0096 5572 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
10:40:02.0096 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
10:40:02.0096 5572 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
10:40:02.0096 5572 C:\Windows\System32\ActionCenter.dll - ok
10:40:02.0096 5572 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
10:40:02.0096 5572 C:\Windows\SysWOW64\glu32.dll - ok
10:40:02.0096 5572 [ BE852D6AD0A67EE9DD28C6F95E5896E1 ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
10:40:02.0096 5572 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
10:40:02.0112 5572 [ 9E5868DB59C6D8E949F724DBBC639A31 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
10:40:02.0112 5572 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll - ok
10:40:02.0112 5572 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
10:40:02.0112 5572 C:\Windows\SysWOW64\ddraw.dll - ok
10:40:02.0112 5572 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
10:40:02.0112 5572 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
10:40:02.0112 5572 [ CEBC736458C1F79C23B1BBC5493DB4C2 ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
10:40:02.0112 5572 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok
10:40:02.0112 5572 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
10:40:02.0112 5572 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
10:40:02.0112 5572 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
10:40:02.0112 5572 C:\Windows\SysWOW64\netshell.dll - ok
10:40:02.0112 5572 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
10:40:02.0112 5572 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
10:40:02.0112 5572 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
10:40:02.0112 5572 C:\Windows\SysWOW64\dciman32.dll - ok
10:40:02.0112 5572 [ 0B899E575D59B69C7A1CE6973B23205B ] C:\Program Files (x86)\Steam\bin\chromehtml.dll
10:40:02.0112 5572 C:\Program Files (x86)\Steam\bin\chromehtml.dll - ok
10:40:02.0128 5572 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
10:40:02.0128 5572 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
10:40:02.0128 5572 [ F2C38B69377DD2D7BB6DA5673206E070 ] C:\Program Files (x86)\Steam\bin\libcef.dll
10:40:02.0128 5572 C:\Program Files (x86)\Steam\bin\libcef.dll - ok
10:40:02.0128 5572 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
10:40:02.0128 5572 C:\Windows\System32\netshell.dll - ok
10:40:02.0128 5572 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
10:40:02.0128 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
10:40:02.0128 5572 [ 5EE7FAA4DF8602E3DE63E1FB7C4667FC ] C:\Windows\System32\CTtele64.dll
10:40:02.0128 5572 C:\Windows\System32\CTtele64.dll - ok
10:40:02.0128 5572 [ CC726292A4FDEC2857688CA3C32A510D ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
10:40:02.0128 5572 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
10:40:02.0128 5572 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
10:40:02.0128 5572 C:\Windows\SysWOW64\AltTab.dll - ok
10:40:02.0128 5572 [ 6EBF0E6AAE75A4C8E9BCAC75B5A8998E ] C:\Program Files (x86)\Bluetooth Suite\FileTransfer.dll
10:40:02.0128 5572 C:\Program Files (x86)\Bluetooth Suite\FileTransfer.dll - ok
10:40:02.0128 5572 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
10:40:02.0128 5572 C:\Windows\System32\AltTab.dll - ok
10:40:02.0128 5572 [ A38276867DF9ECFAC4BAE167BA34772D ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll
10:40:02.0128 5572 C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok
10:40:02.0143 5572 [ 74E3FD55C2BCFEDCECC80121E93FFEC5 ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll
10:40:02.0143 5572 C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok
10:40:02.0143 5572 [ 8ADBD72F4DC0EB90CFD37763BE3ECB27 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
10:40:02.0143 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll - ok
10:40:02.0143 5572 [ D8474B89FD26B18EED414A42AE5175AC ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
10:40:02.0143 5572 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok
10:40:02.0143 5572 [ 045D0F4F41CA53D4CB22BDC814A22B64 ] C:\Program Files (x86)\Steam\bin\icudt.dll
10:40:02.0143 5572 C:\Program Files (x86)\Steam\bin\icudt.dll - ok
10:40:02.0143 5572 [ C85670AB64068F8080998AEBA6C5019C ] C:\Windows\SysWOW64\atl100.dll
10:40:02.0143 5572 C:\Windows\SysWOW64\atl100.dll - ok
10:40:02.0143 5572 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
10:40:02.0143 5572 C:\Windows\SysWOW64\pnidui.dll - ok
10:40:02.0143 5572 [ E1FBACB92FE471C684546DD9336AFEF6 ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
10:40:02.0143 5572 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
10:40:02.0143 5572 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
10:40:02.0143 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
10:40:02.0143 5572 [ 5A55E3E6F53592F8170623DEFA2B7954 ] C:\Windows\System32\atl100.dll
10:40:02.0143 5572 C:\Windows\System32\atl100.dll - ok
10:40:02.0143 5572 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
10:40:02.0143 5572 C:\Windows\System32\pnidui.dll - ok
10:40:02.0159 5572 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
10:40:02.0159 5572 C:\Windows\SysWOW64\DWrite.dll - ok
10:40:02.0159 5572 [ 94FB1D160021FE9F54C84FF587273868 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll
10:40:02.0159 5572 C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok
10:40:02.0159 5572 [ F9CF7ED9F44176962D182B80AE0C66D4 ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
10:40:02.0159 5572 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok
10:40:02.0159 5572 [ 5914766C39B2D62CE67E2509F78216AB ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
10:40:02.0159 5572 C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok
10:40:02.0159 5572 [ 7EF5D4B34137D053B9F4F843AE796802 ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
10:40:02.0159 5572 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
10:40:02.0159 5572 [ 3CDF111CCFF180B04699B87EA95A2693 ] C:\Program Files (x86)\Steam\bin\avcodec-53.dll
10:40:02.0159 5572 C:\Program Files (x86)\Steam\bin\avcodec-53.dll - ok
10:40:02.0159 5572 [ 5259D6B68ABB8253792458FE94D9D006 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
10:40:02.0159 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll - ok
10:40:02.0159 5572 [ B9A5A116229FF8E1D5994F6793EB6A6E ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
10:40:02.0159 5572 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
10:40:02.0159 5572 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
10:40:02.0159 5572 C:\Windows\SysWOW64\QUTIL.DLL - ok
10:40:02.0174 5572 [ 25835D0658CAE221912DA90FC39B826A ] C:\Program Files (x86)\Steam\bin\avutil-51.dll
10:40:02.0174 5572 C:\Program Files (x86)\Steam\bin\avutil-51.dll - ok
10:40:02.0174 5572 [ C3CA13D6FA87F8B5B72C96B9F3CD0BA1 ] C:\Program Files (x86)\Steam\bin\avformat-53.dll
10:40:02.0174 5572 C:\Program Files (x86)\Steam\bin\avformat-53.dll - ok
10:40:02.0174 5572 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
10:40:02.0174 5572 C:\Windows\System32\QUTIL.DLL - ok
10:40:02.0174 5572 [ 5B3FA17E1CD6FBBDF41AC34DAEECC256 ] C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
10:40:02.0174 5572 C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
10:40:02.0174 5572 [ 819FA5F084B3174CF702320CE58AA7E6 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
10:40:02.0174 5572 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
10:40:02.0174 5572 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
10:40:02.0174 5572 C:\Windows\SysWOW64\sxs.dll - ok
10:40:02.0174 5572 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
10:40:02.0174 5572 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
10:40:02.0174 5572 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
10:40:02.0174 5572 C:\Windows\System32\tcpmon.dll - ok
10:40:02.0174 5572 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
10:40:02.0174 5572 C:\Windows\System32\WPDShServiceObj.dll - ok
10:40:02.0174 5572 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
10:40:02.0174 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
10:40:02.0190 5572 [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
10:40:02.0190 5572 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
10:40:02.0190 5572 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
10:40:02.0190 5572 C:\Windows\System32\FntCache.dll - ok
10:40:02.0190 5572 [ D6294ED17CE70C3755311F8E32CDF804 ] C:\Windows\SysWOW64\CTtele32.dll
10:40:02.0190 5572 C:\Windows\SysWOW64\CTtele32.dll - ok
10:40:02.0190 5572 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
10:40:02.0190 5572 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
10:40:02.0190 5572 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
10:40:02.0190 5572 C:\Windows\SysWOW64\snmpapi.dll - ok
10:40:02.0190 5572 [ B4F61B812AD88B199EBCF10D2457A425 ] C:\Program Files (x86)\Bluetooth Suite\SkypeAgent.dll
10:40:02.0190 5572 C:\Program Files (x86)\Bluetooth Suite\SkypeAgent.dll - ok
10:40:02.0190 5572 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
10:40:02.0190 5572 C:\Windows\System32\PortableDeviceTypes.dll - ok
10:40:02.0190 5572 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
10:40:02.0190 5572 C:\Windows\System32\snmpapi.dll - ok
10:40:02.0190 5572 [ 95ACD7ADED94CCFA85A6FB9192471723 ] C:\Windows\SysWOW64\MBAPO32.dll
10:40:02.0190 5572 C:\Windows\SysWOW64\MBAPO32.dll - ok
10:40:02.0206 5572 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\SysWOW64\wsnmp32.dll
10:40:02.0206 5572 C:\Windows\SysWOW64\wsnmp32.dll - ok
10:40:02.0206 5572 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
10:40:02.0206 5572 C:\Windows\SysWOW64\ktmw32.dll - ok
10:40:02.0206 5572 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
10:40:02.0206 5572 C:\Windows\SysWOW64\srchadmin.dll - ok
10:40:02.0206 5572 [ 493FC0F59054A6F4F3775655FB55295C ] C:\Windows\SysWOW64\mfc100.dll
10:40:02.0206 5572 C:\Windows\SysWOW64\mfc100.dll - ok
10:40:02.0206 5572 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
10:40:02.0206 5572 C:\Windows\System32\srchadmin.dll - ok
10:40:02.0206 5572 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
10:40:02.0206 5572 C:\Windows\System32\wsnmp32.dll - ok
10:40:02.0206 5572 [ 7F89683200960FFAE7C6F7F99360949C ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
10:40:02.0206 5572 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok
10:40:02.0206 5572 [ A5BCEA007E4CFBFAF99F68DB3789DCD1 ] C:\Windows\SysWOW64\MBTHX32.dll
10:40:02.0206 5572 C:\Windows\SysWOW64\MBTHX32.dll - ok
10:40:02.0206 5572 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
10:40:02.0206 5572 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
10:40:02.0206 5572 [ 5F4342C36142C4BC8736776283089A58 ] C:\Windows\System32\mfc100.dll
10:40:02.0206 5572 C:\Windows\System32\mfc100.dll - ok
10:40:02.0221 5572 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
10:40:02.0221 5572 C:\Windows\System32\FXSST.dll - ok
10:40:02.0221 5572 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
10:40:02.0221 5572 C:\Windows\SysWOW64\dbghelp.dll - ok
10:40:02.0221 5572 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
10:40:02.0221 5572 C:\Windows\System32\usbmon.dll - ok
10:40:02.0221 5572 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
10:40:02.0221 5572 C:\Windows\System32\WSDMon.dll - ok
10:40:02.0221 5572 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
10:40:02.0221 5572 C:\Windows\SysWOW64\FXSAPI.dll - ok
10:40:02.0221 5572 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
10:40:02.0221 5572 C:\Windows\System32\FXSAPI.dll - ok
10:40:02.0221 5572 [ 100C60AB554ED4D5FF061DA146236C6A ] C:\Program Files (x86)\Creative\ShareDLL\CADI\DBACS.dll
10:40:02.0221 5572 C:\Program Files (x86)\Creative\ShareDLL\CADI\DBACS.dll - ok
10:40:02.0221 5572 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\SysWOW64\WSDApi.dll
10:40:02.0221 5572 C:\Windows\SysWOW64\WSDApi.dll - ok
10:40:02.0221 5572 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
10:40:02.0221 5572 C:\Windows\SysWOW64\FXSRESM.dll - ok
10:40:02.0221 5572 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
10:40:02.0221 5572 C:\Windows\System32\FXSRESM.dll - ok
10:40:02.0237 5572 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
10:40:02.0237 5572 C:\Windows\System32\WSDApi.dll - ok
10:40:02.0237 5572 [ 4069A06436494C4DE12F65477BB92EBE ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
10:40:02.0237 5572 C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok
10:40:02.0237 5572 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
10:40:02.0237 5572 C:\Windows\SysWOW64\wshqos.dll - ok
10:40:02.0237 5572 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll
10:40:02.0237 5572 C:\Windows\SysWOW64\webservices.dll - ok
10:40:02.0237 5572 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
10:40:02.0237 5572 C:\Windows\System32\webservices.dll - ok
10:40:02.0237 5572 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
10:40:02.0237 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
10:40:02.0237 5572 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll
10:40:02.0237 5572 C:\Windows\SysWOW64\ncsi.dll - ok
10:40:02.0237 5572 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\SysWOW64\fdPnp.dll
10:40:02.0237 5572 C:\Windows\SysWOW64\fdPnp.dll - ok
10:40:02.0237 5572 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
10:40:02.0237 5572 C:\Windows\System32\fdPnp.dll - ok
10:40:02.0237 5572 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
10:40:02.0237 5572 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
10:40:02.0252 5572 [ A614F3EAE991F56340705F1F1F9A17AD ] C:\Windows\System32\spool\prtprocs\x64\lxeddrpp.dll
10:40:02.0252 5572 C:\Windows\System32\spool\prtprocs\x64\lxeddrpp.dll - ok
10:40:02.0252 5572 [ 895C5DA37CDAFE27FE7D93642992D9ED ] C:\Program Files (x86)\Bluetooth Suite\ObjPush.dll
10:40:02.0252 5572 C:\Program Files (x86)\Bluetooth Suite\ObjPush.dll - ok
10:40:02.0252 5572 [ 82EA5E2E40D5C2E852B8E87F4A7B6E4A ] C:\Program Files (x86)\Steam\steamclient.dll
10:40:02.0252 5572 C:\Program Files (x86)\Steam\steamclient.dll - ok
10:40:02.0252 5572 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
10:40:02.0252 5572 C:\Windows\System32\fdPHost.dll - ok
10:40:02.0252 5572 [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
10:40:02.0252 5572 C:\Windows\SysWOW64\feclient.dll - ok
10:40:02.0252 5572 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
10:40:02.0252 5572 C:\Windows\SysWOW64\pdh.dll - ok
10:40:02.0252 5572 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\SysWOW64\win32spl.dll
10:40:02.0252 5572 C:\Windows\SysWOW64\win32spl.dll - ok
10:40:02.0252 5572 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
10:40:02.0252 5572 C:\Windows\System32\win32spl.dll - ok
10:40:02.0252 5572 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
10:40:02.0252 5572 C:\Windows\System32\FXSSVC.exe - ok
10:40:02.0252 5572 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
10:40:02.0252 5572 C:\Windows\System32\inetpp.dll - ok
10:40:02.0268 5572 [ CAB0C359C004CCA6C433F6CD3841BD39 ] C:\Windows\SysWOW64\LXEDcfg.dll
10:40:02.0268 5572 C:\Windows\SysWOW64\LXEDcfg.dll - ok
10:40:02.0268 5572 [ C5A841F80521481A0F06BF3B385930BC ] C:\Program Files (x86)\Lexmark S600 Series\lxeddrs.dll
10:40:02.0268 5572 C:\Program Files (x86)\Lexmark S600 Series\lxeddrs.dll - ok
10:40:02.0268 5572 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll
10:40:02.0268 5572 C:\Windows\SysWOW64\webcheck.dll - ok
10:40:02.0268 5572 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
10:40:02.0268 5572 C:\Windows\SysWOW64\d3d10_1.dll - ok
10:40:02.0268 5572 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
10:40:02.0268 5572 C:\Windows\SysWOW64\d3d10_1core.dll - ok
10:40:02.0268 5572 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
10:40:02.0268 5572 C:\Windows\SysWOW64\dxgi.dll - ok
10:40:02.0268 5572 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
10:40:02.0268 5572 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
10:40:02.0268 5572 [ CC3570CC65AABBAB1801AB9E75F02FC3 ] C:\Program Files (x86)\Lexmark S600 Series\lxedcaps.dll
10:40:02.0268 5572 C:\Program Files (x86)\Lexmark S600 Series\lxedcaps.dll - ok
10:40:02.0268 5572 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
10:40:02.0268 5572 C:\Windows\System32\webcheck.dll - ok
10:40:02.0284 5572 [ 38A8A45A82340D1383E260AC36D67EB0 ] C:\Windows\SysWOW64\nvwgf2um.dll
10:40:02.0284 5572 C:\Windows\SysWOW64\nvwgf2um.dll - ok
10:40:02.0284 5572 [ E2D30DF1381FFF0BDC05AF8131ED211E ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\en-US\THXAudio.resources.dll
10:40:02.0284 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\en-US\THXAudio.resources.dll - ok
10:40:02.0284 5572 [ EE07653FBC647034EF5C0D4B98224E14 ] C:\Windows\SysWOW64\en-US\tzres.dll.mui
10:40:02.0284 5572 C:\Windows\SysWOW64\en-US\tzres.dll.mui - ok
10:40:02.0284 5572 [ ECFE109E57AC9A79B3DB1A42883DACBE ] C:\Program Files (x86)\Lexmark S600 Series\lxedcnv4.dll
10:40:02.0284 5572 C:\Program Files (x86)\Lexmark S600 Series\lxedcnv4.dll - ok
10:40:02.0284 5572 [ 0F544B46F9966F29D05E0F998297C7E7 ] C:\Program Files (x86)\Lexmark S600 Series\lxedcomc.dll
10:40:02.0284 5572 C:\Program Files (x86)\Lexmark S600 Series\lxedcomc.dll - ok
10:40:02.0284 5572 [ 180A7380320AF73CCF7F7D8880CA2193 ] C:\Windows\System32\ieframe.dll
10:40:02.0284 5572 C:\Windows\System32\ieframe.dll - ok
10:40:02.0284 5572 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
10:40:02.0284 5572 C:\Windows\SysWOW64\d2d1.dll - ok
10:40:02.0284 5572 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\SysWOW64\fdWSD.dll
10:40:02.0284 5572 C:\Windows\SysWOW64\fdWSD.dll - ok
10:40:02.0284 5572 [ 046E4103ED25BECC0F010BD27A24F407 ] C:\Program Files (x86)\Lexmark S600 Series\lxedmonr.dll
10:40:02.0284 5572 C:\Program Files (x86)\Lexmark S600 Series\lxedmonr.dll - ok
10:40:02.0284 5572 [ 572C6429A5508E8C2639BDBE5C282991 ] C:\Program Files (x86)\Lexmark S600 Series\lxedptp.dll
10:40:02.0284 5572 C:\Program Files (x86)\Lexmark S600 Series\lxedptp.dll - ok
10:40:02.0299 5572 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
10:40:02.0299 5572 C:\Windows\SysWOW64\d3d10.dll - ok
10:40:02.0299 5572 [ B7E640EEF8A1AB46C75189EAFAB16886 ] C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:40:02.0299 5572 C:\Program Files (x86)\Common Files\Steam\SteamService.exe - ok
10:40:02.0299 5572 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
10:40:02.0299 5572 C:\Windows\System32\FDResPub.dll - ok
10:40:02.0299 5572 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
10:40:02.0299 5572 C:\Windows\SysWOW64\d3d10core.dll - ok
10:40:02.0299 5572 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
10:40:02.0299 5572 C:\Windows\SysWOW64\sti.dll - ok
10:40:02.0299 5572 [ 523D0A842145F29855AAB2EE814B9754 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
10:40:02.0299 5572 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
10:40:02.0299 5572 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll
10:40:02.0299 5572 C:\Windows\System32\sti.dll - ok
10:40:02.0299 5572 [ DBED583F16422ECD21658D85575BAABD ] C:\Program Files (x86)\Steam\bin\SteamService.dll
10:40:02.0299 5572 C:\Program Files (x86)\Steam\bin\SteamService.dll - ok
10:40:02.0299 5572 [ AB1F1374CE30F0679263A05EF40AFDDC ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
10:40:02.0299 5572 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
10:40:02.0315 5572 [ 5629E16C6C15A138F9E0FABF42E2AE78 ] C:\Windows\System32\netbios.dll
10:40:02.0315 5572 C:\Windows\System32\netbios.dll - ok
10:40:02.0315 5572 [ 807B6562009E5858C93E1C0F435C0382 ] C:\Windows\SysWOW64\netbios.dll
10:40:02.0315 5572 C:\Windows\SysWOW64\netbios.dll - ok
10:40:02.0315 5572 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
10:40:02.0315 5572 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
10:40:02.0315 5572 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
10:40:02.0315 5572 C:\Windows\SysWOW64\mlang.dll - ok
10:40:02.0315 5572 [ 7F1D7CFABB351D8F46A0B94D5787FCF3 ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
10:40:02.0315 5572 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
10:40:02.0315 5572 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
10:40:02.0315 5572 C:\Windows\System32\mlang.dll - ok
10:40:02.0315 5572 [ A062F4F9F2E2A89F7C0ED75BE5AB8D3F ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
10:40:02.0315 5572 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
10:40:02.0315 5572 [ 340A842B7C5D21E08BFCBB7F9B58139D ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
10:40:02.0315 5572 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
10:40:02.0315 5572 [ F3B8464A02E793FD46BCF6F8F6DA878D ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
10:40:02.0315 5572 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
10:40:02.0315 5572 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
10:40:02.0315 5572 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
10:40:02.0330 5572 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
10:40:02.0330 5572 C:\Windows\SysWOW64\imapi2.dll - ok
10:40:02.0330 5572 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
10:40:02.0330 5572 C:\Windows\System32\netman.dll - ok
10:40:02.0330 5572 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
10:40:02.0330 5572 C:\Windows\System32\imapi2.dll - ok
10:40:02.0330 5572 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
10:40:02.0330 5572 C:\Windows\SysWOW64\rasdlg.dll - ok
10:40:02.0330 5572 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
10:40:02.0330 5572 C:\Windows\System32\rasdlg.dll - ok
10:40:02.0330 5572 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
10:40:02.0330 5572 C:\Windows\SysWOW64\hgcpl.dll - ok
10:40:02.0330 5572 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
10:40:02.0330 5572 C:\Windows\SysWOW64\rasapi32.dll - ok
10:40:02.0330 5572 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
10:40:02.0330 5572 C:\Windows\SysWOW64\rasman.dll - ok
10:40:02.0330 5572 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
10:40:02.0330 5572 C:\Windows\System32\hgcpl.dll - ok
10:40:02.0330 5572 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
10:40:02.0330 5572 C:\Windows\System32\fdWSD.dll - ok
10:40:02.0346 5572 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
10:40:02.0346 5572 C:\Windows\SysWOW64\dot3api.dll - ok
10:40:02.0346 5572 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\SysWOW64\fdSSDP.dll
10:40:02.0346 5572 C:\Windows\SysWOW64\fdSSDP.dll - ok
10:40:02.0346 5572 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
10:40:02.0346 5572 C:\Windows\System32\dot3api.dll - ok
10:40:02.0346 5572 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
10:40:02.0346 5572 C:\Windows\System32\fdSSDP.dll - ok
10:40:02.0346 5572 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
10:40:02.0346 5572 C:\Windows\SysWOW64\ssdpapi.dll - ok
10:40:02.0346 5572 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
10:40:02.0346 5572 C:\Windows\SysWOW64\wlanhlp.dll - ok
10:40:02.0346 5572 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
10:40:02.0346 5572 C:\Windows\System32\wlanhlp.dll - ok
10:40:02.0346 5572 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
10:40:02.0346 5572 C:\Windows\SysWOW64\wlanapi.dll - ok
10:40:02.0346 5572 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
10:40:02.0346 5572 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
10:40:02.0346 5572 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
10:40:02.0346 5572 C:\Windows\System32\httpapi.dll - ok
10:40:02.0362 5572 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
10:40:02.0362 5572 C:\Windows\SysWOW64\httpapi.dll - ok
10:40:02.0362 5572 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
10:40:02.0362 5572 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
10:40:02.0362 5572 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
10:40:02.0362 5572 C:\Windows\SysWOW64\pcwum.dll - ok
10:40:02.0362 5572 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
10:40:02.0362 5572 C:\Windows\SysWOW64\wlanutil.dll - ok
10:40:02.0362 5572 [ C39A98ED2AC51DEA729EC7256035FE9B ] C:\Windows\SysWOW64\LXEDsm.dll
10:40:02.0362 5572 C:\Windows\SysWOW64\LXEDsm.dll - ok
10:40:02.0362 5572 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
10:40:02.0362 5572 C:\Windows\SysWOW64\WWanAPI.dll - ok
10:40:02.0362 5572 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
10:40:02.0362 5572 C:\Windows\SysWOW64\wmp.dll - ok
10:40:02.0362 5572 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
10:40:02.0362 5572 C:\Windows\System32\ListSvc.dll - ok
10:40:02.0362 5572 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
10:40:02.0362 5572 C:\Windows\System32\WWanAPI.dll - ok
10:40:02.0362 5572 [ 15637C31362F017E6DDE6200AE96AE07 ] C:\Windows\SysWOW64\LXEDsmr.dll
10:40:02.0362 5572 C:\Windows\SysWOW64\LXEDsmr.dll - ok
10:40:02.0377 5572 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
10:40:02.0377 5572 C:\Windows\SysWOW64\wwapi.dll - ok
10:40:02.0377 5572 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
10:40:02.0377 5572 C:\Windows\System32\wwapi.dll - ok
10:40:02.0377 5572 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\SysWOW64\P2P.dll
10:40:02.0377 5572 C:\Windows\SysWOW64\P2P.dll - ok
10:40:02.0377 5572 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
10:40:02.0377 5572 C:\Windows\SysWOW64\wmploc.DLL - ok
10:40:02.0377 5572 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
10:40:02.0377 5572 C:\Windows\System32\IdListen.dll - ok
10:40:02.0377 5572 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
10:40:02.0377 5572 C:\Windows\System32\P2P.dll - ok
10:40:02.0377 5572 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
10:40:02.0377 5572 C:\Windows\SysWOW64\QAGENT.DLL - ok
10:40:02.0377 5572 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
10:40:02.0377 5572 C:\Windows\System32\QAGENT.DLL - ok
10:40:02.0377 5572 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll
10:40:02.0377 5572 C:\Windows\SysWOW64\p2pcollab.dll - ok
10:40:02.0377 5572 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
10:40:02.0377 5572 C:\Windows\System32\hgprint.dll - ok
10:40:02.0393 5572 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\SysWOW64\P2PGraph.dll
10:40:02.0393 5572 C:\Windows\SysWOW64\P2PGraph.dll - ok
10:40:02.0393 5572 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
10:40:02.0393 5572 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
10:40:02.0393 5572 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
10:40:02.0393 5572 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
10:40:02.0393 5572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
10:40:02.0393 5572 C:\Windows\System32\pnrpsvc.dll - ok
10:40:02.0393 5572 [ 44F5C1CF70AC8F7239F3B3667E58697A ] C:\Windows\SysWOW64\CertPolEng.dll
10:40:02.0393 5572 C:\Windows\SysWOW64\CertPolEng.dll - ok
10:40:02.0393 5572 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
10:40:02.0393 5572 C:\Windows\System32\CertPolEng.dll - ok
10:40:02.0393 5572 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
10:40:02.0393 5572 C:\Windows\SysWOW64\dssenh.dll - ok
10:40:02.0393 5572 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
10:40:02.0393 5572 C:\Windows\System32\dssenh.dll - ok
10:40:02.0393 5572 [ 357E38CAE32AA5BD847D8A4B2CCEC8EF ] C:\Program Files (x86)\Creative\ShareDLL\CADI\CtCadi.dll
10:40:02.0393 5572 C:\Program Files (x86)\Creative\ShareDLL\CADI\CtCadi.dll - ok
10:40:02.0393 5572 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
10:40:02.0393 5572 C:\Windows\System32\p2psvc.dll - ok
10:40:02.0408 5572 [ D31B0E09BA644A8B7B797713FFAA80D5 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CTThemeu.dll
10:40:02.0408 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CTThemeu.dll - ok
10:40:02.0408 5572 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
10:40:02.0408 5572 C:\Windows\System32\wbem\cimwin32.dll - ok
10:40:02.0408 5572 [ 7672B66E9BDA3FD7B3B54857B4C305AC ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CtrlSrcu.dll
10:40:02.0408 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\CtrlSrcu.dll - ok
10:40:02.0408 5572 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll
10:40:02.0408 5572 C:\Windows\SysWOW64\SearchFolder.dll - ok
10:40:02.0408 5572 [ 50B4230036B7453D232DFFFA8B489F88 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\GDICtrl.sku
10:40:02.0408 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\GDICtrl.sku - ok
10:40:02.0408 5572 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
10:40:02.0408 5572 C:\Windows\System32\SearchFolder.dll - ok
10:40:02.0408 5572 [ 626FAE12AB3FCC7715B621B63FF6F3B6 ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\GDICtrl2.sku
10:40:02.0408 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\GDICtrl2.sku - ok
10:40:02.0408 5572 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll
10:40:02.0408 5572 C:\Windows\SysWOW64\framedynos.dll - ok
10:40:02.0408 5572 [ 912F4220A2AF6E0F26A5F03DF42CA33D ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\GDICtrl3.sku
10:40:02.0408 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\GDICtrl3.sku - ok
10:40:02.0424 5572 [ F9D845272B6EBC7AEF5584DD5C12DEBF ] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\RtxCtrl.sku
10:40:02.0424 5572 C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\RtxCtrl.sku - ok
10:40:02.0424 5572 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
10:40:02.0424 5572 C:\Windows\SysWOW64\logoncli.dll - ok
10:40:02.0424 5572 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
10:40:02.0424 5572 C:\Windows\SysWOW64\browcli.dll - ok
10:40:02.0424 5572 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
10:40:02.0424 5572 C:\Windows\SysWOW64\schedcli.dll - ok
10:40:02.0424 5572 [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
10:40:02.0424 5572 C:\Windows\System32\drivers\ndis.sys - ok
10:40:02.0424 5572 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll
10:40:02.0424 5572 C:\Windows\SysWOW64\wmi.dll - ok
10:40:02.0424 5572 [ C20A186824E72509FB4826765757ADD2 ] C:\Program Files (x86)\Creative\ShareDLL\CADI\CtRice.dll
10:40:02.0424 5572 C:\Program Files (x86)\Creative\ShareDLL\CADI\CtRice.dll - ok
10:40:02.0424 5572 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:40:02.0424 5572 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:40:02.0424 5572 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
10:40:02.0424 5572 C:\Windows\System32\P2PGraph.dll - ok
10:40:02.0440 5572 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
10:40:02.0440 5572 C:\Windows\System32\framedynos.dll - ok
10:40:02.0440 5572 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll
10:40:02.0440 5572 C:\Windows\SysWOW64\drmv2clt.dll - ok
10:40:02.0440 5572 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll
10:40:02.0440 5572 C:\Windows\SysWOW64\blackbox.dll - ok
10:40:02.0440 5572 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
10:40:02.0440 5572 C:\Windows\SysWOW64\upnp.dll - ok
10:40:02.0440 5572 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll
10:40:02.0440 5572 C:\Windows\SysWOW64\wmdrmdev.dll - ok
10:40:02.0440 5572 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
10:40:02.0440 5572 C:\Windows\System32\wbem\wmipcima.dll - ok
10:40:02.0440 5572 [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\Windows\SysWOW64\stdole2.tlb
10:40:02.0440 5572 C:\Windows\SysWOW64\stdole2.tlb - ok
10:40:02.0440 5572 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
10:40:02.0440 5572 C:\Windows\System32\drmv2clt.dll - ok
10:40:02.0440 5572 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
10:40:02.0440 5572 C:\Windows\System32\wmdrmdev.dll - ok
10:40:02.0440 5572 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
10:40:02.0440 5572 C:\Windows\System32\blackbox.dll - ok
10:40:02.0455 5572 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
10:40:02.0455 5572 C:\Windows\System32\upnp.dll - ok
10:40:02.0455 5572 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
10:40:02.0455 5572 C:\Windows\System32\ssdpsrv.dll - ok
10:40:02.0455 5572 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
10:40:02.0455 5572 C:\Windows\System32\wmp.dll - ok
10:40:02.0455 5572 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
10:40:02.0455 5572 C:\Windows\System32\wmploc.DLL - ok
10:40:02.0455 5572 [ BB12F56EA81739FB7FF78CFF5D04AFDF ] C:\Program Files (x86)\Bluetooth Suite\GattI.dll
10:40:02.0455 5572 C:\Program Files (x86)\Bluetooth Suite\GattI.dll - ok
10:40:02.0455 5572 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll
10:40:02.0455 5572 C:\Windows\SysWOW64\wmpps.dll - ok
10:40:02.0455 5572 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
10:40:02.0455 5572 C:\Windows\System32\wmpps.dll - ok
10:40:02.0455 5572 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\SysWOW64\wmpmde.dll
10:40:02.0455 5572 C:\Windows\SysWOW64\wmpmde.dll - ok
10:40:02.0455 5572 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
10:40:02.0455 5572 C:\Windows\System32\wmpmde.dll - ok
10:40:02.0455 5572 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll
10:40:02.0455 5572 C:\Windows\SysWOW64\WinSATAPI.dll - ok
10:40:02.0471 5572 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
10:40:02.0471 5572 C:\Windows\System32\WinSATAPI.dll - ok
10:40:02.0471 5572 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
10:40:02.0471 5572 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
10:40:02.0471 5572 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL
10:40:02.0471 5572 C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok
10:40:02.0471 5572 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
10:40:02.0471 5572 C:\Windows\System32\MSMPEG2ENC.DLL - ok
10:40:02.0471 5572 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
10:40:02.0471 5572 C:\Windows\SysWOW64\devenum.dll - ok
10:40:02.0471 5572 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
10:40:02.0471 5572 C:\Windows\System32\devenum.dll - ok
10:40:02.0471 5572 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
10:40:02.0471 5572 C:\Windows\SysWOW64\msdmo.dll - ok
10:40:02.0471 5572 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
10:40:02.0471 5572 C:\Windows\System32\msdmo.dll - ok
10:40:02.0471 5572 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll
10:40:02.0471 5572 C:\Windows\SysWOW64\upnphost.dll - ok
10:40:02.0471 5572 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
10:40:02.0471 5572 C:\Windows\System32\upnphost.dll - ok
10:40:02.0486 5572 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
10:40:02.0486 5572 C:\Windows\SysWOW64\mscms.dll - ok
10:40:02.0486 5572 [ 14DB9DF4E9CD05327F829ED1BA57A0FC ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
10:40:02.0486 5572 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll - ok
10:40:02.0486 5572 [ 3FDC5B918B767DAB2963B1AA60ECF1AE ] C:\Windows\SysWOW64\nvapi.dll
10:40:02.0486 5572 C:\Windows\SysWOW64\nvapi.dll - ok
10:40:02.0486 5572 [ 342BA8FF963A9DD748FA492BBC0AC4EB ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
10:40:02.0486 5572 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll - ok
10:40:02.0486 5572 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
10:40:02.0486 5572 C:\Windows\System32\wbem\wmiprov.dll - ok
10:40:02.0486 5572 [ 408416EB4F50DAB83625481C0B4E6692 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
10:40:02.0486 5572 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok
10:40:02.0486 5572 [ 365E96584583C9FAE85953BD1A2D9850 ] C:\Windows\SysWOW64\nvd3dum.dll
10:40:02.0486 5572 C:\Windows\SysWOW64\nvd3dum.dll - ok
10:40:02.0486 5572 [ 7D1DB3D172529DC3C9BE52098942ED17 ] C:\Program Files (x86)\Steam\bin\friendsUI.dll
10:40:02.0486 5572 C:\Program Files (x86)\Steam\bin\friendsUI.dll - ok
10:40:02.0486 5572 [ B023CF1826017192D608209E5E75AAAF ] C:\Program Files (x86)\Steam\bin\ServerBrowser.dll
10:40:02.0486 5572 C:\Program Files (x86)\Steam\bin\ServerBrowser.dll - ok
10:40:02.0486 5572 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\SysWOW64\udhisapi.dll
10:40:02.0486 5572 C:\Windows\SysWOW64\udhisapi.dll - ok
10:40:02.0502 5572 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
10:40:02.0502 5572 C:\Windows\System32\udhisapi.dll - ok
10:40:02.0502 5572 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
10:40:02.0502 5572 C:\Windows\SysWOW64\d3d9.dll - ok
10:40:02.0502 5572 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
10:40:02.0502 5572 C:\Windows\SysWOW64\d3d8thk.dll - ok
10:40:02.0502 5572 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
10:40:02.0502 5572 C:\Windows\SysWOW64\schannel.dll - ok
10:40:02.0502 5572 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\SysWOW64\drttransport.dll
10:40:02.0502 5572 C:\Windows\SysWOW64\drttransport.dll - ok
10:40:02.0502 5572 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
10:40:02.0502 5572 C:\Windows\System32\drttransport.dll - ok
10:40:02.0502 5572 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\SysWOW64\drt.dll
10:40:02.0502 5572 C:\Windows\SysWOW64\drt.dll - ok
10:40:02.0502 5572 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
10:40:02.0502 5572 C:\Windows\System32\drt.dll - ok
10:40:02.0502 5572 [ F163B58094B55ED88774741D0F501188 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
10:40:02.0502 5572 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
10:40:02.0502 5572 [ CDD518EBEED5B1DD1FBEBACC4C07DA45 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll
10:40:02.0502 5572 C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll - ok
10:40:02.0518 5572 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
10:40:02.0518 5572 C:\Windows\System32\wbem\NCProv.dll - ok
10:40:02.0518 5572 ============================================================
10:40:02.0518 5572 Scan finished
10:40:02.0518 5572 ============================================================
10:40:02.0518 1076 Detected object count: 6
10:40:02.0518 1076 Actual detected object count: 6
10:40:47.0414 1076 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:40:47.0414 1076 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:40:47.0414 1076 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:40:47.0414 1076 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:40:47.0414 1076 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
10:40:47.0414 1076 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:40:47.0414 1076 ICCS ( UnsignedFile.Multi.Generic ) - skipped by user
10:40:47.0414 1076 ICCS ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:40:47.0414 1076 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:40:47.0414 1076 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:40:47.0414 1076 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user
10:40:47.0414 1076 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#5
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts

(Note: After reboot I received the following error: "there was a problem starting c:users\cary\appdata\roaming\rdints.dll Access is denied". Currently my recycle bin and Documents ans settings are locked and access is denied)



OK. Restart you PC and tell me do you get this errors again. Also please tell me do you get notification about trojan now?
  • 0

#6
SneakyReek

SneakyReek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I no longer get the error message however my recycle bin and documents and settings folder is still no longer accessible and shows a locked icon, along with the subfolders within it as well.

Microsoft Security Essentials no longer shows that the trojan is there but in testing my browser, it still is very much there and I'm getting redirected to the wrong webpages with more frequency.
  • 0

#7
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts

I no longer get the error message however my recycle bin and documents and settings folder is still no longer accessible and shows a locked icon, along with the subfolders within it as well.


I need to know can you access your Recycle Bin and Documents and Setting. Sometimes malware just change icons but everything is accessible. Just check can you access those folders with lock icon.

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
  • Combofix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#8
SneakyReek

SneakyReek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Update: After this last step, the "lock" icons are no longer present and things appear to be back to normal, at least on the surface.

Below it the OTL report:

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Cary
->Temp folder emptied: 213797315 bytes
->Temporary Internet Files folder emptied: 250480389 bytes
->Java cache emptied: 84747 bytes
->FireFox cache emptied: 832554557 bytes
->Flash cache emptied: 115526 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 175662705 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 3138174 bytes

Total Files Cleaned = 1,409.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12032012_110819

Files\Folders moved on Reboot...
C:\Users\Cary\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Cary\AppData\Local\Mozilla\Firefox\Profiles\y5i3oof0.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Cary\AppData\Local\Mozilla\Firefox\Profiles\y5i3oof0.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Cary\AppData\Local\Mozilla\Firefox\Profiles\y5i3oof0.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Cary\AppData\Local\Mozilla\Firefox\Profiles\y5i3oof0.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Cary\AppData\Local\Mozilla\Firefox\Profiles\y5i3oof0.default\urlclassifier3.sqlite moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#9
SneakyReek

SneakyReek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Combofix Log:

ComboFix 12-12-02.01 - Cary 12/03/2012 11:15:16.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8154.6363 [GMT -8:00]
Running from: c:\users\Cary\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\ntuser.dat
.
.
((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 )))))))))))))))))))))))))))))))
.
.
2012-12-03 19:20 . 2012-12-03 19:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-03 19:20 . 2012-12-03 19:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-02 19:19 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{349C6F3E-80FD-484C-B783-4165F1B314CA}\mpengine.dll
2012-12-01 18:59 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-30 18:31 . 2012-11-30 18:31 -------- d-----w- C:\_OTL
2012-11-29 21:19 . 2012-11-29 21:19 -------- d-----w- c:\users\Cary\AppData\Roaming\Malwarebytes
2012-11-29 21:19 . 2012-11-29 21:19 -------- d-----w- c:\programdata\Malwarebytes
2012-11-29 21:19 . 2012-11-29 21:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-29 21:19 . 2012-09-30 03:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-29 21:00 . 2012-11-29 21:00 -------- d-----w- c:\program files\HitmanPro
2012-11-29 21:00 . 2012-11-29 21:01 -------- d-----w- c:\programdata\HitmanPro
2012-11-29 20:59 . 2012-11-29 20:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-11-29 20:59 . 2012-11-29 20:59 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-29 07:53 . 2012-11-29 07:53 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{95D7F076-652A-40A1-8B84-101C100017D8}\gapaengine.dll
2012-11-28 07:40 . 2012-11-28 07:40 -------- d-----w- c:\users\Cary\AppData\Local\ElevatedDiagnostics
2012-11-18 09:45 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-15 08:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 08:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 08:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 08:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 08:03 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 08:03 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 08:03 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 08:03 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 08:03 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 08:03 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 08:03 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-29 20:59 . 2012-07-22 06:36 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-29 20:59 . 2012-07-22 06:36 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-28 07:35 . 2012-07-22 06:03 30528 ----a-w- c:\windows\GVTDrv64.sys
2012-11-28 07:35 . 2012-07-22 06:03 25640 ----a-w- c:\windows\gdrv.sys
2012-11-15 08:03 . 2012-07-22 06:29 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-29 01:54 . 2012-10-06 17:18 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-10-29 01:54 . 2012-10-06 08:39 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-16 08:38 . 2012-11-28 09:16 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 09:16 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 09:16 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-11 05:23 . 2012-10-11 05:23 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-11 05:23 . 2012-10-11 05:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-11 05:23 . 2012-10-11 05:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-11 05:23 . 2012-10-11 05:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-11 05:23 . 2012-10-11 05:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-11 05:23 . 2012-10-11 05:23 313704 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2012-10-11 05:23 . 2012-10-11 05:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-11 05:23 . 2012-10-11 05:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 05:23 . 2012-10-11 05:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-11 05:23 . 2012-10-11 05:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-11 05:23 . 2012-10-11 05:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 05:23 . 2012-10-11 05:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-11 05:23 . 2012-10-11 05:23 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-11 05:23 . 2012-10-11 05:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-11 05:23 . 2012-10-11 05:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 05:23 . 2012-10-11 05:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-11 05:23 . 2012-10-11 05:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 05:23 . 2012-10-11 05:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-11 05:22 . 2012-10-11 05:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-11 05:22 . 2012-10-11 05:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-11 05:22 . 2012-07-22 06:13 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-11 05:22 . 2012-10-11 05:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-11 05:22 . 2012-10-11 05:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 05:22 . 2012-10-11 05:22 364904 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2012-10-11 05:22 . 2012-10-11 05:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-11 05:22 . 2012-10-11 05:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 05:22 . 2012-10-11 05:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-09 00:11 . 2012-07-22 06:34 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 00:11 . 2012-07-22 06:34 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-08 05:34 . 2012-10-06 08:39 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-10-07 20:57 . 2009-08-18 19:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-10-07 20:56 . 2009-08-18 18:24 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-06 08:39 . 2012-10-06 08:39 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-10-02 21:15 . 2012-10-02 21:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-10-02 19:51 . 2012-07-22 06:13 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-07-22 06:13 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-07-22 06:13 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-07-22 06:13 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-07-22 06:13 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-07-22 06:13 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-09-27 10:32 . 2012-09-27 10:32 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-14 19:19 . 2012-10-10 00:13 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 00:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-03 1354736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"THX Audio Control Panel"="c:\program files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe" [2011-08-29 1517056]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" [2010-02-19 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-05 291608]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2012-5-14 17281024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxedCATSCustConnectService;lxedCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxedserv.exe [2010-04-14 45736]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-07-22 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-07-22 79360]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-04-26 135584]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-11-28 30528]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2012-05-12 121416]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-22 1255736]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-05 16152]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-02-13 106144]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-06-29 171688]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
S2 lxed_device;lxed_device;c:\windows\system32\lxedcoms.exe [2010-04-14 1052328]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2011-07-09 2932224]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2007-04-27 142120]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-02-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-02-13 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-02-13 110752]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-02-13 30368]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2012-02-13 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-02-13 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2012-02-13 280992]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-02-13 550560]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-05 355096]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-05 786200]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-08-11 104560]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-22 00:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-16 12445288]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-02-13 1020064]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-02-13 800416]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
"lxedmon.exe"="c:\program files (x86)\Lexmark S600 Series\lxedmon.exe" [2011-01-24 770728]
"EzPrint"="c:\program files (x86)\Lexmark S600 Series\ezprint.exe" [2011-01-24 148280]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\y5i3oof0.default\
FF - ExtSQL: 2012-11-30 10:02; {468bd646-46f6-42b0-95c6-6992a53bee09}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\y5i3oof0.default\extensions\{468bd646-46f6-42b0-95c6-6992a53bee09}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-45457674.sys
AddRemove-BattlEye for A2 - c:\program files (x86)\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Program Files (x86)\\GIGABYTE\\ET6\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Program Files (x86)\\GIGABYTE\\ET6\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Program Files (x86)\\GIGABYTE\\ET6\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Program Files (x86)\\GIGABYTE\\ET6\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-03 11:22:14
ComboFix-quarantined-files.txt 2012-12-03 19:22
.
Pre-Run: 587,892,023,296 bytes free
Post-Run: 587,732,148,224 bytes free
.
- - End Of File - - F5C0FA12EC4C7260C6BC3A39F8837EA1
  • 0

#10
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi SneakyReek,

Glad to hear that your system is fine now. Let's check it with antivirus.

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

Advertisements


#11
SneakyReek

SneakyReek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Update: I believe I was redirected to two incorrect sites while browsing yesterday. Tried running the Virus Removal Tool and twice and both times the program failed. I have attached a screen grab of the popup received from Kaspersky VRT but in case it doesn't work, below is the "information about the application state at the moment of failure".

Let me know if any additional info is needed. Thanks again.

Application Memory Dumps

1.8 GB 458.6 MB C:\Users\Cary\AppData\Local\Temp\KAT.11.0.0.1245_12.05_16.42_5836.GUI.full.dmp
6.2 MB 1.6 MB C:\Users\Cary\AppData\Local\Temp\KAT.11.0.0.1245_12.05_16.42_5836.GUI.mini.dmp
77.9 KB 19.5 KB C:\Users\Cary\AppData\Local\Temp\KAT.11.0.0.1245_12.05_16.42_5836.GUI.tiny.dmp

Edited by SneakyReek, 05 December 2012 - 06:57 PM.

  • 0

#12
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi SneakyReek,

Step 1

Please answer these questions for me so we can narrow the problem.
  • Do you use router to to access internet?
  • Do you have any other PCs connected to that router and does they get redirected?
  • Do you get redirected in all browsers you use or this redirection only effect one browser?

Step 2

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Step 3

Please don't forget to include these items in your reply:

  • MiniToolBox log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#13
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi SneakyReek,

Are you still with me? Did you manage to run scans?
  • 0

#14
SneakyReek

SneakyReek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I was out of town this past weekend and wasn't able to run anything. I'll update you with this asap tomorrow morning.
  • 0

#15
SneakyReek

SneakyReek

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Hi maliprog,

To answer your questions:

- I do use a router to access the internet
- I do not use any other PC's to access my home network
- I only use Firefox and have not checked any other browser.

Since my last email however, I have not experienced any redirection to malicious sites or anything else out of the ordinary.

Below is the MiniToolBox Log:

MiniToolBox by Farbar Version: 25-11-2012
Ran by Cary (administrator) on 10-12-2012 at 11:06:02
Running from "C:\Users\Cary\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection 2 (Disconnected)
Atheros AR5BWB222 Wireless Network Adapter = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Intel® 82579V Gigabit Network Connection = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Cary-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 2E-B7-0D-C8-1A-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 9C-B7-0D-C8-21-D4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5BWB222 Wireless Network Adapter
Physical Address. . . . . . . . . : 9C-B7-0D-C8-1A-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5896:9fee:e43c:34c0%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, December 10, 2012 8:02:46 AM
Lease Expires . . . . . . . . . . : Tuesday, December 11, 2012 8:02:50 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 429700877
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-9D-4E-BF-90-2B-34-30-0A-C4
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 90-2B-34-30-0A-C6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 90-2B-34-30-0A-C4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7BF666AE-756D-4347-AAC0-3A45CF3A589B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c3c:1c43:b358:7062(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c3c:1c43:b358:7062%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4007:800::1008
74.125.224.192
74.125.224.193
74.125.224.194
74.125.224.195
74.125.224.196
74.125.224.197
74.125.224.198
74.125.224.199
74.125.224.200
74.125.224.201
74.125.224.206


Pinging google.com [74.125.224.227] with 32 bytes of data:
Reply from 74.125.224.227: bytes=32 time=19ms TTL=54
Reply from 74.125.224.227: bytes=32 time=29ms TTL=54

Ping statistics for 74.125.224.227:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 29ms, Average = 24ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=112ms TTL=48
Reply from 98.138.253.109: bytes=32 time=59ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 59ms, Maximum = 112ms, Average = 85ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
20...2e b7 0d c8 1a 04 ......Microsoft Virtual WiFi Miniport Adapter
14...9c b7 0d c8 21 d4 ......Bluetooth Device (Personal Area Network)
12...9c b7 0d c8 1a 04 ......Atheros AR5BWB222 Wireless Network Adapter
11...90 2b 34 30 0a c6 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
10...90 2b 34 30 0a c4 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:1c3c:1c43:b358:7062/128
On-link
12 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::1c3c:1c43:b358:7062/128
On-link
12 281 fe80::5896:9fee:e43c:34c0/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/10/2012 00:33:48 AM) (Source: Application Error) (User: )
Description: Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x50c39fef
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1f34
Faulting application start time: 0xPlanetSide2.exe0
Faulting application path: PlanetSide2.exe1
Faulting module path: PlanetSide2.exe2
Report Id: PlanetSide2.exe3

Error: (12/05/2012 04:44:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: 2323430.exe, version: 11.0.0.1245, time stamp: 0x4d936e61
Faulting module name: avs.ppl, version: 11.0.0.1245, time stamp: 0x4d937058
Exception code: 0xc0000005
Fault offset: 0x00027969
Faulting process id: 0x16cc
Faulting application start time: 0x2323430.exe0
Faulting application path: 2323430.exe1
Faulting module path: 2323430.exe2
Report Id: 2323430.exe3

Error: (12/05/2012 04:23:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: 2323430.exe, version: 11.0.0.1245, time stamp: 0x4d936e61
Faulting module name: avs.ppl, version: 11.0.0.1245, time stamp: 0x4d937058
Exception code: 0xc0000005
Fault offset: 0x00016cfd
Faulting process id: 0x1654
Faulting application start time: 0x2323430.exe0
Faulting application path: 2323430.exe1
Faulting module path: 2323430.exe2
Report Id: 2323430.exe3

Error: (12/03/2012 00:02:03 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MacDrive file system driver.

System Error:
The system cannot find the file specified.
.

Error: (12/03/2012 11:52:56 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: SHLWAPI.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9ab
Exception code: 0xc0000005
Fault offset: 0x000000000000ae72
Faulting process id: 0xc08
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (11/28/2012 00:25:23 AM) (Source: Application Error) (User: )
Description: Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x50b56453
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x625f6d6f
Faulting process id: 0x1338
Faulting application start time: 0xPlanetSide2.exe0
Faulting application path: PlanetSide2.exe1
Faulting module path: PlanetSide2.exe2
Report Id: PlanetSide2.exe3

Error: (11/27/2012 10:53:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUI.exe, version: 1.0.0.1, time stamp: 0x4f0fc8d2
Faulting module name: HM.dll, version: 1.0.0.1, time stamp: 0x4ee1b2b8
Exception code: 0xc0000005
Fault offset: 0x00002aa9
Faulting process id: 0xdf0
Faulting application start time: 0xGUI.exe0
Faulting application path: GUI.exe1
Faulting module path: GUI.exe2
Report Id: GUI.exe3

Error: (11/26/2012 06:17:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUI.exe, version: 1.0.0.1, time stamp: 0x4f0fc8d2
Faulting module name: HM.dll, version: 1.0.0.1, time stamp: 0x4ee1b2b8
Exception code: 0xc0000005
Fault offset: 0x00002aa9
Faulting process id: 0xe60
Faulting application start time: 0xGUI.exe0
Faulting application path: GUI.exe1
Faulting module path: GUI.exe2
Report Id: GUI.exe3

Error: (11/21/2012 04:30:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUI.exe, version: 1.0.0.1, time stamp: 0x4f0fc8d2
Faulting module name: HM.dll, version: 1.0.0.1, time stamp: 0x4ee1b2b8
Exception code: 0xc0000005
Fault offset: 0x00002aa9
Faulting process id: 0xe14
Faulting application start time: 0xGUI.exe0
Faulting application path: GUI.exe1
Faulting module path: GUI.exe2
Report Id: GUI.exe3

Error: (11/20/2012 06:16:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUI.exe, version: 1.0.0.1, time stamp: 0x4f0fc8d2
Faulting module name: HM.dll, version: 1.0.0.1, time stamp: 0x4ee1b2b8
Exception code: 0xc0000005
Fault offset: 0x00002aa9
Faulting process id: 0xdd8
Faulting application start time: 0xGUI.exe0
Faulting application path: GUI.exe1
Faulting module path: GUI.exe2
Report Id: GUI.exe3


System errors:
=============
Error: (12/10/2012 08:03:10 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aspi32

Error: (12/10/2012 08:02:45 AM) (Source: Service Control Manager) (User: )
Description: The lxedCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (12/10/2012 08:02:45 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxedCATSCustConnectService service to connect.

Error: (12/09/2012 04:32:23 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aspi32

Error: (12/09/2012 04:32:05 PM) (Source: Service Control Manager) (User: )
Description: The lxedCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (12/09/2012 04:32:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxedCATSCustConnectService service to connect.

Error: (12/08/2012 07:06:54 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aspi32

Error: (12/08/2012 07:06:45 AM) (Source: Service Control Manager) (User: )
Description: The lxedCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (12/08/2012 07:06:45 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxedCATSCustConnectService service to connect.

Error: (12/07/2012 10:54:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aspi32


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-12-03 11:20:02.377
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-03 11:20:02.345
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

@BIOS (Version: 2.22)
ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
Adobe AIR (Version: 3.4.0.2540)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Amnesia: The Dark Descent
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
applicationupdater
ARMA 2
ARMA 2: Operation Arrowhead
Atheros Bluetooth Suite (64) (Version: 7.4.0.122)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.4.4)
AutoGreen B12.0206.1 (Version: 1.00.0000)
Avid EDL Manager (Version: 28.0.1)
Avid FilmScribe (Version: 28.0.1)
Avid License Control (Version: 6.0.1)
Avid Log Exchange (Version: 28.0.1)
Avid Media Composer (Version: 6.0.1)
Avid MediaLog (Version: 28.0.1)
Battlefield 3™ (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.138.0)
BattlEye for OA Uninstall
BattlEye Uninstall
Cities XL - Limited Edition
Deus Ex: Human Revolution
Easy Tune 6 B12.0210.2 (Version: 1.00.0000)
ESN Sonar (Version: 0.70.4)
Futuremark SystemInfo (Version: 4.9.0)
GameFly (Version: 1.1.960)
gamelauncher-ps2-live
GIGABYTE OC_GURU II (Version: 1.10.0000)
HitmanPro 3.6 (Version: 3.6.2.174)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.0.1351)
Intel® Network Connections 16.5.2.0 (Version: 16.5.2.0)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.1.209)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
Interlok driver setup x64 (Version: 5.9.0)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Left 4 Dead 2
Lexmark Printable Web (Version: 1.0.0.0)
Lexmark S600 Series
Lexmark Tools for Office (Version: 1.29.0.0)
License Support (Version: 1.1.0.0929)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
marvell 91xx driver (Version: 1.2.0.1010)
MetaSync (Version: 27.5.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE (Version: 3.0.89.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MotioninJoy Gamepad tool 0.7.1001 (Version: 0.7.1001)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA GeForce Experience 1.0 (BETA) (Version: 1.0 (BETA))
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 2.47.55 (Version: 2.47.55)
NVIDIA Update Components (Version: 2.47.55)
ON_OFF Charge B11.1102.1 (Version: 1.00.0001)
Origin (Version: 9.0.13.2142)
PlanetSide 2 (Version: 1.0.3.181)
PunkBuster Services (Version: 0.991)
Qualcomm Atheros WiFi Driver Installation (Version: 3.1)
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.6554)
S.T.A.L.K.E.R.: Call of Pripyat
Sentinel Protection Installer 7.4.0 (Version: 7.4.0)
Sound Blaster X-Fi MB 2 (Version: 1.0)
Source SDK Base 2007
Steam (Version: 1.0.0.0)
The Walking Dead
The Witcher 2 (Version: 1.00.0000)
Tom Clancy's Splinter Cell: Conviction
Total War: SHOGUN 2
Tropico 4
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 64-bit Redistributables (Version: 1.1.0.0929)
Visual C++ Redistributables (Version: 1.1.0.0929)
Warhammer® 40,000™: Dawn of War® II
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
XCOM: Enemy Unknown

========================= Devices: ================================

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 8153.81 MB
Available physical RAM: 5771.86 MB
Total Pagefile: 16305.82 MB
Available Pagefile: 13692.33 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.27 MB

========================= Partitions: =====================================

1 Drive c: (Windows RAID 0) (Fixed) (Total:931.52 GB) (Free:530.63 GB) NTFS
3 Drive e: (Media Drive) (Fixed) (Total:298.09 GB) (Free:190.06 GB) NTFS

========================= Users: ========================================

User accounts for \\CARY-PC

483CD972FCCF4B399EAC Administrator Cary
DD2E71F9724B4DFEA8B4 Guest UpdatusUser

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP