Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Multiple infections: Win32/Alureon.A, Babylon Search, etc. [Closed]

Started by jsound19 , Jan 18 2013 07:43 PM

This topic is locked

#1
jsound19

Posted 18 January 2013 - 07:43 PM

Member

Member
22 posts

Hi,the system that's infected is a Dell XPS laptop running Win8 with a couple of different viruses that i haven't been able to successfully remove. This isn't my computer but i'm posting on behalf of the owner of the laptop in hopes to finally clean up the computer. It's drastically slowed down the computer and it freezes up very often. Here's the OTL and Extras log:

OTL logfile created on: 1/18/2013 8:20:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
64bit- Professional (Version = 6.2.8400) - Type = NTWorkstation
Internet Explorer (Version = 9.10.8400.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.74 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 51.52% Memory free
7.49 Gb Paging File | 5.13 Gb Available in Paging File | 68.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 53.24 Gb Free Space | 11.80% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 8.29 Gb Free Space | 56.58% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/18 20:18:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2013/01/07 19:06:24 | 001,248,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/12/13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/12/11 22:04:24 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/08/30 19:39:50 | 003,268,608 | ---- | M] (USADISK Inc.) -- C:\Program Files (x86)\USADISK\USADISKDown.exe
PRC - [2012/05/13 22:25:16 | 003,907,240 | ---- | M] (Gretech Corp.) -- C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
PRC - [2012/05/08 06:06:10 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/08 06:06:09 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/08 06:06:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/04/04 05:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/03/07 01:57:02 | 002,092,896 | ---- | M] (ESTsoft Corporation) -- C:\Program Files (x86)\ESTsoft\ALToolBar\atbsvc.exe
PRC - [2012/02/23 11:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/11/14 22:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2011/06/13 04:05:28 | 000,155,856 | ---- | M] () -- C:\Program Files (x86)\USADISK\WEBHARD_Agent.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/07 19:06:22 | 000,460,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013/01/07 19:06:21 | 012,459,624 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013/01/07 19:06:19 | 004,012,648 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013/01/07 19:05:29 | 000,598,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013/01/07 19:05:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013/01/07 19:05:25 | 001,553,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012/07/06 22:17:00 | 000,366,760 | ---- | M] () -- C:\WINDOWS\Downloaded Program Files\USAControl.dll
MOD - [2012/04/11 22:28:00 | 000,166,912 | ---- | M] () -- C:\Program Files (x86)\GRETECH\GomPlayer\flashoverlay.dll
MOD - [2012/03/28 21:32:54 | 000,946,176 | ---- | M] () -- C:\Program Files (x86)\GRETECH\GomPlayer\GSFU.ax
MOD - [2012/02/13 23:29:28 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\ESTsoft\ALToolBar\zlib.dll
MOD - [2012/01/30 03:08:02 | 000,761,856 | ---- | M] () -- C:\Program Files (x86)\GRETECH\GomPlayer\GVF.ax
MOD - [2011/11/15 02:35:24 | 003,373,568 | ---- | M] () -- C:\Program Files (x86)\GRETECH\GomPlayer\libavcodec.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/02 01:11:16 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\GRETECH\GomPlayer\GRFU.ax
MOD - [2011/06/13 04:05:30 | 000,116,432 | ---- | M] () -- C:\Program Files (x86)\USADISK\WEBHARD_Engine.dll
MOD - [2011/06/12 22:48:56 | 003,715,584 | ---- | M] () -- C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Filters\ffdshow\ffdshow.ax
MOD - [2011/05/26 03:25:06 | 000,112,640 | ---- | M] () -- C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Filters\ffdshow\ff_liba52.dll
MOD - [2011/04/04 04:15:18 | 000,421,520 | ---- | M] () -- C:\Program Files (x86)\GRETECH\GomPlayer\GomTVStrm.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/10/15 04:35:52 | 001,433,600 | ---- | M] () -- C:\Program Files (x86)\GRETECH\GomPlayer\GAF.ax
MOD - [2009/08/11 08:19:04 | 000,797,184 | ---- | M] () -- C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Filters\ac3filter.ax

========== Services (SafeList) ==========

SRV:64bit: - [2012/07/11 13:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012/05/23 23:10:45 | 001,944,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/05/19 01:02:00 | 002,246,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/05/19 01:00:53 | 000,014,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/05/18 23:36:17 | 002,648,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/05/18 23:16:56 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/05/18 23:16:51 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/05/18 23:16:49 | 000,284,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/05/18 23:16:41 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012/05/18 23:16:37 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/05/18 23:16:35 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/05/18 23:15:39 | 000,464,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2012/05/18 23:15:38 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/05/18 23:15:37 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/05/18 23:15:37 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/05/18 23:15:04 | 000,437,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/05/18 23:14:59 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/05/18 23:14:38 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/05/18 23:14:33 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/05/18 23:14:25 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/05/18 23:14:21 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/05/18 23:14:07 | 000,158,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/05/18 23:14:05 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/05/18 23:14:05 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/05/18 23:14:03 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012/05/18 20:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/05/18 20:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/05/18 20:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/05/18 20:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/05/18 20:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/05/18 20:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2012/12/13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/10/08 10:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/18 23:42:17 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/05/18 23:36:17 | 002,648,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/05/08 06:06:10 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/08 06:06:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/13 04:05:28 | 000,155,856 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\USADISK\WEBHARD_Agent.exe -- (USADISK_AGENT)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/08 10:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/09/19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 10:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/09/14 22:09:10 | 012,311,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/05/19 01:44:04 | 000,025,296 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/05/19 01:44:03 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/05/19 01:17:59 | 000,093,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/05/19 01:17:13 | 000,067,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/05/19 01:16:42 | 000,077,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/05/19 01:16:27 | 000,184,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012/05/19 01:16:27 | 000,147,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012/05/19 01:16:24 | 000,051,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2012/05/19 01:15:41 | 000,036,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/05/19 01:15:41 | 000,027,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/05/19 01:03:02 | 000,259,272 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012/05/19 01:00:51 | 000,034,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2012/05/19 00:59:18 | 000,067,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012/05/19 00:59:12 | 000,361,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/05/18 23:32:23 | 003,291,336 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/05/18 23:32:23 | 000,113,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/05/18 23:32:22 | 000,092,360 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/05/18 23:32:22 | 000,081,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/05/18 23:32:22 | 000,081,096 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/05/18 23:32:22 | 000,065,224 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/05/18 23:32:21 | 000,322,760 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/05/18 23:32:21 | 000,105,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/05/18 23:32:20 | 000,539,336 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/05/18 23:32:20 | 000,438,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2012/05/18 23:32:20 | 000,331,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012/05/18 23:32:20 | 000,211,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/05/18 23:32:20 | 000,106,696 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/05/18 23:32:20 | 000,096,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/05/18 23:32:19 | 000,258,248 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/05/18 23:32:19 | 000,075,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/18 23:32:19 | 000,026,312 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/05/18 23:32:17 | 000,283,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/05/18 23:32:17 | 000,086,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/05/18 23:32:17 | 000,064,200 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/05/18 23:32:16 | 000,077,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/05/18 23:32:16 | 000,049,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/05/18 23:32:16 | 000,030,920 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/05/18 23:32:16 | 000,023,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/05/18 22:36:40 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/05/18 22:36:35 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/05/18 22:36:29 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/05/18 22:36:21 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/05/18 22:35:51 | 000,029,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2012/05/18 22:35:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/05/18 22:35:24 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/05/18 22:35:08 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/05/18 22:35:05 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/05/18 22:35:03 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/05/18 22:34:51 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/05/18 22:34:49 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/05/18 22:34:45 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/05/18 22:34:37 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/05/18 22:34:19 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/05/18 22:34:15 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/05/18 22:34:04 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/05/18 22:33:42 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/05/18 22:33:33 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/05/18 22:33:26 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/05/18 22:33:23 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/05/18 22:33:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012/05/18 22:32:59 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012/05/18 22:32:56 | 000,116,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012/05/18 22:32:53 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/05/18 22:32:50 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012/05/18 22:32:00 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/05/18 22:31:42 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/05/18 22:31:26 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/05/08 06:06:10 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/08 06:06:10 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/02/28 23:05:09 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/02/28 23:05:05 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012/02/15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/09 22:21:21 | 000,141,848 | ---- | M] (Kings Information & Network) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\kcrtx64.sys -- (kcrtx64)
DRV:64bit: - [2012/01/09 22:21:21 | 000,013,896 | R--- | M] (SoftForum Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\JRSKD24.SYS -- (JRSKD24)
DRV:64bit: - [2011/11/14 22:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011/10/19 19:56:50 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/08/20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/08/20 06:05:18 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/07/02 04:46:58 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2009/09/17 10:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/04/16 13:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 87 14 06 EE A8 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0000026c7b1e742
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@gomtv.com/gomtvx-plugin: C:\Program Files (x86)\Common Files\GRETECH\npgomtvx_nie.dll (Gretech Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

[2012/11/27 21:43:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: gomtvx NIE Module (Enabled) = C:\Program Files (x86)\Common Files\GRETECH\npgomtvx_nie.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/19 01:44:06 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (ALToolbarBho) - {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBar_2211.dll (ESTsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ALToolBar) - {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBar_2211.dll (ESTsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HncUpdate] C:\Program Files (x86)\Hnc\HncUtils\HncChecker.exe (Hancom Inc(HNC).)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USADISK] C:\Program Files (x86)\USADISK\FsLauncher.exe (USA DISK Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8:64bit: - Extra context menu item: 알툴바 빠른검색(&Q) - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBand_2211.dll (ESTsoft Corporation)
O8:64bit: - Extra context menu item: 이미지 EXIF 정보 보기 - File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: 알툴바 빠른검색(&Q) - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBand_2211.dll (ESTsoft Corporation)
O8 - Extra context menu item: 이미지 EXIF 정보 보기 - File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dabdate.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: wedisk.co.kr ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: wedisk.net ([]http in Trusted sites)
O16:64bit: - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {1219B6C3-CD4D-4243-9A4F-4C9F12FCC6E7} http://ck.softforum....KKeyProInst.cab (CK_KeyPro_Inst)
O16 - DPF: {24F6E6A8-852C-45A8-ADD3-C4AB0D6FD231} https://plugin.inici...let61_vista.cab (INIwallet61 Control)
O16 - DPF: {270EC7A6-4096-469B-865C-F9678A2C742B} http://www.payzone.c...yX/EasyPayX.cab (EasyPayX Control)
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} http://mpi.dacom.net...MPI/XPayMPI.cab (XPayMPIOCX Control)
O16 - DPF: {5547DED5-E6A9-469A-90F0-5BFE5CD33FF1} https://pay.kcp.co.k...CPPaymentUX.cab (KCPUX Class)
O16 - DPF: {871B7F45-1A71-4A2F-9E21-4E89C347784E} http://global.wedisk.../WeShortCut.cab (WeShortCut Control)
O16 - DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} https://www.bankpay..../BankPayEFT.cab (BankPayEFTCtrl Control)
O16 - DPF: {B7DF6B14-7F2A-49C2-A8C8-21AAD560B0BC} http://www.usadisk.c.../USAControl.CAB (USADISK File Share Control 5)
O16 - DPF: {C634DAF9-AC32-475C-9D66-81B7210E8EE4} http://gl.wedisk.co....eDiskUpdate.cab (WeDiskUpdateInstaller Class)
O16 - DPF: {C6710B89-FB87-4CE8-A719-565767E70D27} http://www.melon.com...onWebLinker.cab (MelonLinker Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab (SysInfo Class)
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} https://www.vpay.co....TLD_VISTA64.cab (KvpIspCtlD Control)
O16 - DPF: GPplayerActiveXCAB http://music.godpeop...rActiveXCAB.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0EDEF4AE-E3E6-4963-A7B2-388865E8B434}: DhcpNameServer = 167.206.254.2 167.206.254.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2890FD4-ADE8-400D-B4BD-1158F9586ECF}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\smart - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\smart {402CA0E4-3090-402e-BE90-3EE9B766EBB0} - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBarProtocol.dll ()
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\{5a28e9e7-2b09-11e1-989c-f04da25ac3ba}\Shell - "" = AutoRun
O33 - MountPoints2\{5a28e9e7-2b09-11e1-989c-f04da25ac3ba}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{63d70d52-166c-11e1-bcc7-f04da25ac3ba}\Shell - "" = AutoRun
O33 - MountPoints2\{63d70d52-166c-11e1-bcc7-f04da25ac3ba}\Shell\AutoRun\command - "" = "H:\LaunchU3.exe"
O33 - MountPoints2\{63d70d5f-166c-11e1-bcc7-f04da25ac3ba}\Shell - "" = AutoRun
O33 - MountPoints2\{63d70d5f-166c-11e1-bcc7-f04da25ac3ba}\Shell\AutoRun\command - "" = "H:\LaunchU3.exe" -a
O33 - MountPoints2\{a7582acc-4ed9-11e2-9b96-f04da25ac3ba}\Shell - "" = AutoRun
O33 - MountPoints2\{a7582acc-4ed9-11e2-9b96-f04da25ac3ba}\Shell\AutoRun\command - "" = "H:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

========== Files - Modified Within 30 Days ==========

[2013/01/18 20:25:03 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/18 20:19:03 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/18 20:11:00 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/18 20:08:02 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/01/18 20:07:57 | 3010,691,072 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/29 21:40:56 | 000,848,230 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2012/12/29 21:40:56 | 000,710,244 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2012/12/29 21:40:56 | 000,132,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2012/12/29 20:29:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2012/12/22 23:00:47 | 006,739,552 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012/12/29 20:29:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2012/12/22 22:59:24 | 006,739,552 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2012/09/14 22:07:48 | 000,128,204 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng575.bin
[2012/09/14 22:07:48 | 000,105,608 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg575m.bin
[2012/09/14 22:07:46 | 000,867,020 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng575.bin
[2012/09/14 21:49:48 | 013,913,600 | ---- | C] () -- C:\WINDOWS\SysWow64\ig4icd32.dll
[2012/09/10 23:23:43 | 000,000,132 | ---- | C] () -- C:\Users\User\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/08/30 21:01:25 | 000,025,872 | ---- | C] () -- C:\WINDOWS\SysWow64\INIUAC.exe
[2012/08/20 10:48:18 | 000,126,672 | ---- | C] () -- C:\WINDOWS\SysWow64\KCPPaymentUX.dll
[2012/05/19 04:33:53 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012/05/19 04:33:51 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012/05/19 03:42:15 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/05/18 21:55:09 | 000,093,696 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012/05/18 21:34:38 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012/05/18 17:07:47 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/05/18 16:59:01 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012/02/28 22:56:32 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/01/29 18:36:02 | 000,001,456 | ---- | C] () -- C:\Users\User\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/01/09 22:40:00 | 000,047,280 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\SCSK5.sys
[2012/01/09 22:40:00 | 000,000,024 | ---- | C] () -- C:\WINDOWS\SysWow64\scskConfigEH.ini
[2012/01/09 09:32:44 | 000,000,132 | ---- | C] () -- C:\Users\User\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/11/22 03:07:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\hjimesv.ini
[2011/11/22 03:07:25 | 000,000,016 | ---- | C] () -- C:\WINDOWS\SysWow64\winhcfgb.ini
[2011/10/11 12:42:42 | 001,980,480 | ---- | C] () -- C:\WINDOWS\SysWow64\ISPPopUpDlg.exe
[2011/07/05 11:04:54 | 000,500,928 | ---- | C] () -- C:\WINDOWS\SysWow64\KvpUpCom.dll
[2011/06/20 15:04:28 | 000,000,278 | ---- | C] () -- C:\WINDOWS\SysWow64\dnVPWidget.ini
[2011/04/27 18:49:56 | 000,046,264 | ---- | C] () -- C:\WINDOWS\SysWow64\WeDiskGlobal.exe

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/05/18 23:16:24 | 019,675,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/05/18 23:42:08 | 017,492,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/05/18 23:14:37 | 001,010,176 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/05/18 23:40:05 | 000,787,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/05/18 23:16:51 | 000,456,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/08 15:21:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo
[2012/11/27 21:43:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
[2012/08/25 23:33:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/04/10 21:57:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012/04/10 21:57:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/11/04 09:55:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FileZilla
[2012/05/19 12:22:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HNC
[2012/11/22 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PDAppFlex
[2012/04/29 01:16:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PDF Software
[2012/11/27 21:43:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PDFCreatorPackages
[2011/12/31 20:17:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\redsn0w
[2012/08/16 20:08:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/11/22 02:40:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TeraCopy
[2013/01/18 20:30:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2012/03/16 04:05:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wedisk

========== Purity Check ==========

< End of report >

Extras.txt

OTL Extras logfile created on: 1/18/2013 8:20:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
64bit- Professional (Version = 6.2.8400) - Type = NTWorkstation
Internet Explorer (Version = 9.10.8400.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.74 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 51.52% Memory free
7.49 Gb Paging File | 5.13 Gb Available in Paging File | 68.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 53.24 Gb Free Space | 11.80% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 8.29 Gb Free Space | 56.58% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [ALSong.enqueue] -- "C:\Program Files (x86)\ESTsoft\ALSong\ALSong.exe" /add "%1" (ESTsoft Corp.)
Directory [ALSong.open] -- "C:\Program Files (x86)\ESTsoft\ALSong\ALSong.exe" "%1" (ESTsoft Corp.)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [GomAudio.Add] -- C:\Program Files (x86)\GRETECH\GomAudio\GOMA.exe /add "%1" ((주)그래텍)
Directory [GomAudio.AddCur] -- "C:\Program Files (x86)\GRETECH\GomAudio\GOMA.exe" /addCur "%1" ((주)그래텍)
Directory [GomAudio.Play] -- C:\Program Files (x86)\GRETECH\GomAudio\GOMA.exe "%1" ((주)그래텍)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [ALSong.enqueue] -- "C:\Program Files (x86)\ESTsoft\ALSong\ALSong.exe" /add "%1" (ESTsoft Corp.)
Directory [ALSong.open] -- "C:\Program Files (x86)\ESTsoft\ALSong\ALSong.exe" "%1" (ESTsoft Corp.)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [GomAudio.Add] -- C:\Program Files (x86)\GRETECH\GomAudio\GOMA.exe /add "%1" ((주)그래텍)
Directory [GomAudio.AddCur] -- "C:\Program Files (x86)\GRETECH\GomAudio\GOMA.exe" /addCur "%1" ((주)그래텍)
Directory [GomAudio.Play] -- C:\Program Files (x86)\GRETECH\GomAudio\GOMA.exe "%1" ((주)그래텍)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 13 6F C1 B5 9B 35 CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F0CF73D-04D5-44EB-8765-CCD737E95BF6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{195030BB-EE3D-4EE2-B37A-3D8F3F05439D}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{333527E3-F627-49C0-AFE2-8889527D2ABA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BFCD9E0-4BB2-416C-BCE2-2D0EE6C477C3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4E6C7BC8-1C69-467B-B660-914A7ABAAFFA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56C0BA72-302A-48DC-A254-7D09457A5FEE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{58E4D5C0-5547-4DB8-83E5-416E00B79AC9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6712C35F-7B02-4C25-AA45-EFCFF0064887}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73BA5342-F552-42EB-B7F8-AEC6F8F5CBD8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7878E5D9-2ACB-487D-A99A-0DF5C228F4CD}" = rport=2869 | protocol=6 | dir=out | app=system |
"{810AE3F5-E4B7-4F4E-8DE8-0D9D2167EC28}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{89D9B5AD-7D18-4D5D-A003-9B583210D056}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{9C020E79-ABF6-46FD-915A-66117D359041}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AD2FCB3F-5765-4C55-BD0F-AE1CEB2EC07C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B4A13DA1-0B4A-40D7-B2B4-D3431EB0A1BB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CFFC0EE2-4C2E-483E-B78C-D16E1531893A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D492426F-6165-4C5F-9DE6-56FCC9153CD8}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DC777221-0E1D-4073-9C1C-E5CBE20E816B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DCDC59FC-920B-4F6B-BEBD-B042E04463F7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E74D9613-965B-4170-9AAB-7DFCAA47AF22}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FBE77E03-CC08-445C-B576-C1158AE68C8D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF4917E6-E5F2-475A-8553-7B45ADED9E04}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02D92BE4-A3B7-48BE-9622-F0B94D72799F}" = dir=out | name=@{microsoft.bingtravel_1.1.1.45_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{061A71F3-048F-4FF8-A7D1-F67E92EE3CF2}" = dir=out | name=@{microsoft.reader_6.2.8379.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{0764ED0A-8B6C-40B3-8AFE-BD3E859DA2AE}" = dir=in | app=c:\program files (x86)\melon player4\system32\p3melonasvr2.exe |
"{0A5A313B-B3C1-45E8-9E78-B4624F293686}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C475A11-EE41-4751-A436-70F5EBE2FABF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{16043039-701B-4D35-954F-38D0622B01DC}" = dir=out | name=windows_ie_ac_001 |
"{1A40EB5F-26E8-4CD3-98C6-3C6C45619575}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1EE290A9-85C5-476F-B965-BD10C37415A6}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.3364.511_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{248A1F70-31F3-467B-8010-C0DBCE6D57A0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{24A217D1-91B6-4A01-946D-FD0344C50248}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{263B1EE1-0166-4A09-BC9B-152B91222F13}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2C81B950-B421-4436-A395-A5E1D9B87A11}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{2CEB8004-F6D5-49A0-9EA0-BB6E32919F42}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{2FEE3AC2-0297-406A-B636-DD9FE28678DD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3683A4CB-8137-4253-B7ED-91FA7BAC9CB0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{36D03442-45C4-4F18-BA6D-9A6014C2520E}" = dir=out | name=@{microsoft.bingmaps_1.1.1.41_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{402887E4-5E3C-479E-BF50-B1D4F854301B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43503AE7-3CED-42E1-A865-15DFD4CB2C00}" = dir=out | name=@{microsoft.bingsports_1.1.1.45_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{4B35019C-4884-47A8-9F49-75B556BC321E}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{56576138-B6DD-48B7-AD97-64BCCB9DB0B8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{579CEC2F-55E8-4566-8547-44BDBE5A0032}" = dir=out | name=@{microsoft.bingweather_1.1.1.40_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{62D46CD2-9207-4781-A54E-DD597437F633}" = dir=in | name=@{microsoft.windowsphotos_16.4.3363.511_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{62DA7DE8-D043-4118-AC72-D84B68718800}" = protocol=6 | dir=out | app=system |
"{69B7E21E-9F11-481A-932E-23CC4888A261}" = dir=out | name=@{microsoft.bingnews_1.1.1.41_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{6CF476FD-9C10-4019-94BA-4D0E965A6B03}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.3364.511_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{70225A36-C868-4965-BCC7-4E8762809D5D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{77161A60-1AB0-44DF-AA47-96CBD91B024C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.810.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/33276} |
"{79535E0E-87C3-4C90-BF37-CFA0F268618D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7994DBEA-AC68-458E-BE3F-B154D82FECC2}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{82FECA8F-A3E2-4E0C-97DF-BBCC60BD81B0}" = protocol=58 | dir=in | [email protected],-148 |
"{8794BAC2-8729-449A-B2ED-0423B72EACE5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{87BB22E8-152A-4743-BDC1-D671A3E4331E}" = dir=out | name=@{microsoft.bingfinance_1.1.1.43_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{8D9328C8-5310-425E-8B3C-0E8284AD0D37}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{91013F61-9208-40FC-9EDD-639D03DC0F8A}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.3364.511_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{934C98AD-1B6D-487A-B79C-30CD70E8EEB6}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9F9E1294-C434-4068-9321-A2EF07941F23}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A36A8865-E4DC-4937-A64B-C77C86D1D24D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A5058001-4820-4550-A0C5-5D4C7791D6D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A586EF00-E506-4C67-AB14-DD1B32D3D179}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe |
"{AB117B92-15D0-4BA8-B602-7F26874C2705}" = dir=out | name=@{microsoft.windowsphotos_16.4.3363.511_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{AC83325A-1C5C-422B-9C80-62AC345C2560}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B3DE3503-B189-4963-A01E-E5CB9484F2A3}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe |
"{B5848601-9EA8-4FE6-B560-5691A54E5BC2}" = dir=in | app=c:\program files (x86)\melon player4\playback\pino-melon.exe |
"{B77F504E-76CF-4181-A7B3-7FD3F28A75EB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BAF3B540-2A3E-4CB0-96E5-B5E9001FCD1A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C4D5A108-634D-4F7E-98B0-0360A009A037}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C892AA25-514C-40F9-AD28-EAA1B56EBEB4}" = dir=out | name=@{microsoft.zunemusic_1.0.810.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{CC0EA10B-E3B9-4711-9D00-B1809B4845CB}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{DA45409B-A9BD-426A-B281-D933F442CB2B}" = dir=out | name=@{microsoft.zunevideo_1.0.810.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{DAF0B68E-8C10-445B-ADDA-1DCEE362614B}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E621A05E-4148-48F5-AA96-1539E20F2E09}" = dir=in | name=@{microsoft.zunemusic_1.0.810.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{E7A57E9F-C8EC-412F-AB8C-7E61F2EFF2EE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E970DBD1-9F97-48F3-99C2-0EDB13085BBB}" = dir=in | name=@{microsoft.zunevideo_1.0.810.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{EDA1259E-3BA5-4B2A-866D-8605061B102B}" = dir=in | name=@{microsoft.reader_6.2.8379.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F9F4A49E-BC81-45C5-B485-AA819ECBCF38}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{FAC9289E-FACA-410D-B661-C80B3AF7E8F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FEFDC5AB-01E1-4602-9054-14A57803A3AF}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{FF5E74E2-09EB-4C48-9D7B-2DCD996AA62C}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{23E6BB37-6E83-4AD5-9249-F24238E2D2CD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{4120A511-00DA-4909-A5D0-1B87C49AF469}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"TCP Query User{4D6A33F3-0402-4F36-ADDF-8173E58882E4}C:\program files (x86)\wedisk\wediskdownload.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wedisk\wediskdownload.exe |
"TCP Query User{5886F2A6-8DC7-4406-AE8C-B834182A5020}C:\program files (x86)\wedisk\wediskdownload.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wedisk\wediskdownload.exe |
"TCP Query User{6C5EC869-9115-4233-A706-6E3B4A5C4B76}C:\users\user\desktop\redsn0w_win_0.9.10b2\redsn0w.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\redsn0w_win_0.9.10b2\redsn0w.exe |
"TCP Query User{7829EF70-D82A-49C3-9570-946039D828C5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{7F6CFE6B-D90D-479E-A4A8-54D95E3A9A66}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{C5731232-84A9-4B23-8036-C0AC87BDAD0D}C:\program files (x86)\wedisk\wediskdownload.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wedisk\wediskdownload.exe |
"UDP Query User{CD628DC5-C013-4D82-9160-518F68869204}C:\program files (x86)\wedisk\wediskdownload.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wedisk\wediskdownload.exe |
"UDP Query User{D3FA332A-4484-477D-A331-192754A8FC9E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{ED01ED11-FAC9-4AAA-A7FB-70B4B4F6D212}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"UDP Query User{F18D9910-FAD3-49CE-9F6D-CBADA0EF8A72}C:\users\user\desktop\redsn0w_win_0.9.10b2\redsn0w.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\redsn0w_win_0.9.10b2\redsn0w.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{291ADE12-A46B-4B39-BC9E-94C756EDCFF2}" = Hancom Office 2010
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4ED7D297-58F7-45C3-A9BA-A7CD6FA0D373}_is1" = SureThing CD Labeler Deluxe
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C796A21-4DE3-4121-99AD-C39AE1CF5AB8}_is1" = Epubor version 1.40
"{61048242-4586-417E-B51E-4A9FF54F317F}" = EnuFontInstaller
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"ALSong_is1" = 알송 2.71
"ALToolBar_is1" = 알툴바 2.21
"ALUpdate_is1" = 알툴즈 업데이트
"ALZip_is1" = 알집 8.51
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.12
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DtsFilter" = DTS+AC3 Filter
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.70
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.18.403
"GOM Player" = GOM Player
"GomAudio" = 곰오디오
"GomTV Launcher Plugin" = GOMTV Plug-in
"Google Chrome" = Google Chrome
"Haansoft HOffice 80 Korean" = Hancom Office 2010
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"NVIDIA.Updatus" = NVIDIA Updatus
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PowerISO" = PowerISO
"SoftcampSCSK" = SoftCamp Secure KeyStroke 4.0
"USADISK" = 미주디스크 프로그램 삭제
"uTorrent" = µTorrent
"webmmf" = WebM Media Foundation Components
"Wedisk" = 위디스크 ActiveX
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/18/2013 9:24:01 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13750

Error - 1/18/2013 9:24:01 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13750

Error - 1/18/2013 9:24:03 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/18/2013 9:24:03 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15141

Error - 1/18/2013 9:24:03 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15141

Error - 1/18/2013 9:24:04 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/18/2013 9:24:04 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16531

Error - 1/18/2013 9:24:04 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16531

Error - 1/18/2013 9:24:05 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/18/2013 9:24:05 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 17922

Error - 1/18/2013 9:24:05 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 17922

Error - 1/18/2013 9:24:07 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/18/2013 9:24:07 PM | Computer Name = User-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 19391

[ Internet Explorer Events ]
Error - 7/12/2012 12:34:31 AM | Computer Name = User-PC | Source = Internet Explorer | ID = 268435455
Description =

Error - 7/12/2012 12:34:31 AM | Computer Name = User-PC | Source = Internet Explorer | ID = 268435455
Description =

[ System Events ]
Error - 8/30/2012 3:18:05 PM | Computer Name = User-PC | Source = ipnathlp | ID = 30013
Description =

Error - 8/30/2012 4:11:08 PM | Computer Name = User-PC | Source = ipnathlp | ID = 30013
Description =

Error - 8/30/2012 8:14:08 PM | Computer Name = User-PC | Source = ipnathlp | ID = 30013
Description =

Error - 8/30/2012 8:14:08 PM | Computer Name = User-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{C2890FD4-ADE8-400D-B4BD-1158F9586ECF}
because another computer on the network has the same name. The server could not
start.

Error - 8/30/2012 8:14:08 PM | Computer Name = User-PC | Source = NetBT | ID = 4321
Description = The name "USER-PC :20" could not be registered on the interface
with IP address 10.0.0.7. The computer with the IP address 10.0.0.2 did not allow
the name to be claimed by this computer.

Error - 8/30/2012 8:14:09 PM | Computer Name = User-PC | Source = NetBT | ID = 4321
Description = The name "USER-PC :0" could not be registered on the interface
with IP address 10.0.0.7. The computer with the IP address 10.0.0.2 did not allow
the name to be claimed by this computer.

Error - 8/30/2012 8:14:09 PM | Computer Name = User-PC | Source = NetBT | ID = 4321
Description = The name "USER-PC :0" could not be registered on the interface
with IP address 10.0.0.7. The computer with the IP address 10.0.0.2 did not allow
the name to be claimed by this computer.

Error - 8/30/2012 10:10:52 PM | Computer Name = User-PC | Source = NetBT | ID = 4321
Description = The name "USER-PC :0" could not be registered on the interface
with IP address 10.0.0.7. The computer with the IP address 10.0.0.2 did not allow
the name to be claimed by this computer.

Error - 8/30/2012 10:11:11 PM | Computer Name = User-PC | Source = NetBT | ID = 4321
Description = The name "USER-PC :0" could not be registered on the interface
with IP address 10.0.0.7. The computer with the IP address 10.0.0.2 did not allow
the name to be claimed by this computer.

Error - 8/30/2012 10:11:15 PM | Computer Name = User-PC | Source = NetBT | ID = 4321
Description = The name "USER-PC :0" could not be registered on the interface
with IP address 10.0.0.7. The computer with the IP address 10.0.0.2 did not allow
the name to be claimed by this computer.

< End of report >

#2
gringo_pr

Posted 18 January 2013 - 08:00 PM

Trusted Helper

Malware Removal
7,268 posts

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

Please do not run any tools unless instructed to do so.
- We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
Please do not attach logs or use code boxes, just copy and paste the text.
- Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
Please read every post completely before doing anything.
- Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
Please provide feedback about your experience as we go.
- A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

Download Security Check by screen317 from here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

Download & SAVE to your Desktop RogueKiller or from here
Quit all programs that you may have started.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7, right-click and select "Run as Administrator to start"
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
click on "delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and copy/paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop
Exit/Close RogueKiller+

Gringo

#3
jsound19

Posted 18 January 2013 - 08:19 PM

Member

Topic Starter
Member
22 posts

checkup:
Results of screen317's Security Check version 0.99.57
x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Google Chrome 23.0.1271.97
Google Chrome 24.0.1312.52
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Windows Defender MsMpEng.exe
Windows Defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

adw:
# AdwCleaner v2.106 - Logfile created 01/18/2013 at 21:12:28
# Updated 17/01/2013 by Xplode
# Operating system : Windows 8 Release Preview (64 bits)
# User : User - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\User\Desktop\vp\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.8400.0

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.52

*************************

AdwCleaner[S1].txt - [1899 octets] - [18/01/2013 21:12:28]

########## EOF - C:\AdwCleaner[S1].txt - [1959 octets] ##########

rk:
RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.8400 ) 64 bits version
Started in : Normal mode
User : User [Admin rights]
Mode : Remove -- Date : 01/18/2013 21:17:33

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] a728053f433aa6c836c2f87cf9104b32
[BSP] 0532f49c93d33aac926ccc28f04dc43a : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 15000 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 461899 Mo
3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 976771120 | Size: 0 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_01182013_02d2117.txt >>
RKreport[1]_S_01182013_02d2117.txt ; RKreport[2]_D_01182013_02d2117.txt

#4
gringo_pr

Posted 19 January 2013 - 06:44 AM

Trusted Helper

Malware Removal
7,268 posts

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

#5
jsound19

Posted 19 January 2013 - 10:44 PM

Member

Topic Starter
Member
22 posts

MBAR wasn't very effective because it only found one .exe file in the appdata/local/temp folder but all the other problems are still there. I've scanned multiple times and didn't get anything more than that

#6
gringo_pr

Posted 19 January 2013 - 11:06 PM

Trusted Helper

Malware Removal
7,268 posts

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

In your next post I need the following
Log from Combofix
let me know of any problems you may have had
How is the computer doing now?

Gringo

#7
jsound19

Posted 20 January 2013 - 03:02 PM

Member

Topic Starter
Member
22 posts

Combofix won't run because the OS is windows 8.

#8
gringo_pr

Posted 20 January 2013 - 07:58 PM

Trusted Helper

Malware Removal
7,268 posts

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

#9
jsound19

Posted 20 January 2013 - 09:30 PM

Member

Topic Starter
Member
22 posts

aswMBR kept on crashing but i have the log for tdsskiller:

21:53:28.0354 3816 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:53:28.0714 3816 ============================================================
21:53:28.0714 3816 Current date / time: 2013/01/20 21:53:28.0714
21:53:28.0714 3816 SystemInfo:
21:53:28.0714 3816
21:53:28.0714 3816 OS Version: 6.2.8400 ServicePack: 0.0
21:53:28.0714 3816 Product type: Workstation
21:53:28.0714 3816 ComputerName: USER-PC
21:53:28.0714 3816 UserName: User
21:53:28.0714 3816 Windows directory: C:\WINDOWS
21:53:28.0714 3816 System windows directory: C:\WINDOWS
21:53:28.0714 3816 Running under WOW64
21:53:28.0714 3816 Processor architecture: Intel x64
21:53:28.0714 3816 Number of processors: 4
21:53:28.0714 3816 Page size: 0x1000
21:53:28.0714 3816 Boot type: Normal boot
21:53:28.0714 3816 ============================================================
21:53:29.0839 3816 BG loaded
21:53:30.0793 3816 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:53:30.0824 3816 ============================================================
21:53:30.0824 3816 \Device\Harddisk0\DR0:
21:53:30.0824 3816 MBR partitions:
21:53:30.0824 3816 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
21:53:30.0824 3816 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625800
21:53:30.0824 3816 ============================================================
21:53:30.0871 3816 C: <-> \Device\Harddisk0\DR0\Partition2
21:53:30.0981 3816 D: <-> \Device\Harddisk0\DR0\Partition1
21:53:30.0981 3816 ============================================================
21:53:30.0981 3816 Initialize success
21:53:30.0981 3816 ============================================================
21:54:14.0956 4532 ============================================================
21:54:14.0956 4532 Scan started
21:54:14.0956 4532 Mode: Manual; SigCheck; TDLFS;
21:54:14.0956 4532 ============================================================
21:54:18.0895 4532 ================ Scan system memory ========================
21:54:18.0895 4532 System memory - ok
21:54:18.0895 4532 ================ Scan services =============================
21:54:19.0270 4532 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:54:19.0410 4532 !SASCORE - ok
21:54:20.0348 4532 [ 424D2E3CDA29388246EA3810E1026FB0 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
21:54:20.0411 4532 1394ohci - ok
21:54:20.0457 4532 [ 7B79456B871FC7F28F9DA922CFAE98CB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
21:54:20.0489 4532 3ware - ok
21:54:20.0535 4532 [ 7A505465BBB1EB8B5AD4D76E8749383B ] Acceler C:\WINDOWS\system32\DRIVERS\Accelern.sys
21:54:20.0614 4532 Acceler - ok
21:54:20.0645 4532 [ D8F80A6E875DE8C41B74BEBED1399D5E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:54:20.0676 4532 ACPI - ok
21:54:20.0692 4532 [ 978B3F407F1C1424BC82B8AA0544E9E7 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
21:54:20.0707 4532 acpiex - ok
21:54:20.0817 4532 [ 01277516487C88A95A79002A50CA7E48 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
21:54:20.0864 4532 acpipagr - ok
21:54:20.0910 4532 [ 36329F44A31A37DE2449EDC710790DB3 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
21:54:20.0942 4532 AcpiPmi - ok
21:54:20.0989 4532 [ CFB99BC025810C7AFEE564F4C649B202 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
21:54:21.0020 4532 acpitime - ok
21:54:21.0082 4532 [ C6FBBBCCDE1F3C031AC52D1B97245C81 ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
21:54:21.0114 4532 adp94xx - ok
21:54:21.0160 4532 [ BD3F2A18BD08681DF31D94A57332347C ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
21:54:21.0192 4532 adpahci - ok
21:54:21.0207 4532 [ D398171FEDE1220F422D2E7F46E27C11 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
21:54:21.0239 4532 adpu320 - ok
21:54:21.0286 4532 [ 9BE954A4AB7D7C501E8D7BDE81840051 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
21:54:21.0348 4532 AeLookupSvc - ok
21:54:21.0395 4532 [ F4CA34A46AF9570A265FD37B5C944EFD ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:54:21.0489 4532 AFD - ok
21:54:21.0504 4532 [ D509C96C9538D506D8787736A2DB873B ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
21:54:21.0536 4532 agp440 - ok
21:54:21.0582 4532 [ 9EF416EC99E3389D1199D47DA23A6C93 ] ALG C:\WINDOWS\System32\alg.exe
21:54:21.0661 4532 ALG - ok
21:54:21.0770 4532 [ BF4AB6D7A41B1045CA94C3A2BF626272 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
21:54:21.0786 4532 AllUserInstallAgent - ok
21:54:21.0817 4532 [ EDC45B6334593C480CA347F4A8E5E8AA ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
21:54:21.0879 4532 AmdK8 - ok
21:54:21.0895 4532 [ 5F2F0512736B256115E1A40EF5ED4496 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
21:54:21.0942 4532 AmdPPM - ok
21:54:21.0973 4532 [ C49B013605D8590B998F2A878B4A125C ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:54:22.0004 4532 amdsata - ok
21:54:22.0082 4532 [ 38C327328C81B9D04966A2E494D2280F ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:54:22.0114 4532 amdsbs - ok
21:54:22.0129 4532 [ AADB4A4A3907D99B9AD74F428C678202 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:54:22.0161 4532 amdxata - ok
21:54:22.0317 4532 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:54:22.0348 4532 AntiVirSchedulerService - ok
21:54:22.0442 4532 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:54:22.0489 4532 AntiVirService - ok
21:54:22.0536 4532 [ 88F89541568AB7AD921ADB49C988CC49 ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:54:22.0567 4532 AppID - ok
21:54:22.0614 4532 [ CB97FCA3E1BA7B0B73E5FAC04BAB1EED ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:54:22.0645 4532 AppIDSvc - ok
21:54:22.0707 4532 [ 7A0B515FB396B44AC67319C170E2C0A2 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:54:22.0754 4532 Appinfo - ok
21:54:22.0895 4532 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:54:22.0942 4532 Apple Mobile Device - ok
21:54:22.0989 4532 [ 225A2BB928A0665652235B78579F27C1 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:54:23.0036 4532 AppMgmt - ok
21:54:23.0098 4532 [ E429E5EDDEAEF9112EFEE409921C41C9 ] arc C:\WINDOWS\system32\drivers\arc.sys
21:54:23.0114 4532 arc - ok
21:54:23.0161 4532 [ CAAE1F05E3E806A0968D2EA0DFAC881C ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:54:23.0192 4532 arcsas - ok
21:54:23.0254 4532 [ 49A4A38F0EDF5DA56E6BC89A3FECFB94 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:54:23.0332 4532 AsyncMac - ok
21:54:23.0379 4532 [ B9DE09BE24B7FE5B111E93F7BBE40011 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:54:23.0582 4532 atapi - ok
21:54:23.0661 4532 [ F479CA747B44D18D6C196DAA32A931BE ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:54:23.0707 4532 AudioEndpointBuilder - ok
21:54:23.0801 4532 [ EC02C140CDA35E3E168AAC675293FA91 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
21:54:23.0864 4532 Audiosrv - ok
21:54:23.0879 4532 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:54:23.0957 4532 avgntflt - ok
21:54:23.0957 4532 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:54:23.0989 4532 avipbb - ok
21:54:24.0004 4532 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:54:24.0020 4532 avkmgr - ok
21:54:24.0051 4532 [ 25FDDBDC2D196578B8DD444225D1DB25 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:54:24.0082 4532 AxInstSV - ok
21:54:24.0192 4532 [ 1A80F2A2D952A5D21CCFE918ADEE98CF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:54:24.0270 4532 b06bdrv - ok
21:54:24.0286 4532 [ FF228C3673F94BF49375AA9114BB1D9B ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:54:24.0317 4532 BasicDisplay - ok
21:54:24.0332 4532 [ F2F2DAB5DF2C69F80F10F33DA2AF7E7F ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
21:54:24.0395 4532 BasicRender - ok
21:54:24.0442 4532 [ CF71FFA325205BA1A40D1A889492D1FB ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:54:24.0489 4532 BDESVC - ok
21:54:24.0520 4532 [ 82E8914EB47C8B292212558BF1D4B152 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:54:24.0536 4532 Beep - ok
21:54:24.0629 4532 [ E21539EDA45E10224908E99C5FA93040 ] BFE C:\WINDOWS\System32\bfe.dll
21:54:24.0692 4532 BFE - ok
21:54:24.0786 4532 [ 32D9CB7D343D4A3FA889E3C3B8451C19 ] BITS C:\WINDOWS\System32\qmgr.dll
21:55:05.0009 4532 BITS - ok
21:55:05.0791 4532 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:55:05.0853 4532 Bonjour Service - ok
21:55:05.0900 4532 [ E27035197D26256CD4ACFE0DD0C81710 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:55:05.0994 4532 bowser - ok
21:55:06.0072 4532 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\WINDOWS\System32\drivers\BrFiltLo.sys
21:55:06.0181 4532 BrFiltLo - ok
21:55:06.0228 4532 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\WINDOWS\System32\drivers\BrFiltUp.sys
21:55:06.0259 4532 BrFiltUp - ok
21:55:06.0353 4532 [ 3B63D4565C2AD843E7A429F8CD873FEE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:55:06.0416 4532 BrokerInfrastructure - ok
21:55:06.0494 4532 [ 0275E8283FDC4620417862CC24E86227 ] Browser C:\WINDOWS\System32\browser.dll
21:55:06.0556 4532 Browser - ok
21:55:06.0666 4532 [ 4882F0042EE18681D26294535DE4E1BD ] Brserid C:\WINDOWS\System32\Drivers\Brserid.sys
21:55:06.0884 4532 Brserid - ok
21:55:06.0916 4532 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\WINDOWS\System32\Drivers\BrSerWdm.sys
21:55:07.0041 4532 BrSerWdm - ok
21:55:07.0103 4532 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
21:55:08.0259 4532 BrUsbMdm - ok
21:55:08.0338 4532 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\WINDOWS\System32\Drivers\BrUsbSer.sys
21:55:08.0385 4532 BrUsbSer - ok
21:55:08.0463 4532 [ C4BD406449430268D01C050B0E67F8E2 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:55:08.0666 4532 BthAvrcpTg - ok
21:55:08.0744 4532 [ 44B4E5E55D3BDB5BA270CAB1476617EF ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
21:55:08.0838 4532 BthHFEnum - ok
21:55:08.0916 4532 [ 539666583307C360DEB4408B05404BF4 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
21:55:08.0978 4532 bthhfhid - ok
21:55:09.0010 4532 [ 8BB9203910F0392381C8D0D01CAD0614 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
21:55:09.0150 4532 BTHMODEM - ok
21:55:09.0213 4532 [ 67240832EC4020F2CFBD1D7DFF66219C ] bthserv C:\WINDOWS\system32\bthserv.dll
21:55:09.0322 4532 bthserv - ok
21:55:09.0400 4532 [ D1CDEE76BEFA08384F430FA8443D74A1 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:55:09.0635 4532 cdfs - ok
21:55:09.0728 4532 [ C00764D61B8F47DAF236AA7E82F40666 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
21:55:09.0775 4532 cdrom - ok
21:55:09.0869 4532 [ DB8B763E355B7DB58D1FB46D79651E9D ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:55:09.0964 4532 CertPropSvc - ok
21:55:10.0026 4532 [ F46B4C6124DCC59A31D84A986637D3C3 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
21:55:10.0401 4532 circlass - ok
21:55:10.0417 4532 [ 98081B1DD9F3E128D7FE0D1FA9EB65CF ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
21:55:10.0479 4532 CLFS - ok
21:55:10.0557 4532 [ FBC6D71EB64CEF8206F6CAF28D7AE51B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
21:55:10.0604 4532 CmBatt - ok
21:55:10.0776 4532 [ 8C7E72C99442912B0421BE6F4452C361 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:55:10.0995 4532 CNG - ok
21:55:11.0073 4532 [ 2A57EB9ECCF891216479696C0261732A ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
21:55:11.0136 4532 CompositeBus - ok
21:55:11.0151 4532 COMSysApp - ok
21:55:11.0198 4532 [ 33D30F282A361E24277A3F5814206B44 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
21:55:11.0276 4532 condrv - ok
21:55:11.0354 4532 [ DBF4E9F328B3C253B86B53462DB21190 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:55:11.0448 4532 CryptSvc - ok
21:55:11.0604 4532 [ 11C7397FFF45A10F4BCBA284486FB385 ] CSC C:\WINDOWS\system32\drivers\csc.sys
21:55:11.0776 4532 CSC - ok
21:55:12.0011 4532 [ 3510236ACD1A1AF57780D116B174AEE6 ] CscService C:\WINDOWS\System32\cscsvc.dll
21:55:12.0214 4532 CscService - ok
21:55:12.0308 4532 [ A279F1FA2A73E0842EB1D46FB8057925 ] dam C:\WINDOWS\system32\drivers\dam.sys
21:55:12.0323 4532 dam - ok
21:55:12.0511 4532 [ 6446876DDE28C69B344FCB0C15D8604E ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:55:12.0558 4532 DcomLaunch - ok
21:55:12.0651 4532 [ 599EF8503C20AD7BA2A0B800A6A53643 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:55:12.0698 4532 defragsvc - ok
21:55:12.0855 4532 [ 8DA891C72B190CCAFDD6586FC419DEF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:55:12.0917 4532 DeviceAssociationService - ok
21:55:12.0979 4532 [ D5609A195EA599793228EACDDAB1574B ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
21:55:13.0042 4532 DeviceInstall - ok
21:55:13.0120 4532 [ C38276884CAAF8A28CFCD0385B4FE9AB ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
21:55:13.0167 4532 Dfsc - ok
21:55:13.0229 4532 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:55:13.0245 4532 dg_ssudbus - ok
21:55:13.0323 4532 [ 0E4E24976DD1E0F83C038EC2950711BD ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:55:13.0354 4532 Dhcp - ok
21:55:13.0417 4532 [ F269915E61BEC9FD87DE7AE9E388D53D ] discache C:\WINDOWS\system32\drivers\discache.sys
21:55:13.0479 4532 discache - ok
21:55:13.0526 4532 [ DB8278E7C60F459AAEF6F6BB8D4EC8C8 ] disk C:\WINDOWS\system32\drivers\disk.sys
21:55:13.0558 4532 disk - ok
21:55:13.0620 4532 [ F274A95E59CEA5111C31F3489BC0B996 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
21:55:13.0667 4532 dmvsc - ok
21:55:13.0729 4532 [ CE209F9BD5F406FA630A9882394A6D73 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:55:13.0745 4532 Dnscache - ok
21:55:13.0808 4532 [ 3EEAE9E753EBD26FFA8D39F286026FD6 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:55:13.0870 4532 dot3svc - ok
21:55:13.0948 4532 [ F461BF486F8940A5504ED2B2A1457691 ] DPS C:\WINDOWS\system32\dps.dll
21:55:13.0995 4532 DPS - ok
21:55:14.0042 4532 [ DFEEBB402C810C4E4029846E5FACE242 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:55:14.0104 4532 drmkaud - ok
21:55:14.0151 4532 [ A34A8EA4B9F1E7FACD140F77D6FCDBA0 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
21:55:14.0198 4532 DsmSvc - ok
21:55:14.0589 4532 [ 3C31CA9F07783D17805D9697ECF86EC6 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:55:14.0714 4532 DXGKrnl - ok
21:55:14.0761 4532 [ C2B2102094D349F6793DDBA0CC96A00E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
21:55:14.0808 4532 Eaphost - ok
21:55:15.0183 4532 [ 9BFEA2D54E9E05473B65F4A5D165BA94 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:55:15.0433 4532 ebdrv - ok
21:55:15.0480 4532 [ 6DBD56C7117F98D56C8880614FE765B7 ] EFS C:\WINDOWS\System32\lsass.exe
21:55:15.0542 4532 EFS - ok
21:55:15.0605 4532 [ ADB83713B9B2A87671AE85C4E04DD459 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
21:55:15.0636 4532 EhStorClass - ok
21:55:15.0651 4532 [ B87844ABF349EF991356E06F1404B6B3 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:55:15.0667 4532 EhStorTcgDrv - ok
21:55:15.0698 4532 [ B7BA03FE7576E3B6D6A88C1976BD32F5 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
21:55:15.0745 4532 ErrDev - ok
21:55:15.0823 4532 [ 3EB2D4B286B191C04D858999FC2D5E4B ] EventSystem C:\WINDOWS\system32\es.dll
21:55:15.0870 4532 EventSystem - ok
21:55:15.0886 4532 [ AD498A7AFDBA687139145DF54C354723 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:55:15.0933 4532 exfat - ok
21:55:15.0948 4532 [ B26C50A42BA5AA0B618228B01EA5C251 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:55:15.0980 4532 fastfat - ok
21:55:16.0073 4532 [ 042874B5EB6983E76BD2D5F5FEF63874 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:55:16.0167 4532 Fax - ok
21:55:16.0214 4532 [ 6D1440F76976C41917E5778A0A1DBB1C ] fdc C:\WINDOWS\System32\drivers\fdc.sys
21:55:16.0245 4532 fdc - ok
21:55:16.0308 4532 [ 719E865C1C29B3C21C4A672A3CEC1024 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:55:16.0370 4532 fdPHost - ok
21:55:16.0417 4532 [ DA71950CAAF4C19CDC0B85E3BD350430 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:55:16.0464 4532 FDResPub - ok
21:55:16.0495 4532 [ 573B1E0C9DBBFA5017632EA3839356A3 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
21:55:16.0526 4532 fhsvc - ok
21:55:16.0573 4532 [ BEEA545AF75940119D2D75EB67BD5092 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:55:16.0605 4532 FileInfo - ok
21:55:16.0667 4532 [ 2B06050B6741F516718EA0999D65D19A ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:55:16.0745 4532 Filetrace - ok
21:55:16.0777 4532 [ 54EAD64A1701673858973D35F90C99E7 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
21:55:16.0792 4532 flpydisk - ok
21:55:16.0870 4532 [ 063C1D7FD55ADD7A2033898F2982C573 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:55:16.0886 4532 FltMgr - ok
21:55:17.0026 4532 [ 54740179CA5CD46B624F25067C2D779C ] FontCache C:\WINDOWS\system32\FntCache.dll
21:55:17.0073 4532 FontCache - ok
21:55:17.0292 4532 [ E45958C0F94B657FF28AE3948E112E86 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:55:17.0323 4532 FontCache3.0.0.0 - ok
21:55:17.0370 4532 [ 07EFF859A468CDA994386EF95E1FDD61 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:55:17.0401 4532 FsDepends - ok
21:55:17.0448 4532 [ E753BD52E3E36146B5FE402BFDF62302 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:55:17.0464 4532 Fs_Rec - ok
21:55:17.0526 4532 [ 2DBD4EA900E922613D685162EB0A7F9A ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:55:17.0605 4532 fvevol - ok
21:55:17.0620 4532 [ 50DAAB9AB31D770E010E62390B524169 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
21:55:17.0651 4532 FxPPM - ok
21:55:17.0683 4532 [ D0A13530B3168EB704D0717BC6D1F39B ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
21:55:17.0698 4532 gagp30kx - ok
21:55:17.0714 4532 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:55:17.0730 4532 GEARAspiWDM - ok
21:55:17.0777 4532 [ 5B73B002330F8EC7D154ECF49BEF9C2F ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
21:55:17.0808 4532 gencounter - ok
21:55:17.0823 4532 [ DC25DE2BEF13842230A1FA36F3D25D40 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:55:17.0855 4532 GPIOClx0101 - ok
21:55:18.0011 4532 [ EC331AE332E88CBC2BCFAED5F1866FD5 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:55:18.0042 4532 gpsvc - ok
21:55:18.0183 4532 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:18.0198 4532 gupdate - ok
21:55:18.0230 4532 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:18.0230 4532 gupdatem - ok
21:55:18.0292 4532 [ ED7EED62597BCD9F6B72740178382253 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
21:55:18.0355 4532 HdAudAddService - ok
21:55:18.0402 4532 [ 6EFA99D7979F19566A40D8846CF6AC8D ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
21:55:18.0464 4532 HDAudBus - ok
21:55:18.0495 4532 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
21:55:18.0495 4532 HECIx64 - ok
21:55:18.0527 4532 [ 2351C5B00B8418B469434E2895B96B0B ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
21:55:18.0573 4532 HidBatt - ok
21:55:18.0636 4532 [ 4EDD4B76C1EAD49C87B64EBE56FB2EBD ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
21:55:18.0683 4532 HidBth - ok
21:55:18.0745 4532 [ 9F9698B36E342B8BCF89175C42439A94 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
21:55:18.0808 4532 hidi2c - ok
21:55:18.0839 4532 [ 69C4FCA1ECCA441683A2CC12C40A5545 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
21:55:18.0902 4532 HidIr - ok
21:55:18.0933 4532 [ 288FB363911D46D8C4D63F60F91936F0 ] hidserv C:\WINDOWS\system32\hidserv.dll
21:55:18.0995 4532 hidserv - ok
21:55:19.0042 4532 [ DA2261E06585E5B486951C1534CFFCA7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
21:55:19.0089 4532 HidUsb - ok
21:55:19.0136 4532 [ 53D9E66C713F50F52E40C2D3CD3C2303 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
21:55:19.0167 4532 hkmsvc - ok
21:55:19.0214 4532 [ 7E2C90480EF29DA772C8AF38AA7560A3 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:55:19.0230 4532 HomeGroupListener - ok
21:55:19.0292 4532 [ 774EABB98EF1244EFDE60330C40F06DD ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:55:19.0355 4532 HomeGroupProvider - ok
21:55:19.0417 4532 [ 9262834A216C8A7B6A36CC2B0E3F9F98 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:55:19.0448 4532 HpSAMD - ok
21:55:19.0573 4532 [ 52F7C34DA051FD8AF00E8949ED09BE8F ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:55:19.0620 4532 HTTP - ok
21:55:19.0667 4532 [ 0D9C2862E4F76A3C505767F0C4D51D18 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:55:19.0683 4532 hwpolicy - ok
21:55:19.0730 4532 [ 34F1F053C9CFDE33C802E30B9FFF2C6E ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
21:55:19.0808 4532 hyperkbd - ok
21:55:19.0870 4532 [ 3A3ADA2EE3FAC2A766B5B899B7DF25C9 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
21:55:19.0933 4532 HyperVideo - ok
21:55:19.0964 4532 [ 8BFDC55618DA43180234D4BFAACB9960 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
21:55:20.0011 4532 i8042prt - ok
21:55:20.0089 4532 [ 3F8EA41490B72D28EA3CAFE00C44E00E ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:55:20.0136 4532 iaStorV - ok
21:55:20.0230 4532 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:55:20.0261 4532 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:55:20.0261 4532 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:55:21.0152 4532 [ 0893F4E0D6BAA83F7725069D073ECC3A ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:55:21.0949 4532 igfx - ok
21:55:22.0386 4532 [ 773E6FE440900C26BD4947CD6491A1C2 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
21:55:22.0417 4532 iirsp - ok
21:55:22.0558 4532 [ E1647CC48642739E86589313F4056AA1 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:55:22.0699 4532 IKEEXT - ok
21:55:22.0745 4532 [ 23E5AC193FC6079F148DB00FB9F1E856 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:55:22.0777 4532 intelide - ok
21:55:22.0808 4532 [ CF7F47434D80BC3C17BE002675904297 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
21:55:22.0855 4532 intelppm - ok
21:55:22.0902 4532 [ 184D23148A89148FED79D46647706147 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:55:22.0964 4532 IpFilterDriver - ok
21:55:23.0027 4532 [ C5F5BE9161BAA4C777630B1149715E95 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:55:23.0089 4532 iphlpsvc - ok
21:55:23.0136 4532 [ EACEFC102555501B37824FA430F45252 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:55:23.0183 4532 IPMIDRV - ok
21:55:23.0261 4532 [ E561C19F0F4A451EF40BFE1DED2EA4C0 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:55:23.0277 4532 IPNAT - ok
21:55:23.0480 4532 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:55:23.0511 4532 iPod Service - ok
21:55:23.0558 4532 [ EEDADE0EA3D9636BE6676D8E6A90264C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:55:23.0589 4532 IRENUM - ok
21:55:23.0652 4532 [ 6098F936E315ACC053A18FE482EC0A60 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:55:23.0667 4532 isapnp - ok
21:55:23.0761 4532 [ 86D2EBA1501E7C8D2CF1250972A9132F ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
21:55:23.0824 4532 iScsiPrt - ok
21:55:23.0855 4532 [ 754C76EC146C648A689430F2C7A5E0DE ] JRSKD24 C:\Windows\system32\JRSKD24.SYS
21:55:23.0870 4532 JRSKD24 - ok
21:55:23.0886 4532 [ E18D1A5E1514E699019747344C48B786 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
21:55:23.0902 4532 kbdclass - ok
21:55:23.0949 4532 [ D2D99CEC0B58405FD4F0E560D33CCD6E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
21:55:23.0980 4532 kbdhid - ok
21:55:24.0011 4532 [ B2023B8C0ACA7A4FF75A69E877DFB2D4 ] kcrtx64 C:\Windows\system32\kcrtx64.sys
21:55:24.0027 4532 kcrtx64 - ok
21:55:24.0074 4532 [ 81D262CA5A8C8A3D529579CAB3E790BA ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
21:55:24.0121 4532 kdnic - ok
21:55:24.0167 4532 [ 6DBD56C7117F98D56C8880614FE765B7 ] KeyIso C:\WINDOWS\system32\lsass.exe
21:55:24.0183 4532 KeyIso - ok
21:55:24.0214 4532 [ BF07E34596039A56C4E382B16379C915 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:55:24.0245 4532 KSecDD - ok
21:55:24.0277 4532 [ EC7E8BA4047DEBE8BBB4F387DECDAF0E ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:55:24.0292 4532 KSecPkg - ok
21:55:24.0324 4532 [ 96C82EED9DFBAC84788C5A5BC1C8F97E ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:55:24.0386 4532 ksthunk - ok
21:55:24.0449 4532 [ 6B9B96D711FA8AD43C4B4D415F12A5D0 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:55:24.0558 4532 KtmRm - ok
21:55:24.0636 4532 [ 6E2A5F67366818C9A79DD010F9E7F22B ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
21:55:24.0667 4532 LanmanServer - ok
21:55:24.0714 4532 [ F110DBAFE7C233CAB620163C54FE2A32 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:55:24.0792 4532 LanmanWorkstation - ok
21:55:24.0855 4532 [ 58068B1479D210029E6DE7BD6FCF24C8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
21:55:24.0886 4532 lltdio - ok
21:55:24.0965 4532 [ 32DE699E264D65209823C8A63C2F734B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:55:25.0028 4532 lltdsvc - ok
21:55:25.0075 4532 [ C22DD22905925903E3CFFD7B73D9193B ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:55:25.0090 4532 lmhosts - ok
21:55:25.0169 4532 [ 8C70AE72C3D419025F3B82FA32731497 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:55:25.0200 4532 LSI_SAS - ok
21:55:25.0262 4532 [ 7A34B808436CA8C8C81CE059489B63C1 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
21:55:25.0293 4532 LSI_SAS2 - ok
21:55:25.0309 4532 [ DFB2AC00B95C723F66D11C69EDF13E73 ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
21:55:25.0340 4532 LSI_SCSI - ok
21:55:25.0356 4532 [ F32AA985036F2894E6F1AF9FD18AEDE1 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
21:55:25.0372 4532 LSI_SSS - ok
21:55:25.0481 4532 [ AEC53F42776DB9AF2B8760BC34FDFAAC ] LSM C:\WINDOWS\System32\lsm.dll
21:55:25.0528 4532 LSM - ok
21:55:25.0590 4532 [ CD8D01B46E7274653B417D865859206E ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:55:25.0653 4532 luafv - ok
21:55:25.0840 4532 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:55:25.0856 4532 MDM ( UnsignedFile.Multi.Generic ) - warning
21:55:25.0856 4532 MDM - detected UnsignedFile.Multi.Generic (1)
21:55:25.0919 4532 [ 79CC6BB5F540B94A4994AA0750D7286C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:55:25.0950 4532 megasas - ok
21:55:25.0997 4532 [ 19B4F7782878EBD8AA02332661ECDA84 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
21:55:26.0106 4532 MegaSR - ok
21:55:26.0215 4532 Microsoft SharePoint Workspace Audit Service - ok
21:55:26.0262 4532 [ 4DF499436B5FE579E3507BB6C16F413E ] MMCSS C:\WINDOWS\system32\mmcss.dll
21:55:26.0309 4532 MMCSS - ok
21:55:26.0340 4532 [ E980B3F44A8A57DFFEBDC9308BD155C3 ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:55:26.0387 4532 Modem - ok
21:55:26.0419 4532 [ CA03CDBA0C9C755EF4D87282E7679A1E ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
21:55:26.0450 4532 monitor - ok
21:55:26.0528 4532 [ A06F83CB39D8EA3540BE701341D1C258 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
21:55:26.0887 4532 mouclass - ok
21:55:26.0950 4532 [ EDD3970FD9AEE00BE7490EB94F385714 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
21:55:26.0997 4532 mouhid - ok
21:55:27.0012 4532 [ EED20950D8271F7D870F58662E153D2B ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:55:27.0044 4532 mountmgr - ok
21:55:27.0075 4532 [ 6FBE62F717ACE72EE7E9DC13138945DF ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:55:27.0137 4532 mpsdrv - ok
21:55:27.0247 4532 [ 668172CFEBBAFF968A4307D583016642 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:55:27.0294 4532 MpsSvc - ok
21:55:27.0340 4532 [ 222E5FA7FF8698A90C722AC7B1483B39 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:55:27.0403 4532 MRxDAV - ok
21:55:27.0481 4532 [ 6DEB26CFDE1A35D405224E8B04798685 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:55:27.0559 4532 mrxsmb - ok
21:55:27.0575 4532 [ 44DBF8BF060C3F58D81D6DFA39F2E2C0 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:55:27.0622 4532 mrxsmb10 - ok
21:55:27.0669 4532 [ 3579AAA98F19DC88723F599C9A0039AA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:55:27.0684 4532 mrxsmb20 - ok
21:55:27.0731 4532 [ B1D89CD1DB23E70E6065AB5D1003D45F ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
21:55:27.0778 4532 MsBridge - ok
21:55:27.0840 4532 [ 0D9E3451244062BA58AA628FEF9685DF ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:55:27.0887 4532 MSDTC - ok
21:55:27.0950 4532 [ 04B8038921D181C3626F142EAB6A04E6 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:55:27.0997 4532 Msfs - ok
21:55:28.0059 4532 [ CA8B8CD89DD200D192A41EA0F7DA87B8 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:55:28.0137 4532 msgpiowin32 - ok
21:55:28.0184 4532 [ 990FBAF13C0538392A6B78915F4DED08 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:55:28.0231 4532 mshidkmdf - ok
21:55:28.0262 4532 [ 0A7F3780826A75D2A9A5B482D807FB1D ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
21:55:28.0294 4532 mshidumdf - ok
21:55:28.0325 4532 [ E909B66D9C1C036796FD90E35EA18740 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:55:28.0340 4532 msisadrv - ok
21:55:28.0387 4532 [ 4226FA58BE5297F85F554CA3349D7264 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:55:28.0434 4532 MSiSCSI - ok
21:55:28.0434 4532 msiserver - ok
21:55:28.0497 4532 [ 41476311375E6690E9BE66515B975DD5 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:55:28.0512 4532 MSKSSRV - ok
21:55:28.0544 4532 [ 3D797F2899279DB1C583535D74C1B655 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
21:55:28.0591 4532 MsLldp - ok
21:55:28.0622 4532 [ 3D0236355DAAA02CD9CC1A443CA14E50 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:55:28.0653 4532 MSPCLOCK - ok
21:55:28.0684 4532 [ 2A85AD83C31AC7C4A6C3C412D5B05D85 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:55:28.0700 4532 MSPQM - ok
21:55:28.0762 4532 [ 6A0C0EF2D2EA692B9EBD879D4265DABC ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:55:28.0809 4532 MsRPC - ok
21:55:28.0840 4532 [ 236F25EEB53E88F40DB6776AFCC67B3F ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
21:55:28.0840 4532 mssmbios - ok
21:55:28.0872 4532 [ 9FEED052AB6A8A7BB425DD5847A763B5 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:55:28.0903 4532 MSTEE - ok
21:55:28.0919 4532 [ DF99265770198FCC0F9868686358FCA1 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
21:55:28.0950 4532 MTConfig - ok
21:55:28.0965 4532 [ 1CF51C64B5F22F3BD07859343C33B441 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:55:28.0981 4532 Mup - ok
21:55:29.0012 4532 [ CBDCEC3B3694DF008423CC25AD8C71F5 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
21:55:29.0028 4532 mvumis - ok
21:55:29.0106 4532 [ A0A0074587BE5FF2978614AF2057EF8A ] napagent C:\WINDOWS\system32\qagentRT.dll
21:55:29.0169 4532 napagent - ok
21:55:29.0231 4532 [ C838B96D20F0599BC8AF45605B15A79E ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:55:29.0309 4532 NativeWifiP - ok
21:55:29.0387 4532 [ F7C7267F2EF74697E2B5308680CE946A ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
21:55:29.0419 4532 NcaSvc - ok
21:55:29.0481 4532 [ 7B0E67B2BF09A3D02B79B89B192ECB50 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
21:55:29.0559 4532 NcdAutoSetup - ok
21:55:29.0716 4532 [ 628ACE8D6E74FA1420DB0F7A5BA64FB4 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:55:29.0809 4532 NDIS - ok
21:55:29.0841 4532 [ D533C8F7013C8D030D53AE8BF59AFC62 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
21:55:29.0903 4532 NdisCap - ok
21:55:29.0966 4532 [ 359DA0D2AF05FF003AFA2722B120F903 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
21:55:30.0012 4532 NdisImPlatform - ok
21:55:30.0075 4532 [ B248A91702A24330D7802CE1D22CE32C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:55:30.0184 4532 NdisTapi - ok
21:55:30.0247 4532 [ D5DCAC4914AF3B05D0727AB649EA094E ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:55:30.0309 4532 Ndisuio - ok
21:55:30.0387 4532 [ 903634F18D8415EA07ACB09619C450B2 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:55:30.0497 4532 NdisWan - ok
21:55:30.0544 4532 [ 903634F18D8415EA07ACB09619C450B2 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:55:30.0575 4532 NDISWANLEGACY - ok
21:55:30.0653 4532 [ F3F55C796D3FAE87CCCBE89EBBCB7AC2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:55:30.0700 4532 NDProxy - ok
21:55:30.0762 4532 [ 2556F028465F17BC03E087A34412D3D4 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
21:55:30.0809 4532 Ndu - ok
21:55:30.0887 4532 [ 3C4964ED7EA88800C4A3544D2421811F ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:55:31.0309 4532 NetBIOS - ok
21:55:31.0419 4532 [ E0333733CE1DD939E02B3FE555983DE2 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:55:31.0497 4532 NetBT - ok
21:55:31.0575 4532 [ 6DBD56C7117F98D56C8880614FE765B7 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:55:31.0591 4532 Netlogon - ok
21:55:31.0669 4532 [ ECD8CD4AE023EDBDFA5155EBCF3959FC ] Netman C:\WINDOWS\System32\netman.dll
21:55:31.0716 4532 Netman - ok
21:55:31.0825 4532 [ 2FBC1158E3DC0DDD08150895B298EE6E ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
21:55:31.0903 4532 netprofm - ok
21:55:32.0231 4532 [ 1B71A950C3A5CD06F57C6D8DDCE29ACA ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:55:32.0356 4532 NetTcpPortSharing - ok
21:55:32.0997 4532 [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64 C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
21:55:33.0294 4532 NETwNs64 - ok
21:55:33.0341 4532 [ 414C57DF5354BB20C8CE86420A846811 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
21:55:33.0388 4532 nfrd960 - ok
21:55:33.0450 4532 [ E712C67432A64FF2A010B749DEDE5A3D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:55:33.0528 4532 NlaSvc - ok
21:55:33.0575 4532 [ 2D5CCAE877D271FF41BEB5FDF87041E8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:55:33.0622 4532 Npfs - ok
21:55:33.0669 4532 [ D031EE874A5CD2EBD425AC571D69E2AC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
21:55:33.0747 4532 npsvctrig - ok
21:55:33.0778 4532 [ D7F3927F69871DFF58E89B7454BBC5CA ] nsi C:\WINDOWS\system32\nsisvc.dll
21:55:33.0825 4532 nsi - ok
21:55:33.0841 4532 [ 869B2D260DAE2AD694283FACC0517871 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:55:33.0856 4532 nsiproxy - ok
21:55:34.0028 4532 [ 4CDD1FE700E82E98531A71109F7CFB68 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:55:34.0091 4532 Ntfs - ok
21:55:34.0138 4532 [ 8602CE381794E406E07A1850FBCB2477 ] Null C:\WINDOWS\system32\drivers\Null.sys
21:55:34.0184 4532 Null - ok
21:55:34.0997 4532 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:55:35.0731 4532 nvlddmkm - ok
21:55:35.0747 4532 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
21:55:35.0763 4532 nvpciflt - ok
21:55:35.0841 4532 [ 7A32C0B720442DD614824A4B1B0B572C ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:55:35.0872 4532 nvraid - ok
21:55:35.0888 4532 [ 7621F2B512341EF6517D5850444F8BCB ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:55:35.0919 4532 nvstor - ok
21:55:36.0060 4532 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
21:55:36.0091 4532 nvsvc - ok
21:55:36.0325 4532 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:55:36.0481 4532 nvUpdatusService - ok
21:55:36.0544 4532 [ 0DBC08125C9C1203C7C0DF119D7C2DF1 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
21:55:36.0575 4532 nv_agp - ok
21:55:36.0731 4532 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:55:36.0778 4532 odserv - ok
21:55:36.0856 4532 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:55:37.0341 4532 ose - ok
21:55:38.0044 4532 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:55:38.0388 4532 osppsvc - ok
21:55:38.0466 4532 [ D5686620E7B08769D49400854A033E30 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:55:38.0575 4532 p2pimsvc - ok
21:55:38.0653 4532 [ 588F5BAD1A3A0FB392856E88EF85827B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:55:38.0700 4532 p2psvc - ok
21:55:38.0920 4532 [ 4E5CA0CD39EC76A51AF57D646549C056 ] Parport C:\WINDOWS\System32\drivers\parport.sys
21:55:38.0951 4532 Parport - ok
21:55:38.0983 4532 [ 498BFA8F1C6F026DD0A3909E716F8D91 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:55:39.0014 4532 partmgr - ok
21:55:39.0076 4532 [ 4F6E448906EA03543BEB86C97DEEE1B8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:55:39.0139 4532 PcaSvc - ok
21:55:39.0155 4532 [ DC2098D455B7E7E2FF7E37F9A66673D0 ] pci C:\WINDOWS\system32\drivers\pci.sys
21:55:39.0186 4532 pci - ok
21:55:39.0201 4532 [ C54CE89FD3ADA68995B320FA5C6893DC ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:55:39.0217 4532 pciide - ok
21:55:39.0280 4532 [ E3503C9CEF24250EE6C98EA58857340D ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:55:39.0326 4532 pcmcia - ok
21:55:39.0342 4532 [ 69002AC581B53925875401B42C6009C4 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:55:39.0358 4532 pcw - ok
21:55:39.0389 4532 [ 6CC01CC88AF349BCBAB3B602323FFC24 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
21:55:39.0405 4532 pdc - ok
21:55:39.0514 4532 [ 9162384A7DE807163CE26A9D95E182E1 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:55:39.0623 4532 PEAUTH - ok
21:55:39.0889 4532 [ 6E6C2D87F49A7BE63C109880C94704BB ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
21:55:40.0092 4532 PeerDistSvc - ok
21:55:40.0842 4532 [ 129609B0CABE5458DD94C2DA8B99F1DC ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:55:41.0186 4532 PerfHost - ok
21:55:43.0514 4532 [ 4254241F0D3445573CF840802BD786BA ] pla C:\WINDOWS\system32\pla.dll
21:55:43.0686 4532 pla - ok
21:55:43.0749 4532 [ D5609A195EA599793228EACDDAB1574B ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:55:43.0780 4532 PlugPlay - ok
21:55:43.0842 4532 [ 78897C1A515262F5156E2D4FD593EC61 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:55:43.0889 4532 PNRPAutoReg - ok
21:55:43.0952 4532 [ D5686620E7B08769D49400854A033E30 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:55:43.0983 4532 PNRPsvc - ok
21:55:44.0061 4532 [ 5EB494F254363BB1C0F24CE1CFEFB6B6 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:55:44.0092 4532 PolicyAgent - ok
21:55:44.0155 4532 [ CAF5DFF32A27A61D2C5C36F6166CC768 ] Power C:\WINDOWS\system32\umpo.dll
21:55:44.0217 4532 Power - ok
21:55:44.0624 4532 [ 2BFC9A3F12E74756754102CA2F06323D ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:55:44.0655 4532 PptpMiniport - ok
21:55:45.0124 4532 [ CD44D63FB0777CEB614111AA590A527C ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:55:45.0530 4532 PrintNotify - ok
21:55:45.0561 4532 [ 708BE76C2817050AE8B9FB4BD189BDD7 ] Processor C:\WINDOWS\System32\drivers\processr.sys
21:55:45.0608 4532 Processor - ok
21:55:45.0639 4532 [ 102A02EA61F9ADE5A3D8B4FFF0BC8C85 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:55:45.0686 4532 ProfSvc - ok
21:55:45.0764 4532 [ 61426ACCE9D207D08B215AF74555C180 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
21:55:45.0795 4532 Psched - ok
21:55:45.0889 4532 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\WINDOWS\system32\DRIVERS\qicflt.sys
21:55:45.0905 4532 qicflt - ok
21:55:45.0999 4532 [ C3F9A6BDD87DD87441C588D7C8DB7209 ] QWAVE C:\WINDOWS\system32\qwave.dll
21:55:46.0061 4532 QWAVE - ok
21:55:46.0077 4532 [ 32517A92B4C11C4443771F5158570121 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:55:46.0108 4532 QWAVEdrv - ok
21:55:46.0155 4532 [ 4E1EDE1ED3CC8CF98268E1BB3F406900 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:55:46.0202 4532 RasAcd - ok
21:55:46.0249 4532 [ 59E12E4FD80733E79CA070ECF9818153 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
21:55:46.0280 4532 RasAgileVpn - ok
21:55:46.0358 4532 [ E3374F796A60628110A2BD93B3C3611C ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:55:46.0420 4532 RasAuto - ok
21:55:46.0499 4532 [ 7D5B09EBE82DA0A0CFECF1558125A651 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:55:46.0577 4532 Rasl2tp - ok
21:55:46.0670 4532 [ 064C8D7402F72488DA52E5F34FDA3578 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:55:46.0952 4532 RasMan - ok
21:55:47.0030 4532 [ F43F03F650B9FA7FEFAA1F42A08EF9B7 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:55:47.0061 4532 RasPppoe - ok
21:55:47.0092 4532 [ BB6A240BFBFA55363645BD6A03F3BAB4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
21:55:47.0108 4532 RasSstp - ok
21:55:47.0374 4532 [ E7675DE055A9ED41913B81605C013E7E ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:55:47.0436 4532 rdbss - ok
21:55:47.0483 4532 [ 25E8FEC1BA1353FE026D56D798DF8566 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
21:55:47.0514 4532 rdpbus - ok
21:55:47.0577 4532 [ FB86C8FA57CFAE86C3D2E613C65EB119 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:55:47.0702 4532 RDPDR - ok
21:55:47.0717 4532 [ 4EA20F29BB9B0C05AC3782138EA528C3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:55:47.0733 4532 RdpVideoMiniport - ok
21:55:47.0780 4532 [ A1A6CB11676A82CE2E9BFD476DBA0A13 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:55:47.0827 4532 RDPWD - ok
21:55:47.0842 4532 [ 35AF307B098C8C650774B449B433105E ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:55:47.0874 4532 rdyboost - ok
21:55:47.0905 4532 [ E10C86E9F43D74752703CFE0D0F4549F ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:55:47.0952 4532 RemoteAccess - ok
21:55:47.0983 4532 [ 2BE6400C94D299136EF407734090365A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:55:48.0014 4532 RemoteRegistry - ok
21:55:48.0171 4532 [ 2FCEAD838E64A79250046DD2A15B6A8A ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:55:48.0171 4532 RichVideo ( UnsignedFile.Multi.Generic ) - warning
21:55:48.0171 4532 RichVideo - detected UnsignedFile.Multi.Generic (1)
21:55:48.0249 4532 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys
21:55:48.0436 4532 RimUsb - ok
21:55:48.0452 4532 [ CE832C6E7A22204DD7E50302290B1596 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:55:48.0483 4532 RpcEptMapper - ok
21:55:48.0592 4532 [ A56F388A7362212F608BD0F8A1AF9EBC ] RpcLocator C:\WINDOWS\system32\locator.exe
21:55:48.0639 4532 RpcLocator - ok
21:55:48.0733 4532 [ 6446876DDE28C69B344FCB0C15D8604E ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:55:48.0764 4532 RpcSs - ok
21:55:48.0811 4532 [ 4E891FCCBC73641708DEC461B1F7682F ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
21:55:48.0858 4532 rspndr - ok
21:55:48.0936 4532 [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
21:55:48.0983 4532 RTL8168 - ok
21:55:49.0092 4532 [ CAF70FFF85E2275E4A50557F265A07CC ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
21:55:49.0124 4532 s3cap - ok
21:55:49.0186 4532 [ 6DBD56C7117F98D56C8880614FE765B7 ] SamSs C:\WINDOWS\system32\lsass.exe
21:55:49.0202 4532 SamSs - ok
21:55:49.0358 4532 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:55:49.0374 4532 SASDIFSV - ok
21:55:49.0389 4532 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:55:49.0405 4532 SASKUTIL - ok
21:55:49.0608 4532 [ 8D0F734E545FAE1247B7B968CDBE3764 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:55:49.0655 4532 sbp2port - ok
21:55:49.0764 4532 [ F1FA68AD9F8E73775268840D6377E073 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:55:49.0827 4532 SCardSvr - ok
21:55:49.0936 4532 [ 3AC948640421E3891A49AA83C6B77B7A ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
21:55:49.0999 4532 SCDEmu - ok
21:55:50.0108 4532 [ 3EFA959348022CBFDBD20A8F400FD343 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:55:50.0155 4532 scfilter - ok
21:55:50.0327 4532 [ 0010C7890300581C7075CDA8030FCB1B ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:55:50.0389 4532 Schedule - ok
21:55:50.0421 4532 [ DB8B763E355B7DB58D1FB46D79651E9D ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:55:50.0436 4532 SCPolicySvc - ok
21:55:51.0655 4532 [ 700C8E41C4BD2D3A532D32381FA0FE7F ] scsk5 C:\WINDOWS\syswow64\drivers\scsk5.sys
21:55:51.0671 4532 scsk5 - ok
21:55:55.0703 4532 [ 0ECAF7FA2F75FFCDD06D5D0873827082 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
21:55:55.0766 4532 sdbus - ok
21:55:55.0875 4532 [ 862E879617ABDA0C6E18DD25EA2E0155 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
21:55:55.0938 4532 SDRSVC - ok
21:55:55.0953 4532 [ E809EEA9DAE44CA268E4BB681FF05496 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
21:55:55.0969 4532 sdstor - ok
21:55:56.0000 4532 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
21:55:56.0016 4532 secdrv - ok
21:55:56.0063 4532 [ 2C0971C8FCC21FCF936264EC9FABA0A1 ] seclogon C:\WINDOWS\system32\seclogon.dll
21:55:56.0172 4532 seclogon - ok
21:55:56.0234 4532 [ 0E3C6E1DB06BA31D3F222FDF593C0DB1 ] SENS C:\WINDOWS\System32\sens.dll
21:55:56.0375 4532 SENS - ok
21:55:56.0438 4532 [ 1CDCAAD324AEC5D242CE6BFB09F36CCF ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:55:56.0469 4532 SensrSvc - ok
21:55:56.0500 4532 [ 1F27D4B2623CB2A454A9499B697F0530 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
21:55:56.0516 4532 SerCx - ok
21:55:56.0578 4532 [ 87CF8C6B28E5E38D5A75D2565ABBC553 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
21:55:56.0609 4532 Serenum - ok
21:55:56.0672 4532 [ DC6C7A0C06E931ED2B6110CD68959E88 ] Serial C:\WINDOWS\System32\drivers\serial.sys
21:55:56.0719 4532 Serial - ok
21:55:56.0813 4532 [ 0F832063E0E9B0E9630898353B2EF493 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
21:55:56.0844 4532 sermouse - ok
21:55:56.0953 4532 [ CAC99A543AEEFC6812D2702E208BFD33 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:55:57.0063 4532 SessionEnv - ok
21:55:57.0125 4532 [ 72A51E9EC9268BFF0BA9DDB4B531ADD2 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
21:55:57.0156 4532 sfloppy - ok
21:55:57.0250 4532 [ DDFFC5428192CAA5ED213C16348D66E0 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:55:57.0297 4532 SharedAccess - ok
21:55:57.0547 4532 [ 0DD82221E2A0DF5C1D93A8F692982336 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:55:57.0594 4532 ShellHWDetection - ok
21:55:57.0641 4532 [ 5F13759AF83F8C2A023483B98BD149D2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:55:57.0656 4532 SiSRaid2 - ok
21:55:57.0672 4532 [ A84A68EE7ABEAA7EEC8DBCCAE83653F4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:55:57.0688 4532 SiSRaid4 - ok
21:55:58.0250 4532 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:55:58.0313 4532 Skype C2C Service - ok
21:55:58.0703 4532 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:55:58.0719 4532 SkypeUpdate - ok
21:55:58.0953 4532 [ 60D2545E33F997AA172BCA8AA7AADB66 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:55:59.0000 4532 SNMPTRAP - ok
21:55:59.0141 4532 [ A74023A2F13C7FFB06C0905C35C591FF ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
21:55:59.0172 4532 spaceport - ok
21:55:59.0266 4532 [ 753D7E3B5DF557CC28F668B599429EB4 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
21:55:59.0281 4532 SpbCx - ok
21:55:59.0313 4532 [ EDEA6AC00F36813E2E2D76C4D8483B59 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:55:59.0360 4532 Spooler - ok
21:55:59.0469 4532 [ 613EF10494F7BC394E0DB2D5CB3FEC74 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:55:59.0547 4532 sppsvc - ok
21:55:59.0610 4532 [ 5F64CD5F5596533AB412374797D37CCE ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:55:59.0641 4532 srv - ok
21:55:59.0797 4532 [ 1812AAAD25E69DAB5D32D9F86451CED6 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:55:59.0875 4532 srv2 - ok
21:55:59.0891 4532 [ B8568C60F0D33DFF3F777ECF03AFFA34 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:55:59.0922 4532 srvnet - ok
21:56:00.0000 4532 [ 68C7AB6D3C8559F21CE5784BD506ED10 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:56:00.0063 4532 SSDPSRV - ok
21:56:00.0110 4532 [ 4ABEB207457928D38AA0CFCDD18D213D ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:56:00.0172 4532 SstpSvc - ok
21:56:00.0203 4532 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:56:00.0235 4532 ssudmdm - ok
21:56:00.0266 4532 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
21:56:00.0281 4532 stdcfltn - ok
21:56:00.0610 4532 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:56:00.0641 4532 Stereo Service - ok
21:56:00.0688 4532 [ D0F597797C30A3F20ABFBF162E0D3DE5 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:56:00.0703 4532 stexstor - ok
21:56:00.0782 4532 [ B7A6523C9D7A3A2772CF7AA60D3713B0 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:56:00.0828 4532 stisvc - ok
21:56:00.0844 4532 [ 5001ABA932F09DC5C0D81F9FE2BED46D ] storahci C:\WINDOWS\system32\drivers\storahci.sys
21:56:00.0844 4532 storahci - ok
21:56:00.0875 4532 [ 62CE69E46A9299E732029046418962AD ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
21:56:00.0891 4532 storflt - ok
21:56:00.0922 4532 [ 4FA5F3475E622EA066C3BE1AAEEEE80D ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:56:00.0953 4532 StorSvc - ok
21:56:00.0969 4532 [ 20642E6F2A2C15A3574DA482A6E49A17 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:56:00.0985 4532 storvsc - ok
21:56:01.0032 4532 [ 0991345BE188885474235A2A46415D5A ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
21:56:01.0063 4532 storvsp - ok
21:56:01.0094 4532 [ 6F27DCCC39FD815799CD90DD1CF4DE2F ] svsvc C:\WINDOWS\system32\svsvc.dll
21:56:01.0110 4532 svsvc - ok
21:56:01.0141 4532 [ E124307E341A1A0CA658753FFF7FA210 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
21:56:01.0156 4532 swenum - ok
21:56:01.0219 4532 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:56:01.0266 4532 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
21:56:01.0266 4532 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
21:56:01.0328 4532 [ 721830CA750ECEBE0144C0D887528F6A ] swprv C:\WINDOWS\System32\swprv.dll
21:56:01.0391 4532 swprv - ok
21:56:01.0453 4532 [ 4251D18CCF5FC284CBAAE1F7534ED5FC ] SysMain C:\WINDOWS\system32\sysmain.dll
21:56:01.0485 4532 SysMain - ok
21:56:01.0532 4532 [ A931E972614B82ED8CCFA9AC71CDD843 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:56:01.0563 4532 SystemEventsBroker - ok
21:56:01.0610 4532 [ B466BD76D88F23906810BE50C7520A6B ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:56:01.0641 4532 TabletInputService - ok
21:56:01.0688 4532 [ 87FF3D4A92650D7FD55898BA436592AA ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:56:01.0735 4532 TapiSrv - ok
21:56:01.0860 4532 [ 8ABBE86638D9C36FB7565D09F0CC6210 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:56:02.0000 4532 Tcpip - ok
21:56:02.0047 4532 [ 8ABBE86638D9C36FB7565D09F0CC6210 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:56:02.0110 4532 TCPIP6 - ok
21:56:02.0172 4532 [ F3AD3ABAC540B2AE648DA19D56A5C909 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:56:02.0219 4532 tcpipreg - ok
21:56:02.0235 4532 [ 3921BBEC2E4345AE0AE93769B7514A43 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:56:02.0266 4532 tdx - ok
21:56:02.0328 4532 [ D0D513580359A57846BE8C258FB80D17 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
21:56:02.0360 4532 terminpt - ok
21:56:02.0469 4532 [ 5267E446C26383C76975F5B8B51F385A ] TermService C:\WINDOWS\System32\termsrv.dll
21:56:02.0532 4532 TermService - ok
21:56:02.0578 4532 [ 7C7F7898FB7E68B0D58D481B3F9D069A ] Themes C:\WINDOWS\system32\themeservice.dll
21:56:02.0610 4532 Themes - ok
21:56:02.0641 4532 [ 4DF499436B5FE579E3507BB6C16F413E ] THREADORDER C:\WINDOWS\system32\mmcss.dll
21:56:02.0657 4532 THREADORDER - ok
21:56:02.0703 4532 [ 387D0271212C4387944349EE879D4434 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
21:56:02.0735 4532 TimeBroker - ok
21:56:02.0797 4532 [ 2082C0704124AC6E4AD8C66AA48EBD28 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
21:56:02.0813 4532 TPM - ok
21:56:02.0875 4532 [ 85AED67291600101C79DF4F12B770100 ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:56:02.0922 4532 TrkWks - ok
21:56:03.0032 4532 [ 37DE81550EF915321D8284F2BB270401 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:56:03.0063 4532 TrustedInstaller - ok
21:56:03.0125 4532 [ 1F50DAEFD95376C42BA344AE833785E8 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
21:56:03.0141 4532 TsUsbFlt - ok
21:56:03.0203 4532 [ 9EB80A1002E83182EF1D18040CFC42EA ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:56:03.0219 4532 TsUsbGD - ok
21:56:03.0250 4532 [ 153B583683CA34CE2617CB5E9959E251 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
21:56:03.0266 4532 tunnel - ok
21:56:03.0328 4532 [ A6DDDF8E2FDA933B673C7E3A2A26E9CB ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
21:56:03.0360 4532 uagp35 - ok
21:56:03.0391 4532 [ FB77D346871D7169698B9986D7E77B45 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
21:56:03.0422 4532 UASPStor - ok
21:56:03.0438 4532 [ 4B55BF0C1CF814C8121A2FEFA98E9A68 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
21:56:03.0485 4532 UCX01000 - ok
21:56:03.0500 4532 [ EE3DDFE95156A156E63D1B038BB50EA0 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:56:03.0532 4532 udfs - ok
21:56:03.0578 4532 [ 92B6AB07DFE225D660E6E6FBA600C421 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:56:03.0641 4532 UI0Detect - ok
21:56:03.0657 4532 [ A1644BB66B95614CD6B62E49938FE60C ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
21:56:03.0672 4532 uliagpkx - ok
21:56:03.0688 4532 [ C1E848D4D3DCF65732E0520D452DEBD7 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
21:56:03.0703 4532 umbus - ok
21:56:03.0735 4532 [ 93D36B4342A21EB6F3652C73C4CD1B03 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
21:56:03.0750 4532 UmPass - ok
21:56:03.0782 4532 [ 1996F76A6D9836A95CF088F3FFE4811B ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:56:03.0828 4532 UmRdpService - ok
21:56:03.0875 4532 [ 644F026B0EA22033A094680D1B28A07B ] upnphost C:\WINDOWS\System32\upnphost.dll
21:56:03.0907 4532 upnphost - ok
21:56:03.0938 4532 USADISK_AGENT - ok
21:56:03.0985 4532 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
21:56:04.0032 4532 USBAAPL64 - ok
21:56:04.0063 4532 [ 9A40F023B70A2FBDD2C199F2368074D4 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
21:56:04.0078 4532 usbccgp - ok
21:56:04.0125 4532 [ 71DC9F45C1654B86CA2042AF5BB5F7B8 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
21:56:04.0157 4532 usbcir - ok
21:56:04.0172 4532 [ 2D24FF183C1DFF4A26C6FDC24CAF7B1E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
21:56:04.0188 4532 usbehci - ok
21:56:04.0219 4532 [ F2FF1C1D1EAA1B41D9FA8417238CA1E7 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
21:56:04.0250 4532 usbhub - ok
21:56:04.0266 4532 [ C58259D5630F15ACD5E1E8E82D8CDA6D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
21:56:04.0297 4532 USBHUB3 - ok
21:56:04.0313 4532 [ F0B350482E47DE67858DC1A91B018AB9 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
21:56:04.0328 4532 usbohci - ok
21:56:04.0344 4532 [ CEEDC863A497FB16B548E10D0DCA88C1 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
21:56:04.0375 4532 usbprint - ok
21:56:04.0391 4532 [ EF4D90C89404BEB9F808D950635B0501 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:56:04.0407 4532 USBSTOR - ok
21:56:04.0422 4532 [ 054D7ED11ADD925560FBEE4393A35D69 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
21:56:04.0438 4532 usbuhci - ok
21:56:04.0516 4532 [ 49A72139C4BC24710C27531A83B5A7AE ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
21:56:04.0579 4532 usbvideo - ok
21:56:04.0625 4532 [ DA62C7A6569B3E20828A9A67823D20DB ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:56:04.0672 4532 USBXHCI - ok
21:56:04.0719 4532 [ 6DBD56C7117F98D56C8880614FE765B7 ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:56:04.0735 4532 VaultSvc - ok
21:56:04.0766 4532 [ 0A088BAECA2A818A621E37782B4EFC60 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:56:04.0782 4532 vdrvroot - ok
21:56:04.0844 4532 [ DF0FAB22FE38AFA6F6F7F34B090C4850 ] vds C:\WINDOWS\System32\vds.exe
21:56:04.0907 4532 vds - ok
21:56:04.0922 4532 [ CC11188DAA0B8E9E19282ADB89DE386A ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
21:56:04.0954 4532 VerifierExt - ok
21:56:04.0985 4532 [ 5807B5A111FCFC49C383D29A2D37B7B1 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
21:56:05.0063 4532 vhdmp - ok
21:56:05.0079 4532 [ CA5CD34A334A53D37E0A5FEC543E4C57 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
21:56:05.0110 4532 viaide - ok
21:56:05.0219 4532 [ CA8EC74B5E28D206D768B76B55C0A265 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
21:56:05.0250 4532 Vid - ok
21:56:05.0297 4532 [ F0823A29E8D16F1B82B2D7B5012F4757 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:56:05.0344 4532 vmbus - ok
21:56:05.0360 4532 [ E409AC6A96EFF97CD17F85AE6187C1EC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
21:56:05.0375 4532 VMBusHID - ok
21:56:05.0422 4532 [ EEF366C0B071CE5130B577C01B15B149 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
21:56:05.0454 4532 vmbusr - ok
21:56:05.0485 4532 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
21:56:05.0516 4532 vmicheartbeat - ok
21:56:05.0594 4532 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:56:05.0594 4532 vmickvpexchange - ok
21:56:05.0625 4532 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
21:56:05.0641 4532 vmicrdv - ok
21:56:05.0657 4532 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
21:56:05.0672 4532 vmicshutdown - ok
21:56:05.0704 4532 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
21:56:05.0719 4532 vmictimesync - ok
21:56:05.0735 4532 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
21:56:05.0766 4532 vmicvss - ok
21:56:05.0782 4532 [ 3170CD3F3F11E5E94F96CECDF60F5451 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:56:05.0797 4532 volmgr - ok
21:56:05.0829 4532 [ AC76F9623098F1796BDEAE77A636E7FA ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:56:05.0860 4532 volmgrx - ok
21:56:05.0875 4532 [ 90245509D137B8BC46CE50124FC5676E ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:56:05.0907 4532 volsnap - ok
21:56:05.0954 4532 [ D945112635500A7480D6E29D337FDB0A ] vpci C:\WINDOWS\System32\drivers\vpci.sys
21:56:05.0969 4532 vpci - ok
21:56:05.0985 4532 [ 67D60EB95576FCD6990E613E7D67976F ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
21:56:06.0016 4532 vpcivsp - ok
21:56:06.0032 4532 [ D5FEAB0D1B669891C93B45EF2764B60A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:56:06.0063 4532 vsmraid - ok
21:56:06.0110 4532 [ A7A70547822B1E69B08B029D56C9CFA4 ] VSS C:\WINDOWS\system32\vssvc.exe
21:56:06.0204 4532 VSS - ok
21:56:06.0235 4532 [ 3AA3515C6AC9C30819EC7DD3C9C5127D ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
21:56:06.0266 4532 VSTXRAID - ok
21:56:06.0282 4532 [ 66381F29CBEC4DACBEB4044D522D2447 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
21:56:06.0297 4532 vwifibus - ok
21:56:06.0313 4532 [ D435F1CF7E22B4EDF3299C712467D296 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
21:56:06.0344 4532 vwififlt - ok
21:56:06.0391 4532 [ 3EC6ADA626CE1BA312E0628AC802E4FA ] W32Time C:\WINDOWS\system32\w32time.dll
21:56:06.0438 4532 W32Time - ok
21:56:06.0454 4532 [ 7F7B5DA43E7C58F17422776ED23F79EC ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
21:56:06.0469 4532 WacomPen - ok
21:56:06.0485 4532 [ 462E6A2BFED7CEB5AF95AF58D7C378DB ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:56:06.0516 4532 Wanarp - ok
21:56:06.0516 4532 [ 462E6A2BFED7CEB5AF95AF58D7C378DB ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:56:06.0532 4532 Wanarpv6 - ok
21:56:06.0579 4532 [ 405A4A057C7DED7675285A8C64ED6836 ] wbengine C:\WINDOWS\system32\wbengine.exe
21:56:06.0625 4532 wbengine - ok
21:56:06.0672 4532 [ AC0E249EAD800A5B007F455C5C766DF5 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:56:06.0735 4532 WbioSrvc - ok
21:56:06.0750 4532 [ 2D20A3AC9CA046B466EFAF22936D40F4 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
21:56:06.0766 4532 Wcmsvc - ok
21:56:06.0797 4532 [ B6B0EA7123648BBD7BC67AF15D70A228 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:56:06.0860 4532 wcncsvc - ok
21:56:06.0891 4532 [ ADAD7BAC8DEB5FB7A038F2495711BE79 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:56:06.0922 4532 WcsPlugInService - ok
21:56:06.0938 4532 [ 38B6A9434DE44C9E452DB909C51951C5 ] Wd C:\WINDOWS\system32\drivers\wd.sys
21:56:06.0954 4532 Wd - ok
21:56:07.0016 4532 [ E55DA22C2E4DECF7D4C1C39B0CEEA008 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
21:56:07.0032 4532 WdBoot - ok
21:56:07.0063 4532 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
21:56:07.0094 4532 WDC_SAM - ok
21:56:07.0126 4532 [ 1AE37B32FBDD81A912FA9D681DD9B697 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:56:07.0172 4532 Wdf01000 - ok
21:56:07.0188 4532 [ 6491AB5BB2B4F5C9D38E920AA515D8BB ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
21:56:07.0204 4532 WdFilter - ok
21:56:07.0251 4532 [ 8ECAA0B92F2E018222203A7A25DE99A3 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:56:07.0282 4532 WdiServiceHost - ok
21:56:07.0297 4532 [ 8ECAA0B92F2E018222203A7A25DE99A3 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:56:07.0329 4532 WdiSystemHost - ok
21:56:07.0376 4532 [ EADAC1AADFEAE3357D141D21FFA1F1F8 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:56:07.0407 4532 WebClient - ok
21:56:07.0422 4532 [ 294FB7E90F654CECCA3EEF48C702EE13 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:56:07.0469 4532 Wecsvc - ok
21:56:07.0516 4532 [ 5E9444F75F45EB5E851D9C0E84666DB3 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:56:07.0563 4532 wercplsupport - ok
21:56:07.0610 4532 [ 48265451D62C89A96947B9D3E86B4B8F ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:56:07.0657 4532 WerSvc - ok
21:56:07.0704 4532 [ 104BA78D0CFAF5F1919F60EB0A827A63 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
21:56:07.0719 4532 WFPLWFS - ok
21:56:07.0766 4532 [ CC20782B9CDC7FA3B31E5F4C0F79CE86 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
21:56:07.0797 4532 WiaRpc - ok
21:56:07.0813 4532 [ 23DD7346CAD4C3AE64B9AC503AC722CF ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:56:07.0829 4532 WIMMount - ok
21:56:07.0860 4532 WinDefend - ok
21:56:07.0922 4532 [ B753C0499E276DF0F247FE5BF8FCF8E8 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:56:07.0954 4532 WinHttpAutoProxySvc - ok
21:56:08.0144 4532 [ 8D3F3933A0DDB37B8FBFBD2257A8EB35 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:56:08.0175 4532 Winmgmt - ok
21:56:08.0534 4532 [ C878BC66BB2367E7AD3AEAA3F2B94E4F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:56:08.0815 4532 WinRM - ok
21:56:08.0894 4532 [ BC58C44F28218BF0621F92A758EF7683 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
21:56:08.0940 4532 WinUsb - ok
21:56:09.0034 4532 [ 7421E5B4F083862A94D094DAAEA9D346 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
21:56:09.0065 4532 WlanSvc - ok
21:56:09.0128 4532 [ 3270F71E98ADF92D4E200709BE6736BB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
21:56:09.0222 4532 wlidsvc - ok
21:56:09.0269 4532 [ 74708F57382BF8DD2862437CA00B8623 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
21:56:09.0269 4532 WmiAcpi - ok
21:56:09.0331 4532 [ 210874B65EB2D8643F46EBDF3146361A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:56:09.0409 4532 wmiApSrv - ok
21:56:09.0487 4532 WMPNetworkSvc - ok
21:56:09.0534 4532 [ BE19EFB0B261ADF873D335C2864FD819 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:56:09.0565 4532 wpcfltr - ok
21:56:09.0612 4532 [ C9ADB6396FA0FB320CE68AC480B3594C ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
21:56:09.0644 4532 WPCSvc - ok
21:56:09.0675 4532 [ B58FB1ECF243F3BB76A479B461710A1D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:56:09.0706 4532 WPDBusEnum - ok
21:56:09.0722 4532 [ 717FF17071FE7287E555F613C46409AF ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:56:09.0737 4532 WpdUpFltr - ok
21:56:09.0753 4532 [ B21B62F72BC166BC3E8A55194BE6F2CD ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:56:09.0784 4532 ws2ifsl - ok
21:56:09.0800 4532 [ 51CF231389EE86F8CC0EBF59C5F87EAB ] wscsvc C:\WINDOWS\System32\wscsvc.dll
21:56:09.0831 4532 wscsvc - ok
21:56:09.0847 4532 WSearch - ok
21:56:09.0925 4532 [ 0532113434382CDEB671747248BEC456 ] WSService C:\WINDOWS\System32\WSService.dll
21:56:10.0066 4532 WSService - ok
21:56:10.0159 4532 [ 8DE43E215349F961DC97374CDBCED96B ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:56:10.0237 4532 wuauserv - ok
21:56:10.0284 4532 [ 6A36211499A473EE851838482E1EC7F3 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:56:10.0300 4532 WudfPf - ok
21:56:10.0316 4532 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
21:56:10.0362 4532 WUDFRd - ok
21:56:10.0362 4532 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:56:10.0378 4532 WUDFSensorLP - ok
21:56:10.0394 4532 [ FB5DA58536DC59CCCE4EB0C0F2F36793 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:56:10.0425 4532 wudfsvc - ok
21:56:10.0425 4532 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:56:10.0441 4532 WUDFWpdFs - ok
21:56:10.0441 4532 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:56:10.0456 4532 WUDFWpdMtp - ok
21:56:10.0472 4532 [ 640B1224C0138F8FBCE1902DF3D13FE6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:56:10.0503 4532 WwanSvc - ok
21:56:10.0503 4532 ================ Scan global ===============================
21:56:10.0581 4532 [ 7D5D03F3030F9A8E457D4E683ECA1497 ] C:\WINDOWS\system32\basesrv.dll
21:56:10.0597 4532 [ 78F34EA9D29A3FA9CD33EC3867971A84 ] C:\WINDOWS\system32\winsrv.dll
21:56:10.0628 4532 [ EFEC5911F3FB4F9660E05E8E45EA16D2 ] C:\WINDOWS\system32\sxssrv.dll
21:56:10.0675 4532 [ B5643CD44EF5F7514D1C6BA2FBBD5E7E ] C:\WINDOWS\system32\services.exe
21:56:10.0691 4532 [Global] - ok
21:56:10.0691 4532 ================ Scan MBR ==================================
21:56:10.0691 4532 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:56:11.0598 4532 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:56:11.0598 4532 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:56:11.0598 4532 ================ Scan VBR ==================================
21:56:11.0645 4532 [ 18AE7C98AE07D726EF8ACE2808FA44C5 ] \Device\Harddisk0\DR0\Partition1
21:56:11.0645 4532 \Device\Harddisk0\DR0\Partition1 - ok
21:56:11.0660 4532 [ 0DF1F908C0ABF36E41D6EBC8446BE7DC ] \Device\Harddisk0\DR0\Partition2
21:56:11.0660 4532 \Device\Harddisk0\DR0\Partition2 - ok
21:56:11.0660 4532 ================ Scan active images ========================
21:56:11.0660 4532 [ 75A5FDC1CE03AF5ECDA52EAF56503B27 ] C:\Windows\System32\drivers\crashdmp.sys
21:56:11.0660 4532 C:\Windows\System32\drivers\crashdmp.sys - ok
21:56:11.0676 4532 [ 1D7EB16F623F91C4AE33E6230A17AD75 ] C:\Windows\System32\drivers\Diskdump.sys
21:56:11.0676 4532 C:\Windows\System32\drivers\Diskdump.sys - ok
21:56:11.0676 4532 [ 5001ABA932F09DC5C0D81F9FE2BED46D ] C:\Windows\System32\drivers\storahci.sys
21:56:11.0676 4532 C:\Windows\System32\drivers\storahci.sys - ok
21:56:11.0692 4532 [ 544F135B196F82AB8B94D5636D392A11 ] C:\Windows\System32\drivers\dumpfve.sys
21:56:11.0692 4532 C:\Windows\System32\drivers\dumpfve.sys - ok
21:56:11.0692 4532 [ C00764D61B8F47DAF236AA7E82F40666 ] C:\Windows\System32\drivers\cdrom.sys
21:56:11.0692 4532 C:\Windows\System32\drivers\cdrom.sys - ok
21:56:11.0707 4532 [ 8602CE381794E406E07A1850FBCB2477 ] C:\Windows\System32\drivers\null.sys
21:56:11.0707 4532 C:\Windows\System32\drivers\null.sys - ok
21:56:11.0707 4532 [ 82E8914EB47C8B292212558BF1D4B152 ] C:\Windows\System32\drivers\beep.sys
21:56:11.0707 4532 C:\Windows\System32\drivers\beep.sys - ok
21:56:11.0707 4532 [ F2F2DAB5DF2C69F80F10F33DA2AF7E7F ] C:\Windows\System32\drivers\BasicRender.sys
21:56:11.0707 4532 C:\Windows\System32\drivers\BasicRender.sys - ok
21:56:11.0723 4532 [ 3C31CA9F07783D17805D9697ECF86EC6 ] C:\Windows\System32\drivers\dxgkrnl.sys
21:56:11.0723 4532 C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:56:11.0723 4532 [ 1F8388AAB44F4FCE57AB4C74FAC7002F ] C:\Windows\System32\drivers\watchdog.sys
21:56:11.0723 4532 C:\Windows\System32\drivers\watchdog.sys - ok
21:56:11.0723 4532 [ CBBE220B648D83EC69F7D6FEFBC5B275 ] C:\Windows\System32\drivers\dxgmms1.sys
21:56:11.0723 4532 C:\Windows\System32\drivers\dxgmms1.sys - ok
21:56:11.0723 4532 [ FF228C3673F94BF49375AA9114BB1D9B ] C:\Windows\System32\drivers\BasicDisplay.sys
21:56:11.0723 4532 C:\Windows\System32\drivers\BasicDisplay.sys - ok
21:56:11.0739 4532 [ 04B8038921D181C3626F142EAB6A04E6 ] C:\Windows\System32\drivers\msfs.sys
21:56:11.0739 4532 C:\Windows\System32\drivers\msfs.sys - ok
21:56:11.0739 4532 [ 2D5CCAE877D271FF41BEB5FDF87041E8 ] C:\Windows\System32\drivers\npfs.sys
21:56:11.0739 4532 C:\Windows\System32\drivers\npfs.sys - ok
21:56:11.0754 4532 [ 87F456ED399AAF945339B6BC76432C57 ] C:\Windows\System32\drivers\tdi.sys
21:56:11.0754 4532 C:\Windows\System32\drivers\tdi.sys - ok
21:56:11.0754 4532 [ 3921BBEC2E4345AE0AE93769B7514A43 ] C:\Windows\System32\drivers\tdx.sys
21:56:11.0754 4532 C:\Windows\System32\drivers\tdx.sys - ok
21:56:11.0754 4532 [ E0333733CE1DD939E02B3FE555983DE2 ] C:\Windows\System32\drivers\netbt.sys
21:56:11.0754 4532 C:\Windows\System32\drivers\netbt.sys - ok
21:56:11.0754 4532 [ F4CA34A46AF9570A265FD37B5C944EFD ] C:\Windows\System32\drivers\afd.sys
21:56:11.0754 4532 C:\Windows\System32\drivers\afd.sys - ok
21:56:11.0770 4532 [ 3C4964ED7EA88800C4A3544D2421811F ] C:\Windows\System32\drivers\netbios.sys
21:56:11.0770 4532 C:\Windows\System32\drivers\netbios.sys - ok
21:56:11.0770 4532 [ 61426ACCE9D207D08B215AF74555C180 ] C:\Windows\System32\drivers\pacer.sys
21:56:11.0770 4532 C:\Windows\System32\drivers\pacer.sys - ok
21:56:11.0770 4532 [ D435F1CF7E22B4EDF3299C712467D296 ] C:\Windows\System32\drivers\vwififlt.sys
21:56:11.0770 4532 C:\Windows\System32\drivers\vwififlt.sys - ok
21:56:11.0785 4532 [ E7675DE055A9ED41913B81605C013E7E ] C:\Windows\System32\drivers\rdbss.sys
21:56:11.0785 4532 C:\Windows\System32\drivers\rdbss.sys - ok
21:56:11.0785 4532 [ 11C7397FFF45A10F4BCBA284486FB385 ] C:\Windows\System32\drivers\csc.sys
21:56:11.0785 4532 C:\Windows\System32\drivers\csc.sys - ok
21:56:11.0785 4532 [ 462E6A2BFED7CEB5AF95AF58D7C378DB ] C:\Windows\System32\drivers\wanarp.sys
21:56:11.0785 4532 C:\Windows\System32\drivers\wanarp.sys - ok
21:56:11.0785 4532 [ 3AC948640421E3891A49AA83C6B77B7A ] C:\Windows\System32\drivers\scdemu.sys
21:56:11.0785 4532 C:\Windows\System32\drivers\scdemu.sys - ok
21:56:11.0801 4532 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
21:56:11.0801 4532 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
21:56:11.0801 4532 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
21:56:11.0801 4532 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
21:56:11.0801 4532 [ 869B2D260DAE2AD694283FACC0517871 ] C:\Windows\System32\drivers\nsiproxy.sys
21:56:11.0801 4532 C:\Windows\System32\drivers\nsiproxy.sys - ok
21:56:11.0817 4532 [ 236F25EEB53E88F40DB6776AFCC67B3F ] C:\Windows\System32\drivers\mssmbios.sys
21:56:11.0817 4532 C:\Windows\System32\drivers\mssmbios.sys - ok
21:56:11.0817 4532 [ D031EE874A5CD2EBD425AC571D69E2AC ] C:\Windows\System32\drivers\npsvctrig.sys
21:56:11.0817 4532 C:\Windows\System32\drivers\npsvctrig.sys - ok
21:56:11.0817 4532 [ F269915E61BEC9FD87DE7AE9E388D53D ] C:\Windows\System32\drivers\discache.sys
21:56:11.0817 4532 C:\Windows\System32\drivers\discache.sys - ok
21:56:11.0832 4532 [ C38276884CAAF8A28CFCD0385B4FE9AB ] C:\Windows\System32\drivers\dfsc.sys
21:56:11.0832 4532 C:\Windows\System32\drivers\dfsc.sys - ok
21:56:11.0832 4532 [ A279F1FA2A73E0842EB1D46FB8057925 ] C:\Windows\System32\drivers\dam.sys
21:56:11.0832 4532 C:\Windows\System32\drivers\dam.sys - ok
21:56:11.0832 4532 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] C:\Windows\System32\drivers\avipbb.sys
21:56:11.0832 4532 C:\Windows\System32\drivers\avipbb.sys - ok
21:56:11.0848 4532 [ 248DB59FC86DE44D2779F4C7FB1A567D ] C:\Windows\System32\drivers\avkmgr.sys
21:56:11.0848 4532 C:\Windows\System32\drivers\avkmgr.sys - ok
21:56:11.0848 4532 [ B248A91702A24330D7802CE1D22CE32C ] C:\Windows\System32\drivers\ndistapi.sys
21:56:11.0848 4532 C:\Windows\System32\drivers\ndistapi.sys - ok
21:56:11.0848 4532 [ 903634F18D8415EA07ACB09619C450B2 ] C:\Windows\System32\drivers\ndiswan.sys
21:56:11.0848 4532 C:\Windows\System32\drivers\ndiswan.sys - ok
21:56:11.0848 4532 [ BB6A240BFBFA55363645BD6A03F3BAB4 ] C:\Windows\System32\drivers\rassstp.sys
21:56:11.0848 4532 C:\Windows\System32\drivers\rassstp.sys - ok
21:56:11.0863 4532 [ F8C36C6D6A5342C3B8C74CD34463CF25 ] C:\Windows\System32\ntdll.dll
21:56:11.0863 4532 C:\Windows\System32\ntdll.dll - ok
21:56:11.0863 4532 [ F629271A0DFA835D110A90C4B7031462 ] C:\Windows\System32\smss.exe
21:56:11.0863 4532 C:\Windows\System32\smss.exe - ok
21:56:11.0863 4532 [ 59E12E4FD80733E79CA070ECF9818153 ] C:\Windows\System32\drivers\agilevpn.sys
21:56:11.0863 4532 C:\Windows\System32\drivers\agilevpn.sys - ok
21:56:11.0879 4532 [ 2A57EB9ECCF891216479696C0261732A ] C:\Windows\System32\drivers\CompositeBus.sys
21:56:11.0879 4532 C:\Windows\System32\drivers\CompositeBus.sys - ok
21:56:11.0879 4532 [ 81D262CA5A8C8A3D529579CAB3E790BA ] C:\Windows\System32\drivers\kdnic.sys
21:56:11.0879 4532 C:\Windows\System32\drivers\kdnic.sys - ok
21:56:11.0879 4532 [ 153B583683CA34CE2617CB5E9959E251 ] C:\Windows\System32\drivers\tunnel.sys
21:56:11.0879 4532 C:\Windows\System32\drivers\tunnel.sys - ok
21:56:11.0879 4532 [ C1E848D4D3DCF65732E0520D452DEBD7 ] C:\Windows\System32\drivers\umbus.sys
21:56:11.0879 4532 C:\Windows\System32\drivers\umbus.sys - ok
21:56:11.0895 4532 [ 0B8F615DDB518639EA27D92667F81944 ] C:\Windows\System32\autochk.exe
21:56:11.0895 4532 C:\Windows\System32\autochk.exe - ok
21:56:11.0895 4532 [ C3122593C972ED88F489551EDF436F31 ] C:\Windows\System32\wininet.dll
21:56:11.0895 4532 C:\Windows\System32\wininet.dll - ok
21:56:11.0895 4532 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\Windows\System32\drivers\nvlddmkm.sys
21:56:11.0895 4532 C:\Windows\System32\drivers\nvlddmkm.sys - ok
21:56:11.0910 4532 [ 0893F4E0D6BAA83F7725069D073ECC3A ] C:\Windows\System32\drivers\igdkmd64.sys
21:56:11.0910 4532 C:\Windows\System32\drivers\igdkmd64.sys - ok
21:56:11.0910 4532 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
21:56:11.0910 4532 C:\Windows\System32\drivers\HECIx64.sys - ok
21:56:11.0910 4532 [ E7FCCA209F510BB056F92FC907559858 ] C:\Windows\System32\drivers\usbport.sys
21:56:11.0910 4532 C:\Windows\System32\drivers\usbport.sys - ok
21:56:11.0910 4532 [ 6EFA99D7979F19566A40D8846CF6AC8D ] C:\Windows\System32\drivers\hdaudbus.sys
21:56:11.0910 4532 C:\Windows\System32\drivers\hdaudbus.sys - ok
21:56:11.0926 4532 [ 2D24FF183C1DFF4A26C6FDC24CAF7B1E ] C:\Windows\System32\drivers\usbehci.sys
21:56:11.0926 4532 C:\Windows\System32\drivers\usbehci.sys - ok
21:56:11.0926 4532 [ 57B9C04D673F236D41FAB03842C8640B ] C:\Windows\System32\drivers\NETwNs64.sys
21:56:11.0926 4532 C:\Windows\System32\drivers\NETwNs64.sys - ok
21:56:11.0926 4532 [ 66381F29CBEC4DACBEB4044D522D2447 ] C:\Windows\System32\drivers\vwifibus.sys
21:56:11.0926 4532 C:\Windows\System32\drivers\vwifibus.sys - ok
21:56:11.0942 4532 [ DA62C7A6569B3E20828A9A67823D20DB ] C:\Windows\System32\drivers\USBXHCI.SYS
21:56:11.0942 4532 C:\Windows\System32\drivers\USBXHCI.SYS - ok
21:56:11.0942 4532 [ 4B55BF0C1CF814C8121A2FEFA98E9A68 ] C:\Windows\System32\drivers\UCX01000.SYS
21:56:11.0942 4532 C:\Windows\System32\drivers\UCX01000.SYS - ok
21:56:11.0942 4532 [ 8BFDC55618DA43180234D4BFAACB9960 ] C:\Windows\System32\drivers\i8042prt.sys
21:56:11.0942 4532 C:\Windows\System32\drivers\i8042prt.sys - ok
21:56:11.0942 4532 [ E18D1A5E1514E699019747344C48B786 ] C:\Windows\System32\drivers\kbdclass.sys
21:56:11.0942 4532 C:\Windows\System32\drivers\kbdclass.sys - ok
21:56:11.0957 4532 [ A06F83CB39D8EA3540BE701341D1C258 ] C:\Windows\System32\drivers\mouclass.sys
21:56:11.0957 4532 C:\Windows\System32\drivers\mouclass.sys - ok
21:56:11.0957 4532 [ 15923AA360F7675D3D43C9669316A0BA ] C:\Windows\System32\drivers\Rt630x64.sys
21:56:11.0957 4532 C:\Windows\System32\drivers\Rt630x64.sys - ok
21:56:11.0957 4532 [ 7A505465BBB1EB8B5AD4D76E8749383B ] C:\Windows\System32\drivers\Accelern.sys
21:56:11.0957 4532 C:\Windows\System32\drivers\Accelern.sys - ok
21:56:11.0973 4532 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
21:56:11.0973 4532 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
21:56:11.0973 4532 [ CF7F47434D80BC3C17BE002675904297 ] C:\Windows\System32\drivers\intelppm.sys
21:56:11.0973 4532 C:\Windows\System32\drivers\intelppm.sys - ok
21:56:11.0973 4532 [ 1533DD36B16B3665B76758B0C272B219 ] C:\Windows\System32\drivers\battc.sys
21:56:11.0973 4532 C:\Windows\System32\drivers\battc.sys - ok
21:56:11.0973 4532 [ FBC6D71EB64CEF8206F6CAF28D7AE51B ] C:\Windows\System32\drivers\CmBatt.sys
21:56:11.0973 4532 C:\Windows\System32\drivers\CmBatt.sys - ok
21:56:11.0989 4532 [ 2BFC9A3F12E74756754102CA2F06323D ] C:\Windows\System32\drivers\raspptp.sys
21:56:11.0989 4532 C:\Windows\System32\drivers\raspptp.sys - ok
21:56:11.0989 4532 [ 74708F57382BF8DD2862437CA00B8623 ] C:\Windows\System32\drivers\wmiacpi.sys
21:56:11.0989 4532 C:\Windows\System32\drivers\wmiacpi.sys - ok
21:56:11.0989 4532 [ 7D5B09EBE82DA0A0CFECF1558125A651 ] C:\Windows\System32\drivers\rasl2tp.sys
21:56:11.0989 4532 C:\Windows\System32\drivers\rasl2tp.sys - ok
21:56:12.0004 4532 [ F43F03F650B9FA7FEFAA1F42A08EF9B7 ] C:\Windows\System32\drivers\raspppoe.sys
21:56:12.0004 4532 C:\Windows\System32\drivers\raspppoe.sys - ok
21:56:12.0004 4532 [ E7A6A7682FAB8658A7CC74EC177751D3 ] C:\Windows\System32\drivers\ks.sys
21:56:12.0004 4532 C:\Windows\System32\drivers\ks.sys - ok
21:56:12.0004 4532 [ 25E8FEC1BA1353FE026D56D798DF8566 ] C:\Windows\System32\drivers\rdpbus.sys
21:56:12.0004 4532 C:\Windows\System32\drivers\rdpbus.sys - ok
21:56:12.0020 4532 [ E124307E341A1A0CA658753FFF7FA210 ] C:\Windows\System32\drivers\swenum.sys
21:56:12.0020 4532 C:\Windows\System32\drivers\swenum.sys - ok
21:56:12.0020 4532 [ F3F55C796D3FAE87CCCBE89EBBCB7AC2 ] C:\Windows\System32\drivers\ndproxy.sys
21:56:12.0020 4532 C:\Windows\System32\drivers\ndproxy.sys - ok
21:56:12.0020 4532 [ 7653A60E9AADD30E385A056295D8201D ] C:\Windows\System32\drivers\usbd.sys
21:56:12.0020 4532 C:\Windows\System32\drivers\usbd.sys - ok
21:56:12.0020 4532 [ F2FF1C1D1EAA1B41D9FA8417238CA1E7 ] C:\Windows\System32\drivers\usbhub.sys
21:56:12.0020 4532 C:\Windows\System32\drivers\usbhub.sys - ok
21:56:12.0035 4532 [ EFA982FCA003D96B1E2CE0A2E55BA813 ] C:\Windows\System32\shlwapi.dll
21:56:12.0035 4532 C:\Windows\System32\shlwapi.dll - ok
21:56:12.0035 4532 [ A1987BD40F6B6C9AFBF3F51B7F80DB74 ] C:\Windows\System32\normaliz.dll
21:56:12.0035 4532 C:\Windows\System32\normaliz.dll - ok
21:56:12.0035 4532 [ B04B2BEBBC287A5DCE1807EAE70DD7C6 ] C:\Windows\System32\gdi32.dll
21:56:12.0035 4532 C:\Windows\System32\gdi32.dll - ok
21:56:12.0051 4532 [ EE2A17D8AEEFC104EDF59143BE9C257A ] C:\Windows\System32\usp10.dll
21:56:12.0051 4532 C:\Windows\System32\usp10.dll - ok
21:56:12.0051 4532 [ 3EB3C5A660F7DAB12737F475B274B23C ] C:\Windows\System32\ws2_32.dll
21:56:12.0051 4532 C:\Windows\System32\ws2_32.dll - ok
21:56:12.0051 4532 [ 22C40BEFDB6EC40803FFF31BC3A586B7 ] C:\Windows\System32\oleaut32.dll
21:56:12.0051 4532 C:\Windows\System32\oleaut32.dll - ok
21:56:12.0051 4532 [ A86B03F32A748D4356AAC839B8FFC755 ] C:\Windows\System32\wow64cpu.dll
21:56:12.0051 4532 C:\Windows\System32\wow64cpu.dll - ok
21:56:12.0067 4532 [ D43B75084C3362737B890BA5B0DA7FEC ] C:\Windows\System32\comdlg32.dll
21:56:12.0067 4532 C:\Windows\System32\comdlg32.dll - ok
21:56:12.0067 4532 [ 6993156A4C01EEE9FEA80F2345F16BE0 ] C:\Windows\System32\setupapi.dll
21:56:12.0067 4532 C:\Windows\System32\setupapi.dll - ok
21:56:12.0067 4532 [ 66AE57450F42CCC48B211743318310AA ] C:\Windows\System32\urlmon.dll
21:56:12.0067 4532 C:\Windows\System32\urlmon.dll - ok
21:56:12.0082 4532 [ D36A739971B0542719AA1092D623BA37 ] C:\Windows\System32\shell32.dll
21:56:12.0082 4532 C:\Windows\System32\shell32.dll - ok
21:56:12.0082 4532 [ 722F4483475996CA27D006043E96A484 ] C:\Windows\System32\rpcrt4.dll
21:56:12.0082 4532 C:\Windows\System32\rpcrt4.dll - ok
21:56:12.0082 4532 [ 3E68B447773392DF65BCE6CCBA40D3FF ] C:\Windows\System32\msctf.dll
21:56:12.0082 4532 C:\Windows\System32\msctf.dll - ok
21:56:12.0082 4532 [ 3210A5751DA94160BAEE36628FA6BF0C ] C:\Windows\System32\ole32.dll
21:56:12.0082 4532 C:\Windows\System32\ole32.dll - ok
21:56:12.0098 4532 [ 955A6AA5B81C2BFFF8A47DBD9D7F568E ] C:\Windows\System32\user32.dll
21:56:12.0098 4532 C:\Windows\System32\user32.dll - ok
21:56:12.0098 4532 [ 33B02C4B994734E9FA92B00DF9EAAE5B ] C:\Windows\System32\GdiPlus.dll
21:56:12.0098 4532 C:\Windows\System32\GdiPlus.dll - ok
21:56:12.0098 4532 [ A5E48CE3417454281ED7125A0605D078 ] C:\Windows\System32\imagehlp.dll
21:56:12.0098 4532 C:\Windows\System32\imagehlp.dll - ok
21:56:12.0114 4532 [ 0FCAF634A453AF63F9B5EC3CB56F8F1C ] C:\Windows\System32\lpk.dll
21:56:12.0114 4532 C:\Windows\System32\lpk.dll - ok
21:56:12.0114 4532 [ 14131E8B138697937FB30CB4559B92F7 ] C:\Windows\System32\Wldap32.dll
21:56:12.0114 4532 C:\Windows\System32\Wldap32.dll - ok
21:56:12.0114 4532 [ 2289E493610DC085674BC2DD351AACE2 ] C:\Windows\System32\iertutil.dll
21:56:12.0114 4532 C:\Windows\System32\iertutil.dll - ok
21:56:12.0114 4532 [ 9A49B675440BB3568C39EDE0CEF492BB ] C:\Windows\System32\wow64win.dll
21:56:12.0114 4532 C:\Windows\System32\wow64win.dll - ok
21:56:12.0129 4532 [ 1EAC1DECEC15EAE3AF6B288FE538989C ] C:\Windows\System32\combase.dll
21:56:12.0129 4532 C:\Windows\System32\combase.dll - ok
21:56:12.0129 4532 [ 41BE0C5A0B2DB337F8F4681E1828AF20 ] C:\Windows\System32\clbcatq.dll
21:56:12.0129 4532 C:\Windows\System32\clbcatq.dll - ok
21:56:12.0129 4532 [ 99BFF1BC6851B6728ED6A74177969653 ] C:\Windows\System32\nsi.dll
21:56:12.0129 4532 C:\Windows\System32\nsi.dll - ok
21:56:12.0129 4532 [ F31487E97AB95638C5E012FC392CE376 ] C:\Windows\System32\kernel32.dll
21:56:12.0129 4532 C:\Windows\System32\kernel32.dll - ok
21:56:12.0145 4532 [ ACCE72C063509A3782124B50E069DFE1 ] C:\Windows\System32\sechost.dll
21:56:12.0145 4532 C:\Windows\System32\sechost.dll - ok
21:56:12.0145 4532 [ 4FFC9234870E32A49D39D111BE6DA667 ] C:\Windows\System32\difxapi.dll
21:56:12.0145 4532 C:\Windows\System32\difxapi.dll - ok
21:56:12.0145 4532 [ 5B18C7AB7937067DDA26E17CA7B6C066 ] C:\Windows\System32\advapi32.dll
21:56:12.0145 4532 C:\Windows\System32\advapi32.dll - ok
21:56:12.0160 4532 [ C5BD4348C48AA27CFB77203148E5B84F ] C:\Windows\System32\imm32.dll
21:56:12.0160 4532 C:\Windows\System32\imm32.dll - ok
21:56:12.0160 4532 [ B1D1C5D7C87BFE6C39ACC438BE4489E3 ] C:\Windows\System32\wow64.dll
21:56:12.0160 4532 C:\Windows\System32\wow64.dll - ok
21:56:12.0160 4532 [ 1BA3E52476B6D527C33F98F59A43B5FF ] C:\Windows\System32\msvcrt.dll
21:56:12.0160 4532 C:\Windows\System32\msvcrt.dll - ok
21:56:12.0160 4532 [ 662F2D73280EF136707B0638F3D1878D ] C:\Windows\System32\psapi.dll
21:56:12.0160 4532 C:\Windows\System32\psapi.dll - ok
21:56:12.0176 4532 [ 016DD5B3FF979225F02F99990C5EB58C ] C:\Windows\System32\cfgmgr32.dll
21:56:12.0176 4532 C:\Windows\System32\cfgmgr32.dll - ok
21:56:12.0176 4532 [ 36732B92396D75B48B95DC3538ED5F39 ] C:\Windows\System32\devobj.dll
21:56:12.0176 4532 C:\Windows\System32\devobj.dll - ok
21:56:12.0176 4532 [ EAC8339D74AA38651B25BB9ECF2EDABE ] C:\Windows\System32\crypt32.dll
21:56:12.0176 4532 C:\Windows\System32\crypt32.dll - ok
21:56:12.0192 4532 [ 8385029AAEFAD1E1A26B7B59A9CE1353 ] C:\Windows\System32\KernelBase.dll
21:56:12.0192 4532 C:\Windows\System32\KernelBase.dll - ok
21:56:12.0192 4532 [ 79DBEF608A25ED43A3168BD3C11EAF9A ] C:\Windows\System32\comctl32.dll
21:56:12.0192 4532 C:\Windows\System32\comctl32.dll - ok
21:56:12.0192 4532 [ 75C0AE7BFBE6612DCCE527611C9E301E ] C:\Windows\System32\msasn1.dll
21:56:12.0192 4532 C:\Windows\System32\msasn1.dll - ok
21:56:12.0192 4532 [ 92E19EFEC88C93E54DEA6FC9D5EF12B6 ] C:\Windows\System32\wintrust.dll
21:56:12.0192 4532 C:\Windows\System32\wintrust.dll - ok
21:56:12.0207 4532 [ 8760CA512E794EC6902D6E26F1D606A5 ] C:\Windows\System32\drivers\drmk.sys
21:56:12.0207 4532 C:\Windows\System32\drivers\drmk.sys - ok
21:56:12.0207 4532 [ ED7EED62597BCD9F6B72740178382253 ] C:\Windows\System32\drivers\HdAudio.sys
21:56:12.0207 4532 C:\Windows\System32\drivers\HdAudio.sys - ok
21:56:12.0207 4532 [ 96C82EED9DFBAC84788C5A5BC1C8F97E ] C:\Windows\System32\drivers\ksthunk.sys
21:56:12.0207 4532 C:\Windows\System32\drivers\ksthunk.sys - ok
21:56:12.0223 4532 [ 5F23B0EAC57CCF229D394306D37B186E ] C:\Windows\System32\drivers\portcls.sys
21:56:12.0223 4532 C:\Windows\System32\drivers\portcls.sys - ok
21:56:12.0223 4532 [ C58259D5630F15ACD5E1E8E82D8CDA6D ] C:\Windows\System32\drivers\USBHUB3.SYS
21:56:12.0223 4532 C:\Windows\System32\drivers\USBHUB3.SYS - ok
21:56:12.0223 4532 [ 09EE43F21709D0830BED649E691686EF ] C:\Windows\SysWOW64\usp10.dll
21:56:12.0223 4532 C:\Windows\SysWOW64\usp10.dll - ok
21:56:12.0223 4532 [ 42447F3F95ED7BD7D55FB5C0D20210CE ] C:\Windows\SysWOW64\lpk.dll
21:56:12.0223 4532 C:\Windows\SysWOW64\lpk.dll - ok
21:56:12.0238 4532 [ 710EFEE449D8CB1506F9D5D9EC03D2B1 ] C:\Windows\SysWOW64\normaliz.dll
21:56:12.0238 4532 C:\Windows\SysWOW64\normaliz.dll - ok
21:56:12.0238 4532 [ 9A40F023B70A2FBDD2C199F2368074D4 ] C:\Windows\System32\drivers\usbccgp.sys
21:56:12.0238 4532 C:\Windows\System32\drivers\usbccgp.sys - ok
21:56:12.0238 4532 [ 0928BD20273625622722FE1DE5BBDE57 ] C:\Windows\System32\drivers\qicflt.sys
21:56:12.0238 4532 C:\Windows\System32\drivers\qicflt.sys - ok
21:56:12.0254 4532 [ 49A72139C4BC24710C27531A83B5A7AE ] C:\Windows\System32\drivers\usbvideo.sys
21:56:12.0254 4532 C:\Windows\System32\drivers\usbvideo.sys - ok
21:56:12.0254 4532 [ 8C4C80AB29F31CB53D22A86FF11054B5 ] C:\Windows\System32\drivers\hidparse.sys
21:56:12.0254 4532 C:\Windows\System32\drivers\hidparse.sys - ok
21:56:12.0254 4532 [ 482FE7B72616214BD54D91FD5DD1692F ] C:\Windows\System32\win32k.sys
21:56:12.0254 4532 C:\Windows\System32\win32k.sys - ok
21:56:12.0254 4532 [ 48FE5BFAF9558C610A5FE55E42E3EA59 ] C:\Windows\System32\csrsrv.dll
21:56:12.0254 4532 C:\Windows\System32\csrsrv.dll - ok
21:56:12.0270 4532 [ 3764A8DFF17ED6C1B6F54399CF2278F3 ] C:\Windows\System32\csrss.exe
21:56:12.0270 4532 C:\Windows\System32\csrss.exe - ok
21:56:12.0270 4532 [ 7D5D03F3030F9A8E457D4E683ECA1497 ] C:\Windows\System32\basesrv.dll
21:56:12.0270 4532 C:\Windows\System32\basesrv.dll - ok
21:56:12.0270 4532 [ 78F34EA9D29A3FA9CD33EC3867971A84 ] C:\Windows\System32\winsrv.dll
21:56:12.0270 4532 C:\Windows\System32\winsrv.dll - ok
21:56:12.0270 4532 [ CA03CDBA0C9C755EF4D87282E7679A1E ] C:\Windows\System32\drivers\monitor.sys
21:56:12.0270 4532 C:\Windows\System32\drivers\monitor.sys - ok
21:56:12.0285 4532 [ EFEC5911F3FB4F9660E05E8E45EA16D2 ] C:\Windows\System32\sxssrv.dll
21:56:12.0285 4532 C:\Windows\System32\sxssrv.dll - ok
21:56:12.0285 4532 [ 8E597F6F9143F3C61E63FC3B35CA74B6 ] C:\Windows\System32\tsddd.dll
21:56:12.0285 4532 C:\Windows\System32\tsddd.dll - ok
21:56:12.0285 4532 [ AF04DB3505B6316458381C1BBCF34D2E ] C:\Windows\System32\wininit.exe
21:56:12.0285 4532 C:\Windows\System32\wininit.exe - ok
21:56:12.0301 4532 [ C0B856DE0CB200FC0A10D165B041B0E2 ] C:\Windows\System32\KBDUS.DLL
21:56:12.0301 4532 C:\Windows\System32\KBDUS.DLL - ok
21:56:12.0301 4532 [ ADFA84EC77D9EE46EFD0F92B9796B085 ] C:\Windows\System32\profapi.dll
21:56:12.0301 4532 C:\Windows\System32\profapi.dll - ok
21:56:12.0301 4532 [ 12957B7F4A6132C372C9F492C32D2316 ] C:\Windows\System32\wininitext.dll
21:56:12.0301 4532 C:\Windows\System32\wininitext.dll - ok
21:56:12.0301 4532 [ 780E931EB9474E79993C997E9B05533D ] C:\Windows\System32\cdd.dll
21:56:12.0301 4532 C:\Windows\System32\cdd.dll - ok
21:56:12.0317 4532 [ AB4C45ACD8EDD3F2462B32718E0C43E4 ] C:\Windows\System32\atmfd.dll
21:56:12.0317 4532 C:\Windows\System32\atmfd.dll - ok
21:56:12.0317 4532 [ E43A042654CAA6FF7034B84FBF0F9810 ] C:\Windows\System32\powrprof.dll
21:56:12.0317 4532 C:\Windows\System32\powrprof.dll - ok
21:56:12.0317 4532 [ 69E7957DF857858A5F3F8FE99C27F29C ] C:\Windows\System32\samcli.dll
21:56:12.0317 4532 C:\Windows\System32\samcli.dll - ok
21:56:12.0317 4532 [ 7FF135ECEB263BB7B26B1D06AFE49548 ] C:\Windows\System32\winlogon.exe
21:56:12.0317 4532 C:\Windows\System32\winlogon.exe - ok
21:56:12.0332 4532 [ 5B03985C67C4A8CC2FDAAE4AB1673FF7 ] C:\Windows\System32\winsta.dll
21:56:12.0332 4532 C:\Windows\System32\winsta.dll - ok
21:56:12.0332 4532 [ 2B8606131EDE3B9DCE22EA364CA08C1B ] C:\Windows\System32\sxs.dll
21:56:12.0332 4532 C:\Windows\System32\sxs.dll - ok
21:56:12.0332 4532 [ 3F85F4FA3664C067527387836A74C4E7 ] C:\Windows\System32\WlS0WndH.dll
21:56:12.0332 4532 C:\Windows\System32\WlS0WndH.dll - ok
21:56:12.0348 4532 [ ECDF72962A809CA708EFA982C27D1876 ] C:\Windows\System32\bcryptprimitives.dll
21:56:12.0348 4532 C:\Windows\System32\bcryptprimitives.dll - ok
21:56:12.0348 4532 [ 4EEA2BE70DFEFE8A83325B919B76ABFC ] C:\Windows\System32\cryptbase.dll
21:56:12.0348 4532 C:\Windows\System32\cryptbase.dll - ok
21:56:12.0348 4532 [ 689AFA427B8EE147F78A446E3F4FCFE2 ] C:\Windows\System32\wtsapi32.dll
21:56:12.0348 4532 C:\Windows\System32\wtsapi32.dll - ok
21:56:12.0348 4532 [ 6DBD56C7117F98D56C8880614FE765B7 ] C:\Windows\System32\lsass.exe
21:56:12.0348 4532 C:\Windows\System32\lsass.exe - ok
21:56:12.0363 4532 [ B5643CD44EF5F7514D1C6BA2FBBD5E7E ] C:\Windows\System32\services.exe
21:56:12.0363 4532 C:\Windows\System32\services.exe - ok
21:56:12.0363 4532 [ 9BA44B6F673318F25F3537C93BE0141C ] C:\Windows\System32\lsasrv.dll
21:56:12.0363 4532 C:\Windows\System32\lsasrv.dll - ok
21:56:12.0363 4532 [ F05CB2F84F6A8C78ADBFC8B1B204E953 ] C:\Windows\System32\scext.dll
21:56:12.0363 4532 C:\Windows\System32\scext.dll - ok
21:56:12.0363 4532 [ AB925630F0BDF3F6EA93D7CB708806BF ] C:\Windows\System32\sspicli.dll
21:56:12.0363 4532 C:\Windows\System32\sspicli.dll - ok
21:56:12.0379 4532 [ 4E2853E0824C1E82704BD8D18474C983 ] C:\Windows\System32\sspisrv.dll
21:56:12.0379 4532 C:\Windows\System32\sspisrv.dll - ok
21:56:12.0379 4532 [ E6C0042CA75B121A553DBE6D66A4EE73 ] C:\Windows\System32\ubpm.dll
21:56:12.0379 4532 C:\Windows\System32\ubpm.dll - ok
21:56:12.0379 4532 [ 846409AE26FBEC37DCCA3227E360BD7E ] C:\Windows\System32\SPInf.dll
21:56:12.0379 4532 C:\Windows\System32\SPInf.dll - ok
21:56:12.0379 4532 [ 88B5B4498B87DF2307B9BD50366674C3 ] C:\Windows\System32\srvcli.dll
21:56:12.0379 4532 C:\Windows\System32\srvcli.dll - ok
21:56:12.0395 4532 [ EEA275A2FEF63BF0665E801AFDC72997 ] C:\Windows\System32\samsrv.dll
21:56:12.0395 4532 C:\Windows\System32\samsrv.dll - ok
21:56:12.0395 4532 [ F22EB6345115D4C01DAA1C20718F62CA ] C:\Windows\System32\bcrypt.dll
21:56:12.0395 4532 C:\Windows\System32\bcrypt.dll - ok
21:56:12.0395 4532 [ 9D7CB029DCECCD4FAC9581980FF8F55C ] C:\Windows\System32\ncrypt.dll
21:56:12.0395 4532 C:\Windows\System32\ncrypt.dll - ok
21:56:12.0410 4532 [ 858F4BF4F421D73B972E42469F904011 ] C:\Windows\System32\ntasn1.dll
21:56:12.0410 4532 C:\Windows\System32\ntasn1.dll - ok
21:56:12.0410 4532 [ 094D540F9E1150E638B049F0C2CF3397 ] C:\Windows\System32\msprivs.dll
21:56:12.0410 4532 C:\Windows\System32\msprivs.dll - ok
21:56:12.0410 4532 [ 06E21F7A6961057D8143E0DFCD4837CD ] C:\Windows\System32\netjoin.dll
21:56:12.0410 4532 C:\Windows\System32\netjoin.dll - ok
21:56:12.0410 4532 [ CF6BA13237A801596E69F0DDCEC359A8 ] C:\Windows\System32\cryptdll.dll
21:56:12.0410 4532 C:\Windows\System32\cryptdll.dll - ok
21:56:12.0426 4532 [ 547FCBF1B3A80B07CC8479D951748329 ] C:\Windows\System32\kerberos.dll
21:56:12.0426 4532 C:\Windows\System32\kerberos.dll - ok
21:56:12.0426 4532 [ 22C62BDF629D7B248D44C0C1B52C0537 ] C:\Windows\System32\negoexts.dll
21:56:12.0426 4532 C:\Windows\System32\negoexts.dll - ok
21:56:12.0426 4532 [ 3824A7F74CDF8550B223C4AA9FDBF1FA ] C:\Windows\System32\cryptsp.dll
21:56:12.0426 4532 C:\Windows\System32\cryptsp.dll - ok
21:56:12.0442 4532 [ 1D92983AE2D7059619844B7010954EF5 ] C:\Windows\System32\mswsock.dll
21:56:12.0442 4532 C:\Windows\System32\mswsock.dll - ok
21:56:12.0442 4532 [ 4713193B86F234BDE96820AE2929C9CD ] C:\Windows\System32\msv1_0.dll
21:56:12.0442 4532 C:\Windows\System32\msv1_0.dll - ok
21:56:12.0442 4532 [ 1A94DF31908D166CE096DD9574F64E12 ] C:\Windows\System32\dnsapi.dll
21:56:12.0442 4532 C:\Windows\System32\dnsapi.dll - ok
21:56:12.0457 4532 [ 53EBE463BD88ED9A4C53769F9FDF5533 ] C:\Windows\System32\netlogon.dll
21:56:12.0457 4532 C:\Windows\System32\netlogon.dll - ok
21:56:12.0457 4532 [ 923303198C21A10F5DD846D22B38B8D5 ] C:\Windows\System32\logoncli.dll
21:56:12.0457 4532 C:\Windows\System32\logoncli.dll - ok
21:56:12.0457 4532 [ 04C188794E70D0A1A1F26090468F59F3 ] C:\Windows\System32\schannel.dll
21:56:12.0457 4532 C:\Windows\System32\schannel.dll - ok
21:56:12.0457 4532 [ A22DB8687C1CBB25073EBC8A995EF6D6 ] C:\Windows\System32\userenv.dll
21:56:12.0457 4532 C:\Windows\System32\userenv.dll - ok
21:56:12.0473 4532 [ BA299A375B8CFC44D06C1B0B75EE3AF9 ] C:\Windows\System32\rsaenh.dll
21:56:12.0473 4532 C:\Windows\System32\rsaenh.dll - ok
21:56:12.0473 4532 [ F2216CE93A63A37744CEB91372F2104C ] C:\Windows\System32\wdigest.dll
21:56:12.0473 4532 C:\Windows\System32\wdigest.dll - ok
21:56:12.0473 4532 [ 201BD26F44A3995CB1C70BFA9AE24883 ] C:\Windows\System32\pku2u.dll
21:56:12.0473 4532 C:\Windows\System32\pku2u.dll - ok
21:56:12.0488 4532 [ CFFA2D170D4BD1D4BEDE4C46E9BB9343 ] C:\Windows\System32\TSpkg.dll
21:56:12.0488 4532 C:\Windows\System32\TSpkg.dll - ok
21:56:12.0488 4532 [ 71187F4669D543AF5F6CA14D3F145E98 ] C:\Windows\System32\livessp.dll
21:56:12.0488 4532 C:\Windows\System32\livessp.dll - ok
21:56:12.0488 4532 [ F2A96521BFC4530C944D8BD767334652 ] C:\Windows\System32\credssp.dll
21:56:12.0488 4532 C:\Windows\System32\credssp.dll - ok
21:56:12.0504 4532 [ 3FE3017F11602A074E58B65F497D6B49 ] C:\Windows\System32\dpapisrv.dll
21:56:12.0504 4532 C:\Windows\System32\dpapisrv.dll - ok
21:56:12.0504 4532 [ 617D1F9BBF80F7DA591BD2C512033C96 ] C:\Windows\System32\efslsaext.dll
21:56:12.0504 4532 C:\Windows\System32\efslsaext.dll - ok
21:56:12.0504 4532 [ AC542D32A0DB421AF803B94B3993646F ] C:\Windows\System32\scesrv.dll
21:56:12.0504 4532 C:\Windows\System32\scesrv.dll - ok
21:56:12.0504 4532 [ 3783540F26D6B87F5EE5B2E82A97A429 ] C:\Windows\System32\scecli.dll
21:56:12.0504 4532 C:\Windows\System32\scecli.dll - ok
21:56:12.0520 4532 [ 0FB0D4445E308598622019CC523CBDEB ] C:\Windows\System32\authz.dll
21:56:12.0520 4532 C:\Windows\System32\authz.dll - ok
21:56:12.0520 4532 [ BEBFBC4B5AAA891659D8B823641646A1 ] C:\Windows\System32\netutils.dll
21:56:12.0520 4532 C:\Windows\System32\netutils.dll - ok
21:56:12.0520 4532 [ 92B919655BA013E8687E2AE873BA56ED ] C:\Windows\System32\svchost.exe
21:56:12.0520 4532 C:\Windows\System32\svchost.exe - ok
21:56:12.0535 4532 [ D5609A195EA599793228EACDDAB1574B ] C:\Windows\System32\umpnpmgr.dll
21:56:12.0535 4532 C:\Windows\System32\umpnpmgr.dll - ok
21:56:12.0535 4532 [ 7EECF667D02FA23C03843C134D95FA27 ] C:\Windows\System32\devrtl.dll
21:56:12.0535 4532 C:\Windows\System32\devrtl.dll - ok
21:56:12.0535 4532 [ B95BC87A25F8FE1877F16038FE86A29A ] C:\Windows\System32\hid.dll
21:56:12.0535 4532 C:\Windows\System32\hid.dll - ok
21:56:12.0535 4532 [ 7B950640FE106C893688BE2DBB56D9E4 ] C:\Windows\System32\pcwum.dll
21:56:12.0535 4532 C:\Windows\System32\pcwum.dll - ok
21:56:12.0551 4532 [ CAF5DFF32A27A61D2C5C36F6166CC768 ] C:\Windows\System32\umpo.dll
21:56:12.0551 4532 C:\Windows\System32\umpo.dll - ok
21:56:12.0551 4532 [ FBE94F5A7A802FE570EA9FBE7043A6DC ] C:\Windows\System32\umpoext.dll
21:56:12.0551 4532 C:\Windows\System32\umpoext.dll - ok
21:56:12.0551 4532 [ 37F53A8B23629E880A0CCC5721DBC80F ] C:\Windows\System32\gpapi.dll
21:56:12.0551 4532 C:\Windows\System32\gpapi.dll - ok
21:56:12.0567 4532 [ C9A36EF935ACED86AEDF93E97E606911 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:56:12.0567 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok
21:56:12.0567 4532 [ 636DB77D884823E20D8739979915CE5C ] C:\Windows\SysWOW64\ntdll.dll
21:56:12.0567 4532 C:\Windows\SysWOW64\ntdll.dll - ok
21:56:12.0567 4532 [ 02D182C73F575F766E716CF67D8F2017 ] C:\Windows\SysWOW64\kernel32.dll
21:56:12.0567 4532 C:\Windows\SysWOW64\kernel32.dll - ok
21:56:12.0567 4532 [ E9551321DCF7EC80755D010B297E7788 ] C:\Windows\SysWOW64\KernelBase.dll
21:56:12.0567 4532 C:\Windows\SysWOW64\KernelBase.dll - ok
21:56:12.0582 4532 [ 5B03C1B3BA9AE9A2BE741683ABFB4B74 ] C:\Windows\SysWOW64\user32.dll
21:56:12.0582 4532 C:\Windows\SysWOW64\user32.dll - ok
21:56:12.0582 4532 [ 85775963F9EA6B635A83C356B022A881 ] C:\Windows\SysWOW64\advapi32.dll
21:56:12.0582 4532 C:\Windows\SysWOW64\advapi32.dll - ok
21:56:12.0582 4532 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
21:56:12.0582 4532 C:\Windows\SysWOW64\msvcp100.dll - ok
21:56:12.0582 4532 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
21:56:12.0582 4532 C:\Windows\SysWOW64\msvcr100.dll - ok
21:56:12.0598 4532 [ D2086191BB9DCE637DA88AD57DD0543E ] C:\Windows\SysWOW64\gdi32.dll
21:56:12.0598 4532 C:\Windows\SysWOW64\gdi32.dll - ok
21:56:12.0598 4532 [ CF17FDB324ABBD72B3AC659E31BDB6DF ] C:\Windows\SysWOW64\msvcrt.dll
21:56:12.0598 4532 C:\Windows\SysWOW64\msvcrt.dll - ok
21:56:12.0598 4532 [ 988AF27587627BF912CB12F7A705BB56 ] C:\Windows\SysWOW64\sechost.dll
21:56:12.0598 4532 C:\Windows\SysWOW64\sechost.dll - ok
21:56:12.0614 4532 [ C0004ADBD254011265783DB549BEACE8 ] C:\Windows\SysWOW64\cryptbase.dll
21:56:12.0614 4532 C:\Windows\SysWOW64\cryptbase.dll - ok
21:56:12.0614 4532 [ D8AE66B07FEBDDE772416AC05309F86D ] C:\Windows\SysWOW64\rpcrt4.dll
21:56:12.0614 4532 C:\Windows\SysWOW64\rpcrt4.dll - ok
21:56:12.0614 4532 [ 8EAF086391DDB87BEBDDF2E6FC31CF35 ] C:\Windows\SysWOW64\sspicli.dll
21:56:12.0614 4532 C:\Windows\SysWOW64\sspicli.dll - ok
21:56:12.0614 4532 [ 42221B683109282A2C0EA1D21F16C322 ] C:\Windows\SysWOW64\bcryptprimitives.dll
21:56:12.0614 4532 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
21:56:12.0629 4532 [ 3EF34FFAB47A2ECF4CE395EDB6D15334 ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll
21:56:12.0629 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok
21:56:12.0629 4532 [ 6E8F65415E70F1977F2612531C651D5F ] C:\Windows\SysWOW64\shell32.dll
21:56:12.0629 4532 C:\Windows\SysWOW64\shell32.dll - ok
21:56:12.0629 4532 [ 8A161086F16FF87CC712CAB5FE2A9547 ] C:\Windows\SysWOW64\shlwapi.dll
21:56:12.0629 4532 C:\Windows\SysWOW64\shlwapi.dll - ok
21:56:12.0645 4532 [ 8DB39A1BE1ACD6A80EE452D90DA1EF50 ] C:\Windows\SysWOW64\combase.dll
21:56:12.0645 4532 C:\Windows\SysWOW64\combase.dll - ok
21:56:12.0645 4532 [ F8FC3E3D7740B3566AAF1A86982FAAC4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll
21:56:12.0645 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok
21:56:12.0645 4532 [ 13B7445DAAD8EA6774D65FD9DEF5D199 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
21:56:12.0645 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok
21:56:12.0645 4532 [ 0D99E1210ECBC560E53FD759CFA4EAB5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll
21:56:12.0645 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok
21:56:12.0660 4532 [ 991F2C676B636E475CB9C8C30ED8E570 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll
21:56:12.0660 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok
21:56:12.0660 4532 [ 5D44C557B6F0261F0E9FEA4CAE1E1AB0 ] C:\Windows\SysWOW64\version.dll
21:56:12.0660 4532 C:\Windows\SysWOW64\version.dll - ok
21:56:12.0660 4532 [ 670690FD78D7A14FF6B2579502C7FFFB ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll
21:56:12.0660 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok
21:56:12.0676 4532 [ A4B84315F5441E5514AD2E641C4F6E34 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll
21:56:12.0676 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok
21:56:12.0676 4532 [ 0A2B58F21E03FC1381FCC9F23EB4FF5A ] C:\Windows\SysWOW64\mpr.dll
21:56:12.0676 4532 C:\Windows\SysWOW64\mpr.dll - ok
21:56:12.0676 4532 [ CB0248A426835FE0A77F1B468E1825E1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll
21:56:12.0676 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok
21:56:12.0692 4532 [ C2C2335E62DA083E06BD99A70DFA8785 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll
21:56:12.0692 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok
21:56:12.0692 4532 [ 2EC0D1737C05ADB6156C65BD4A2613F6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll
21:56:12.0692 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok
21:56:12.0692 4532 [ C75FB46E4FABE632C51FB6E78BDB7700 ] C:\Windows\SysWOW64\ole32.dll
21:56:12.0692 4532 C:\Windows\SysWOW64\ole32.dll - ok
21:56:12.0692 4532 [ 0B433CA9FAF3516E2319FF55AEA46B39 ] C:\Windows\SysWOW64\oleaut32.dll
21:56:12.0692 4532 C:\Windows\SysWOW64\oleaut32.dll - ok
21:56:12.0707 4532 [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll
21:56:12.0707 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok
21:56:12.0707 4532 [ 729F4D9EC5E17A5588DD187D0F5F2738 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll
21:56:12.0707 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok
21:56:12.0707 4532 [ 31222A7F19EF7013FD43E47168E4400A ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll
21:56:12.0707 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok
21:56:12.0723 4532 [ 434D3AFF60EE877A2D1CADE7016AF4C3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll
21:56:12.0723 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok
21:56:12.0723 4532 [ EA196C9873949A3D2050C86B7AE95FDD ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll
21:56:12.0723 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok
21:56:12.0723 4532 [ 503FE48BC3B68F40018520AEAE3BEAC1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
21:56:12.0723 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok
21:56:12.0739 4532 [ 4200272EE793C5E139365E0AFE9AAB5B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
21:56:12.0739 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok
21:56:12.0739 4532 [ 1AE773142781013F32AE19D0404879FA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll
21:56:12.0739 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok
21:56:12.0739 4532 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] C:\Windows\System32\drivers\avgntflt.sys
21:56:12.0739 4532 C:\Windows\System32\drivers\avgntflt.sys - ok
21:56:12.0739 4532 [ B6E574666C35E7D608CC7ED0A82ABA94 ] C:\Windows\SysWOW64\fltLib.dll
21:56:12.0739 4532 C:\Windows\SysWOW64\fltLib.dll - ok
21:56:12.0754 4532 [ C7DCE4217E8B2329C7458554C8187FEC ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
21:56:12.0754 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok
21:56:12.0754 4532 [ E75A782A8C218D03A0AF54325132BC70 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll
21:56:12.0754 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok
21:56:12.0754 4532 [ A04DD0E3C71FE7AC602B573B1B03758F ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll
21:56:12.0754 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok
21:56:12.0770 4532 [ 011C74CF75EA6E0B5AB816E2D94F8257 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
21:56:12.0770 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok
21:56:12.0770 4532 [ 74D05C32B691391648FA18AE9DD6EDC0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
21:56:12.0770 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok
21:56:12.0770 4532 [ CF28139A8AECBF3BEC26CA1A16FD69CF ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
21:56:12.0770 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok
21:56:12.0785 4532 [ 64605B72B605DEDE66D38E3D7094E73B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
21:56:12.0785 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok
21:56:12.0785 4532 [ 5C96FB62F2B22200D20E176800A29664 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
21:56:12.0785 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok
21:56:12.0785 4532 [ F6719AE96D74C62D696838839447B269 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
21:56:12.0785 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok
21:56:12.0801 4532 [ 2DA5F4D3BF1C760766B574A5B07A4F19 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
21:56:12.0801 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok
21:56:12.0801 4532 [ 8202BDC27F7E16C90C355E9A2545C7E7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
21:56:12.0801 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok
21:56:12.0801 4532 [ 0109C5101DD4520719F912A32DED5946 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
21:56:12.0801 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok
21:56:12.0801 4532 [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
21:56:12.0801 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok
21:56:12.0817 4532 [ 3B07BF6D7AB4CD8A59D6435503C313DA ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll
21:56:12.0817 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok
21:56:12.0817 4532 [ 7E3D9E781E7D2E099BD424B188FBC9AA ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll
21:56:12.0817 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok
21:56:12.0817 4532 [ 022A2974F0F6EF0D9F8781E6C6EE2FB6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll
21:56:12.0817 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok
21:56:12.0832 4532 [ 01BDDCB32F78945604B3A67FED497DB3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll
21:56:12.0832 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok
21:56:12.0832 4532 [ C05E10AC65CE218EA116A9AF5B250E00 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll
21:56:12.0832 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok
21:56:12.0832 4532 [ 6BBC7F716E962A95A59341279CCB1E61 ] C:\Windows\SysWOW64\SHCore.dll
21:56:12.0832 4532 C:\Windows\SysWOW64\SHCore.dll - ok
21:56:12.0832 4532 [ CE24B03D3393510234ECA7ABB1355499 ] C:\Windows\SysWOW64\profapi.dll
21:56:12.0832 4532 C:\Windows\SysWOW64\profapi.dll - ok
21:56:12.0848 4532 [ FF9996564C0810B403F6410B60FBFA42 ] C:\Program Files (x86)\Avira\AntiVir Desktop\webcat.dll
21:56:12.0848 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\webcat.dll - ok
21:56:12.0848 4532 [ 9F8361F4A38AA63C5F4F7E5DF58F547B ] C:\Windows\SysWOW64\wininet.dll
21:56:12.0848 4532 C:\Windows\SysWOW64\wininet.dll - ok
21:56:12.0848 4532 [ FB9FEFDE6446EC020BAFC8B0FF672739 ] C:\Windows\SysWOW64\iertutil.dll
21:56:12.0848 4532 C:\Windows\SysWOW64\iertutil.dll - ok
21:56:12.0864 4532 [ C00E7DA2EB0E5A4942BE2E6FC42083E1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\webcatrc.dll
21:56:12.0864 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\webcatrc.dll - ok
21:56:12.0864 4532 [ BD4AB0FD9BD228FE0EC5EA83625D8FEC ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
21:56:12.0864 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok
21:56:12.0864 4532 [ 5D23B512B0FA9930801DBECF754C0099 ] C:\Windows\System32\conhost.exe
21:56:12.0864 4532 C:\Windows\System32\conhost.exe - ok
21:56:12.0864 4532 [ 33D30F282A361E24277A3F5814206B44 ] C:\Windows\System32\drivers\condrv.sys
21:56:12.0864 4532 C:\Windows\System32\drivers\condrv.sys - ok
21:56:12.0879 4532 [ B1FA1ABB8C360248354FAF3C9C22198B ] C:\Windows\System32\vssapi.dll
21:56:12.0989 4532 C:\Windows\System32\vssapi.dll - ok
21:56:12.0989 4532 [ 368610019CC0F7D39B7BF56C137DD400 ] C:\Windows\System32\dsrole.dll
21:56:12.0989 4532 C:\Windows\System32\dsrole.dll - ok
21:56:13.0004 4532 [ ED9A7F6E45944275CEFC175AADF151BC ] C:\Windows\System32\vsstrace.dll
21:56:13.0004 4532 C:\Windows\System32\vsstrace.dll - ok
21:56:13.0004 4532 [ D534EC47C6D7410495A51448C243E4C8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll
21:56:13.0004 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok
21:56:13.0020 4532 [ 3754883925EA66A2ECF47747BA91B7F6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll
21:56:13.0020 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok
21:56:13.0020 4532 [ F72DA36705EFADF65A517ED4B811636A ] C:\Windows\SysWOW64\nsi.dll
21:56:13.0020 4532 C:\Windows\SysWOW64\nsi.dll - ok
21:56:13.0035 4532 [ E8305BB0931FBC2B201C9481E9204982 ] C:\Windows\SysWOW64\userenv.dll
21:56:13.0035 4532 C:\Windows\SysWOW64\userenv.dll - ok
21:56:13.0035 4532 [ B8E1651F3930D7E406DEB0CDC618A30A ] C:\Windows\SysWOW64\ws2_32.dll
21:56:13.0035 4532 C:\Windows\SysWOW64\ws2_32.dll - ok
21:56:13.0035 4532 [ CD8D01B46E7274653B417D865859206E ] C:\Windows\System32\drivers\luafv.sys
21:56:13.0035 4532 C:\Windows\System32\drivers\luafv.sys - ok
21:56:13.0035 4532 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] C:\Windows\System32\nvvsvc.exe
21:56:13.0035 4532 C:\Windows\System32\nvvsvc.exe - ok
21:56:13.0051 4532 [ F00E22F723D4DCF14DFD6E523135F26F ] C:\Windows\System32\SHCore.dll
21:56:13.0051 4532 C:\Windows\System32\SHCore.dll - ok
21:56:13.0051 4532 [ F0359F7CE712D69ACEF0886BDB4792ED ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:56:13.0051 4532 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
21:56:13.0051 4532 [ ADCF41A7A5D3F386A751E4D027D74733 ] C:\Windows\SysWOW64\setupapi.dll
21:56:13.0051 4532 C:\Windows\SysWOW64\setupapi.dll - ok
21:56:13.0067 4532 [ 13CE98E452B773E5992D9A510FE45EA4 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:56:13.0067 4532 C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:56:13.0067 4532 [ ED0C01CD476D91137C852C8858A577FF ] C:\Windows\SysWOW64\winspool.drv
21:56:13.0067 4532 C:\Windows\SysWOW64\winspool.drv - ok
21:56:13.0067 4532 [ 275B61777982DAABBBFC9E4DBB3C43D8 ] C:\Windows\SysWOW64\devobj.dll
21:56:13.0067 4532 C:\Windows\SysWOW64\devobj.dll - ok
21:56:13.0067 4532 [ 6446876DDE28C69B344FCB0C15D8604E ] C:\Windows\System32\rpcss.dll
21:56:13.0067 4532 C:\Windows\System32\rpcss.dll - ok
21:56:13.0082 4532 [ CE832C6E7A22204DD7E50302290B1596 ] C:\Windows\System32\RpcEpMap.dll
21:56:13.0082 4532 C:\Windows\System32\RpcEpMap.dll - ok
21:56:13.0082 4532 [ 1CE07545DA80FE9E410EA06A03DD1F16 ] C:\Windows\System32\RpcRtRemote.dll
21:56:13.0082 4532 C:\Windows\System32\RpcRtRemote.dll - ok
21:56:13.0082 4532 [ 3B63D4565C2AD843E7A429F8CD873FEE ] C:\Windows\System32\bisrv.dll
21:56:13.0082 4532 C:\Windows\System32\bisrv.dll - ok
21:56:13.0082 4532 [ 145E7826A07D98628924A9B06F6273AB ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
21:56:13.0082 4532 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
21:56:13.0098 4532 [ BC612E871F3501F154FC6CB0217CB187 ] C:\Windows\System32\FirewallAPI.dll
21:56:13.0098 4532 C:\Windows\System32\FirewallAPI.dll - ok
21:56:13.0098 4532 [ 43F49AF0D154AAAA0FF39A62A118A6AA ] C:\Windows\System32\psmsrv.dll
21:56:13.0098 4532 C:\Windows\System32\psmsrv.dll - ok
21:56:13.0098 4532 [ AEC53F42776DB9AF2B8760BC34FDFAAC ] C:\Windows\System32\lsm.dll
21:56:13.0098 4532 C:\Windows\System32\lsm.dll - ok
21:56:13.0098 4532 [ 7CA97FD6D3F41E9950EA5BF3D9FE7BF5 ] C:\Windows\SysWOW64\wintrust.dll
21:56:13.0098 4532 C:\Windows\SysWOW64\wintrust.dll - ok
21:56:13.0114 4532 [ 54307B42242BF2A760123F51A3DEF6CD ] C:\Windows\SysWOW64\crypt32.dll
21:56:13.0114 4532 C:\Windows\SysWOW64\crypt32.dll - ok
21:56:13.0114 4532 [ 29934F88AC5ADCCCED93F12675B3B698 ] C:\Windows\System32\sysntfy.dll
21:56:13.0114 4532 C:\Windows\System32\sysntfy.dll - ok
21:56:13.0114 4532 [ 8E2C15A92BD42BB37E957D70B3B9B10E ] C:\Windows\System32\UXInit.dll
21:56:13.0114 4532 C:\Windows\System32\UXInit.dll - ok
21:56:13.0114 4532 [ F38E482AC48D71F3BEC620D152EAEB06 ] C:\Windows\System32\uxtheme.dll
21:56:13.0114 4532 C:\Windows\System32\uxtheme.dll - ok
21:56:13.0129 4532 [ D598739505AB92C70246FF4CA8EC3D09 ] C:\Windows\System32\wmsgapi.dll
21:56:13.0129 4532 C:\Windows\System32\wmsgapi.dll - ok
21:56:13.0129 4532 [ 7AD857422AFA068A39A4B4BBF7FCC49C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
21:56:13.0129 4532 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
21:56:13.0129 4532 [ 648071ECB6FEA01445BD7473649995CC ] C:\Windows\SysWOW64\msasn1.dll
21:56:13.0129 4532 C:\Windows\SysWOW64\msasn1.dll - ok
21:56:13.0145 4532 [ A7A373625A2FB3855D0BDB9C6A2EEF4E ] C:\Windows\System32\dpapi.dll
21:56:13.0145 4532 C:\Windows\System32\dpapi.dll - ok
21:56:13.0145 4532 [ 414AD3F428870AF93631860E726DADB5 ] C:\Windows\System32\wevtsvc.dll
21:56:13.0145 4532 C:\Windows\System32\wevtsvc.dll - ok
21:56:13.0145 4532 [ FC4016631817D901FFDC15BC078D9F73 ] C:\Windows\SysWOW64\ntmarta.dll
21:56:13.0145 4532 C:\Windows\SysWOW64\ntmarta.dll - ok
21:56:13.0145 4532 [ 2711C93E3DEA4170DF4149F16CB80D16 ] C:\Windows\System32\dwm.exe
21:56:13.0145 4532 C:\Windows\System32\dwm.exe - ok
21:56:13.0160 4532 [ 8906A2317E8547D58138AA9BC562A110 ] C:\Windows\SysWOW64\devrtl.dll
21:56:13.0160 4532 C:\Windows\SysWOW64\devrtl.dll - ok
21:56:13.0160 4532 [ 7B217ED65456DF7F95D6DD339E28029B ] C:\Windows\System32\dwmredir.dll
21:56:13.0160 4532 C:\Windows\System32\dwmredir.dll - ok
21:56:13.0160 4532 [ 04840772B3D683D46ED8BE54AA44F9CE ] C:\Windows\System32\LogonUI.exe
21:56:13.0160 4532 C:\Windows\System32\LogonUI.exe - ok
21:56:13.0176 4532 [ 60BF5F30FF49D49B94DFF116D3C7419E ] C:\Windows\SysWOW64\SPInf.dll
21:56:13.0176 4532 C:\Windows\SysWOW64\SPInf.dll - ok
21:56:13.0176 4532 [ 0EAE37796F7CF555D28A0FC2E0DF089F ] C:\Windows\SysWOW64\drvstore.dll
21:56:13.0176 4532 C:\Windows\SysWOW64\drvstore.dll - ok
21:56:13.0176 4532 [ 6A6BCEE0AC0E0BA3C1AE94AAD589505B ] C:\Windows\System32\dwmcore.dll
21:56:13.0176 4532 C:\Windows\System32\dwmcore.dll - ok
21:56:13.0192 4532 [ 102A02EA61F9ADE5A3D8B4FFF0BC8C85 ] C:\Windows\System32\profsvc.dll
21:56:13.0192 4532 C:\Windows\System32\profsvc.dll - ok
21:56:13.0192 4532 [ 7C7F7898FB7E68B0D58D481B3F9D069A ] C:\Windows\System32\themeservice.dll
21:56:13.0192 4532 C:\Windows\System32\themeservice.dll - ok
21:56:13.0192 4532 [ EC331AE332E88CBC2BCFAED5F1866FD5 ] C:\Windows\System32\gpsvc.dll
21:56:13.0192 4532 C:\Windows\System32\gpsvc.dll - ok
21:56:13.0192 4532 [ 7174C9E07B08EC56173F870459BC0FDD ] C:\Windows\System32\dcomp.dll
21:56:13.0192 4532 C:\Windows\System32\dcomp.dll - ok
21:56:13.0207 4532 [ 3EB2D4B286B191C04D858999FC2D5E4B ] C:\Windows\System32\es.dll
21:56:13.0207 4532 C:\Windows\System32\es.dll - ok
21:56:13.0207 4532 [ D24A9EDB0B542E78AF32D3D6128ACE33 ] C:\Windows\System32\ntmarta.dll
21:56:13.0207 4532 C:\Windows\System32\ntmarta.dll - ok
21:56:13.0207 4532 [ 2DA839D907C21DF0D0240E4964A8E62D ] C:\Windows\System32\nlaapi.dll
21:56:13.0207 4532 C:\Windows\System32\nlaapi.dll - ok
21:56:13.0223 4532 [ 66290C52E75366AEF7C4EA1212673795 ] C:\Windows\System32\authui.dll
21:56:13.0223 4532 C:\Windows\System32\authui.dll - ok
21:56:13.0223 4532 [ D9FDEBF51A4A6787FDD8826F1405BFE8 ] C:\Windows\System32\profsvcext.dll
21:56:13.0223 4532 C:\Windows\System32\profsvcext.dll - ok
21:56:13.0223 4532 [ 6D796E310651C2EF842AEE95C43E2D08 ] C:\Windows\System32\WindowsCodecs.dll
21:56:13.0223 4532 C:\Windows\System32\WindowsCodecs.dll - ok
21:56:13.0223 4532 [ FDD8BDF698536D5DA06E157BA88ADE39 ] C:\Windows\System32\d3d10_1.dll
21:56:13.0223 4532 C:\Windows\System32\d3d10_1.dll - ok
21:56:13.0239 4532 [ 0DE2BE4A1CE41C591543B5677A1A16E3 ] C:\Windows\System32\netapi32.dll
21:56:13.0239 4532 C:\Windows\System32\netapi32.dll - ok
21:56:13.0239 4532 [ AEB0A9AC0C7290373C2E5E65F41AA354 ] C:\Windows\System32\ntdsapi.dll
21:56:13.0239 4532 C:\Windows\System32\ntdsapi.dll - ok
21:56:13.0239 4532 [ 876B617AD1BD72A86EB1E9F0D252B7B8 ] C:\Windows\System32\wmiclnt.dll
21:56:13.0239 4532 C:\Windows\System32\wmiclnt.dll - ok
21:56:13.0254 4532 [ 95DFD1061483E5D7FF2B1FA95B9C32C5 ] C:\Windows\System32\atl.dll
21:56:13.0254 4532 C:\Windows\System32\atl.dll - ok
21:56:13.0254 4532 [ EA644AB80ABF3E70B80B250D58A6F1DE ] C:\Windows\System32\d3d10_1core.dll
21:56:13.0254 4532 C:\Windows\System32\d3d10_1core.dll - ok
21:56:13.0254 4532 [ 2C4C64A9BD7FA0A2DBDF1531C336D5F3 ] C:\Windows\System32\dui70.dll
21:56:13.0254 4532 C:\Windows\System32\dui70.dll - ok
21:56:13.0254 4532 [ E54D336985E95CB388CBD266EE64108D ] C:\Windows\System32\wkscli.dll
21:56:13.0254 4532 C:\Windows\System32\wkscli.dll - ok
21:56:13.0270 4532 [ 7FCAB8F52CACB10C2BC4E2CEF48F84E2 ] C:\Windows\System32\dfscli.dll
21:56:13.0270 4532 C:\Windows\System32\dfscli.dll - ok
21:56:13.0270 4532 [ 57F484DC8FF559937FF08EB11C629F39 ] C:\Windows\System32\dxgi.dll
21:56:13.0270 4532 C:\Windows\System32\dxgi.dll - ok
21:56:13.0270 4532 [ 0E3C6E1DB06BA31D3F222FDF593C0DB1 ] C:\Windows\System32\Sens.dll
21:56:13.0270 4532 C:\Windows\System32\Sens.dll - ok
21:56:13.0270 4532 [ FE7FE28747A548D2E2ADD97F778B4988 ] C:\Windows\System32\taskschd.dll
21:56:13.0270 4532 C:\Windows\System32\taskschd.dll - ok
21:56:13.0285 4532 [ F479CA747B44D18D6C196DAA32A931BE ] C:\Windows\System32\AudioEndpointBuilder.dll
21:56:13.0285 4532 C:\Windows\System32\AudioEndpointBuilder.dll - ok
21:56:13.0285 4532 [ 54740179CA5CD46B624F25067C2D779C ] C:\Windows\System32\FntCache.dll
21:56:13.0285 4532 C:\Windows\System32\FntCache.dll - ok
21:56:13.0285 4532 [ DF3E3167B03804F32AD274C33F77B308 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
21:56:13.0285 4532 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
21:56:13.0301 4532 [ B4B5FF3B98F75B749E04E6E37B456861 ] C:\Windows\System32\d3d11.dll
21:56:13.0301 4532 C:\Windows\System32\d3d11.dll - ok
21:56:13.0301 4532 [ E989006534F3CF9AFDE251461AEFA52B ] C:\Windows\System32\dwmapi.dll
21:56:13.0301 4532 C:\Windows\System32\dwmapi.dll - ok
21:56:13.0301 4532 [ C00027CDBF43FC18B0E69307014C8CCB ] C:\Windows\System32\MMDevAPI.dll
21:56:13.0301 4532 C:\Windows\System32\MMDevAPI.dll - ok
21:56:13.0301 4532 [ 63919785A4D4C57A9A00698B13EE4854 ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.8400.0_none_4bd17107c4fe1532\comctl32.dll
21:56:13.0301 4532 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.8400.0_none_4bd17107c4fe1532\comctl32.dll - ok
21:56:13.0317 4532 [ 4CE5C4F80620D6DBBB054003EAD71F95 ] C:\Windows\System32\nvsvc64.dll
21:56:13.0317 4532 C:\Windows\System32\nvsvc64.dll - ok
21:56:13.0317 4532 [ FE39474C476456F6AA5A081EC343C114 ] C:\Windows\System32\avrt.dll
21:56:13.0317 4532 C:\Windows\System32\avrt.dll - ok
21:56:13.0317 4532 [ 4DF499436B5FE579E3507BB6C16F413E ] C:\Windows\System32\mmcss.dll
21:56:13.0317 4532 C:\Windows\System32\mmcss.dll - ok
21:56:13.0317 4532 [ E395B66E2AD9E960A8E563D7BB9923F5 ] C:\Windows\System32\nvd3dumx.dll
21:56:13.0317 4532 C:\Windows\System32\nvd3dumx.dll - ok
21:56:13.0332 4532 [ 11205381BBBF98F0CA1C672056808B8F ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
21:56:13.0332 4532 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
21:56:13.0332 4532 [ 3F86ED13815D077EEC0190D7F45A6480 ] C:\Windows\System32\duser.dll
21:56:13.0332 4532 C:\Windows\System32\duser.dll - ok
21:56:13.0332 4532 [ 661BBB7616B124DB11F1A1EA57726CAD ] C:\Windows\System32\mscms.dll
21:56:13.0332 4532 C:\Windows\System32\mscms.dll - ok
21:56:13.0348 4532 [ 5469E1A83BE46F8252CB6067C29D93CD ] C:\Windows\System32\SndVolSSO.dll
21:56:13.0348 4532 C:\Windows\System32\SndVolSSO.dll - ok
21:56:13.0348 4532 [ EEAF7122272DF826229AA43BB0E9E730 ] C:\Windows\System32\BCP47Langs.dll
21:56:13.0348 4532 C:\Windows\System32\BCP47Langs.dll - ok
21:56:13.0348 4532 [ 91925E52392F75EEF57A1FC4194E663C ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:56:13.0348 4532 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:56:13.0348 4532 [ 48EA44F320113722CA2F3C7CCD8B7438 ] C:\Windows\System32\version.dll
21:56:13.0348 4532 C:\Windows\System32\version.dll - ok
21:56:13.0364 4532 [ 47D953C8D37D51C2BD9229D8B9C054A1 ] C:\Windows\System32\winmm.dll
21:56:13.0364 4532 C:\Windows\System32\winmm.dll - ok
21:56:13.0364 4532 [ BA741D70B560127BFB1D2B5144BD3B1C ] C:\Windows\System32\msimg32.dll
21:56:13.0364 4532 C:\Windows\System32\msimg32.dll - ok
21:56:13.0364 4532 [ B63894A7C797D84DAE9AC15F91D5B6D4 ] C:\Windows\System32\winmmbase.dll
21:56:13.0364 4532 C:\Windows\System32\winmmbase.dll - ok
21:56:13.0364 4532 [ E6E9DC01812ABA16DBAE5EFA4EF63E57 ] C:\Windows\System32\nvapi64.dll
21:56:13.0364 4532 C:\Windows\System32\nvapi64.dll - ok
21:56:13.0379 4532 [ 78C897FA50522900863A174A6643E74E ] C:\Windows\System32\DWrite.dll
21:56:13.0379 4532 C:\Windows\System32\DWrite.dll - ok
21:56:13.0379 4532 [ 40965B72A0A33DDB8423B85F93E4C136 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
21:56:13.0379 4532 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
21:56:13.0379 4532 [ BB3E2FA1D9C0C82E2D91A3655713833A ] C:\Windows\System32\oleacc.dll
21:56:13.0379 4532 C:\Windows\System32\oleacc.dll - ok
21:56:13.0379 4532 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\Windows\System32\nvsvcr.dll
21:56:13.0379 4532 C:\Windows\System32\nvsvcr.dll - ok
21:56:13.0395 4532 [ AD15D4E638A4E2F72AAA9F1A39933B32 ] C:\Windows\System32\BioCredProv.dll
21:56:13.0395 4532 C:\Windows\System32\BioCredProv.dll - ok
21:56:13.0395 4532 [ A46101B623A2FC05C67770E04FB26750 ] C:\Windows\System32\cngcredui.dll
21:56:13.0395 4532 C:\Windows\System32\cngcredui.dll - ok
21:56:13.0395 4532 [ F5F651BA32A4D4FFA491E675BF466FAE ] C:\Windows\System32\winbio.dll
21:56:13.0395 4532 C:\Windows\System32\winbio.dll - ok
21:56:13.0410 4532 [ 0667D28838E8FCD7F85F1E61BEE3E463 ] C:\Windows\System32\certCredProvider.dll
21:56:13.0410 4532 C:\Windows\System32\certCredProvider.dll - ok
21:56:13.0410 4532 [ D43595E7767357D4CFB505F5250A2A43 ] C:\Windows\System32\UIAnimation.dll
21:56:13.0410 4532 C:\Windows\System32\UIAnimation.dll - ok
21:56:13.0410 4532 [ 6C530945A004964E0C078CBC549ECA14 ] C:\Windows\System32\wlidcredprov.dll
21:56:13.0410 4532 C:\Windows\System32\wlidcredprov.dll - ok
21:56:13.0410 4532 [ 459238F2B761255A96317287FC3523DA ] C:\Windows\System32\d3d10warp.dll
21:56:13.0410 4532 C:\Windows\System32\d3d10warp.dll - ok
21:56:13.0426 4532 [ EC02C140CDA35E3E168AAC675293FA91 ] C:\Windows\System32\audiosrv.dll
21:56:13.0426 4532 C:\Windows\System32\audiosrv.dll - ok
21:56:13.0426 4532 [ 4F3AADED3E551B5D68ACA70145394B0B ] C:\Windows\System32\wevtapi.dll
21:56:13.0426 4532 C:\Windows\System32\wevtapi.dll - ok
21:56:13.0426 4532 [ DBE2F7556C00201FFAE21260FCDF37F1 ] C:\Windows\System32\winspool.drv
21:56:13.0426 4532 C:\Windows\System32\winspool.drv - ok
21:56:13.0442 4532 [ BC2A18841494B3756894627FF279C65E ] C:\Windows\System32\nvcpl.dll
21:56:13.0442 4532 C:\Windows\System32\nvcpl.dll - ok
21:56:13.0442 4532 [ 47B8B745BFE0A0CB70120C8D08E2492F ] C:\Windows\System32\nvumdshimx.dll
21:56:13.0442 4532 C:\Windows\System32\nvumdshimx.dll - ok
21:56:13.0442 4532 [ 182FFD23AC7E2434C6EFDBBA30376CFF ] C:\Windows\System32\rasplap.dll
21:56:13.0442 4532 C:\Windows\System32\rasplap.dll - ok
21:56:13.0442 4532 [ 167EE186666E81473660891782DD2ED5 ] C:\Windows\System32\rasapi32.dll
21:56:13.0442 4532 C:\Windows\System32\rasapi32.dll - ok
21:56:13.0457 4532 [ 12F0EE250E3534FD4CFA7EE63B49E8BF ] C:\Windows\System32\rtutils.dll
21:56:13.0457 4532 C:\Windows\System32\rtutils.dll - ok
21:56:13.0457 4532 [ 33DC0B0A43518818EEF17B7B1EAE6655 ] C:\Windows\System32\rasman.dll
21:56:13.0457 4532 C:\Windows\System32\rasman.dll - ok
21:56:13.0457 4532 [ CF68F9E42278A55176E28D108D82A215 ] C:\Windows\System32\winbrand.dll
21:56:13.0457 4532 C:\Windows\System32\winbrand.dll - ok
21:56:13.0457 4532 [ 90B4FDF61459637D9D46C9F91DBCA1D3 ] C:\Windows\System32\nvinitx.dll
21:56:13.0457 4532 C:\Windows\System32\nvinitx.dll - ok
21:56:13.0473 4532 [ 440708FE061387938F456C354C2350E9 ] C:\Windows\System32\igd10umd64.dll
21:56:13.0473 4532 C:\Windows\System32\igd10umd64.dll - ok
21:56:13.0473 4532 [ 53820B3944142F5CCCE369DF78761E82 ] C:\Windows\System32\shacct.dll
21:56:13.0473 4532 C:\Windows\System32\shacct.dll - ok
21:56:13.0473 4532 [ C765A8406048E3094501ED8F17BFA4D6 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
21:56:13.0473 4532 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
21:56:13.0473 4532 [ B7A89C2484AEFE1A604427DC9A888056 ] C:\Windows\System32\samlib.dll
21:56:13.0473 4532 C:\Windows\System32\samlib.dll - ok
21:56:13.0489 4532 [ C21AA3FB96B446314E55671B7D61BC91 ] C:\Windows\System32\propsys.dll
21:56:13.0489 4532 C:\Windows\System32\propsys.dll - ok
21:56:13.0489 4532 [ C0708D56A5CE8A38CFC753B7B02CAF4E ] C:\Windows\System32\slc.dll
21:56:13.0489 4532 C:\Windows\System32\slc.dll - ok
21:56:13.0489 4532 [ 52783943DD33327873B94DB147EE6D3C ] C:\Windows\System32\uDWM.dll
21:56:13.0489 4532 C:\Windows\System32\uDWM.dll - ok
21:56:13.0504 4532 [ 58068B1479D210029E6DE7BD6FCF24C8 ] C:\Windows\System32\drivers\lltdio.sys
21:56:13.0504 4532 C:\Windows\System32\drivers\lltdio.sys - ok
21:56:13.0504 4532 [ C838B96D20F0599BC8AF45605B15A79E ] C:\Windows\System32\drivers\nwifi.sys
21:56:13.0504 4532 C:\Windows\System32\drivers\nwifi.sys - ok
21:56:13.0504 4532 [ 5D61EC40860F43FFBF4B37E95E2A4EC7 ] C:\Windows\System32\InputSwitch.dll
21:56:13.0504 4532 C:\Windows\System32\InputSwitch.dll - ok
21:56:13.0504 4532 [ A8488585EF1D753D959BAF666224B4D6 ] C:\Windows\System32\d2d1.dll
21:56:13.0504 4532 C:\Windows\System32\d2d1.dll - ok
21:56:13.0520 4532 [ A1BE1DFCA8F21AE1A2C16EB451F2468E ] C:\Windows\System32\wuaext.dll
21:56:13.0520 4532 C:\Windows\System32\wuaext.dll - ok
21:56:13.0520 4532 [ 3B3DE5C189F896A7961A12BA74851BCB ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
21:56:13.0520 4532 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
21:56:13.0520 4532 [ D5DCAC4914AF3B05D0727AB649EA094E ] C:\Windows\System32\drivers\ndisuio.sys
21:56:13.0520 4532 C:\Windows\System32\drivers\ndisuio.sys - ok
21:56:13.0520 4532 [ 4E891FCCBC73641708DEC461B1F7682F ] C:\Windows\System32\drivers\rspndr.sys
21:56:13.0520 4532 C:\Windows\System32\drivers\rspndr.sys - ok
21:56:13.0535 4532 [ 295C3298E7B008571213A4054F16F58A ] C:\Windows\System32\IDStore.dll
21:56:13.0535 4532 C:\Windows\System32\IDStore.dll - ok
21:56:13.0535 4532 [ C22DD22905925903E3CFFD7B73D9193B ] C:\Windows\System32\lmhsvc.dll
21:56:13.0535 4532 C:\Windows\System32\lmhsvc.dll - ok
21:56:13.0535 4532 [ D7F3927F69871DFF58E89B7454BBC5CA ] C:\Windows\System32\nsisvc.dll
21:56:13.0535 4532 C:\Windows\System32\nsisvc.dll - ok
21:56:13.0535 4532 [ AB41D63E14913D3612DACA20D924AE33 ] C:\Windows\System32\xmllite.dll
21:56:13.0551 4532 C:\Windows\System32\xmllite.dll - ok
21:56:13.0551 4532 [ AD5C6B8E9D2DFD9962318039CA59AA3C ] C:\Windows\System32\IPHLPAPI.DLL
21:56:13.0551 4532 C:\Windows\System32\IPHLPAPI.DLL - ok
21:56:13.0551 4532 [ E94B4A544C8AFA3C1B8EB9854ABBE180 ] C:\Windows\System32\nrpsrv.dll
21:56:13.0551 4532 C:\Windows\System32\nrpsrv.dll - ok
21:56:13.0551 4532 [ 2D20A3AC9CA046B466EFAF22936D40F4 ] C:\Windows\System32\wcmsvc.dll
21:56:13.0551 4532 C:\Windows\System32\wcmsvc.dll - ok
21:56:13.0567 4532 [ EDDB443FC18E3003823CFEFA5CB177A5 ] C:\Windows\System32\winnsi.dll
21:56:13.0567 4532 C:\Windows\System32\winnsi.dll - ok
21:56:13.0567 4532 [ CE209F9BD5F406FA630A9882394A6D73 ] C:\Windows\System32\dnsrslvr.dll
21:56:13.0567 4532 C:\Windows\System32\dnsrslvr.dll - ok
21:56:13.0567 4532 [ 64D41FF2E36C3B74ADFB1429CE038926 ] C:\Windows\System32\wcmcsp.dll
21:56:13.0567 4532 C:\Windows\System32\wcmcsp.dll - ok
21:56:13.0567 4532 [ 0E4E24976DD1E0F83C038EC2950711BD ] C:\Windows\System32\dhcpcore.dll
21:56:13.0567 4532 C:\Windows\System32\dhcpcore.dll - ok
21:56:13.0582 4532 [ 5A67A819D8A09B130D8FAC2C37228C1F ] C:\Windows\System32\FWPUCLNT.DLL
21:56:13.0582 4532 C:\Windows\System32\FWPUCLNT.DLL - ok
21:56:13.0582 4532 [ 7421E5B4F083862A94D094DAAEA9D346 ] C:\Windows\System32\wlansvc.dll
21:56:13.0582 4532 C:\Windows\System32\wlansvc.dll - ok
21:56:13.0582 4532 [ 91BCF83DAE6E2A811CAFB049E7ABDA09 ] C:\Windows\System32\dhcpcore6.dll
21:56:13.0582 4532 C:\Windows\System32\dhcpcore6.dll - ok
21:56:13.0598 4532 [ 41AD7DB89402D7689FF784715EE88966 ] C:\Windows\System32\dnsext.dll
21:56:13.0598 4532 C:\Windows\System32\dnsext.dll - ok
21:56:13.0598 4532 [ 483354EB67C2A8DD127F2D818DF50A7B ] C:\Windows\System32\dhcpcsvc6.dll
21:56:13.0598 4532 C:\Windows\System32\dhcpcsvc6.dll - ok
21:56:13.0598 4532 [ 1043761879289B40BDC8BADBC560E018 ] C:\Windows\System32\dhcpcsvc.dll
21:56:13.0598 4532 C:\Windows\System32\dhcpcsvc.dll - ok
21:56:13.0598 4532 [ 3542384099EADBB5180E2F7E0A29826C ] C:\Windows\System32\Windows.UI.Immersive.dll
21:56:13.0598 4532 C:\Windows\System32\Windows.UI.Immersive.dll - ok
21:56:13.0614 4532 [ 4457A2F5A91453E5B2F1D1DE038AB6FF ] C:\Windows\System32\wlanmsm.dll
21:56:13.0614 4532 C:\Windows\System32\wlanmsm.dll - ok
21:56:13.0614 4532 [ D2CC7C51F62B1132B4AD04AF115CDF1E ] C:\Windows\System32\onex.dll
21:56:13.0614 4532 C:\Windows\System32\onex.dll - ok
21:56:13.0614 4532 [ F9E98CC409003BB9B7AE1B4EF8F461D7 ] C:\Windows\System32\wlansec.dll
21:56:13.0614 4532 C:\Windows\System32\wlansec.dll - ok
21:56:13.0614 4532 [ 2E07F224E75533B4662C879F5081C262 ] C:\Windows\System32\msftedit.dll
21:56:13.0614 4532 C:\Windows\System32\msftedit.dll - ok
21:56:13.0629 4532 [ 927CF1EEE08E3776D7D1E1A42A1FA390 ] C:\Windows\System32\eappprxy.dll
21:56:13.0629 4532 C:\Windows\System32\eappprxy.dll - ok
21:56:13.0629 4532 [ 1ADE8A1E4D8957CC59B07D1CCA58270B ] C:\Windows\System32\msxml6.dll
21:56:13.0629 4532 C:\Windows\System32\msxml6.dll - ok
21:56:13.0629 4532 [ F4222367BFC464ADCE5229B77B8AD5F2 ] C:\Windows\System32\Windows.Globalization.dll
21:56:13.0629 4532 C:\Windows\System32\Windows.Globalization.dll - ok
21:56:13.0629 4532 [ 4C0A59CDD148D9BCE63F7D21B7563F19 ] C:\Windows\System32\ninput.dll
21:56:13.0629 4532 C:\Windows\System32\ninput.dll - ok
21:56:13.0645 4532 [ D4E4F8AF7D6A2B989724E0D8678C9A8D ] C:\Windows\System32\wlgpclnt.dll
21:56:13.0645 4532 C:\Windows\System32\wlgpclnt.dll - ok
21:56:13.0645 4532 [ ED987A6A097CE24FBAFE82F560E2BB53 ] C:\Windows\System32\l2gpstore.dll
21:56:13.0645 4532 C:\Windows\System32\l2gpstore.dll - ok
21:56:13.0645 4532 [ D18D066A1C29E8B9001DFC0C83F2E0F3 ] C:\Windows\System32\wlanapi.dll
21:56:13.0645 4532 C:\Windows\System32\wlanapi.dll - ok
21:56:13.0645 4532 [ 0DD82221E2A0DF5C1D93A8F692982336 ] C:\Windows\System32\shsvcs.dll
21:56:13.0660 4532 C:\Windows\System32\shsvcs.dll - ok
21:56:13.0660 4532 [ 2DB77E15732B552DA64B3DCFE198B83E ] C:\Windows\System32\wlanhlp.dll
21:56:13.0660 4532 C:\Windows\System32\wlanhlp.dll - ok
21:56:13.0660 4532 [ FBFFAAC6694D058850585E87299278F8 ] C:\Windows\System32\fveapi.dll
21:56:13.0660 4532 C:\Windows\System32\fveapi.dll - ok
21:56:13.0660 4532 [ 9E3F4020254F6231AA63A72914D8D2E4 ] C:\Windows\System32\SubscriptionMgr.dll
21:56:13.0660 4532 C:\Windows\System32\SubscriptionMgr.dll - ok
21:56:13.0676 4532 [ 96FB64A7805AE65A81F2A104FA4ED8A1 ] C:\Windows\System32\fvecerts.dll
21:56:13.0676 4532 C:\Windows\System32\fvecerts.dll - ok
21:56:13.0676 4532 [ 0010C7890300581C7075CDA8030FCB1B ] C:\Windows\System32\schedsvc.dll
21:56:13.0676 4532 C:\Windows\System32\schedsvc.dll - ok
21:56:13.0676 4532 [ F1DFDDD72404C61BE5BAC3B0FA09A505 ] C:\Windows\System32\ktmw32.dll
21:56:13.0676 4532 C:\Windows\System32\ktmw32.dll - ok
21:56:13.0676 4532 [ 0E2525140F835247B5BE7C4EA5762FA5 ] C:\Windows\System32\taskcomp.dll
21:56:13.0676 4532 C:\Windows\System32\taskcomp.dll - ok
21:56:13.0692 4532 [ 52F7C34DA051FD8AF00E8949ED09BE8F ] C:\Windows\System32\drivers\http.sys
21:56:13.0692 4532 C:\Windows\System32\drivers\http.sys - ok
21:56:13.0692 4532 [ 5C07E100D49B56CAE1ECA14A1D70538B ] C:\Windows\System32\ProximityService.dll
21:56:13.0692 4532 C:\Windows\System32\ProximityService.dll - ok
21:56:13.0692 4532 [ 329BC589F21F10D33713EA4CD1B9FCCA ] C:\Windows\System32\netcfgx.dll
21:56:13.0692 4532 C:\Windows\System32\netcfgx.dll - ok
21:56:13.0692 4532 [ 0BA1D2C0932C6B4C7FC96B0E7FC065E4 ] C:\Windows\System32\ProximityCommon.dll
21:56:13.0692 4532 C:\Windows\System32\ProximityCommon.dll - ok
21:56:13.0707 4532 [ EDEA6AC00F36813E2E2D76C4D8483B59 ] C:\Windows\System32\spoolsv.exe
21:56:13.0707 4532 C:\Windows\System32\spoolsv.exe - ok
21:56:13.0707 4532 [ 181C5E94218613CC3D478F9232062E4C ] C:\Windows\System32\taskhost.exe
21:56:13.0707 4532 C:\Windows\System32\taskhost.exe - ok
21:56:13.0707 4532 [ 0A1CC583E8147004E4AD4625D7FBF88C ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:56:13.0707 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok
21:56:13.0723 4532 [ C48E0D43530060CAD4A0B231B10EB5BA ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll
21:56:13.0723 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok
21:56:13.0723 4532 [ 250F03F1BD159F720F15042A17B3DAFD ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:56:13.0723 4532 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:56:13.0723 4532 [ 8956587A6044D24920500919AA95F564 ] C:\Windows\SysWOW64\rasapi32.dll
21:56:13.0723 4532 C:\Windows\SysWOW64\rasapi32.dll - ok
21:56:13.0723 4532 [ 1372E2B2C1F45456E6D8BD4138353254 ] C:\Windows\SysWOW64\winnsi.dll
21:56:13.0723 4532 C:\Windows\SysWOW64\winnsi.dll - ok
21:56:13.0739 4532 [ 8B038201E3340905592616EF57E16A37 ] C:\Windows\SysWOW64\wtsapi32.dll
21:56:13.0739 4532 C:\Windows\SysWOW64\wtsapi32.dll - ok
21:56:13.0739 4532 [ E21539EDA45E10224908E99C5FA93040 ] C:\Windows\System32\BFE.DLL
21:56:13.0739 4532 C:\Windows\System32\BFE.DLL - ok
21:56:13.0739 4532 [ E06076530ECBE740B179013C23287557 ] C:\Windows\SysWOW64\rasman.dll
21:56:13.0739 4532 C:\Windows\SysWOW64\rasman.dll - ok
21:56:13.0739 4532 [ 453A81F0537D7619BDC677E9A733C3FA ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll
21:56:13.0739 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok
21:56:13.0754 4532 [ E27035197D26256CD4ACFE0DD0C81710 ] C:\Windows\System32\drivers\bowser.sys
21:56:13.0754 4532 C:\Windows\System32\drivers\bowser.sys - ok
21:56:13.0754 4532 [ 6FBE62F717ACE72EE7E9DC13138945DF ] C:\Windows\System32\drivers\mpsdrv.sys
21:56:13.0754 4532 C:\Windows\System32\drivers\mpsdrv.sys - ok
21:56:13.0754 4532 [ 6DEB26CFDE1A35D405224E8B04798685 ] C:\Windows\System32\drivers\mrxsmb.sys
21:56:13.0754 4532 C:\Windows\System32\drivers\mrxsmb.sys - ok
21:56:13.0770 4532 [ 44DBF8BF060C3F58D81D6DFA39F2E2C0 ] C:\Windows\System32\drivers\mrxsmb10.sys
21:56:13.0770 4532 C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:56:13.0770 4532 [ 3579AAA98F19DC88723F599C9A0039AA ] C:\Windows\System32\drivers\mrxsmb20.sys
21:56:13.0770 4532 C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:56:13.0770 4532 [ 668172CFEBBAFF968A4307D583016642 ] C:\Windows\System32\MPSSVC.dll
21:56:13.0770 4532 C:\Windows\System32\MPSSVC.dll - ok
21:56:13.0770 4532 [ D5B3B4B350CB650AD188B38C30F9C2EB ] C:\Windows\System32\SettingSyncInfo.dll
21:56:13.0770 4532 C:\Windows\System32\SettingSyncInfo.dll - ok
21:56:13.0785 4532 [ F110DBAFE7C233CAB620163C54FE2A32 ] C:\Windows\System32\wkssvc.dll
21:56:13.0785 4532 C:\Windows\System32\wkssvc.dll - ok
21:56:13.0785 4532 [ D06D95C8ED1E4B000A92517E4D8FF7BF ] C:\Windows\System32\dllhost.exe
21:56:13.0785 4532 C:\Windows\System32\dllhost.exe - ok
21:56:13.0785 4532 [ 81724F0637CF2198B45744EB5172305C ] C:\Windows\System32\KBDKOR.DLL
21:56:13.0785 4532 C:\Windows\System32\KBDKOR.DLL - ok
21:56:13.0785 4532 [ 1895B9A7A3EEB8CD8E81BEFFFD714D8B ] C:\Windows\System32\PlaySndSrv.dll
21:56:13.0785 4532 C:\Windows\System32\PlaySndSrv.dll - ok
21:56:13.0801 4532 [ 3734F41B9032F11AD13B821B402FA04A ] C:\Windows\System32\kbd101a.dll
21:56:13.0801 4532 C:\Windows\System32\kbd101a.dll - ok
21:56:13.0801 4532 [ B4EF4F74DD3359D66731F20F06DBFABB ] C:\Windows\System32\kbd103.dll
21:56:13.0801 4532 C:\Windows\System32\kbd103.dll - ok
21:56:13.0801 4532 [ 2AFDAF3E10FE28ABFC14B9374AAD558C ] C:\Windows\System32\mpr.dll
21:56:13.0801 4532 C:\Windows\System32\mpr.dll - ok
21:56:13.0817 4532 [ A46B3610D3AC5A9DB204DD2B40E298CF ] C:\Windows\System32\userinit.exe
21:56:13.0817 4532 C:\Windows\System32\userinit.exe - ok
21:56:13.0817 4532 [ 9C269498D586C45F9A1FE77AA9BE073B ] C:\Windows\System32\adhapi.dll
21:56:13.0817 4532 C:\Windows\System32\adhapi.dll - ok
21:56:13.0817 4532 [ 06FF386C9C216F78DF899595F625C062 ] C:\Windows\System32\userinitext.dll
21:56:13.0817 4532 C:\Windows\System32\userinitext.dll - ok
21:56:13.0817 4532 [ 63217D91C14E3A6522F9302FD6AE3444 ] C:\Windows\System32\wcmapi.dll
21:56:13.0817 4532 C:\Windows\System32\wcmapi.dll - ok
21:56:13.0832 4532 [ 2856903E6429B4743E6055F5D4E14B31 ] C:\Windows\System32\HotStartUserAgent.dll
21:56:13.0832 4532 C:\Windows\System32\HotStartUserAgent.dll - ok
21:56:13.0832 4532 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
21:56:13.0832 4532 C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
21:56:13.0832 4532 [ F10E07306EEED49DFC27B0F530F09315 ] C:\Windows\System32\sppcext.dll
21:56:13.0832 4532 C:\Windows\System32\sppcext.dll - ok
21:56:13.0832 4532 [ 10113EDA4EB2B65365BC9C9731073318 ] C:\Windows\System32\wfapigp.dll
21:56:13.0832 4532 C:\Windows\System32\wfapigp.dll - ok
21:56:13.0848 4532 [ ACF8D985D07999DAA575AE64E9768A96 ] C:\Windows\explorer.exe
21:56:13.0848 4532 C:\Windows\explorer.exe - ok
21:56:13.0848 4532 [ AADE5602A578C9C89629EBEFCEE22BC2 ] C:\Windows\System32\WinSCard.dll
21:56:13.0848 4532 C:\Windows\System32\WinSCard.dll - ok
21:56:13.0848 4532 [ 65E0BFB2FB8AA638861F9A0D01C0736F ] C:\Windows\System32\esent.dll
21:56:13.0848 4532 C:\Windows\System32\esent.dll - ok
21:56:13.0864 4532 [ B753C0499E276DF0F247FE5BF8FCF8E8 ] C:\Windows\System32\winhttp.dll
21:56:13.0864 4532 C:\Windows\System32\winhttp.dll - ok
21:56:13.0864 4532 [ 7EF47644B74EBE721CC32211D3C35E76 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:56:13.0864 4532 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
21:56:13.0864 4532 [ 8B830B1C53E8E6DD3349B5764BCEB727 ] C:\Windows\System32\sppc.dll
21:56:13.0864 4532 C:\Windows\System32\sppc.dll - ok
21:56:13.0864 4532 [ B5001477002D1E8A7F9165D7F55D7552 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6789_none_d08ff89e44287aad\msvcp80.dll
21:56:13.0864 4532 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6789_none_d08ff89e44287aad\msvcp80.dll - ok
21:56:13.0879 4532 [ 53116667F0CD732A12FC9DDA4DD5CF6A ] C:\Windows\System32\MsCtfMonitor.dll
21:56:13.0879 4532 C:\Windows\System32\MsCtfMonitor.dll - ok
21:56:13.0879 4532 [ 976A69483283967BB53C4508760C64D1 ] C:\Windows\System32\msutb.dll
21:56:13.0879 4532 C:\Windows\System32\msutb.dll - ok
21:56:13.0879 4532 [ 3A63F7F1A995E0534BE97B46BFC280B2 ] C:\Windows\System32\MrmCoreR.dll
21:56:13.0879 4532 C:\Windows\System32\MrmCoreR.dll - ok
21:56:13.0879 4532 [ 5D71BFDE22210490008B23492FC8ED45 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6789_none_d08ff89e44287aad\msvcr80.dll
21:56:13.0879 4532 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6789_none_d08ff89e44287aad\msvcr80.dll - ok
21:56:13.0895 4532 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
21:56:13.0895 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
21:56:13.0895 4532 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
21:56:13.0895 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
21:56:13.0895 4532 [ C7EEBB747D38AA7B10C27F704C0FB158 ] C:\Windows\System32\taskeng.exe
21:56:13.0895 4532 C:\Windows\System32\taskeng.exe - ok
21:56:13.0895 4532 [ 450C7DCC828A679B1BC1A763FA1E614D ] C:\Windows\System32\TSChannel.dll
21:56:13.0895 4532 C:\Windows\System32\TSChannel.dll - ok
21:56:13.0910 4532 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
21:56:13.0910 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
21:56:13.0910 4532 [ 4B2B49D8150F2AEDFA0AE78EAD2D543F ] C:\Windows\System32\apphelp.dll
21:56:13.0910 4532 C:\Windows\System32\apphelp.dll - ok
21:56:13.0910 4532 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
21:56:13.0910 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
21:56:13.0926 4532 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:13.0926 4532 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
21:56:13.0926 4532 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
21:56:13.0926 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
21:56:13.0926 4532 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
21:56:13.0926 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
21:56:13.0942 4532 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
21:56:13.0942 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
21:56:13.0942 4532 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
21:56:13.0942 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
21:56:13.0942 4532 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
21:56:13.0942 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
21:56:13.0942 4532 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
21:56:13.0942 4532 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
21:56:13.0957 4532 [ B59BED25D2C38821499FAB2C0B21E65E ] C:\Windows\SysWOW64\netapi32.dll
21:56:13.0957 4532 C:\Windows\SysWOW64\netapi32.dll - ok
21:56:13.0957 4532 [ CFE6177D0B65C9C0DB609AC9A7868AD4 ] C:\Windows\SysWOW64\wsock32.dll
21:56:13.0957 4532 C:\Windows\SysWOW64\wsock32.dll - ok
21:56:13.0957 4532 [ 7F943DAEFC754D016C8800BDAB8E744D ] C:\Windows\SysWOW64\winmm.dll
21:56:13.0957 4532 C:\Windows\SysWOW64\winmm.dll - ok
21:56:13.0973 4532 [ 65DB28BB661B9F35E2F4DC868024AAD3 ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.8400.0_none_937ea7ded97a3e38\comctl32.dll
21:56:13.0973 4532 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.8400.0_none_937ea7ded97a3e38\comctl32.dll - ok
21:56:13.0973 4532 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
21:56:13.0973 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
21:56:13.0973 4532 [ 806828CA5417E10FF46BFC7A09EBFA28 ] C:\Windows\SysWOW64\imagehlp.dll
21:56:13.0973 4532 C:\Windows\SysWOW64\imagehlp.dll - ok
21:56:13.0973 4532 [ 8E9C67B5F5CEC38448A2105BEBE467C7 ] C:\Windows\SysWOW64\msi.dll
21:56:13.0973 4532 C:\Windows\SysWOW64\msi.dll - ok
21:56:13.0989 4532 [ 9523EBC182B9F1431F4B60DDF0DB165B ] C:\Windows\SysWOW64\winmmbase.dll
21:56:13.0989 4532 C:\Windows\SysWOW64\winmmbase.dll - ok
21:56:13.0989 4532 [ F8ECB748B53A010464F7A63154D75F56 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
21:56:13.0989 4532 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
21:56:13.0989 4532 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
21:56:13.0989 4532 C:\Windows\SysWOW64\dnssd.dll - ok
21:56:14.0004 4532 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
21:56:14.0004 4532 C:\Program Files\Bonjour\mDNSResponder.exe - ok
21:56:14.0004 4532 [ 507B324E084CC967E86E81AC679B1FFE ] C:\Windows\SysWOW64\mswsock.dll
21:56:14.0004 4532 C:\Windows\SysWOW64\mswsock.dll - ok
21:56:14.0004 4532 [ 316B20FCED47F6B3AF39CC051D3471CA ] C:\Windows\SysWOW64\netutils.dll
21:56:14.0004 4532 C:\Windows\SysWOW64\netutils.dll - ok
21:56:14.0004 4532 [ 230783DC216405FAADFD3D208EF6B93C ] C:\Windows\SysWOW64\srvcli.dll
21:56:14.0004 4532 C:\Windows\SysWOW64\srvcli.dll - ok
21:56:14.0020 4532 [ DBF4E9F328B3C253B86B53462DB21190 ] C:\Windows\System32\cryptsvc.dll
21:56:14.0020 4532 C:\Windows\System32\cryptsvc.dll - ok
21:56:14.0020 4532 [ F461BF486F8940A5504ED2B2A1457691 ] C:\Windows\System32\dps.dll
21:56:14.0020 4532 C:\Windows\System32\dps.dll - ok
21:56:14.0020 4532 [ 0486013262EBACCD788323EA28112468 ] C:\Windows\SysWOW64\wkscli.dll
21:56:14.0020 4532 C:\Windows\SysWOW64\wkscli.dll - ok
21:56:14.0020 4532 [ 2C478E667CE27B2B7142F756CF569A9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
21:56:14.0020 4532 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
21:56:14.0035 4532 [ 946F563292617CAD2EF26E5BFCC3CE0D ] C:\Windows\System32\cryptcatsvc.dll
21:56:14.0035 4532 C:\Windows\System32\cryptcatsvc.dll - ok
21:56:14.0035 4532 [ 8DA891C72B190CCAFDD6586FC419DEF0 ] C:\Windows\System32\das.dll
21:56:14.0035 4532 C:\Windows\System32\das.dll - ok
21:56:14.0035 4532 [ 3F76E390AD551FD885F2C0E5B409A3C6 ] C:\Windows\System32\dasHost.exe
21:56:14.0035 4532 C:\Windows\System32\dasHost.exe - ok
21:56:14.0035 4532 [ AF83BDF21428EA427597078126DA8680 ] C:\Windows\SysWOW64\cscapi.dll
21:56:14.0051 4532 C:\Windows\SysWOW64\cscapi.dll - ok
21:56:14.0051 4532 [ 7CF1B716372B89568AE4C0FE769F5869 ] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:56:14.0051 4532 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - ok
21:56:14.0051 4532 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
21:56:14.0051 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
21:56:14.0051 4532 [ B07B2BB5CDCDD7454E80E80B01C41A90 ] C:\Windows\SysWOW64\apphelp.dll
21:56:14.0051 4532 C:\Windows\SysWOW64\apphelp.dll - ok
21:56:14.0067 4532 [ 765E0A811BACBD5289483F68C596DEC7 ] C:\Windows\SysWOW64\dbghelp.dll
21:56:14.0067 4532 C:\Windows\SysWOW64\dbghelp.dll - ok
21:56:14.0067 4532 [ 5D76C8CC87D0EFBE0B4A3BEF6B67EBF0 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
21:56:14.0067 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
21:56:14.0067 4532 [ 8C16A3854B7B24E3C27FA321D8333F32 ] C:\Windows\apppatch\acwow64.dll
21:56:14.0067 4532 C:\Windows\apppatch\acwow64.dll - ok
21:56:14.0082 4532 [ A45BD802B18C2A76DDEEC33E6443B1B6 ] C:\Windows\SysWOW64\psapi.dll
21:56:14.0082 4532 C:\Windows\SysWOW64\psapi.dll - ok
21:56:14.0082 4532 [ 2556F028465F17BC03E087A34412D3D4 ] C:\Windows\System32\drivers\Ndu.sys
21:56:14.0082 4532 C:\Windows\System32\drivers\Ndu.sys - ok
21:56:14.0082 4532 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
21:56:14.0082 4532 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
21:56:14.0082 4532 [ ECD8CD4AE023EDBDFA5155EBCF3959FC ] C:\Windows\System32\netman.dll
21:56:14.0082 4532 C:\Windows\System32\netman.dll - ok
21:56:14.0098 4532 [ E712C67432A64FF2A010B749DEDE5A3D ] C:\Windows\System32\nlasvc.dll
21:56:14.0098 4532 C:\Windows\System32\nlasvc.dll - ok
21:56:14.0098 4532 [ 9162384A7DE807163CE26A9D95E182E1 ] C:\Windows\System32\drivers\PEAuth.sys
21:56:14.0098 4532 C:\Windows\System32\drivers\PEAuth.sys - ok
21:56:14.0098 4532 [ 4F6E448906EA03543BEB86C97DEEE1B8 ] C:\Windows\System32\pcasvc.dll
21:56:14.0098 4532 C:\Windows\System32\pcasvc.dll - ok
21:56:14.0098 4532 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
21:56:14.0098 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
21:56:14.0114 4532 [ 2FCEAD838E64A79250046DD2A15B6A8A ] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:56:14.0114 4532 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe - ok
21:56:14.0114 4532 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
21:56:14.0114 4532 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
21:56:14.0114 4532 [ 2712A8B91C7ACF177DFBD9C8E50914A3 ] C:\Windows\System32\ncsi.dll
21:56:14.0114 4532 C:\Windows\System32\ncsi.dll - ok
21:56:14.0129 4532 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
21:56:14.0129 4532 C:\Windows\System32\drivers\secdrv.sys - ok
21:56:14.0129 4532 [ 883F67180721C7E4DCF75C33381C7057 ] C:\Windows\SysWOW64\clbcatq.dll
21:56:14.0129 4532 C:\Windows\SysWOW64\clbcatq.dll - ok
21:56:14.0129 4532 [ 9803F9786A2D9B85F73ED404666F4008 ] C:\Windows\SysWOW64\cryptsp.dll
21:56:14.0129 4532 C:\Windows\SysWOW64\cryptsp.dll - ok
21:56:14.0129 4532 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
21:56:14.0129 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
21:56:14.0145 4532 [ 183F04C6742902F33039913A96F5B574 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:56:14.0145 4532 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
21:56:14.0145 4532 [ 5FA6757C5B617C8F84DC6D3AF71CEA51 ] C:\Windows\System32\cscapi.dll
21:56:14.0145 4532 C:\Windows\System32\cscapi.dll - ok
21:56:14.0145 4532 [ 4954AD285E9EFF40898FA9DE19C274CA ] C:\Windows\System32\ssdpapi.dll
21:56:14.0145 4532 C:\Windows\System32\ssdpapi.dll - ok
21:56:14.0160 4532 [ 1B2178FD7F96C2F9CF0158219B79C38D ] C:\Windows\SysWOW64\mstask.dll
21:56:14.0160 4532 C:\Windows\SysWOW64\mstask.dll - ok
21:56:14.0160 4532 [ 6EEC455057C0732AC2F6E497E69D6950 ] C:\Windows\SysWOW64\rsaenh.dll
21:56:14.0160 4532 C:\Windows\SysWOW64\rsaenh.dll - ok
21:56:14.0160 4532 [ C6AE81950756F441910CACCE3EE0188C ] C:\Windows\System32\aepic.dll
21:56:14.0160 4532 C:\Windows\System32\aepic.dll - ok
21:56:14.0160 4532 [ 4B713AD8A84948DB0B1347CC66600716 ] C:\Windows\System32\dbghelp.dll
21:56:14.0160 4532 C:\Windows\System32\dbghelp.dll - ok
21:56:14.0176 4532 [ 5D4060BA095F05273077510E4E321F59 ] C:\Windows\System32\sfc_os.dll
21:56:14.0176 4532 C:\Windows\System32\sfc_os.dll - ok
21:56:14.0176 4532 [ 647C11534C7AF0C5FF599D930476511F ] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\csm.dll
21:56:14.0176 4532 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\csm.dll - ok
21:56:14.0176 4532 [ 8ECAB5ADB174ADE7F74E0224B8FB7950 ] C:\Windows\SysWOW64\winhttp.dll
21:56:14.0176 4532 C:\Windows\SysWOW64\winhttp.dll - ok
21:56:14.0176 4532 [ 94A0142B6AE74333BCCF6502D567CBB6 ] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
21:56:14.0176 4532 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll - ok
21:56:14.0192 4532 [ EA396139541706B4B433641D62EA53CE ] C:\Program Files (x86)\Skype\Updater\Updater.exe
21:56:14.0192 4532 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
21:56:14.0192 4532 [ B8568C60F0D33DFF3F777ECF03AFFA34 ] C:\Windows\System32\drivers\srvnet.sys
21:56:14.0192 4532 C:\Windows\System32\drivers\srvnet.sys - ok
21:56:14.0192 4532 [ F3AD3ABAC540B2AE648DA19D56A5C909 ] C:\Windows\System32\drivers\tcpipreg.sys
21:56:14.0192 4532 C:\Windows\System32\drivers\tcpipreg.sys - ok
21:56:14.0207 4532 [ 4ABEB207457928D38AA0CFCDD18D213D ] C:\Windows\System32\sstpsvc.dll
21:56:14.0207 4532 C:\Windows\System32\sstpsvc.dll - ok
21:56:14.0207 4532 [ A94863457E3E6800CB53580689CB4CEA ] C:\Program Files (x86)\USADISK\WEBHARD_Agent.exe
21:56:14.0207 4532 C:\Program Files (x86)\USADISK\WEBHARD_Agent.exe - ok
21:56:14.0207 4532 [ 453B92482C8FAE0EB41C161A4ADAB5D6 ] C:\Windows\System32\httpapi.dll
21:56:14.0207 4532 C:\Windows\System32\httpapi.dll - ok
21:56:14.0207 4532 [ 85AED67291600101C79DF4F12B770100 ] C:\Windows\System32\trkwks.dll
21:56:14.0207 4532 C:\Windows\System32\trkwks.dll - ok
21:56:14.0223 4532 [ E6590CAC27882C6EE8A14EFE22C3BEFD ] C:\Program Files (x86)\USADISK\WEBHARD_Agent.dll
21:56:14.0223 4532 C:\Program Files (x86)\USADISK\WEBHARD_Agent.dll - ok
21:56:14.0223 4532 [ 4251D18CCF5FC284CBAAE1F7534ED5FC ] C:\Windows\System32\sysmain.dll
21:56:14.0223 4532 C:\Windows\System32\sysmain.dll - ok
21:56:14.0223 4532 [ 87FF3D4A92650D7FD55898BA436592AA ] C:\Windows\System32\tapisrv.dll
21:56:14.0223 4532 C:\Windows\System32\tapisrv.dll - ok
21:56:14.0239 4532 [ 46CCB9A8F9DE6C6ED4B18D90239E8DAD ] C:\Windows\System32\webio.dll
21:56:14.0239 4532 C:\Windows\System32\webio.dll - ok
21:56:14.0239 4532 [ B7A6523C9D7A3A2772CF7AA60D3713B0 ] C:\Windows\System32\wiaservc.dll
21:56:14.0239 4532 C:\Windows\System32\wiaservc.dll - ok
21:56:14.0239 4532 [ 8329C05D5C1D3A219BA235F322CDE824 ] C:\Windows\System32\wiatrace.dll
21:56:14.0239 4532 C:\Windows\System32\wiatrace.dll - ok
21:56:14.0239 4532 [ EAFC046FFDBE1CBE3CABADE34F09F588 ] C:\Program Files\Windows Defender\MsMpEng.exe
21:56:14.0239 4532 C:\Program Files\Windows Defender\MsMpEng.exe - ok
21:56:14.0254 4532 [ 8780AFF502AA9AB3E2EA943324CBEE00 ] C:\Program Files\Windows Defender\MpSvc.dll
21:56:14.0254 4532 C:\Program Files\Windows Defender\MpSvc.dll - ok
21:56:14.0254 4532 [ 96E5ED7F90855B3E5BE27B087F98DC68 ] C:\Program Files\Windows Defender\MpClient.dll
21:56:14.0254 4532 C:\Program Files\Windows Defender\MpClient.dll - ok
21:56:14.0254 4532 [ 8D3F3933A0DDB37B8FBFBD2257A8EB35 ] C:\Windows\System32\wbem\WMIsvc.dll
21:56:14.0254 4532 C:\Windows\System32\wbem\WMIsvc.dll - ok
21:56:14.0270 4532 [ 1812AAAD25E69DAB5D32D9F86451CED6 ] C:\Windows\System32\drivers\srv2.sys
21:56:14.0270 4532 C:\Windows\System32\drivers\srv2.sys - ok
21:56:14.0270 4532 [ 99800A979BC2D96EE871A95ECE16CECF ] C:\Windows\System32\wbemcomn.dll
21:56:14.0270 4532 C:\Windows\System32\wbemcomn.dll - ok
21:56:14.0270 4532 [ 064C8D7402F72488DA52E5F34FDA3578 ] C:\Windows\System32\rasmans.dll
21:56:14.0270 4532 C:\Windows\System32\rasmans.dll - ok
21:56:14.0270 4532 [ 5F64CD5F5596533AB412374797D37CCE ] C:\Windows\System32\drivers\srv.sys
21:56:14.0270 4532 C:\Windows\System32\drivers\srv.sys - ok
21:56:14.0285 4532 [ AE479B1958D797BED5C0B09AB65333C0 ] C:\Windows\System32\rastapi.dll
21:56:14.0285 4532 C:\Windows\System32\rastapi.dll - ok
21:56:14.0285 4532 [ 4B90881D4D02343F0715BB7A94E41BFB ] C:\Windows\System32\tapi32.dll
21:56:14.0285 4532 C:\Windows\System32\tapi32.dll - ok
21:56:14.0285 4532 [ A18DB9768D62B97DC0A2613E732BFB72 ] C:\Program Files\Windows Defender\MpRtp.dll
21:56:14.0285 4532 C:\Program Files\Windows Defender\MpRtp.dll - ok
21:56:14.0285 4532 [ 13471B280779223A8B273DFAF4BF56F2 ] C:\Windows\System32\fltLib.dll
21:56:14.0285 4532 C:\Windows\System32\fltLib.dll - ok
21:56:14.0301 4532 [ 6E2A5F67366818C9A79DD010F9E7F22B ] C:\Windows\System32\srvsvc.dll
21:56:14.0301 4532 C:\Windows\System32\srvsvc.dll - ok
21:56:14.0301 4532 [ 0275E8283FDC4620417862CC24E86227 ] C:\Windows\System32\browser.dll
21:56:14.0301 4532 C:\Windows\System32\browser.dll - ok
21:56:14.0301 4532 [ C5F5BE9161BAA4C777630B1149715E95 ] C:\Windows\System32\iphlpsvc.dll
21:56:14.0301 4532 C:\Windows\System32\iphlpsvc.dll - ok
21:56:14.0317 4532 [ CA2C50FEFD4B75C14991186DBBAA1960 ] C:\Windows\System32\sscore.dll
21:56:14.0317 4532 C:\Windows\System32\sscore.dll - ok
21:56:14.0317 4532 [ B4F10DBA3E201420E008D5129AEFA516 ] C:\Windows\System32\sscoreext.dll
21:56:14.0317 4532 C:\Windows\System32\sscoreext.dll - ok
21:56:14.0317 4532 [ 1D7DFA4E81B9D676AF03C061975B1A96 ] C:\Windows\System32\unimdm.tsp
21:56:14.0317 4532 C:\Windows\System32\unimdm.tsp - ok
21:56:14.0317 4532 [ 8090A4FCE15E10B5BF8584B884041BE6 ] C:\Windows\System32\mi.dll
21:56:14.0317 4532 C:\Windows\System32\mi.dll - ok
21:56:14.0332 4532 [ DF1FFCA8F2CEDC3DD2A9B6689C72EF1E ] C:\Windows\System32\uniplat.dll
21:56:14.0332 4532 C:\Windows\System32\uniplat.dll - ok
21:56:14.0332 4532 [ 4E9AA37E5C7338E77089EDEE7FAB94FD ] C:\Windows\System32\httpprxm.dll
21:56:14.0332 4532 C:\Windows\System32\httpprxm.dll - ok
21:56:14.0332 4532 [ A8867A71275C33B51C429C11314A4BA5 ] C:\Windows\System32\kmddsp.tsp
21:56:14.0332 4532 C:\Windows\System32\kmddsp.tsp - ok
21:56:14.0332 4532 [ B0E3C7AFDDF2E313AD05AAC960995FEB ] C:\Windows\System32\miutils.dll
21:56:14.0332 4532 C:\Windows\System32\miutils.dll - ok
21:56:14.0348 4532 [ BBA9B996C1D474392B9F329FE90836D7 ] C:\Windows\System32\adhsvc.dll
21:56:14.0348 4532 C:\Windows\System32\adhsvc.dll - ok
21:56:14.0348 4532 [ 574A0F8A14755BFD24D837E641199812 ] C:\Windows\System32\hidphone.tsp
21:56:14.0348 4532 C:\Windows\System32\hidphone.tsp - ok
21:56:14.0348 4532 [ 9A8E62372CDF40CCF71F4387CB6A6831 ] C:\Windows\System32\ndptsp.tsp
21:56:14.0348 4532 C:\Windows\System32\ndptsp.tsp - ok
21:56:14.0348 4532 [ C27B1CF8DAD868C2028B2382A320E867 ] C:\Windows\System32\wmidcom.dll
21:56:14.0348 4532 C:\Windows\System32\wmidcom.dll - ok
21:56:14.0364 4532 [ 331CF57750F6BB3C3BF331D8C6A08102 ] C:\Windows\SysWOW64\secur32.dll
21:56:14.0364 4532 C:\Windows\SysWOW64\secur32.dll - ok
21:56:14.0364 4532 [ 30042487E83BF3B518DD9B92A2F52F42 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB7DD2B3-81CD-4FFA-B89F-5C090D9E800D}\mpengine.dll
21:56:14.0364 4532 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB7DD2B3-81CD-4FFA-B89F-5C090D9E800D}\mpengine.dll - ok
21:56:14.0364 4532 [ ACC38C1AC8D1D134ABE5C0934F016C6D ] C:\Windows\System32\eappcfg.dll
21:56:14.0364 4532 C:\Windows\System32\eappcfg.dll - ok
21:56:14.0379 4532 [ 8E4D59F007DD3100B1B55F92B5622AF2 ] C:\Windows\System32\rasppp.dll
21:56:14.0379 4532 C:\Windows\System32\rasppp.dll - ok
21:56:14.0379 4532 [ 5590F6FD30F9C78D5D4385B86BB1346C ] C:\Windows\System32\ncbservice.dll
21:56:14.0379 4532 C:\Windows\System32\ncbservice.dll - ok
21:56:14.0379 4532 [ F7327AFE496FC54F90E4B4585E95A33D ] C:\Windows\System32\resutils.dll
21:56:14.0379 4532 C:\Windows\System32\resutils.dll - ok
21:56:14.0379 4532 [ CDC553A517D1769C8CD754BE1CEC274D ] C:\Windows\System32\clusapi.dll
21:56:14.0379 4532 C:\Windows\System32\clusapi.dll - ok
21:56:14.0395 4532 [ AE6751EE042ADE18E03DEBB3BB037C60 ] C:\Windows\System32\vpnike.dll
21:56:14.0395 4532 C:\Windows\System32\vpnike.dll - ok
21:56:14.0395 4532 [ E8B41394A40EE48544AF1592ABD7061B ] C:\Windows\System32\netprofm.dll
21:56:14.0395 4532 C:\Windows\System32\netprofm.dll - ok
21:56:14.0395 4532 [ D748F23750D045A639DA0138651624E3 ] C:\Windows\System32\raschap.dll
21:56:14.0395 4532 C:\Windows\System32\raschap.dll - ok
21:56:14.0395 4532 [ 46CB7A854BF50808A5B58032AAB65CDD ] C:\Windows\System32\sqmapi.dll
21:56:14.0395 4532 C:\Windows\System32\sqmapi.dll - ok
21:56:14.0410 4532 [ 848EEDC6E69E584E9D8AF4A1DFBF5BC3 ] C:\Windows\SysWOW64\dnsapi.dll
21:56:14.0410 4532 C:\Windows\SysWOW64\dnsapi.dll - ok
21:56:14.0410 4532 [ BDB2C36631152DD6604E546CBF2BCF2B ] C:\Windows\SysWOW64\urlmon.dll
21:56:14.0410 4532 C:\Windows\SysWOW64\urlmon.dll - ok
21:56:14.0410 4532 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
21:56:14.0410 4532 C:\Program Files\Bonjour\mdnsNSP.dll - ok
21:56:14.0426 4532 [ 95703597AF792DB40E9EA271E92528FC ] C:\Windows\System32\credui.dll
21:56:14.0426 4532 C:\Windows\System32\credui.dll - ok
21:56:14.0426 4532 [ BCCCEE7FED5904F00B86AF84473E9CAA ] C:\Windows\SysWOW64\FirewallAPI.dll
21:56:14.0426 4532 C:\Windows\SysWOW64\FirewallAPI.dll - ok
21:56:14.0442 4532 [ 79EDFDA70C24AB4B045C57E0A2C3E008 ] C:\Windows\System32\nci.dll
21:56:14.0442 4532 C:\Windows\System32\nci.dll - ok
21:56:14.0442 4532 [ DDFFC5428192CAA5ED213C16348D66E0 ] C:\Windows\System32\ipnathlp.dll
21:56:14.0442 4532 C:\Windows\System32\ipnathlp.dll - ok
21:56:14.0442 4532 [ F0962B794D3EA2CCF273BC68F6B1FEF0 ] C:\Windows\System32\rasadhlp.dll
21:56:14.0442 4532 C:\Windows\System32\rasadhlp.dll - ok
21:56:14.0457 4532 [ B2BB4E1D88C2094B373F84BC238A7F2D ] C:\Windows\System32\bi.dll
21:56:14.0457 4532 C:\Windows\System32\bi.dll - ok
21:56:14.0457 4532 [ 89F97A857027F67D572119C6C392294D ] C:\Windows\System32\mprapi.dll
21:56:14.0457 4532 C:\Windows\System32\mprapi.dll - ok
21:56:14.0457 4532 [ 727F36D80204A686522EFF03453B635F ] C:\Windows\System32\hnetcfg.dll
21:56:14.0457 4532 C:\Windows\System32\hnetcfg.dll - ok
21:56:14.0457 4532 [ B40B97DA55CEB21825D46650DE98CA59 ] C:\Windows\System32\wdscore.dll
21:56:14.0457 4532 C:\Windows\System32\wdscore.dll - ok
21:56:14.0473 4532 [ E9499BD70D307E750AC26E954F13C735 ] C:\Windows\System32\wbem\wbemprox.dll
21:56:14.0473 4532 C:\Windows\System32\wbem\wbemprox.dll - ok
21:56:14.0473 4532 [ 91CAAF0DC03C34E88022C73523E15A7A ] C:\Windows\System32\wbem\wbemcore.dll
21:56:14.0473 4532 C:\Windows\System32\wbem\wbemcore.dll - ok
21:56:14.0473 4532 [ C3C7AD11DD4CD9EA1603E66684EEF553 ] C:\Windows\System32\wbem\esscli.dll
21:56:14.0473 4532 C:\Windows\System32\wbem\esscli.dll - ok
21:56:14.0489 4532 [ 105AB59B28C3936CD19F89D4D48C84F1 ] C:\Windows\System32\wbem\fastprox.dll
21:56:14.0489 4532 C:\Windows\System32\wbem\fastprox.dll - ok
21:56:14.0489 4532 [ 2EDC8C34EDE6DEB01A35EE173FCD0364 ] C:\Windows\System32\activeds.dll
21:56:14.0489 4532 C:\Windows\System32\activeds.dll - ok
21:56:14.0489 4532 [ E6522021F6A9892CCBA31D4B79B1DDAC ] C:\Windows\System32\adsldpc.dll
21:56:14.0489 4532 C:\Windows\System32\adsldpc.dll - ok
21:56:14.0504 4532 [ AC6D46C246F4DDF12035D15D7F740236 ] C:\Windows\System32\ndiscapCfg.dll
21:56:14.0504 4532 C:\Windows\System32\ndiscapCfg.dll - ok
21:56:14.0504 4532 [ 13855EE203D4FC827323A4F7BA013D84 ] C:\Windows\System32\wbem\wbemsvc.dll
21:56:14.0504 4532 C:\Windows\System32\wbem\wbemsvc.dll - ok
21:56:14.0504 4532 [ 4F247DC6E7B204E941B377625E6D1EBE ] C:\Windows\System32\brdgcfg.dll
21:56:14.0504 4532 C:\Windows\System32\brdgcfg.dll - ok
21:56:14.0504 4532 [ B9E6C56288B370D2915F513E679B8301 ] C:\Windows\System32\adsldp.dll
21:56:14.0504 4532 C:\Windows\System32\adsldp.dll - ok
21:56:14.0520 4532 [ DB740F6C32C090444DC5E254BB38EEAD ] C:\Windows\System32\wbem\wmiutils.dll
21:56:14.0520 4532 C:\Windows\System32\wbem\wmiutils.dll - ok
21:56:14.0520 4532 [ FB6D3E5169A44DC454ABD2F4D7DCA0A2 ] C:\Windows\System32\rascfg.dll
21:56:14.0520 4532 C:\Windows\System32\rascfg.dll - ok
21:56:14.0520 4532 [ FB351008AB5DB79426ADA65920A504C1 ] C:\Windows\System32\wbem\repdrvfs.dll
21:56:14.0520 4532 C:\Windows\System32\wbem\repdrvfs.dll - ok
21:56:14.0520 4532 [ E21CF5575DA29C24962C7734AEFF6E03 ] C:\Windows\System32\mprmsg.dll
21:56:14.0520 4532 C:\Windows\System32\mprmsg.dll - ok
21:56:14.0535 4532 [ 11E56AD54C59A641E4FDEAC884E1DA41 ] C:\Windows\System32\secur32.dll
21:56:14.0535 4532 C:\Windows\System32\secur32.dll - ok
21:56:14.0535 4532 [ 3EA59180CD13D1F2E0CC1D76A8327D74 ] C:\Windows\System32\NdisImPlatform.dll
21:56:14.0535 4532 C:\Windows\System32\NdisImPlatform.dll - ok
21:56:14.0535 4532 [ 58758812213D950659CDF1197698D2D3 ] C:\Windows\System32\LldpNotify.dll
21:56:14.0535 4532 C:\Windows\System32\LldpNotify.dll - ok
21:56:14.0551 4532 [ BCF241EE41413DC7C548B8B0F49E4C6C ] C:\Windows\System32\tcpipcfg.dll
21:56:14.0551 4532 C:\Windows\System32\tcpipcfg.dll - ok
21:56:14.0551 4532 [ 8AF88B9B3A852C7B727B658952C233C3 ] C:\Windows\System32\NapiNSP.dll
21:56:14.0551 4532 C:\Windows\System32\NapiNSP.dll - ok
21:56:14.0551 4532 [ 5F1D22669EEF766A68FD5799845BB502 ] C:\Windows\System32\pnrpnsp.dll
21:56:14.0551 4532 C:\Windows\System32\pnrpnsp.dll - ok
21:56:14.0551 4532 [ FDFF7C7C3D6AFB2C61F0642BB974EB1A ] C:\Windows\System32\winrnr.dll
21:56:14.0551 4532 C:\Windows\System32\winrnr.dll - ok
21:56:14.0567 4532 [ C61DBF85F8AF24B1AB9044B633875DBA ] C:\Windows\System32\wscapi.dll
21:56:14.0567 4532 C:\Windows\System32\wscapi.dll - ok
21:56:14.0567 4532 [ 89797BD9595FACA0D947886E2EF40913 ] C:\Windows\System32\wscisvif.dll
21:56:14.0567 4532 C:\Windows\System32\wscisvif.dll - ok
21:56:14.0567 4532 [ 074E48690A6BF01AF95D57CCEFA143BE ] C:\Windows\System32\wscproxystub.dll
21:56:14.0567 4532 C:\Windows\System32\wscproxystub.dll - ok
21:56:14.0567 4532 [ 8A14977ECB6D8150D1DC0948ACC53A7A ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:56:14.0567 4532 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:56:14.0582 4532 [ 1E40B7D5033F117A3664DC087081DC29 ] C:\Windows\System32\ncobjapi.dll
21:56:14.0582 4532 C:\Windows\System32\ncobjapi.dll - ok
21:56:14.0582 4532 [ CEB3790C574F84E24713224B45AEDCE3 ] C:\Windows\System32\wbem\wbemess.dll
21:56:14.0582 4532 C:\Windows\System32\wbem\wbemess.dll - ok
21:56:14.0582 4532 [ 0C7863F01A058A6C41F2A88CEA20B009 ] C:\Windows\System32\netshell.dll
21:56:14.0582 4532 C:\Windows\System32\netshell.dll - ok
21:56:14.0598 4532 [ 8F40308BF4FADFBEBE3C5E6DDAD8959D ] C:\Windows\System32\dot3api.dll
21:56:14.0598 4532 C:\Windows\System32\dot3api.dll - ok
21:56:14.0598 4532 [ E561C19F0F4A451EF40BFE1DED2EA4C0 ] C:\Windows\System32\drivers\ipnat.sys
21:56:14.0598 4532 C:\Windows\System32\drivers\ipnat.sys - ok
21:56:14.0598 4532 [ 59B022AF91FCC73B158B4186C7BFBC5C ] C:\Windows\System32\dafupnp.dll
21:56:14.0598 4532 C:\Windows\System32\dafupnp.dll - ok
21:56:14.0598 4532 [ 1533858958AEF39DD2B4EB22F10BB7F6 ] C:\Windows\System32\dimsjob.dll
21:56:14.0598 4532 C:\Windows\System32\dimsjob.dll - ok
21:56:14.0614 4532 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
21:56:14.0614 4532 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
21:56:14.0614 4532 [ 9EF416EC99E3389D1199D47DA23A6C93 ] C:\Windows\System32\alg.exe
21:56:14.0614 4532 C:\Windows\System32\alg.exe - ok
21:56:14.0614 4532 [ 32D9CB7D343D4A3FA889E3C3B8451C19 ] C:\Windows\System32\qmgr.dll
21:56:14.0614 4532 C:\Windows\System32\qmgr.dll - ok
21:56:14.0614 4532 [ 8ECAA0B92F2E018222203A7A25DE99A3 ] C:\Windows\System32\wdi.dll
21:56:14.0614 4532 C:\Windows\System32\wdi.dll - ok
21:56:14.0629 4532 [ 07EBE14A43A02FA78466DB8419965CF4 ] C:\Windows\SysWOW64\rasadhlp.dll
21:56:14.0629 4532 C:\Windows\SysWOW64\rasadhlp.dll - ok
21:56:14.0629 4532 [ 613EF10494F7BC394E0DB2D5CB3FEC74 ] C:\Windows\System32\sppsvc.exe
21:56:14.0629 4532 C:\Windows\System32\sppsvc.exe - ok
21:56:14.0629 4532 [ 62308A7BFA735138E87EB642180A1255 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
21:56:14.0629 4532 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
21:56:14.0629 4532 [ 8C7F222E67849862CC74E4073227E8DC ] C:\Windows\System32\bitsperf.dll
21:56:14.0629 4532 C:\Windows\System32\bitsperf.dll - ok
21:56:14.0645 4532 [ 346E7F75C10FBE2352E143B2A168B80F ] C:\Windows\System32\perftrack.dll
21:56:14.0645 4532 C:\Windows\System32\perftrack.dll - ok
21:56:14.0645 4532 [ B6015F2289F12332D21A24970A804C76 ] C:\Windows\System32\diagperf.dll
21:56:14.0645 4532 C:\Windows\System32\diagperf.dll - ok
21:56:14.0645 4532 [ 4EC99CD6B6DF85458517972291F6BF03 ] C:\Windows\System32\pnpts.dll
21:56:14.0645 4532 C:\Windows\System32\pnpts.dll - ok
21:56:14.0645 4532 [ AC12300ED32D0486042A61255C933BE9 ] C:\Windows\System32\wer.dll
21:56:14.0645 4532 C:\Windows\System32\wer.dll - ok
21:56:14.0660 4532 [ 2FBC1158E3DC0DDD08150895B298EE6E ] C:\Windows\System32\netprofmsvc.dll
21:56:14.0660 4532 C:\Windows\System32\netprofmsvc.dll - ok
21:56:14.0660 4532 [ C8E09705ACB0B4FA6973D48358BA3245 ] C:\Windows\System32\radardt.dll
21:56:14.0660 4532 C:\Windows\System32\radardt.dll - ok
21:56:14.0660 4532 [ 55453AA42930C9EEA4DAD30E4E2D391F ] C:\Windows\System32\srumsvc.dll
21:56:14.0660 4532 C:\Windows\System32\srumsvc.dll - ok
21:56:14.0676 4532 [ 76E7381FCFD01F6211F1B58BC35859F5 ] C:\Windows\System32\npmproxy.dll
21:56:14.0676 4532 C:\Windows\System32\npmproxy.dll - ok
21:56:14.0676 4532 [ 95F56E2C5B134DFD285663EE4FAD693D ] C:\Windows\System32\wdiasqmmodule.dll
21:56:14.0676 4532 C:\Windows\System32\wdiasqmmodule.dll - ok
21:56:14.0676 4532 [ 6FC124A8CA3322633224E07CF34B2958 ] C:\Windows\System32\pautoenr.dll
21:56:14.0676 4532 C:\Windows\System32\pautoenr.dll - ok
21:56:14.0676 4532 [ A7064DD12FD8847DA1DA0AEC66DE3D82 ] C:\Windows\System32\certca.dll
21:56:14.0676 4532 C:\Windows\System32\certca.dll - ok
21:56:14.0692 4532 [ 3036A56CDE19C3E0F7C92782F6C233BD ] C:\Windows\System32\CertEnroll.dll
21:56:14.0692 4532 C:\Windows\System32\CertEnroll.dll - ok
21:56:14.0692 4532 [ 719E865C1C29B3C21C4A672A3CEC1024 ] C:\Windows\System32\fdPHost.dll
21:56:14.0692 4532 C:\Windows\System32\fdPHost.dll - ok
21:56:14.0692 4532 [ 578C2E5158D994294492F83EEF267CE6 ] C:\Windows\System32\bitsigd.dll
21:56:14.0692 4532 C:\Windows\System32\bitsigd.dll - ok
21:56:14.0692 4532 [ B75FED871CDDABB3EA473CF31216024E ] C:\Windows\System32\fdWSD.dll
21:56:14.0692 4532 C:\Windows\System32\fdWSD.dll - ok
21:56:14.0707 4532 [ 7B0E67B2BF09A3D02B79B89B192ECB50 ] C:\Windows\System32\NcdAutoSetup.dll
21:56:14.0707 4532 C:\Windows\System32\NcdAutoSetup.dll - ok
21:56:14.0707 4532 [ 7A0B515FB396B44AC67319C170E2C0A2 ] C:\Windows\System32\appinfo.dll
21:56:14.0707 4532 C:\Windows\System32\appinfo.dll - ok
21:56:14.0707 4532 [ 8631D205938333098B46AF9F33964C5E ] C:\Windows\System32\deviceassociation.dll
21:56:14.0707 4532 C:\Windows\System32\deviceassociation.dll - ok
21:56:14.0723 4532 [ DA71950CAAF4C19CDC0B85E3BD350430 ] C:\Windows\System32\FDResPub.dll
21:56:14.0723 4532 C:\Windows\System32\FDResPub.dll - ok
21:56:14.0723 4532 [ 5EB494F254363BB1C0F24CE1CFEFB6B6 ] C:\Windows\System32\IPSECSVC.DLL
21:56:14.0723 4532 C:\Windows\System32\IPSECSVC.DLL - ok
21:56:14.0723 4532 [ B58FB1ECF243F3BB76A479B461710A1D ] C:\Windows\System32\wpdbusenum.dll
21:56:14.0723 4532 C:\Windows\System32\wpdbusenum.dll - ok
21:56:14.0723 4532 [ 65D6015D5FC47A0E5E9C01BA504EEE8A ] C:\Windows\System32\AppXDeploymentClient.dll
21:56:14.0723 4532 C:\Windows\System32\AppXDeploymentClient.dll - ok
21:56:14.0739 4532 [ E24B5B8568C9C20B040C0591B05A04E4 ] C:\Windows\System32\dtsh.dll
21:56:14.0739 4532 C:\Windows\System32\dtsh.dll - ok
21:56:14.0739 4532 [ B6F9BAC295D6433A071FFDA14DCA8777 ] C:\Windows\System32\FwRemoteSvr.dll
21:56:14.0739 4532 C:\Windows\System32\FwRemoteSvr.dll - ok
21:56:14.0739 4532 [ 2E7A5F2A9ABD6D9B3932FE3B21F789B7 ] C:\Windows\System32\PortableDeviceApi.dll
21:56:14.0739 4532 C:\Windows\System32\PortableDeviceApi.dll - ok
21:56:14.0739 4532 [ BFCBF6B3D8A91155A52A714A3A933DB2 ] C:\Windows\System32\upnp.dll
21:56:14.0739 4532 C:\Windows\System32\upnp.dll - ok
21:56:14.0754 4532 [ 1A5C9DF79BDD7FCCE5F1D6B34112DC0E ] C:\Windows\System32\WSDApi.dll
21:56:14.0754 4532 C:\Windows\System32\WSDApi.dll - ok
21:56:14.0754 4532 [ 0E7C19EA5837597452949ADEAD5B0651 ] C:\Windows\System32\cryptnet.dll
21:56:14.0754 4532 C:\Windows\System32\cryptnet.dll - ok
21:56:14.0754 4532 [ 3D41E5B53766DBF6941D6262F43EA406 ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:56:14.0754 4532 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:56:14.0770 4532 [ 026BB3075CD8F19A2AD71B183135233B ] C:\Windows\System32\webservices.dll
21:56:14.0770 4532 C:\Windows\System32\webservices.dll - ok
21:56:14.0770 4532 [ 96649C896D0D9A7D34EBE5BB510ABFCC ] C:\Windows\System32\nduprov.dll
21:56:14.0770 4532 C:\Windows\System32\nduprov.dll - ok
21:56:14.0770 4532 [ 1DAADE7C33238B750C58C2AEC6BD9736 ] C:\Windows\System32\appsruprov.dll
21:56:14.0770 4532 C:\Windows\System32\appsruprov.dll - ok
21:56:14.0770 4532 [ 7939F52AF3221106D6995F6B4F07BCEA ] C:\Windows\System32\wpnsruprov.dll
21:56:14.0770 4532 C:\Windows\System32\wpnsruprov.dll - ok
21:56:14.0785 4532 [ 5755893B1E77EB4E55BB121F4B574C2F ] C:\Windows\System32\energyprov.dll
21:56:14.0785 4532 C:\Windows\System32\energyprov.dll - ok
21:56:14.0785 4532 [ 3F9C1EE01B5C0BC18D18E912963E6E85 ] C:\Windows\System32\srumapi.dll
21:56:14.0785 4532 C:\Windows\System32\srumapi.dll - ok
21:56:14.0785 4532 [ 68C7AB6D3C8559F21CE5784BD506ED10 ] C:\Windows\System32\ssdpsrv.dll
21:56:14.0785 4532 C:\Windows\System32\ssdpsrv.dll - ok
21:56:14.0801 4532 [ F7737A0A4AE5B911E1D70D8697E3137E ] C:\Windows\System32\fdSSDP.dll
21:56:14.0801 4532 C:\Windows\System32\fdSSDP.dll - ok
21:56:14.0801 4532 [ D8E290E29839EE2B6F62FE8315102255 ] C:\Windows\System32\fundisc.dll
21:56:14.0801 4532 C:\Windows\System32\fundisc.dll - ok
21:56:14.0801 4532 [ 0A759F5B64ABC3FF8BDEB07AD1E39998 ] C:\Windows\System32\runonce.exe
21:56:14.0801 4532 C:\Windows\System32\runonce.exe - ok
21:56:14.0801 4532 [ 8DDBEC7AE250D64B8B2AF001AA981F5A ] C:\Windows\SysWOW64\runonce.exe
21:56:14.0801 4532 C:\Windows\SysWOW64\runonce.exe - ok
21:56:14.0817 4532 [ 8EC600A2656176EC5D4A89950689C084 ] C:\Windows\SysWOW64\imm32.dll
21:56:14.0817 4532 C:\Windows\SysWOW64\imm32.dll - ok
21:56:14.0817 4532 [ 370FD570F8A665FF135B87C7BDB8FCC3 ] C:\Windows\SysWOW64\msctf.dll
21:56:14.0817 4532 C:\Windows\SysWOW64\msctf.dll - ok
21:56:14.0817 4532 [ 758556F3851D4A9F3FA98FB30B050108 ] C:\Windows\SysWOW64\uxtheme.dll
21:56:14.0817 4532 C:\Windows\SysWOW64\uxtheme.dll - ok
21:56:14.0817 4532 [ 4E0D747F4AAE4DC4C600C0BFB7B43E37 ] C:\Windows\System32\DAFWSD.dll
21:56:14.0817 4532 C:\Windows\System32\DAFWSD.dll - ok
21:56:14.0832 4532 [ 3F46310BDC7A7E720BB6649890817B04 ] C:\Windows\System32\msiexec.exe
21:56:14.0832 4532 C:\Windows\System32\msiexec.exe - ok
21:56:14.0832 4532 [ FC33619FA41F75991B2F081FE617D54E ] C:\Windows\System32\tdh.dll
21:56:14.0832 4532 C:\Windows\System32\tdh.dll - ok
21:56:14.0832 4532 [ 644F026B0EA22033A094680D1B28A07B ] C:\Windows\System32\upnphost.dll
21:56:14.0832 4532 C:\Windows\System32\upnphost.dll - ok
21:56:14.0832 4532 [ 9B0E2BA4EC4713A0ECA9A1085B036662 ] C:\Windows\System32\Windows.Media.Streaming.dll
21:56:14.0832 4532 C:\Windows\System32\Windows.Media.Streaming.dll - ok
21:56:14.0848 4532 [ 56369754A0B413E83139586EFB6430CC ] C:\Windows\SysWOW64\propsys.dll
21:56:14.0848 4532 C:\Windows\SysWOW64\propsys.dll - ok
21:56:14.0848 4532 [ 774EABB98EF1244EFDE60330C40F06DD ] C:\Windows\System32\provsvc.dll
21:56:14.0848 4532 C:\Windows\System32\provsvc.dll - ok
21:56:14.0848 4532 [ 3DB30B4257337B473318BCA9C783DEDF ] C:\Windows\apppatch\apppatch64\AcLayers.dll
21:56:14.0848 4532 C:\Windows\apppatch\apppatch64\AcLayers.dll - ok
21:56:14.0864 4532 [ B1BF273EB1EA17A77A8ED6706BD24DF5 ] C:\Windows\System32\qmgrprxy.dll
21:56:14.0864 4532 C:\Windows\System32\qmgrprxy.dll - ok
21:56:14.0864 4532 [ BAC15F9F76CBD6D9A9788DBB22E34A6A ] C:\Windows\System32\sfc.dll
21:56:14.0864 4532 C:\Windows\System32\sfc.dll - ok
21:56:14.0864 4532 [ AC713818554BFA7B23C66E11ED253798 ] C:\Windows\SysWOW64\qmgrprxy.dll
21:56:14.0864 4532 C:\Windows\SysWOW64\qmgrprxy.dll - ok
21:56:14.0864 4532 [ 12939C256D859F275874BCD5A50EA93F ] C:\Windows\System32\P2P.dll
21:56:14.0864 4532 C:\Windows\System32\P2P.dll - ok
21:56:14.0879 4532 [ 3B942F883B964036BFE8D8FF9537F785 ] C:\Windows\System32\AppXDeploymentServer.dll
21:56:14.0879 4532 C:\Windows\System32\AppXDeploymentServer.dll - ok
21:56:14.0879 4532 [ 2795C46F62A6EEAB936B44B5DCD09B52 ] C:\Windows\System32\rasdlg.dll
21:56:14.0879 4532 C:\Windows\System32\rasdlg.dll - ok
21:56:14.0879 4532 [ 660C8E78B94F483E44B0243A774A4746 ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
21:56:14.0879 4532 C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
21:56:14.0879 4532 [ 7E2C90480EF29DA772C8AF38AA7560A3 ] C:\Windows\System32\ListSvc.dll
21:56:14.0879 4532 C:\Windows\System32\ListSvc.dll - ok
21:56:14.0895 4532 [ 9C1CD085F743FDFF13D2439530EA5A6B ] C:\Windows\System32\AppxAllUserStore.dll
21:56:14.0895 4532 C:\Windows\System32\AppxAllUserStore.dll - ok
21:56:14.0895 4532 [ 5D840B1A3D210A079C0BBAABA753731D ] C:\Windows\System32\fdProxy.dll
21:56:14.0895 4532 C:\Windows\System32\fdProxy.dll - ok
21:56:14.0895 4532 [ B79515AFF098E5A56DFBD316152534DE ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
21:56:14.0895 4532 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
21:56:14.0895 4532 [ 16690A9D5F4DE7EF5D981C93BDA260F3 ] C:\Windows\System32\Windows.ApplicationModel.dll
21:56:14.0895 4532 C:\Windows\System32\Windows.ApplicationModel.dll - ok
21:56:14.0911 4532 [ 1DD640ADC5AB40BC6462E7D84DA3C86C ] C:\Windows\System32\actxprxy.dll
21:56:14.0911 4532 C:\Windows\System32\actxprxy.dll - ok
21:56:14.0911 4532 [ DBE208B4BAB7F903FB91FFB9D447B2BC ] C:\Windows\System32\sppwinob.dll
21:56:14.0911 4532 C:\Windows\System32\sppwinob.dll - ok
21:56:14.0911 4532 [ D5686620E7B08769D49400854A033E30 ] C:\Windows\System32\pnrpsvc.dll
21:56:14.0911 4532 C:\Windows\System32\pnrpsvc.dll - ok
21:56:14.0926 4532 [ 93240217A40671195A420509B58F7703 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6789_none_88e2c1c72fac51a7\msvcr80.dll
21:56:14.0926 4532 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6789_none_88e2c1c72fac51a7\msvcr80.dll - ok
21:56:14.0926 4532 [ 63271C2FC3766DBEE738C4FE08BFAD0D ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6750_none_509264d4bcb8ba45\msvcr90.dll
21:56:14.0926 4532 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6750_none_509264d4bcb8ba45\msvcr90.dll - ok
21:56:14.0926 4532 [ 01AB1F1F08F6C29B4A9768311AD2497A ] C:\Windows\System32\fhlisten.dll
21:56:14.0926 4532 C:\Windows\System32\fhlisten.dll - ok
21:56:14.0926 4532 [ 9FC6659DC83DD66CEFFA2EC27127295A ] C:\Windows\System32\hgprint.dll
21:56:14.0926 4532 C:\Windows\System32\hgprint.dll - ok
21:56:14.0942 4532 [ A7D9D636C6956A05B48DB152573483A8 ] C:\Windows\System32\IdListen.dll
21:56:14.0942 4532 C:\Windows\System32\IdListen.dll - ok
21:56:14.0942 4532 [ BB21A3958B08EC4EED4984E85B1A8387 ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6750_none_509264d4bcb8ba45\msvcp90.dll
21:56:14.0942 4532 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6750_none_509264d4bcb8ba45\msvcp90.dll - ok
21:56:14.0942 4532 [ 3160B6BD4FE269582757EC15BF9864F5 ] C:\Windows\System32\udhisapi.dll
21:56:14.0942 4532 C:\Windows\System32\udhisapi.dll - ok
21:56:14.0957 4532 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
21:56:14.0957 4532 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
21:56:14.0957 4532 [ 45A228A1FBB1721B96FE9E5AE933BF4D ] C:\Windows\SysWOW64\nlaapi.dll
21:56:14.0957 4532 C:\Windows\SysWOW64\nlaapi.dll - ok
21:56:14.0957 4532 [ A6770047ACFC13869B8FE8E60B684B92 ] C:\Windows\SysWOW64\NapiNSP.dll
21:56:14.0957 4532 C:\Windows\SysWOW64\NapiNSP.dll - ok
21:56:14.0957 4532 [ 5A16F890A4500E2F2573DE64B637A8EA ] C:\Windows\SysWOW64\pnrpnsp.dll
21:56:14.0957 4532 C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:56:14.0973 4532 [ E4944B33A2026234B50535691962B4AB ] C:\Windows\SysWOW64\winrnr.dll
21:56:14.0973 4532 C:\Windows\SysWOW64\winrnr.dll - ok
21:56:14.0973 4532 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
21:56:14.0973 4532 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
21:56:14.0973 4532 [ 588F5BAD1A3A0FB392856E88EF85827B ] C:\Windows\System32\p2psvc.dll
21:56:14.0973 4532 C:\Windows\System32\p2psvc.dll - ok
21:56:14.0973 4532 [ 2A1AB65C57AD8BBAC37CF2E112650361 ] C:\Windows\System32\pcacli.dll
21:56:14.0973 4532 C:\Windows\System32\pcacli.dll - ok
21:56:14.0989 4532 [ 383ADB9A84FE8206E06203032310C97C ] C:\Windows\System32\pcadm.dll
21:56:14.0989 4532 C:\Windows\System32\pcadm.dll - ok
21:56:14.0989 4532 [ 8C72065DAA88FA7789CB6668B597053F ] C:\Windows\System32\P2PGraph.dll
21:56:14.0989 4532 C:\Windows\System32\P2PGraph.dll - ok
21:56:14.0989 4532 [ 6A1DDA95782FE3850AE32ABD180F410D ] C:\Windows\SysWOW64\cmd.exe
21:56:14.0989 4532 C:\Windows\SysWOW64\cmd.exe - ok
21:56:15.0004 4532 [ E9264BFBE90DA1768072018186A278A6 ] C:\Windows\SysWOW64\cmdext.dll
21:56:15.0004 4532 C:\Windows\SysWOW64\cmdext.dll - ok
21:56:15.0004 4532 [ 6A550ACBF124D78D9266290FD9C5B171 ] C:\Windows\System32\sppobjs.dll
21:56:15.0004 4532 C:\Windows\System32\sppobjs.dll - ok
21:56:15.0004 4532 [ 524B15E6AB48316E1D831CD01E1EC79D ] C:\Windows\System32\SppExtComObj.Exe
21:56:15.0004 4532 C:\Windows\System32\SppExtComObj.Exe - ok
21:56:15.0004 4532 [ D1E68678B934E4137EEFC8B17EC06A55 ] C:\Windows\System32\slui.exe
21:56:15.0004 4532 C:\Windows\System32\slui.exe - ok
21:56:15.0020 4532 [ ABA32AD09D4789731E7E79572093DDD0 ] C:\Windows\System32\ncryptsslp.dll
21:56:15.0020 4532 C:\Windows\System32\ncryptsslp.dll - ok
21:56:15.0020 4532 [ C8C315DAA8A46F8F79C0CA387679A0ED ] C:\Windows\System32\ncryptprov.dll
21:56:15.0020 4532 C:\Windows\System32\ncryptprov.dll - ok
21:56:15.0020 4532 [ FECA29D3783C1AE88EC34D38C041D9B5 ] C:\Windows\SysWOW64\shdocvw.dll
21:56:15.0020 4532 C:\Windows\SysWOW64\shdocvw.dll - ok
21:56:15.0035 4532 [ 8CCCA0A7BCE4B8B19AEC784A11417462 ] C:\Windows\System32\LicensingUI.exe
21:56:15.0035 4532 C:\Windows\System32\LicensingUI.exe - ok
21:56:15.0035 4532 [ 5A056CDA93929A41A29A59733D6B7971 ] C:\Windows\System32\dssenh.dll
21:56:15.0035 4532 C:\Windows\System32\dssenh.dll - ok
21:56:15.0035 4532 [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB7DD2B3-81CD-4FFA-B89F-5C090D9E800D}\offreg.dll
21:56:15.0035 4532 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB7DD2B3-81CD-4FFA-B89F-5C090D9E800D}\offreg.dll - ok
21:56:15.0035 4532 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\User\AppData\Local\Temp\8AF9364E-9864-44A4-81A8-0058B251B6A6.exe
21:56:15.0035 4532 C:\Users\User\AppData\Local\Temp\8AF9364E-9864-44A4-81A8-0058B251B6A6.exe - ok
21:56:15.0051 4532 [ 02DC88A19233B93AC2C4F5D77B924743 ] C:\Windows\System32\IME\IMEKR\imkrtip.dll
21:56:15.0051 4532 C:\Windows\System32\IME\IMEKR\imkrtip.dll - ok
21:56:15.0051 4532 [ C4BB188DBCF2F0F09A4001313C9C844F ] C:\Windows\System32\IME\SHARED\IMETIP.DLL
21:56:15.0051 4532 C:\Windows\System32\IME\SHARED\IMETIP.DLL - ok
21:56:15.0051 4532 [ 1AD54C674E16D2906B457AA799FF4FB3 ] C:\Windows\System32\IME\IMEKR\imkrapi.dll
21:56:15.0051 4532 C:\Windows\System32\IME\IMEKR\imkrapi.dll - ok
21:56:15.0067 4532 [ 6E76F92A3C3D15481731420D0517B40C ] C:\Windows\System32\IME\SHARED\IMJKAPI.DLL
21:56:15.0067 4532 C:\Windows\System32\IME\SHARED\IMJKAPI.DLL - ok
21:56:15.0067 4532 [ 8C688848BCED0C70F523288474F9C894 ] C:\Windows\SysWOW64\pcacli.dll
21:56:15.0067 4532 C:\Windows\SysWOW64\pcacli.dll - ok
21:56:15.0067 4532 [ CAD329559A4C0DC318EC15DC768A99A1 ] C:\Windows\SysWOW64\sfc_os.dll
21:56:15.0067 4532 C:\Windows\SysWOW64\sfc_os.dll - ok
21:56:15.0067 4532 [ 9BE954A4AB7D7C501E8D7BDE81840051 ] C:\Windows\System32\aelupsvc.dll
21:56:15.0067 4532 C:\Windows\System32\aelupsvc.dll - ok
21:56:15.0082 4532 [ 7528FE25A967F62C1705B4B64AB5F32A ] C:\Windows\System32\themeui.dll
21:56:15.0082 4532 C:\Windows\System32\themeui.dll - ok
21:56:15.0082 4532 [ F258FB1790D6A82D878D23169ADD85E5 ] C:\Windows\System32\ExplorerFrame.dll
21:56:15.0082 4532 C:\Windows\System32\ExplorerFrame.dll - ok
21:56:15.0082 4532 [ F891E119D003DAB1AE242B118E26FBC9 ] C:\Windows\System32\twinapi.dll
21:56:15.0082 4532 C:\Windows\System32\twinapi.dll - ok
21:56:15.0082 4532 [ E954684ED7993A8C687A0C70C6990CA2 ] C:\Windows\System32\drttransport.dll
21:56:15.0082 4532 C:\Windows\System32\drttransport.dll - ok
21:56:15.0098 4532 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
21:56:15.0098 4532 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
21:56:15.0098 4532 [ DD8CBF20135A1AE01F13912B6D9B0412 ] C:\Windows\System32\drt.dll
21:56:15.0098 4532 C:\Windows\System32\drt.dll - ok
21:56:15.0098 4532 [ 74073AD88357BFAA8B8B5ACFF0E5E24B ] C:\Windows\SysWOW64\dwmapi.dll
21:56:15.0098 4532 C:\Windows\SysWOW64\dwmapi.dll - ok
21:56:15.0114 4532 [ 656E0F7BE0762D252E10D143D583E8FC ] C:\Windows\System32\gameux.dll
21:56:15.0114 4532 C:\Windows\System32\gameux.dll - ok
21:56:15.0114 4532 [ AE0A2DE2BB518D204F94DDCF93BBCC4C ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
21:56:15.0114 4532 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
21:56:15.0114 4532 [ A95A1316F473904F1315AEAAE8F07F54 ] C:\Windows\System32\twinui.dll
21:56:15.0114 4532 C:\Windows\System32\twinui.dll - ok
21:56:15.0114 4532 [ B720B4D1C97FBE02BE32812B580F1849 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
21:56:15.0114 4532 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
21:56:15.0129 4532 [ 1048D4463AA39E7B5509CFFD7DF90A58 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
21:56:15.0129 4532 C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
21:56:15.0129 4532 [ EC248BC9C9C225FD289F250756503146 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
21:56:15.0129 4532 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
21:56:15.0129 4532 [ 98AC6B96ACE476B5473920BF000D59C2 ] C:\Windows\System32\wpncore.dll
21:56:15.0129 4532 C:\Windows\System32\wpncore.dll - ok
21:56:15.0129 4532 [ 95A21ED570F32529F0C8F5034933288C ] C:\Windows\System32\wlidprov.dll
21:56:15.0129 4532 C:\Windows\System32\wlidprov.dll - ok
21:56:15.0145 4532 [ F3E10BCEE54C855A2EDF362F0C3F1AB2 ] C:\Windows\System32\thumbcache.dll
21:56:15.0145 4532 C:\Windows\System32\thumbcache.dll - ok
21:56:15.0145 4532 [ A931E972614B82ED8CCFA9AC71CDD843 ] C:\Windows\System32\SystemEventsBrokerServer.dll
21:56:15.0145 4532 C:\Windows\System32\SystemEventsBrokerServer.dll - ok
21:56:15.0145 4532 [ 387D0271212C4387944349EE879D4434 ] C:\Windows\System32\TimeBrokerServer.dll
21:56:15.0145 4532 C:\Windows\System32\TimeBrokerServer.dll - ok
21:56:15.0145 4532 [ 8D3DA58BA4E06C13989ABD37BA44AA3F ] C:\Windows\System32\UIAutomationCore.dll
21:56:15.0145 4532 C:\Windows\System32\UIAutomationCore.dll - ok
21:56:15.0160 4532 [ 62180383272BD7309AF5F504318F951E ] C:\Windows\System32\wdmaud.drv
21:56:15.0160 4532 C:\Windows\System32\wdmaud.drv - ok
21:56:15.0160 4532 [ 4EF6F0702F28DEA920C526BE76660DFE ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
21:56:15.0160 4532 C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
21:56:15.0160 4532 [ 8ADDE7EF2FD511D5A8FBC5500DCA6401 ] C:\Windows\System32\ksuser.dll
21:56:15.0160 4532 C:\Windows\System32\ksuser.dll - ok
21:56:15.0176 4532 [ A291384517ADB8739BA4BE068B4377A7 ] C:\Windows\System32\stobject.dll
21:56:15.0176 4532 C:\Windows\System32\stobject.dll - ok
21:56:15.0176 4532 [ 07371C096D17588781053488ADDAF61D ] C:\Windows\System32\batmeter.dll
21:56:15.0176 4532 C:\Windows\System32\batmeter.dll - ok
21:56:15.0176 4532 [ 2B2F4BCDB7AFFCCA5261F612FC7880DB ] C:\Windows\System32\AudioSes.dll
21:56:15.0176 4532 C:\Windows\System32\AudioSes.dll - ok
21:56:15.0176 4532 [ E8DBB235A2A890E123617AA9588AF320 ] C:\Windows\System32\msacm32.drv
21:56:15.0176 4532 C:\Windows\System32\msacm32.drv - ok
21:56:15.0192 4532 [ 9E49D93302C5DEB25F8A9AEFBD8C069F ] C:\Windows\System32\msacm32.dll
21:56:15.0192 4532 C:\Windows\System32\msacm32.dll - ok
21:56:15.0192 4532 [ E7BE4D93B0F210F6B011CFE273F31E35 ] C:\Windows\System32\Windows.Networking.Connectivity.dll
21:56:15.0192 4532 C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
21:56:15.0192 4532 [ 556762C14273F723BDE5A3608A570F4B ] C:\Windows\System32\midimap.dll
21:56:15.0192 4532 C:\Windows\System32\midimap.dll - ok
21:56:15.0192 4532 [ 1370E75BFD8CCD5F1F2CD01120A6C6F2 ] C:\Windows\System32\prnfldr.dll
21:56:15.0192 4532 C:\Windows\System32\prnfldr.dll - ok
21:56:15.0207 4532 [ 098DB03E6F10FF94F0DE11A0C77DDBE2 ] C:\Windows\System32\audiodg.exe
21:56:15.0207 4532 C:\Windows\System32\audiodg.exe - ok
21:56:15.0207 4532 [ C7DA85D6A59AE8F38ED16D6F8BAAD3A7 ] C:\Windows\System32\rundll32.exe
21:56:15.0207 4532 C:\Windows\System32\rundll32.exe - ok
21:56:15.0207 4532 [ 1C20E4D2C20CB5F732E575F096C3C5E5 ] C:\Windows\System32\WinTypes.dll
21:56:15.0207 4532 C:\Windows\System32\WinTypes.dll - ok
21:56:15.0223 4532 [ A841A20ACDEE8E7A3F39450C59E3F3DD ] C:\Windows\System32\DeviceSetupManagerAPI.dll
21:56:15.0223 4532 C:\Windows\System32\DeviceSetupManagerAPI.dll - ok
21:56:15.0223 4532 [ F3ABDBDA278EA2F10D5952BF0AB54588 ] C:\Windows\System32\shdocvw.dll
21:56:15.0223 4532 C:\Windows\System32\shdocvw.dll - ok
21:56:15.0223 4532 [ B4AC2B50FC51DF45FE06C3AB14389BE8 ] C:\Windows\System32\AudioEng.dll
21:56:15.0223 4532 C:\Windows\System32\AudioEng.dll - ok
21:56:15.0239 4532 [ C58B40EA4CEB0317EEE83C359A5B3209 ] C:\Windows\System32\AUDIOKSE.dll
21:56:15.0239 4532 C:\Windows\System32\AUDIOKSE.dll - ok
21:56:15.0239 4532 [ 39E95951F59662562B4A7F1A10115633 ] C:\Windows\System32\WMALFXGFXDSP.dll
21:56:15.0239 4532 C:\Windows\System32\WMALFXGFXDSP.dll - ok
21:56:15.0239 4532 [ 92D9352250C963DE62B445DB29D38C34 ] C:\Program Files\Internet Explorer\sqmapi.dll
21:56:15.0239 4532 C:\Program Files\Internet Explorer\sqmapi.dll - ok
21:56:15.0239 4532 [ 320163EB6A99F674B96DBC3F03D94AB3 ] C:\Windows\System32\mfplat.dll
21:56:15.0239 4532 C:\Windows\System32\mfplat.dll - ok
21:56:15.0254 4532 [ B286B999BBC84916F95C5D3B6DF8A341 ] C:\Windows\System32\deviceaccess.dll
21:56:15.0254 4532 C:\Windows\System32\deviceaccess.dll - ok
21:56:15.0254 4532 [ 24B6419C5B301F114C083E52C947B7BD ] C:\Windows\System32\bitsprx5.dll
21:56:15.0254 4532 C:\Windows\System32\bitsprx5.dll - ok
21:56:15.0254 4532 [ 6112CEE42D4ED8C0F9ECC5DD8E8C436B ] C:\Windows\System32\bitsprx7.dll
21:56:15.0254 4532 C:\Windows\System32\bitsprx7.dll - ok
21:56:15.0270 4532 [ 2B4EA57871CE127221F1592A0BEA7C46 ] C:\Windows\System32\DXP.dll
21:56:15.0270 4532 C:\Windows\System32\DXP.dll - ok
21:56:15.0270 4532 [ B99B9CFAB7A98C273B2D32630B1C7AD6 ] C:\Windows\System32\bitsprx2.dll
21:56:15.0270 4532 C:\Windows\System32\bitsprx2.dll - ok
21:56:15.0270 4532 [ 5F953C41B5AD4FCB4437BF1833ED4776 ] C:\Windows\System32\bitsprx3.dll
21:56:15.0270 4532 C:\Windows\System32\bitsprx3.dll - ok
21:56:15.0270 4532 [ 75AFFAD8569B2801F43049985488E09B ] C:\Windows\System32\Syncreg.dll
21:56:15.0270 4532 C:\Windows\System32\Syncreg.dll - ok
21:56:15.0285 4532 [ F71F0DB300D9ED43A20EF3C6A56BA4A7 ] C:\Windows\System32\dxtrans.dll
21:56:15.0285 4532 C:\Windows\System32\dxtrans.dll - ok
21:56:15.0285 4532 [ E7A0B7AEFBD1BBE32BBAC4CA2124E642 ] C:\Windows\System32\ddrawex.dll
21:56:15.0285 4532 C:\Windows\System32\ddrawex.dll - ok
21:56:15.0285 4532 [ C24C25B5AE3C405D1142C24AEECDA1C3 ] C:\Windows\System32\imgutil.dll
21:56:15.0285 4532 C:\Windows\System32\imgutil.dll - ok
21:56:15.0285 4532 [ 3E8AD86FDC768C26EEFE934B151E49B7 ] C:\Windows\System32\ddraw.dll
21:56:15.0285 4532 C:\Windows\System32\ddraw.dll - ok
21:56:15.0301 4532 [ 802C594022C30383A5470CCF4DDA06D2 ] C:\Windows\System32\dciman32.dll
21:56:15.0301 4532 C:\Windows\System32\dciman32.dll - ok
21:56:15.0301 4532 [ 1CC4423451D313BAA259C302E09607DB ] C:\Windows\System32\pngfilt.dll
21:56:15.0301 4532 C:\Windows\System32\pngfilt.dll - ok
21:56:15.0301 4532 [ 59D1FAA7C483E75D9079C67CF4526CE9 ] C:\Windows\System32\AltTab.dll
21:56:15.0301 4532 C:\Windows\System32\AltTab.dll - ok
21:56:15.0317 4532 [ C3B873F8D14DED32B8BB900DA1E2C588 ] C:\Windows\SysWOW64\webio.dll
21:56:15.0317 4532 C:\Windows\SysWOW64\webio.dll - ok
21:56:15.0317 4532 [ 57A6B74FE889523C478617721DE3F515 ] C:\Windows\System32\PortableDeviceTypes.dll
21:56:15.0317 4532 C:\Windows\System32\PortableDeviceTypes.dll - ok
21:56:15.0317 4532 [ 26EF099C651B1BCE89F0A37BBAEFBD3C ] C:\Windows\System32\WPDShServiceObj.dll
21:56:15.0317 4532 C:\Windows\System32\WPDShServiceObj.dll - ok
21:56:15.0317 4532 [ 46CB7A854BF50808A5B58032AAB65CDD ] C:\Program Files\Windows Portable Devices\sqmapi.dll
21:56:15.0317 4532 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
21:56:15.0332 4532 [ CE854A83154FB2B6AE4883ED2CFC7C94 ] C:\Windows\System32\pnidui.dll
21:56:15.0332 4532 C:\Windows\System32\pnidui.dll - ok
21:56:15.0332 4532 [ DA2B4F6BB2E36A1D43CBAEF92FA3C624 ] C:\Windows\System32\NcaApi.dll
21:56:15.0332 4532 C:\Windows\System32\NcaApi.dll - ok
21:56:15.0332 4532 [ D5EEDCD90EAB5268FB3D811E2D9038A6 ] C:\Windows\System32\NetworkStatus.dll
21:56:15.0332 4532 C:\Windows\System32\NetworkStatus.dll - ok
21:56:15.0332 4532 [ CDC23C840176B53BE7A8158983A2287D ] C:\Windows\System32\cscui.dll
21:56:15.0332 4532 C:\Windows\System32\cscui.dll - ok
21:56:15.0348 4532 [ 731E5CB202CC81B179BD3C07F99E3202 ] C:\Windows\System32\cscdll.dll
21:56:15.0348 4532 C:\Windows\System32\cscdll.dll - ok
21:56:15.0348 4532 [ 8E2FDB48EDB11E9AB929EFBEA174EDC9 ] C:\Windows\System32\cscobj.dll
21:56:15.0348 4532 C:\Windows\System32\cscobj.dll - ok
21:56:15.0348 4532 [ 037060D7081F4B361634D09249537CAD ] C:\Windows\System32\srchadmin.dll
21:56:15.0348 4532 C:\Windows\System32\srchadmin.dll - ok
21:56:15.0348 4532 [ 721FE03AD407CCD70B7749A06C54AF69 ] C:\Windows\System32\SearchIndexer.exe
21:56:15.0348 4532 C:\Windows\System32\SearchIndexer.exe - ok
21:56:15.0364 4532 [ 501CEF50F3F9D8A6A6882D419DE3C62F ] C:\Windows\System32\bthprops.cpl
21:56:15.0364 4532 C:\Windows\System32\bthprops.cpl - ok
21:56:15.0364 4532 [ B49117E1229DB4B729A5902DC0774424 ] C:\Windows\System32\BluetoothApis.dll
21:56:15.0364 4532 C:\Windows\System32\BluetoothApis.dll - ok
21:56:15.0364 4532 [ B80EFF9FA8DC34F39679BD142E3CEFA6 ] C:\Windows\System32\ActionCenter.dll
21:56:15.0364 4532 C:\Windows\System32\ActionCenter.dll - ok
21:56:15.0379 4532 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\29811641.sys
21:56:15.0379 4532 C:\Windows\System32\drivers\29811641.sys - ok
21:56:15.0379 4532 [ F3104494C15416883AAF52F660FF87D6 ] C:\Windows\System32\tquery.dll
21:56:15.0379 4532 C:\Windows\System32\tquery.dll - ok
21:56:15.0379 4532 [ 7BC6EF66767C7BC90950BD67CDF39CEA ] C:\Windows\System32\mssrch.dll
21:56:15.0379 4532 C:\Windows\System32\mssrch.dll - ok
21:56:15.0379 4532 [ E7180DA28F5758AF8EA550735E4F01C7 ] C:\Windows\System32\msidle.dll
21:56:15.0379 4532 C:\Windows\System32\msidle.dll - ok
21:56:15.0395 4532 [ FB3791F38AB3F2645AB2F25614CA63BB ] C:\Windows\System32\mssprxy.dll
21:56:15.0395 4532 C:\Windows\System32\mssprxy.dll - ok
21:56:15.0395 4532 [ 8472D264A8FF76EB5BE2F792D2CA2FE9 ] C:\Windows\System32\SyncCenter.dll
21:56:15.0395 4532 C:\Windows\System32\SyncCenter.dll - ok
21:56:15.0395 4532 [ A80395712FF16183466958B206AAD427 ] C:\Windows\System32\SearchProtocolHost.exe
21:56:15.0395 4532 C:\Windows\System32\SearchProtocolHost.exe - ok
21:56:15.0395 4532 [ 4D0C14027D38E14EAD34809D89718F7E ] C:\Windows\System32\imapi2.dll
21:56:15.0395 4532 C:\Windows\System32\imapi2.dll - ok
21:56:15.0410 4532 [ D286CD48DA95083BC59FBED7464DED93 ] C:\Windows\System32\msshooks.dll
21:56:15.0410 4532 C:\Windows\System32\msshooks.dll - ok
21:56:15.0410 4532 [ BB7E0FF2273D4A7232165C770D800DC6 ] C:\Windows\System32\SearchFilterHost.exe
21:56:15.0410 4532 C:\Windows\System32\SearchFilterHost.exe - ok
21:56:15.0410 4532 [ 717544DDBD2F86F4F1BDF49153F266F9 ] C:\Windows\System32\mssph.dll
21:56:15.0410 4532 C:\Windows\System32\mssph.dll - ok
21:56:15.0426 4532 [ F4756051594782CDDA4D153D1C447B88 ] C:\Windows\System32\mapi32.dll
21:56:15.0426 4532 C:\Windows\System32\mapi32.dll - ok
21:56:15.0426 4532 [ B652132F3811B5AB5E13D50E051AD7D9 ] C:\Program Files\Windows Defender\MpCmdRun.exe
21:56:15.0426 4532 C:\Program Files\Windows Defender\MpCmdRun.exe - ok
21:56:15.0426 4532 [ 512A085A70A68E67E964B1BB48908697 ] C:\Windows\SysWOW64\riched20.dll
21:56:15.0426 4532 C:\Windows\SysWOW64\riched20.dll - ok
21:56:15.0426 4532 [ A135437C0A98ABD8BBCC21C535EB3F0C ] C:\Windows\System32\hgcpl.dll
21:56:15.0426 4532 C:\Windows\System32\hgcpl.dll - ok
21:56:15.0442 4532 [ 753D2DC468DFE15788F49354A530DF70 ] C:\Windows\System32\ntshrui.dll
21:56:15.0442 4532 C:\Windows\System32\ntshrui.dll - ok
21:56:15.0442 4532 [ DE4C02870B048E921C0613E6E3E65578 ] C:\Windows\System32\wbem\WmiPrvSE.exe
21:56:15.0442 4532 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
21:56:15.0442 4532 [ 2F42E4079C0AA9417B46A7B59D0F3156 ] C:\Windows\System32\cabinet.dll
21:56:15.0442 4532 C:\Windows\System32\cabinet.dll - ok
21:56:15.0442 4532 [ D2A6A4B39DD5E434761941737A5B69C9 ] C:\Windows\SysWOW64\msls31.dll
21:56:15.0442 4532 C:\Windows\SysWOW64\msls31.dll - ok
21:56:15.0457 4532 [ 50ED517F3B08AD4841FD23E048E2A8DC ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:56:15.0457 4532 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:56:15.0457 4532 [ 82A7B16C251214548BD2404F92C28E54 ] C:\Program Files\Windows Defender\MpCommu.dll
21:56:15.0457 4532 C:\Program Files\Windows Defender\MpCommu.dll - ok
21:56:15.0457 4532 [ AD81A91BFF666038D562B26943AD236C ] C:\Windows\System32\msiltcfg.dll
21:56:15.0457 4532 C:\Windows\System32\msiltcfg.dll - ok
21:56:15.0473 4532 [ 81090A5364EFBC946755EE051ED84A28 ] C:\Windows\SysWOW64\duser.dll
21:56:15.0473 4532 C:\Windows\SysWOW64\duser.dll - ok
21:56:15.0473 4532 [ ED2040CF828EA351AC7390BF6B16B93E ] C:\Windows\System32\msi.dll
21:56:15.0473 4532 C:\Windows\System32\msi.dll - ok
21:56:15.0473 4532 [ CE0FF559765832437A9E2DBC2DDE587B ] C:\Windows\SysWOW64\dui70.dll
21:56:15.0473 4532 C:\Windows\SysWOW64\dui70.dll - ok
21:56:15.0473 4532 [ 5471A4A5F6D6F479D191ABFA55AC85E5 ] C:\Windows\System32\wbem\wmiprov.dll
21:56:15.0473 4532 C:\Windows\System32\wbem\wmiprov.dll - ok
21:56:15.0489 4532 [ 0AC55A7DC24F5C57CD4BBA2AFD8B823A ] C:\Windows\System32\bitsprx6.dll
21:56:15.0489 4532 C:\Windows\System32\bitsprx6.dll - ok
21:56:15.0489 4532 [ 7193FE2DB11EAA6175F962F3622418C0 ] C:\Windows\System32\korwbrkr.dll
21:56:15.0489 4532 C:\Windows\System32\korwbrkr.dll - ok
21:56:15.0489 4532 [ 3B92B4A520D043CD44E290F70910B3B4 ] C:\Windows\System32\ThumbnailExtractionHost.exe
21:56:15.0489 4532 C:\Windows\System32\ThumbnailExtractionHost.exe - ok
21:56:15.0504 4532 [ 7E0FC3D8763333D37BFB86D75570E634 ] C:\Windows\System32\ELSCore.dll
21:56:15.0504 4532 C:\Windows\System32\ELSCore.dll - ok
21:56:15.0504 4532 [ 5CF3D8512E12AB1FE9589DD4F1831FC7 ] C:\Windows\System32\elsTrans.dll
21:56:15.0504 4532 C:\Windows\System32\elsTrans.dll - ok
21:56:15.0504 4532 [ E2447C45EB8A8C273B05EE66896E449F ] C:\Windows\System32\elslad.dll
21:56:15.0504 4532 C:\Windows\System32\elslad.dll - ok
21:56:15.0504 4532 [ 183CB50608E3058315892622F3F8DB52 ] C:\Windows\System32\PhotoMetadataHandler.dll
21:56:15.0504 4532 C:\Windows\System32\PhotoMetadataHandler.dll - ok
21:56:15.0520 4532 [ C3DC28B8BDDA02E47D13EDADACC73AD6 ] C:\Windows\System32\NaturalLanguage6.dll
21:56:15.0520 4532 C:\Windows\System32\NaturalLanguage6.dll - ok
21:56:15.0520 4532 [ CE5E0441207AA2EA2415B20F497990B6 ] C:\Windows\System32\WindowsCodecsExt.dll
21:56:15.0520 4532 C:\Windows\System32\WindowsCodecsExt.dll - ok
21:56:15.0520 4532 [ 7074F3162E037C2C7ABD2944E856126F ] C:\Windows\System32\NlsData0009.dll
21:56:15.0520 4532 C:\Windows\System32\NlsData0009.dll - ok
21:56:15.0520 4532 [ 79E0555E35915B3499DB5BD9C3E44D51 ] C:\Program Files\Windows Media Player\WMPMediaSharing.dll
21:56:15.0520 4532 C:\Program Files\Windows Media Player\WMPMediaSharing.dll - ok
21:56:15.0535 4532 [ A4AC86D4A3E13254D0F26DD71F1C5F91 ] C:\Windows\System32\msxml3.dll
21:56:15.0535 4532 C:\Windows\System32\msxml3.dll - ok
21:56:15.0535 4532 [ FC1C8A6F9F211F524D4463A6CBCDCB3E ] C:\Windows\System32\localspl.dll
21:56:15.0535 4532 C:\Windows\System32\localspl.dll - ok
21:56:15.0535 4532 [ C668928046B797D37D0D6C63A34B14A1 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
21:56:15.0535 4532 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
21:56:15.0535 4532 [ 972298F9D09967813B538FCEC49140E1 ] C:\Windows\System32\wsock32.dll
21:56:15.0535 4532 C:\Windows\System32\wsock32.dll - ok
21:56:15.0551 4532 [ 4B50BBEDB4811FF337A9F2AF5070695C ] C:\Windows\System32\keyiso.dll
21:56:15.0551 4532 C:\Windows\System32\keyiso.dll - ok
21:56:15.0551 4532 [ 586876F9859A1D3F4F301F7472DF9020 ] C:\Windows\System32\spoolss.dll
21:56:15.0551 4532 C:\Windows\System32\spoolss.dll - ok
21:56:15.0551 4532 [ 51CB475DD55BAF097ED56B18E6D6D06D ] C:\Windows\System32\linkinfo.dll
21:56:15.0551 4532 C:\Windows\System32\linkinfo.dll - ok
21:56:15.0567 4532 [ 7ED2F6CCDF099F2A1F0B3A275AD4B5F3 ] C:\Windows\System32\PrintIsolationProxy.dll
21:56:15.0567 4532 C:\Windows\System32\PrintIsolationProxy.dll - ok
21:56:15.0567 4532 [ BB14F7DC23144F38D9133B4C7D2B823B ] C:\Windows\System32\HNCE2PPRMON80.dll
21:56:15.0567 4532 C:\Windows\System32\HNCE2PPRMON80.dll - ok
21:56:15.0567 4532 [ DFD79DC0DC768252430ACD32128792BD ] C:\Windows\System32\NlsLexicons0009.dll
21:56:15.0567 4532 C:\Windows\System32\NlsLexicons0009.dll - ok
21:56:15.0567 4532 [ B22927E408C7DD5D6A7D6D735125A6EE ] C:\Windows\System32\FXSMON.dll
21:56:15.0567 4532 C:\Windows\System32\FXSMON.dll - ok
21:56:15.0582 4532 [ 48BB114BBE8C808B8BBBD543469A1094 ] C:\Windows\System32\networkexplorer.dll
21:56:15.0582 4532 C:\Windows\System32\networkexplorer.dll - ok
21:56:15.0582 4532 [ 4AF9C2F1D080B5361457AD1B4DD40A5C ] C:\Windows\System32\drprov.dll
21:56:15.0582 4532 C:\Windows\System32\drprov.dll - ok
21:56:15.0582 4532 [ 2A9986C1A9290A22E67EC35D51A1B07B ] C:\Windows\System32\tcpmon.dll
21:56:15.0582 4532 C:\Windows\System32\tcpmon.dll - ok
21:56:15.0582 4532 [ 4FB84F8FDF2F3BBBF27FD758BF6B627A ] C:\Windows\System32\ntlanman.dll
21:56:15.0582 4532 C:\Windows\System32\ntlanman.dll - ok
21:56:15.0598 4532 [ 139DC737D4DC165A28604E7055D7CE81 ] C:\Windows\System32\davclnt.dll
21:56:15.0598 4532 C:\Windows\System32\davclnt.dll - ok
21:56:15.0598 4532 [ AC83BD89FE333EF6925C0F3638DD71D1 ] C:\Windows\System32\snmpapi.dll
21:56:15.0598 4532 C:\Windows\System32\snmpapi.dll - ok
21:56:15.0598 4532 [ FD2EFD5863B6A5EFB464814C9F2A0EBA ] C:\Windows\System32\davhlpr.dll
21:56:15.0598 4532 C:\Windows\System32\davhlpr.dll - ok
21:56:15.0614 4532 [ 4BEB8BACF8CB1C372C576B694713A8FD ] C:\Windows\System32\usbmon.dll
21:56:15.0614 4532 C:\Windows\System32\usbmon.dll - ok
21:56:15.0614 4532 [ DC34C10245E608D2056887BBC7092EFA ] C:\Windows\System32\wsnmp32.dll
21:56:15.0614 4532 C:\Windows\System32\wsnmp32.dll - ok
21:56:15.0614 4532 [ 6E25D8E1FCC83D56C1EB119DD22857C7 ] C:\Windows\System32\WSDMon.dll
21:56:15.0614 4532 C:\Windows\System32\WSDMon.dll - ok
21:56:15.0629 4532 [ 469D9A15BDBF65466A5FD1BE50CA8393 ] C:\Windows\System32\fdPnp.dll
21:56:15.0629 4532 C:\Windows\System32\fdPnp.dll - ok
21:56:15.0629 4532 [ 04E669B6608D321B40BB8B6AE0F51EC0 ] C:\Windows\System32\mobsync.exe
21:56:15.0629 4532 C:\Windows\System32\mobsync.exe - ok
21:56:15.0629 4532 [ 16C72B5242208702261FE76A1988EEC0 ] C:\Windows\System32\drvstore.dll
21:56:15.0629 4532 C:\Windows\System32\drvstore.dll - ok
21:56:15.0629 4532 [ 1C92EB5D858F0B6CEC84C15501EB25BA ] C:\Windows\System32\SyncInfrastructure.dll
21:56:15.0629 4532 C:\Windows\System32\SyncInfrastructure.dll - ok
21:56:15.0645 4532 [ DA3ACD561D58975A8DDAEFC9A8ED27D3 ] C:\Windows\System32\wmpmde.dll
21:56:15.0645 4532 C:\Windows\System32\wmpmde.dll - ok
21:56:15.0645 4532 [ E367DCCE8FC3D5291AA36F98E4449561 ] C:\Windows\System32\wmp.dll
21:56:15.0645 4532 C:\Windows\System32\wmp.dll - ok
21:56:15.0645 4532 [ 9DE207EEB8792E264D89133C0A9D532F ] C:\Windows\System32\mfcore.dll
21:56:15.0645 4532 C:\Windows\System32\mfcore.dll - ok
21:56:15.0645 4532 [ B73D9DDDB8968D3379AF786518C4168D ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
21:56:15.0645 4532 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
21:56:15.0661 4532 [ 8F3B08605CA7020D902C2C65FD43F9C4 ] C:\Windows\System32\WinSATAPI.dll
21:56:15.0661 4532 C:\Windows\System32\WinSATAPI.dll - ok
21:56:15.0661 4532 [ 693B5399BFDC34F9BF5829EBCEE49015 ] C:\Windows\System32\win32spl.dll
21:56:15.0661 4532 C:\Windows\System32\win32spl.dll - ok
21:56:15.0661 4532 [ F5E4FC1C0E86ADEC322042276082BB74 ] C:\Windows\System32\CertPolEng.dll
21:56:15.0661 4532 C:\Windows\System32\CertPolEng.dll - ok
21:56:15.0661 4532 [ 826F9660E1750A7D0572720D4D77D4E0 ] C:\Program Files\Windows Defender\MpUXSrv.exe
21:56:15.0661 4532 C:\Program Files\Windows Defender\MpUXSrv.exe - ok
21:56:15.0676 4532 [ CF2B4B8CACE3659632A96DE7A98434FE ] C:\Windows\System32\MSMPEG2ENC.DLL
21:56:15.0676 4532 C:\Windows\System32\MSMPEG2ENC.DLL - ok
21:56:15.0676 4532 [ 7C96DE865DA8C1B5CB35F96F1A31861D ] C:\Windows\System32\SearchFolder.dll
21:56:15.0676 4532 C:\Windows\System32\SearchFolder.dll - ok
21:56:15.0676 4532 [ E55DF00DF7E2F851046DC2AEF0D4835D ] C:\Windows\System32\inetpp.dll
21:56:15.0676 4532 C:\Windows\System32\inetpp.dll - ok
21:56:15.0692 4532 [ 779291F12385445D4C0F4D756CDFB60D ] C:\Windows\System32\StructuredQuery.dll
21:56:15.0692 4532 C:\Windows\System32\StructuredQuery.dll - ok
21:56:15.0692 4532 [ 08AE7C8BD4910F4832F42CE013F0656E ] C:\Program Files\Windows Defender\mpuxhostproxy.dll
21:56:15.0692 4532 C:\Program Files\Windows Defender\mpuxhostproxy.dll - ok
21:56:15.0692 4532 [ 615D53F241B5A561ED4FF23D571D47F8 ] C:\Windows\System32\wpnapps.dll
21:56:15.0692 4532 C:\Windows\System32\wpnapps.dll - ok
21:56:15.0692 4532 [ CF85A0EB9B91D9826109EDABEB3441D9 ] C:\Windows\System32\wmploc.DLL
21:56:15.0692 4532 C:\Windows\System32\wmploc.DLL - ok
21:56:15.0707 4532 [ 0A2AAEE1655B70AE9700FE2AC84C45FE ] C:\Windows\System32\EhStorShell.dll
21:56:15.0707 4532 C:\Windows\System32\EhStorShell.dll - ok
21:56:15.0707 4532 [ F1D2ABA7038E01F7465E36F2057E7C13 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
21:56:15.0707 4532 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
21:56:15.0707 4532 [ DC49B215EE5804D98CF73599A07C6AC8 ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6750_none_08e52dfda83c913f\msvcr90.dll
21:56:15.0707 4532 C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6750_none_08e52dfda83c913f\msvcr90.dll - ok
21:56:15.0707 4532 [ 7FC8D06570DAC24E8DD96A6C8D5FDAEA ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6750_none_08e52dfda83c913f\msvcp90.dll
21:56:15.0707 4532 C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6750_none_08e52dfda83c913f\msvcp90.dll - ok
21:56:15.0723 4532 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
21:56:15.0723 4532 C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
21:56:15.0723 4532 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
21:56:15.0723 4532 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
21:56:15.0723 4532 [ 3E88C4AFBCCD528E05AD2D0B8BC2BD40 ] C:\Windows\System32\apprepapi.dll
21:56:15.0723 4532 C:\Windows\System32\apprepapi.dll - ok
21:56:15.0739 4532 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
21:56:15.0739 4532 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
21:56:15.0739 4532 [ 25A6977D0067273D8250CC7D7D32BAD4 ] C:\Windows\SysWOW64\IME\IMEKR\imkrtip.dll
21:56:15.0739 4532 C:\Windows\SysWOW64\IME\IMEKR\imkrtip.dll - ok
21:56:15.0739 4532 [ 4C21749AA386417B70AC5E2B623DE013 ] C:\Windows\SysWOW64\IME\SHARED\IMETIP.DLL
21:56:15.0739 4532 C:\Windows\SysWOW64\IME\SHARED\IMETIP.DLL - ok
21:56:15.0754 4532 [ 559A1C35A31FD553A189FF61D8599100 ] C:\Windows\SysWOW64\oleacc.dll
21:56:15.0754 4532 C:\Windows\SysWOW64\oleacc.dll - ok
21:56:15.0754 4532 [ 4628E21356B41E4C2E102493C430780E ] C:\Windows\SysWOW64\IME\IMEKR\imkrapi.dll
21:56:15.0754 4532 C:\Windows\SysWOW64\IME\IMEKR\imkrapi.dll - ok
21:56:15.0754 4532 [ 5CAA4B547C166E5EE180697AD8A1516F ] C:\Windows\SysWOW64\IME\SHARED\IMJKAPI.DLL
21:56:15.0754 4532 C:\Windows\SysWOW64\IME\SHARED\IMJKAPI.DLL - ok
21:56:15.0754 4532 [ 1315C5C5C54CE2AA37A155F97027DB59 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
21:56:15.0754 4532 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
21:56:15.0770 4532 [ 2A6837809A894F63348C3C3998996FA5 ] C:\Windows\Branding\Basebrd\basebrd.dll
21:56:15.0770 4532 C:\Windows\Branding\Basebrd\basebrd.dll - ok
21:56:15.0770 4532 [ CD8BCE98B134C8F70585B2276BEED8CA ] C:\Windows\SysWOW64\taskschd.dll
21:56:15.0770 4532 C:\Windows\SysWOW64\taskschd.dll - ok
21:56:15.0770 4532 [ C0436A022CFB3B690C4BD474EDB013B4 ] C:\Windows\System32\igfxtray.exe
21:56:15.0770 4532 C:\Windows\System32\igfxtray.exe - ok
21:56:15.0785 4532 [ 28571851FCA971C917005927C80580B5 ] C:\Windows\System32\hccutils.dll
21:56:15.0785 4532 C:\Windows\System32\hccutils.dll - ok
21:56:15.0785 4532 [ FB8A221672BB3F65C6C8423FD15A461D ] C:\Windows\System32\hkcmd.exe
21:56:15.0785 4532 C:\Windows\System32\hkcmd.exe - ok
21:56:15.0785 4532 [ 8BED07E447450961FA22B744C791FD7A ] C:\Windows\System32\igfxsrvc.exe
21:56:15.0785 4532 C:\Windows\System32\igfxsrvc.exe - ok
21:56:15.0785 4532 [ 9B14389CB38B4378B356DC30EA150149 ] C:\Windows\System32\igfxsrvc.dll
21:56:15.0785 4532 C:\Windows\System32\igfxsrvc.dll - ok
21:56:15.0801 4532 [ 914004A4E775E1952AE15319305A69EE ] C:\Windows\System32\igfxdev.dll
21:56:15.0801 4532 C:\Windows\System32\igfxdev.dll - ok
21:56:15.0801 4532 [ 903C536CAF2CF53A5D7AB6B0592EB0AF ] C:\Windows\System32\igfxrkor.lrc
21:56:15.0801 4532 C:\Windows\System32\igfxrkor.lrc - ok
21:56:15.0801 4532 [ F0F3824029B77A91264EFF1CC5016D64 ] C:\Windows\System32\igfxress.dll
21:56:15.0801 4532 C:\Windows\System32\igfxress.dll - ok
21:56:15.0817 4532 [ BAB561BE618570F780BF7776EF9D8D89 ] C:\Windows\System32\igfxpers.exe
21:56:15.0817 4532 C:\Windows\System32\igfxpers.exe - ok
21:56:15.0817 4532 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
21:56:15.0817 4532 C:\Windows\System32\IccLibDll_x64.dll - ok
21:56:15.0817 4532 [ E0E15F209360E4A97ABCC21A486B4AEE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
21:56:15.0817 4532 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe - ok
21:56:15.0817 4532 [ B26C50A42BA5AA0B618228B01EA5C251 ] C:\Windows\System32\drivers\fastfat.sys
21:56:15.0817 4532 C:\Windows\System32\drivers\fastfat.sys - ok
21:56:15.0832 4532 [ 8E0831382D3313E75614C9D85237B99F ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
21:56:15.0832 4532 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE - ok
21:56:15.0832 4532 [ CBEC06E32D0AC9C3D0A9199EDC1FB959 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
21:56:15.0832 4532 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
21:56:15.0832 4532 [ 82D73D171BF119B5AAE68BFEFADFE9FE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll
21:56:15.0832 4532 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll - ok
21:56:15.0848 4532 [ F09CD07888A22F5E46BEA236E5CDCAE4 ] C:\Windows\SysWOW64\comctl32.dll
21:56:15.0848 4532 C:\Windows\SysWOW64\comctl32.dll - ok
21:56:15.0848 4532 [ 5AFDE66182599274EDE47A4448DA096F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll
21:56:15.0848 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll - ok
21:56:15.0848 4532 [ CA1633BDB9D879263266BCE82F326789 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
21:56:15.0848 4532 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
21:56:15.0848 4532 [ F81F14DC4DD866552DD37398E68FE23F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll
21:56:15.0848 4532 C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll - ok
21:56:15.0864 4532 [ C16C054F1E07EE69090B03B5E053BA36 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll
21:56:15.0864 4532 C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll - ok
21:56:15.0864 4532 [ C753ED3DA24F3FE86F754E08A14E2460 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll
21:56:15.0864 4532 C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll - ok
21:56:15.0864 4532 [ 89084DD8C7A4C7FCDA50485B33C6C98D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll
21:56:15.0864 4532 C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll - ok
21:56:15.0879 4532 [ 126F34AC5D9E681D06499EEC0DD6679E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
21:56:15.0879 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
21:56:15.0879 4532 [ 4C0DA2B69F8DE16E97FCEC0E19312923 ] C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL
21:56:15.0879 4532 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL - ok
21:56:15.0879 4532 [ 4664ABADE37F75551CAB943EA6077946 ] C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll
21:56:15.0879 4532 C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll - ok
21:56:15.0895 4532 [ A1CFDEF143B1B4047E0FD3510F85DE97 ] C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL
21:56:15.0895 4532 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL - ok
21:56:15.0895 4532 [ 9CB819197E6B2FD3DC0429E3DC1CCFDD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
21:56:15.0895 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
21:56:15.0895 4532 [ 54AAE3C820F9B0C6584CCF91E4385FE4 ] C:\Windows\SysWOW64\sfc.dll
21:56:15.0895 4532 C:\Windows\SysWOW64\sfc.dll - ok
21:56:15.0911 4532 [ 2246E0D22F56840A9A6BDD9873BE577A ] C:\Windows\SysWOW64\sxs.dll
21:56:15.0911 4532 C:\Windows\SysWOW64\sxs.dll - ok
21:56:15.0911 4532 [ 1F21E4CE165A900D6F497577449D8EA0 ] C:\Windows\SysWOW64\comdlg32.dll
21:56:15.0911 4532 C:\Windows\SysWOW64\comdlg32.dll - ok
21:56:15.0911 4532 [ E58B397D44FDEC5BCD8F07A965B1A8A0 ] C:\Windows\SysWOW64\msimg32.dll
21:56:15.0911 4532 C:\Windows\SysWOW64\msimg32.dll - ok
21:56:15.0911 4532 [ 5E00B3DE52092B2E57132AEDF07DA02E ] C:\Windows\SysWOW64\d3d9.dll
21:56:15.0911 4532 C:\Windows\SysWOW64\d3d9.dll - ok
21:56:15.0926 4532 [ B3E248A6AFB03F9AEDB34BD3885CF205 ] C:\Windows\SysWOW64\samcli.dll
21:56:15.0926 4532 C:\Windows\SysWOW64\samcli.dll - ok
21:56:15.0926 4532 [ BB3A22F3EED85A12CFB2DD60D9F9B52F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
21:56:15.0926 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe - ok
21:56:15.0926 4532 [ 7BC3C4F729750415DC72F348A7837064 ] C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll
21:56:15.0926 4532 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll - ok
21:56:15.0942 4532 [ 12EFA5A9B0D7D62D3F0BA98DD062B8F8 ] C:\Windows\SysWOW64\msacm32.dll
21:56:15.0942 4532 C:\Windows\SysWOW64\msacm32.dll - ok
21:56:15.0942 4532 [ 2B53FC0D9D303A486891EFC6F35C96D6 ] C:\Windows\SysWOW64\powrprof.dll
21:56:15.0942 4532 C:\Windows\SysWOW64\powrprof.dll - ok
21:56:15.0942 4532 [ 2F15AE179F9C4B79855334CABA5293E5 ] C:\Windows\SysWOW64\shfolder.dll
21:56:15.0942 4532 C:\Windows\SysWOW64\shfolder.dll - ok
21:56:15.0942 4532 [ 269CD4924C3E2FF02FD1AD13A8051EB9 ] C:\Windows\SysWOW64\GdiPlus.dll
21:56:15.0942 4532 C:\Windows\SysWOW64\GdiPlus.dll - ok
21:56:15.0957 4532 [ 378A6AC4F7C21E8A980E4ED5B490234C ] C:\Program Files\Windows Media Player\wmpnscfg.exe
21:56:15.0957 4532 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
21:56:15.0957 4532 [ 12B52AF18F2DC4A4A66718D75BFA70A7 ] C:\Windows\SysWOW64\netprofm.dll
21:56:15.0957 4532 C:\Windows\SysWOW64\netprofm.dll - ok
21:56:15.0957 4532 [ 0CC79B4A36D4A7F59E44F3BC0391B516 ] C:\Windows\SysWOW64\npmproxy.dll
21:56:15.0957 4532 C:\Windows\SysWOW64\npmproxy.dll - ok
21:56:15.0957 4532 [ DCF0A5A33EFD06D817D1C2EE34155943 ] C:\Windows\SysWOW64\olepro32.dll
21:56:15.0957 4532 C:\Windows\SysWOW64\olepro32.dll - ok
21:56:15.0973 4532 [ F1EE33C140EE419C5D7F60DD4326E6DD ] C:\Windows\SysWOW64\avrt.dll
21:56:15.0973 4532 C:\Windows\SysWOW64\avrt.dll - ok
21:56:15.0973 4532 [ D56C9C6BCFB57E3497972D5BA071CEAF ] C:\Windows\SysWOW64\cryptui.dll
21:56:15.0973 4532 C:\Windows\SysWOW64\cryptui.dll - ok
21:56:15.0973 4532 [ BF59EA0A1808075366C2226579641AB9 ] C:\Windows\SysWOW64\mapi32.dll
21:56:15.0973 4532 C:\Windows\SysWOW64\mapi32.dll - ok
21:56:15.0989 4532 [ 40F96BC759F973297E89C8E1D82E9369 ] C:\Windows\SysWOW64\wlanapi.dll
21:56:15.0989 4532 C:\Windows\SysWOW64\wlanapi.dll - ok
21:56:15.0989 4532 [ 88155D3D23CA8A1DFB1F45EE3E4C8DF8 ] C:\Program Files (x86)\uTorrent\uTorrent.exe
21:56:15.0989 4532 C:\Program Files (x86)\uTorrent\uTorrent.exe - ok
21:56:15.0989 4532 [ 4B94C367A4A292DB6C43585CA7745FCD ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:56:15.0989 4532 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:56:15.0989 4532 [ 16C5C69861FCC9D99702DEB17CF34F6C ] C:\Windows\SysWOW64\BCP47Langs.dll
21:56:15.0989 4532 C:\Windows\SysWOW64\BCP47Langs.dll - ok
21:56:16.0004 4532 [ D16B7B325F467C311CD36BEB96348A90 ] C:\Windows\SysWOW64\linkinfo.dll
21:56:16.0004 4532 C:\Windows\SysWOW64\linkinfo.dll - ok
21:56:16.0004 4532 [ 75EEC127CB5446D4B74EA3F13A5FAD32 ] C:\Windows\SysWOW64\ntshrui.dll
21:56:16.0004 4532 C:\Windows\SysWOW64\ntshrui.dll - ok
21:56:16.0004 4532 [ C613496227D47B4085EE6098A4572871 ] C:\Windows\SysWOW64\nvumdshim.dll
21:56:16.0004 4532 C:\Windows\SysWOW64\nvumdshim.dll - ok
21:56:16.0004 4532 [ 6C12BD722FFC94584348DD34F4059FC5 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
21:56:16.0004 4532 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
21:56:16.0020 4532 [ 3FDC5B918B767DAB2963B1AA60ECF1AE ] C:\Windows\SysWOW64\nvapi.dll
21:56:16.0020 4532 C:\Windows\SysWOW64\nvapi.dll - ok
21:56:16.0020 4532 [ C205B0FF13FEBFB34312444DBCECE379 ] C:\Windows\SysWOW64\nvinit.dll
21:56:16.0020 4532 C:\Windows\SysWOW64\nvinit.dll - ok
21:56:16.0020 4532 [ B7A8787A11E54957FDC4AC372B115751 ] C:\Windows\SysWOW64\bcrypt.dll
21:56:16.0020 4532 C:\Windows\SysWOW64\bcrypt.dll - ok
21:56:16.0036 4532 [ A6AFF277EAB37E65F00C3DAAB1259AAE ] C:\Windows\SysWOW64\ncrypt.dll
21:56:16.0036 4532 C:\Windows\SysWOW64\ncrypt.dll - ok
21:56:16.0036 4532 [ C8C3092E7C94F3DAC2B8AF6D7ECB20F3 ] C:\Windows\SysWOW64\ntasn1.dll
21:56:16.0036 4532 C:\Windows\SysWOW64\ntasn1.dll - ok
21:56:16.0036 4532 [ 865ED99524E56661DE06B09B5DBD33BD ] C:\Windows\SysWOW64\dpapi.dll
21:56:16.0036 4532 C:\Windows\SysWOW64\dpapi.dll - ok
21:56:16.0036 4532 [ 65ED6C05F8EB68E86AF27DCDBEB93AD4 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:56:16.0036 4532 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:56:16.0051 4532 [ 95CF3C7014D222F1E5E1DFC6D6FE56A4 ] C:\Windows\SysWOW64\hnetcfg.dll
21:56:16.0051 4532 C:\Windows\SysWOW64\hnetcfg.dll - ok
21:56:16.0051 4532 [ 0D46F268A866583E6A90F3336E6A659C ] C:\Windows\SysWOW64\atl.dll
21:56:16.0051 4532 C:\Windows\SysWOW64\atl.dll - ok
21:56:16.0051 4532 [ 222BD2E4D1B6ABB8A1A0AA29B5FF708B ] C:\Windows\SysWOW64\gpapi.dll
21:56:16.0051 4532 C:\Windows\SysWOW64\gpapi.dll - ok
21:56:16.0051 4532 [ B260A716DC78702FFAF7D4BAE2B6BA4F ] C:\Windows\SysWOW64\igdumdx32.dll
21:56:16.0051 4532 C:\Windows\SysWOW64\igdumdx32.dll - ok
21:56:16.0067 4532 [ 81B5B5E302E31A8E38474CD53B4CD5BF ] C:\Windows\SysWOW64\upnp.dll
21:56:16.0067 4532 C:\Windows\SysWOW64\upnp.dll - ok
21:56:16.0067 4532 [ BEFEA5834A51DE5BE45877DB55E08E17 ] C:\Windows\SysWOW64\ssdpapi.dll
21:56:16.0067 4532 C:\Windows\SysWOW64\ssdpapi.dll - ok
21:56:16.0067 4532 [ D5B783DACE1BBDD382A63C894BAB8E1E ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
21:56:16.0067 4532 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe - ok
21:56:16.0082 4532 [ 756DEDFA9293371AD71AD16257833735 ] C:\Windows\System32\mstask.dll
21:56:16.0082 4532 C:\Windows\System32\mstask.dll - ok
21:56:16.0082 4532 [ 8E344F1B6EFF15F719ECAC6D80067EBA ] C:\Windows\SysWOW64\igdumd32.dll
21:56:16.0082 4532 C:\Windows\SysWOW64\igdumd32.dll - ok
21:56:16.0082 4532 [ D8C468CFC35A4D1A18EB213FAAC50532 ] C:\Windows\SysWOW64\WindowsCodecs.dll
21:56:16.0082 4532 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
21:56:16.0082 4532 [ ABB1B50F36CCBEF119FBEF8FDF14AD61 ] C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL
21:56:16.0082 4532 C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL - ok
21:56:16.0098 4532 [ 1D8EE033B94D0A5238F0AFCF23738570 ] C:\Windows\System32\hhctrl.ocx
21:56:16.0098 4532 C:\Windows\System32\hhctrl.ocx - ok
21:56:16.0098 4532 [ 60DA1A460431EA1B30AB74A7A2BA3EA9 ] C:\Windows\SysWOW64\msxml6.dll
21:56:16.0098 4532 C:\Windows\SysWOW64\msxml6.dll - ok
21:56:16.0098 4532 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:56:16.0098 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
21:56:16.0114 4532 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll
21:56:16.0114 4532 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll - ok
21:56:16.0114 4532 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll
21:56:16.0114 4532 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll - ok
21:56:16.0114 4532 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll
21:56:16.0114 4532 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll - ok
21:56:16.0129 4532 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
21:56:16.0129 4532 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll - ok
21:56:16.0129 4532 [ 6AF437321A61DFB8CDB28077845D5072 ] C:\Windows\SysWOW64\IconCodecService.dll
21:56:16.0129 4532 C:\Windows\SysWOW64\IconCodecService.dll - ok
21:56:16.0129 4532 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
21:56:16.0129 4532 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
21:56:16.0129 4532 [ D250093C7F3C9E9E4967AAE5EA01BB60 ] C:\Windows\SysWOW64\msxml3.dll
21:56:16.0129 4532 C:\Windows\SysWOW64\msxml3.dll - ok
21:56:16.0145 4532 [ 6054706B9A9519D8954C7B44CD2507DA ] C:\Windows\SysWOW64\jscript.dll
21:56:16.0145 4532 C:\Windows\SysWOW64\jscript.dll - ok
21:56:16.0145 4532 [ 41799CC790C6A7296DF55360CC22144D ] C:\Windows\SysWOW64\mshtml.dll
21:56:16.0145 4532 C:\Windows\SysWOW64\mshtml.dll - ok
21:56:16.0145 4532 [ 814D3ACC96F29C3221BEEC785208C889 ] C:\Program Files\Windows Media Player\wmpnssci.dll
21:56:16.0145 4532 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
21:56:16.0145 4532 [ E01F456294AC209F4342D33C553411BC ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
21:56:16.0145 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok
21:56:16.0161 4532 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
21:56:16.0161 4532 C:\Windows\SysWOW64\mfc100u.dll - ok
21:56:16.0161 4532 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
21:56:16.0161 4532 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
21:56:16.0161 4532 [ D616E3F73C9E457B2311D950CE26942D ] C:\Windows\SysWOW64\mscoree.dll
21:56:16.0161 4532 C:\Windows\SysWOW64\mscoree.dll - ok
21:56:16.0176 4532 [ B9BE96EF24DD9B79CB721760204B7DF7 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
21:56:16.0176 4532 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
21:56:16.0176 4532 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\Windows\SysWOW64\mfc100enu.dll
21:56:16.0176 4532 C:\Windows\SysWOW64\mfc100enu.dll - ok
21:56:16.0176 4532 [ 58F684188929D6CF2ACCDB78EDF98385 ] C:\Windows\SysWOW64\ieframe.dll
21:56:16.0176 4532 C:\Windows\SysWOW64\ieframe.dll - ok
21:56:16.0176 4532 [ A06401F94E64E4DE108CF02FA26F6FC1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
21:56:16.0176 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok
21:56:16.0192 4532 [ 6E71817DD5BD808ADF8214BE37B4958F ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
21:56:16.0192 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok
21:56:16.0192 4532 [ DB7F445E3A62F96B8E5B4B61BCFFD22E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
21:56:16.0192 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok
21:56:16.0192 4532 [ 126B2F509341C36D99BD15188592123A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
21:56:16.0192 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok
21:56:16.0207 4532 [ 7E6BA46E48A45DBAD5AADE3510598BDD ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
21:56:16.0207 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok
21:56:16.0207 4532 [ 6F090EBFE2548AF529F6A393BB8373B7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
21:56:16.0207 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok
21:56:16.0207 4532 [ C0537786F8D494A0686D64D8E278DC65 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
21:56:16.0207 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
21:56:16.0207 4532 [ 692DDF02F2C3F53AE670CFAF55D2DBB3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
21:56:16.0207 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok
21:56:16.0223 4532 [ A9C010E69079A39A42407A7AD74BA691 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
21:56:16.0223 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok
21:56:16.0223 4532 [ 0A0F3612A73619A755C596A4441F25D9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
21:56:16.0223 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok
21:56:16.0223 4532 [ 06F93DA727D348689707611448470C9E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
21:56:16.0223 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok
21:56:16.0239 4532 [ 824A8FECC5E5D62B61A4F499F9D62023 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
21:56:16.0239 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok
21:56:16.0239 4532 [ 795D4835CE714F4A0C601766134F344B ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
21:56:16.0239 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok
21:56:16.0239 4532 [ 5AC47E3AC56E5E8827C9C593CB86881E ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
21:56:16.0239 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok
21:56:16.0239 4532 [ CE23CCF6BA06B0C093EDB58B7E131809 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
21:56:16.0239 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok
21:56:16.0254 4532 [ 9D1C5D971235A5E84B1C25E7CEFC52E4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
21:56:16.0254 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok
21:56:16.0254 4532 [ 34C4BA92B76D3700DC6AAAC34435F0F9 ] C:\Program Files (x86)\Hnc\HncUtils\HncChecker.exe
21:56:16.0254 4532 C:\Program Files (x86)\Hnc\HncUtils\HncChecker.exe - ok
21:56:16.0254 4532 [ F9D53DF31B15BB53A92C8E4B9832A661 ] C:\Windows\SysWOW64\winsta.dll
21:56:16.0254 4532 C:\Windows\SysWOW64\winsta.dll - ok
21:56:16.0270 4532 [ 82464461ACDFBA6B876BF9F74A66BCBB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
21:56:16.0270 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok
21:56:16.0270 4532 [ 0859B39D58F99AB65D6770E6774830BD ] C:\Windows\SysWOW64\MMDevAPI.dll
21:56:16.0270 4532 C:\Windows\SysWOW64\MMDevAPI.dll - ok
21:56:16.0270 4532 [ D9D79F547AE2A70C650DFCFC27AEC0F7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
21:56:16.0270 4532 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
21:56:16.0270 4532 [ 7F008154283771E658EE1F1985F85F49 ] C:\Program Files\Windows Media Player\wmpshare.exe
21:56:16.0270 4532 C:\Program Files\Windows Media Player\wmpshare.exe - ok
21:56:16.0286 4532 [ 737A3AF24C8AFF5B685CC6DFC0D93428 ] C:\Windows\SysWOW64\netshell.dll
21:56:16.0286 4532 C:\Windows\SysWOW64\netshell.dll - ok
21:56:16.0286 4532 [ 3669256FE9A86DB31A6A28F02DC98A75 ] C:\Windows\SysWOW64\oledlg.dll
21:56:16.0286 4532 C:\Windows\SysWOW64\oledlg.dll - ok
21:56:16.0286 4532 [ 5DD7D9E50C1E9977D3DD6362BF446D93 ] C:\Windows\SysWOW64\mlang.dll
21:56:16.0286 4532 C:\Windows\SysWOW64\mlang.dll - ok
21:56:16.0286 4532 [ 850C8A20F00EAC70683636673B44965F ] C:\Windows\apppatch\AcLayers.dll
21:56:16.0286 4532 C:\Windows\apppatch\AcLayers.dll - ok
21:56:16.0301 4532 [ B64F80B64EE7DE4FB68A0FEDA192EE52 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
21:56:16.0301 4532 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
21:56:16.0301 4532 [ F047AC8029004B2FB94E2429F54617A9 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
21:56:16.0301 4532 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
21:56:16.0301 4532 [ A0F110AB73271DA15E6BC314A8C1512A ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
21:56:16.0301 4532 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
21:56:16.0317 4532 [ 4EE76D4CB055E8EC281177771345E8B3 ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
21:56:16.0317 4532 C:\Program Files (x86)\PowerISO\PWRISOVM.EXE - ok
21:56:16.0317 4532 [ AF43C4F7F3C8BC95DAD95024F96CDC4A ] C:\Program Files (x86)\QuickTime\QTTask.exe
21:56:16.0317 4532 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
21:56:16.0317 4532 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:56:16.0317 4532 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
21:56:16.0332 4532 [ 09EAD9CB2346B671F8F079D3472134D8 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
21:56:16.0332 4532 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
21:56:16.0332 4532 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] C:\Program Files\iPod\bin\iPodService.exe
21:56:16.0332 4532 C:\Program Files\iPod\bin\iPodService.exe - ok
21:56:16.0332 4532 [ 6771C21C89E4A35B33BA8E71812AAE67 ] C:\Program Files (x86)\USADISK\FsLauncher.exe
21:56:16.0332 4532 C:\Program Files (x86)\USADISK\FsLauncher.exe - ok
21:56:16.0348 4532 [ D171FFB6DF8F648BA9022A550B056E00 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
21:56:16.0348 4532 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
21:56:16.0348 4532 [ F77B82470E1AA2AC6BC955711F0227E5 ] C:\Program Files\iPod\bin\iPodService.Resources\ko.lproj\iPodServiceLocalized.dll
21:56:16.0348 4532 C:\Program Files\iPod\bin\iPodService.Resources\ko.lproj\iPodServiceLocalized.dll - ok
21:56:16.0348 4532 [ F097A22A6A3D2782A8B7B24310C5EDD8 ] C:\Windows\SysWOW64\AudioSes.dll
21:56:16.0348 4532 C:\Windows\SysWOW64\AudioSes.dll - ok
21:56:16.0348 4532 [ 50547232C732F70E297784C1D02E505C ] C:\Windows\System32\RMapi.dll
21:56:16.0364 4532 C:\Windows\System32\RMapi.dll - ok
21:56:16.0364 4532 [ 5C71A170F8824A731E8E19C35E7CA747 ] C:\Windows\System32\WwanRadioManager.dll
21:56:16.0364 4532 C:\Windows\System32\WwanRadioManager.dll - ok
21:56:16.0364 4532 [ FC8F9FC1F1264A3E22DD256D7095AE46 ] C:\Windows\System32\wwapi.dll
21:56:16.0364 4532 C:\Windows\System32\wwapi.dll - ok
21:56:16.0364 4532 [ 2E9F5A8BD1BFA987257E701DC862A7CF ] C:\Windows\System32\WlanRadioManager.dll
21:56:16.0364 4532 C:\Windows\System32\WlanRadioManager.dll - ok
21:56:16.0379 4532 [ DDDA690E8D9C40780581443FAA59A419 ] C:\Windows\System32\BthRadioMedia.dll
21:56:16.0379 4532 C:\Windows\System32\BthRadioMedia.dll - ok
21:56:16.0379 4532 [ 5336C3171A5B80BB58220FE4ED795E47 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll
21:56:16.0379 4532 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok
21:56:16.0379 4532 [ EA7EF9695FD89E319153A1BCAE25C3D7 ] C:\Program Files\Windows Defender\MpTpmAtt.dll
21:56:16.0379 4532 C:\Program Files\Windows Defender\MpTpmAtt.dll - ok
21:56:16.0379 4532 [ F5034EF6053DB3963B8BACD547761F34 ] C:\Windows\System32\tbs.dll
21:56:16.0379 4532 C:\Windows\System32\tbs.dll - ok
21:56:16.0395 4532 [ 8FE651ACBA3344E645CFEB6286FFF6B8 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
21:56:16.0395 4532 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok
21:56:16.0395 4532 [ 2635B1A6B11105AACE0440CEC6830189 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll
21:56:16.0395 4532 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok
21:56:16.0395 4532 [ 9D143DE584AF0B120766B74AA41D1F28 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll
21:56:16.0395 4532 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok
21:56:16.0411 4532 [ D90DAD5EEA33A178BAC56FFF2847D4C2 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
21:56:16.0411 4532 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok
21:56:16.0411 4532 [ 4823DFE702BAE876CB31F58573D7EB55 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll
21:56:16.0411 4532 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok
21:56:16.0411 4532 [ 4F6729B68DFB6702363749F13A3464E2 ] C:\Windows\SysWOW64\Wldap32.dll
21:56:16.0411 4532 C:\Windows\SysWOW64\Wldap32.dll - ok
21:56:16.0426 4532 [ 3E0AB1C6506F149CC5ABA66433D35E62 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll
21:56:16.0426 4532 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok
21:56:16.0426 4532 [ 83502D796852329CDFC906FEE2B5EDE4 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll
21:56:16.0426 4532 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok
21:56:16.0426 4532 ============================================================
21:56:16.0426 4532 Scan finished
21:56:16.0426 4532 ============================================================
21:56:16.0442 5536 Detected object count: 5
21:56:16.0442 5536 Actual detected object count: 5
21:57:21.0980 5536 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:57:21.0980 5536 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:57:21.0980 5536 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
21:57:21.0980 5536 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:57:21.0980 5536 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
21:57:21.0980 5536 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:57:21.0980 5536 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
21:57:21.0980 5536 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:57:21.0980 5536 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:57:21.0980 5536 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#10
gringo_pr

Posted 20 January 2013 - 09:52 PM

Trusted Helper

Malware Removal
7,268 posts

In your next post I need the following
Log from Combofix
let me know of any problems you may have had
How is the computer doing now?

Gringo

#11
jsound19

Posted 20 January 2013 - 09:56 PM

Member

Topic Starter
Member
22 posts

? uhh...i told you earlier combofix won't run because the laptop's OS is win8 and it won't run in compatibility mode.. lol

Edited by jsound19, 20 January 2013 - 09:57 PM.

#12
gringo_pr

Posted 20 January 2013 - 10:12 PM

Trusted Helper

Malware Removal
7,268 posts

sorry about that

I want you to rerun tdsskiller and when it gets to this part

21:57:21.0980 5536 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:57:21.0980 5536 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I want you to select delete this time

gringo

#13
jsound19

Posted 20 January 2013 - 10:17 PM

Member

Topic Starter
Member
22 posts

Alright thankss got that taken care of. What's next?

#14
gringo_pr

Posted 20 January 2013 - 10:23 PM

Trusted Helper

Malware Removal
7,268 posts

Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

Clean Out Temp Files

This small application you may want to keep and use once a week to keep the computer clean.

Download CCleaner from here http://www.ccleaner.com/
Run the installer to install the application.
When it gives you the option to install Yahoo toolbar uncheck the box next to it.
Run CCleaner. default settings are fine
Click Run Cleaner.
Close CCleaner.

Run Malwarebytes

Please download Malwarebytes' Anti-Malware to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
- Update Malwarebytes' Anti-Malware
- and Launch Malwarebytes' Anti-Malware
then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If you accidently close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

Go Here to download HijackThis program
Save HijackThis to your desktop.
Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
copy and paste hijackthis report into the topic

"information and logs"

In your next post I need the following

Log From MBAM
report from Hijackthis
let me know of any problems you may have had
How is the computer doing now?

Gringo

#15
gringo_pr

Posted 24 January 2013 - 02:37 AM

Trusted Helper

Malware Removal
7,268 posts

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo