Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

malware/Worm virus [Closed]


  • This topic is locked This topic is locked

#1
ElamsEstates

ElamsEstates

    Member

  • Member
  • PipPip
  • 12 posts
I believe there is a worm virus on my laptop which may have established a backdoor. some weird streaming activity through windows media player has occurred. and wind media plyr has pulled in large amounts of data from c drive and now has in its folder...can someone please assist???
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello ElamsEstates and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    services.exe
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them here for me.

Step 2

Download GMER from Here. Note the file\'s name and save it to your root folder, such as C:.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

Step 3

Please don't forget to include these items in your reply:

  • OTL log
  • OTL Extras log
  • GMER log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
ElamsEstates

ElamsEstates

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
OTL logfile created on: 1/25/2013 7:14:26 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 65.88% Memory free
7.60 Gb Paging File | 5.80 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 345.95 Gb Free Space | 74.29% Space Free | Partition Type: NTFS

Computer Name: A665-N033 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/25 06:52:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2013/01/07 18:06:24 | 001,248,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/01 03:57:58 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/09/29 13:03:46 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/07 18:06:22 | 000,460,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013/01/07 18:06:21 | 012,459,624 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013/01/07 18:06:19 | 004,012,648 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013/01/07 18:05:29 | 000,598,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013/01/07 18:05:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013/01/07 18:05:25 | 001,553,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll


========== Services (SafeList) ==========

SRV:64bit: - [2009/09/29 13:11:14 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009/09/29 13:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/01/10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/05/26 08:21:28 | 000,174,680 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011/02/22 12:21:54 | 000,404,584 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2011/01/18 19:28:56 | 008,080,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 21:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/09/29 13:06:16 | 000,123,200 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2009/09/29 13:03:00 | 000,136,584 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009/09/29 12:56:36 | 000,144,824 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/29 08:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/11/09 05:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2011/03/01 10:57:56 | 000,146,928 | ---- | M] (CyberLink Corp.) [2012/03/07 22:55:38] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 93 FE 5C D0 91 F6 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/12/24 12:30:57 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: Docs = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: bleepingcomputer.com ([download] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B88B0880-2D5B-40CE-8F44-2D45BCA5D80C}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/01/20 04:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/01/20 04:06:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/01/20 04:06:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Google
[2013/01/20 04:05:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Deployment
[2013/01/07 13:01:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Archived Development Kit Release Notes Broadcom_files
[1 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/25 07:11:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/25 06:58:12 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/25 06:50:12 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 06:50:12 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 06:47:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/20 04:07:32 | 000,002,279 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/20 04:07:25 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/19 19:50:04 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/19 19:50:04 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/19 19:50:04 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/19 19:45:46 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/26 11:59:09 | 000,006,950 | ---- | M] () -- C:\Users\Owner\Desktop\Balance Sheet.pdf
[2012/12/26 11:58:42 | 000,009,499 | ---- | M] () -- C:\Users\Owner\Desktop\Profit and Loss Statement.pdf
[2012/12/26 11:55:10 | 000,002,048 | ---- | M] () -- C:\Users\Owner\Desktop\password.idx
[1 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/20 04:07:25 | 000,002,279 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/20 04:07:25 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/20 04:06:10 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/20 04:06:09 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/07 13:01:18 | 000,044,321 | ---- | C] () -- C:\Users\Owner\Desktop\Archived Development Kit Release Notes Broadcom.htm
[2012/12/26 11:59:09 | 000,006,950 | ---- | C] () -- C:\Users\Owner\Desktop\Balance Sheet.pdf
[2012/12/26 11:58:42 | 000,009,499 | ---- | C] () -- C:\Users\Owner\Desktop\Profit and Loss Statement.pdf
[2012/12/26 11:55:10 | 000,002,048 | ---- | C] () -- C:\Users\Owner\Desktop\password.idx
[2012/07/25 22:18:21 | 000,196,608 | ---- | C] () -- C:\Users\Owner\354C0C41-FEE4-411B-9A32-570E6721B328.Verify.2.etl
[2012/07/08 08:28:01 | 000,007,609 | ---- | C] () -- C:\Users\Owner\AppData\Local\resmon.resmoncfg
[2012/06/06 09:33:11 | 000,000,288 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\.backup.dm
[2012/01/10 22:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 22:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 22:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | ---- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/01/04 04:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 02:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/06/08 23:07:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PC Cleaners
[2012/06/08 23:07:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PCPro
[2012/07/07 14:28:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TightVNC

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 00:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 21:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 21:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemroot%\*. /mp /s >

< End of report >
  • 0

#4
ElamsEstates

ElamsEstates

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
OTL Extras logfile created on: 1/25/2013 7:14:26 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 65.88% Memory free
7.60 Gb Paging File | 5.80 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 345.95 Gb Free Space | 74.29% Space Free | Partition Type: NTFS

Computer Name: A665-N033 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{CB624409-999A-4B7F-96A5-D7E243DCD1FA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{54985968-04A2-4A31-9E4E-C38D2833DFAC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{A9E32DDA-3627-41D0-B304-861803B9F4DA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4183655A-5FC6-4A23-A804-7764145EC57C}" = ESET NOD32 Antivirus
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Google Chrome" = Google Chrome
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Nero8Lite_is1" = Nero 8 Micro 8.3.2.1
"STANDARD" = Microsoft Office Standard 2007
"WinRAR archiver" = WinRAR archiver

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/7/2013 1:40:04 PM | Computer Name = A665-N033 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Users\Owner\Desktop\ComputerEase
- 2011\qtool.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/7/2013 1:40:04 PM | Computer Name = A665-N033 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Users\Owner\Desktop\ComputerEase
- 2011\printdic.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/7/2013 2:15:05 PM | Computer Name = A665-N033 | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 804 Start
Time: 01cded02e5231e25 Termination Time: 16 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 1/7/2013 2:18:50 PM | Computer Name = A665-N033 | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 9d8 Start
Time: 01cded036bcb58a6 Termination Time: 16 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 1/8/2013 1:43:03 AM | Computer Name = A665-N033 | Source = WinMgmt | ID = 10
Description =

Error - 1/8/2013 4:53:43 PM | Computer Name = A665-N033 | Source = WinMgmt | ID = 10
Description =

Error - 1/9/2013 5:58:45 AM | Computer Name = A665-N033 | Source = WinMgmt | ID = 10
Description =

Error - 1/19/2013 6:08:32 PM | Computer Name = A665-N033 | Source = Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0xC004C532

Error - 1/19/2013 6:08:32 PM | Computer Name = A665-N033 | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0xC004C532) for template
Id 66c92734-d682-4d71-983e-d6ec3f16059f

Error - 1/19/2013 9:46:00 PM | Computer Name = A665-N033 | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 8/15/2012 4:23:45 PM | Computer Name = A665-N033 | Source = MCUpdate | ID = 0
Description = 3:23:45 PM - Error connecting to the internet. 3:23:45 PM - Unable
to contact server..

Error - 9/1/2012 10:30:30 AM | Computer Name = A665-N033 | Source = MCUpdate | ID = 0
Description = 9:30:30 AM - Error connecting to the internet. 9:30:30 AM - Unable
to contact server..

[ OSession Events ]
Error - 7/26/2012 12:47:40 PM | Computer Name = A665-N033 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 47
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/24/2012 7:42:21 PM | Computer Name = A665-N033 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:22:53 PM on ?12/?24/?2012 was unexpected.

Error - 1/7/2013 11:06:43 AM | Computer Name = A665-N033 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:04:32 AM on ?1/?7/?2013 was unexpected.

Error - 1/7/2013 1:22:02 PM | Computer Name = A665-N033 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 1/7/2013 1:31:44 PM | Computer Name = A665-N033 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:22:18 AM on ?1/?7/?2013 was unexpected.

Error - 1/8/2013 1:42:58 AM | Computer Name = A665-N033 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:40:24 PM on ?1/?7/?2013 was unexpected.

Error - 1/8/2013 1:56:15 AM | Computer Name = A665-N033 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR4.

Error - 1/8/2013 4:53:37 PM | Computer Name = A665-N033 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:26:33 AM on ?1/?8/?2013 was unexpected.

Error - 1/9/2013 5:58:41 AM | Computer Name = A665-N033 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:18:27 PM on ?1/?8/?2013 was unexpected.

Error - 1/19/2013 7:24:18 PM | Computer Name = A665-N033 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x8024d00e: Windows Update Core.

Error - 1/19/2013 9:45:54 PM | Computer Name = A665-N033 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:25:32 PM on ?1/?19/?2013 was unexpected.


< End of report >
  • 0

#5
ElamsEstates

ElamsEstates

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-25 08:27:54
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9500420AS rev.0001TSM1 465.76GB
Running: fl4s4qib.exe; Driver: C:\Users\Owner\AppData\Local\Temp\kxloapod.sys


---- User code sections - GMER 2.0 ----

.text C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe[1364] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000074e08799 4 bytes [C2, 04, 00, 00]

---- Threads - GMER 2.0 ----

Thread C:\Windows\system32\svchost.exe [1008:1852] 000007fef894506c
Thread C:\Windows\system32\svchost.exe [1008:1856] 000007fef8a81c20
Thread C:\Windows\system32\svchost.exe [1008:1860] 000007fef8a81c20
Thread C:\Windows\system32\svchost.exe [1008:716] 000007feeb31cb70
Thread C:\Windows\system32\svchost.exe [1008:1044] 000007fefa5c4164
Thread C:\Windows\System32\spoolsv.exe [1216:2780] 000007fef35710c8
Thread C:\Windows\System32\spoolsv.exe [1216:2784] 000007fef3536144
Thread C:\Windows\System32\spoolsv.exe [1216:2788] 000007fef3325fd0
Thread C:\Windows\System32\spoolsv.exe [1216:2792] 000007fef3313438
Thread C:\Windows\System32\spoolsv.exe [1216:2796] 000007fef33263ec
Thread C:\Windows\System32\spoolsv.exe [1216:2804] 000007fef3605e5c
Thread C:\Windows\System32\spoolsv.exe [1216:2808] 000007fef3635090
Thread C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1364:1540] 0000000020303c1a
Thread C:\Windows\system32\svchost.exe [2244:2228] 000007fef5d85f1c
Thread C:\Windows\System32\svchost.exe [2232:2368] 000007fef2ef9688
---- Processes - GMER 2.0 ----

Library ? (*** suspicious ***) @ C:\Windows\system32\lsass.exe [560] 000007fefdc20000
Library ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1008] 000007fef8cb0000
Library ? (*** suspicious ***) @ C:\Windows\System32\spoolsv.exe [1216] 000007fefb1e0000
Library ? (*** suspicious ***) @ C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1364] 0000000075630000
Library ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1424] 000007fefdac0000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1512] 0000000072e80000
Library ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [2244] 000007fefc8f0000
Library ? (*** suspicious ***) @ C:\Windows\system32\SearchIndexer.exe [2552] 000007fefb170000
Library ? (*** suspicious ***) @ C:\Windows\System32\svchost.exe [2232] 000007fefc780000

---- EOF - GMER 2.0 ----
  • 0

#6
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi ElamsEstates,

Let's continue.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\\ folder) in the form of \"TDSSKiller.[Version]_[Date]_[Time]_log.txt\". Please copy and paste its contents on your next reply.

Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply

Step 3

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • Combofix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#7
ElamsEstates

ElamsEstates

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
15:58:13.0858 2484 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:58:13.0951 2484 ============================================================
15:58:13.0951 2484 Current date / time: 2013/01/26 15:58:13.0951
15:58:13.0951 2484 SystemInfo:
15:58:13.0951 2484
15:58:13.0951 2484 OS Version: 6.1.7601 ServicePack: 1.0
15:58:13.0951 2484 Product type: Workstation
15:58:13.0951 2484 ComputerName: A665-N033
15:58:13.0951 2484 UserName: Owner
15:58:13.0951 2484 Windows directory: C:\Windows
15:58:13.0951 2484 System windows directory: C:\Windows
15:58:13.0951 2484 Running under WOW64
15:58:13.0951 2484 Processor architecture: Intel x64
15:58:13.0951 2484 Number of processors: 4
15:58:13.0951 2484 Page size: 0x1000
15:58:13.0951 2484 Boot type: Normal boot
15:58:13.0951 2484 ============================================================
15:58:16.0993 2484 BG loaded
15:58:17.0352 2484 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:58:17.0368 2484 ============================================================
15:58:17.0368 2484 \Device\Harddisk0\DR0:
15:58:17.0368 2484 MBR partitions:
15:58:17.0368 2484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:58:17.0368 2484 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
15:58:17.0368 2484 ============================================================
15:58:17.0399 2484 C: <-> \Device\Harddisk0\DR0\Partition2
15:58:17.0399 2484 ============================================================
15:58:17.0399 2484 Initialize success
15:58:17.0399 2484 ============================================================
16:00:42.0918 3008 ============================================================
16:00:42.0918 3008 Scan started
16:00:42.0918 3008 Mode: Manual; SigCheck; TDLFS;
16:00:42.0918 3008 ============================================================
16:00:44.0930 3008 ================ Scan system memory ========================
16:00:44.0930 3008 System memory - ok
16:00:44.0930 3008 ================ Scan services =============================
16:00:45.0071 3008 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:00:45.0242 3008 1394ohci - ok
16:00:45.0274 3008 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:00:45.0305 3008 ACPI - ok
16:00:45.0320 3008 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:00:45.0430 3008 AcpiPmi - ok
16:00:45.0508 3008 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:00:45.0523 3008 AdobeARMservice - ok
16:00:45.0554 3008 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:00:45.0601 3008 adp94xx - ok
16:00:45.0617 3008 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:00:45.0648 3008 adpahci - ok
16:00:45.0664 3008 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:00:45.0679 3008 adpu320 - ok
16:00:45.0710 3008 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:00:45.0882 3008 AeLookupSvc - ok
16:00:45.0929 3008 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:00:46.0007 3008 AFD - ok
16:00:46.0022 3008 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:00:46.0038 3008 agp440 - ok
16:00:46.0054 3008 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:00:46.0132 3008 ALG - ok
16:00:46.0147 3008 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:00:46.0163 3008 aliide - ok
16:00:46.0178 3008 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:00:46.0194 3008 amdide - ok
16:00:46.0194 3008 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:00:46.0241 3008 AmdK8 - ok
16:00:46.0256 3008 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:00:46.0288 3008 AmdPPM - ok
16:00:46.0319 3008 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:00:46.0350 3008 amdsata - ok
16:00:46.0366 3008 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:00:46.0397 3008 amdsbs - ok
16:00:46.0412 3008 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:00:46.0428 3008 amdxata - ok
16:00:46.0459 3008 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:00:46.0662 3008 AppID - ok
16:00:46.0693 3008 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:00:46.0787 3008 AppIDSvc - ok
16:00:46.0787 3008 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:00:46.0880 3008 Appinfo - ok
16:00:46.0912 3008 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:00:46.0943 3008 arc - ok
16:00:46.0958 3008 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:00:46.0974 3008 arcsas - ok
16:00:47.0021 3008 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:00:47.0114 3008 AsyncMac - ok
16:00:47.0146 3008 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:00:47.0161 3008 atapi - ok
16:00:47.0177 3008 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:00:47.0255 3008 AudioEndpointBuilder - ok
16:00:47.0286 3008 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:00:47.0333 3008 AudioSrv - ok
16:00:47.0364 3008 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:00:47.0411 3008 AxInstSV - ok
16:00:47.0458 3008 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:00:47.0551 3008 b06bdrv - ok
16:00:47.0582 3008 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:00:47.0629 3008 b57nd60a - ok
16:00:47.0676 3008 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:00:47.0738 3008 BDESVC - ok
16:00:47.0754 3008 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:00:47.0848 3008 Beep - ok
16:00:47.0910 3008 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:00:48.0004 3008 BFE - ok
16:00:48.0066 3008 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:00:48.0160 3008 BITS - ok
16:00:48.0191 3008 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:00:48.0222 3008 blbdrive - ok
16:00:48.0238 3008 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:00:48.0316 3008 bowser - ok
16:00:48.0316 3008 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:00:48.0378 3008 BrFiltLo - ok
16:00:48.0394 3008 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:00:48.0425 3008 BrFiltUp - ok
16:00:48.0456 3008 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
16:00:48.0565 3008 Browser - ok
16:00:48.0596 3008 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:00:48.0674 3008 Brserid - ok
16:00:48.0690 3008 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:00:48.0752 3008 BrSerWdm - ok
16:00:48.0768 3008 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:00:48.0830 3008 BrUsbMdm - ok
16:00:48.0846 3008 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:00:48.0862 3008 BrUsbSer - ok
16:00:48.0893 3008 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:00:48.0955 3008 BTHMODEM - ok
16:00:48.0986 3008 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:00:49.0080 3008 bthserv - ok
16:00:49.0111 3008 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:00:49.0189 3008 cdfs - ok
16:00:49.0220 3008 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:00:49.0267 3008 cdrom - ok
16:00:49.0314 3008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:00:49.0408 3008 CertPropSvc - ok
16:00:49.0439 3008 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:00:49.0470 3008 circlass - ok
16:00:49.0486 3008 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:00:49.0517 3008 CLFS - ok
16:00:49.0564 3008 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:00:49.0595 3008 clr_optimization_v2.0.50727_32 - ok
16:00:49.0626 3008 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:00:49.0657 3008 clr_optimization_v2.0.50727_64 - ok
16:00:49.0720 3008 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:00:49.0735 3008 clr_optimization_v4.0.30319_32 - ok
16:00:49.0782 3008 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:00:49.0813 3008 clr_optimization_v4.0.30319_64 - ok
16:00:49.0844 3008 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:00:49.0907 3008 CmBatt - ok
16:00:49.0954 3008 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:00:49.0985 3008 cmdide - ok
16:00:50.0016 3008 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
16:00:50.0047 3008 CNG - ok
16:00:50.0063 3008 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:00:50.0078 3008 Compbatt - ok
16:00:50.0094 3008 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:00:50.0141 3008 CompositeBus - ok
16:00:50.0156 3008 COMSysApp - ok
16:00:50.0188 3008 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:00:50.0203 3008 crcdisk - ok
16:00:50.0219 3008 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:00:50.0312 3008 CryptSvc - ok
16:00:50.0359 3008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:00:50.0453 3008 DcomLaunch - ok
16:00:50.0484 3008 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:00:50.0546 3008 defragsvc - ok
16:00:50.0562 3008 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:00:50.0656 3008 DfsC - ok
16:00:50.0687 3008 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:00:50.0749 3008 Dhcp - ok
16:00:50.0796 3008 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:00:50.0905 3008 discache - ok
16:00:50.0936 3008 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:00:50.0952 3008 Disk - ok
16:00:50.0968 3008 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:00:51.0046 3008 Dnscache - ok
16:00:51.0061 3008 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:00:51.0155 3008 dot3svc - ok
16:00:51.0186 3008 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:00:51.0280 3008 DPS - ok
16:00:51.0326 3008 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:00:51.0373 3008 drmkaud - ok
16:00:51.0420 3008 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:00:51.0451 3008 DXGKrnl - ok
16:00:51.0498 3008 [ 082DAB566F704D258D35BA89F21239CA ] eamon C:\Windows\system32\DRIVERS\eamon.sys
16:00:51.0545 3008 eamon - ok
16:00:51.0592 3008 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:00:51.0685 3008 EapHost - ok
16:00:51.0779 3008 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:00:51.0904 3008 ebdrv - ok
16:00:51.0919 3008 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:00:51.0997 3008 EFS - ok
16:00:52.0013 3008 [ 4FF6F92F170550E226B4595766C4D6A6 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
16:00:52.0028 3008 ehdrv - ok
16:00:52.0091 3008 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:00:52.0184 3008 ehRecvr - ok
16:00:52.0216 3008 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:00:52.0231 3008 ehSched - ok
16:00:52.0278 3008 [ 98B82B6AFA03F8F0DD058C3DFCEA472A ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
16:00:52.0294 3008 EhttpSrv - ok
16:00:52.0340 3008 [ 9737FC97B5C941F083C4E46CBCCE2D4A ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
16:00:52.0372 3008 ekrn - ok
16:00:52.0403 3008 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:00:52.0450 3008 elxstor - ok
16:00:52.0481 3008 [ 71C8CBDE6B18F90F19E9C7CB884F87C8 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
16:00:52.0496 3008 epfwwfpr - ok
16:00:52.0496 3008 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:00:52.0543 3008 ErrDev - ok
16:00:52.0606 3008 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:00:52.0699 3008 EventSystem - ok
16:00:52.0746 3008 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:00:52.0808 3008 exfat - ok
16:00:52.0824 3008 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:00:52.0886 3008 fastfat - ok
16:00:52.0933 3008 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:00:53.0027 3008 Fax - ok
16:00:53.0042 3008 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:00:53.0089 3008 fdc - ok
16:00:53.0136 3008 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:00:53.0230 3008 fdPHost - ok
16:00:53.0261 3008 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:00:53.0354 3008 FDResPub - ok
16:00:53.0386 3008 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:00:53.0401 3008 FileInfo - ok
16:00:53.0417 3008 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:00:53.0510 3008 Filetrace - ok
16:00:53.0542 3008 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:00:53.0557 3008 flpydisk - ok
16:00:53.0588 3008 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:00:53.0620 3008 FltMgr - ok
16:00:53.0651 3008 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:00:53.0744 3008 FontCache - ok
16:00:53.0776 3008 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:00:53.0791 3008 FontCache3.0.0.0 - ok
16:00:53.0807 3008 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:00:53.0822 3008 FsDepends - ok
16:00:53.0838 3008 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:00:53.0854 3008 Fs_Rec - ok
16:00:53.0885 3008 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:00:53.0900 3008 fvevol - ok
16:00:53.0932 3008 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:00:53.0947 3008 gagp30kx - ok
16:00:53.0978 3008 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:00:54.0041 3008 gpsvc - ok
16:00:54.0134 3008 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:00:54.0166 3008 gupdate - ok
16:00:54.0197 3008 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:00:54.0228 3008 gupdatem - ok
16:00:54.0228 3008 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:00:54.0306 3008 hcw85cir - ok
16:00:54.0353 3008 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:00:54.0415 3008 HdAudAddService - ok
16:00:54.0462 3008 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:00:54.0509 3008 HDAudBus - ok
16:00:54.0556 3008 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:00:54.0571 3008 HECIx64 - ok
16:00:54.0587 3008 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:00:54.0634 3008 HidBatt - ok
16:00:54.0665 3008 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:00:54.0727 3008 HidBth - ok
16:00:54.0758 3008 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:00:54.0790 3008 HidIr - ok
16:00:54.0805 3008 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:00:54.0883 3008 hidserv - ok
16:00:54.0930 3008 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:00:54.0961 3008 HidUsb - ok
16:00:54.0992 3008 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:00:55.0102 3008 hkmsvc - ok
16:00:55.0117 3008 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:00:55.0148 3008 HomeGroupListener - ok
16:00:55.0180 3008 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:00:55.0226 3008 HomeGroupProvider - ok
16:00:55.0258 3008 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:00:55.0289 3008 HpSAMD - ok
16:00:55.0320 3008 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:00:55.0429 3008 HTTP - ok
16:00:55.0460 3008 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:00:55.0476 3008 hwpolicy - ok
16:00:55.0507 3008 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:00:55.0523 3008 i8042prt - ok
16:00:55.0554 3008 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:00:55.0585 3008 iaStorV - ok
16:00:55.0648 3008 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:00:55.0694 3008 idsvc - ok
16:00:55.0913 3008 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:00:56.0131 3008 igfx - ok
16:00:56.0162 3008 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:00:56.0178 3008 iirsp - ok
16:00:56.0209 3008 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:00:56.0318 3008 IKEEXT - ok
16:00:56.0350 3008 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:00:56.0365 3008 intelide - ok
16:00:56.0381 3008 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:00:56.0428 3008 intelppm - ok
16:00:56.0459 3008 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:00:56.0552 3008 IPBusEnum - ok
16:00:56.0599 3008 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:00:56.0677 3008 IpFilterDriver - ok
16:00:56.0693 3008 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:00:56.0786 3008 iphlpsvc - ok
16:00:56.0802 3008 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:00:56.0849 3008 IPMIDRV - ok
16:00:56.0880 3008 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:00:56.0958 3008 IPNAT - ok
16:00:56.0989 3008 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:00:57.0005 3008 IRENUM - ok
16:00:57.0020 3008 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:00:57.0036 3008 isapnp - ok
16:00:57.0067 3008 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:00:57.0098 3008 iScsiPrt - ok
16:00:57.0130 3008 [ 25D602AE635A0443458FBED1A8B6E4E9 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:00:57.0145 3008 JMCR - ok
16:00:57.0176 3008 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:00:57.0192 3008 kbdclass - ok
16:00:57.0223 3008 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:00:57.0270 3008 kbdhid - ok
16:00:57.0301 3008 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:00:57.0317 3008 KeyIso - ok
16:00:57.0332 3008 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:00:57.0348 3008 KSecDD - ok
16:00:57.0364 3008 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:00:57.0395 3008 KSecPkg - ok
16:00:57.0410 3008 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:00:57.0488 3008 ksthunk - ok
16:00:57.0520 3008 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:00:57.0629 3008 KtmRm - ok
16:00:57.0676 3008 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:00:57.0769 3008 LanmanServer - ok
16:00:57.0816 3008 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:00:57.0910 3008 LanmanWorkstation - ok
16:00:57.0956 3008 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:00:58.0034 3008 lltdio - ok
16:00:58.0081 3008 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:00:58.0128 3008 lltdsvc - ok
16:00:58.0159 3008 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:00:58.0190 3008 lmhosts - ok
16:00:58.0222 3008 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:00:58.0253 3008 LSI_FC - ok
16:00:58.0268 3008 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:00:58.0284 3008 LSI_SAS - ok
16:00:58.0300 3008 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:00:58.0315 3008 LSI_SAS2 - ok
16:00:58.0331 3008 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:00:58.0346 3008 LSI_SCSI - ok
16:00:58.0362 3008 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:00:58.0456 3008 luafv - ok
16:00:58.0487 3008 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:00:58.0502 3008 Mcx2Svc - ok
16:00:58.0518 3008 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:00:58.0534 3008 megasas - ok
16:00:58.0549 3008 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:00:58.0565 3008 MegaSR - ok
16:00:58.0596 3008 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:00:58.0690 3008 MMCSS - ok
16:00:58.0721 3008 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:00:58.0814 3008 Modem - ok
16:00:58.0846 3008 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:00:58.0908 3008 monitor - ok
16:00:58.0939 3008 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:00:58.0955 3008 mouclass - ok
16:00:58.0970 3008 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
16:00:59.0017 3008 mouhid - ok
16:00:59.0048 3008 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:00:59.0080 3008 mountmgr - ok
16:00:59.0095 3008 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:00:59.0111 3008 mpio - ok
16:00:59.0126 3008 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:00:59.0173 3008 mpsdrv - ok
16:00:59.0204 3008 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:00:59.0251 3008 MpsSvc - ok
16:00:59.0267 3008 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:00:59.0314 3008 MRxDAV - ok
16:00:59.0329 3008 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:00:59.0376 3008 mrxsmb - ok
16:00:59.0392 3008 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:00:59.0407 3008 mrxsmb10 - ok
16:00:59.0407 3008 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:00:59.0423 3008 mrxsmb20 - ok
16:00:59.0438 3008 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:00:59.0454 3008 msahci - ok
16:00:59.0470 3008 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:00:59.0485 3008 msdsm - ok
16:00:59.0516 3008 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:00:59.0563 3008 MSDTC - ok
16:00:59.0594 3008 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:00:59.0657 3008 Msfs - ok
16:00:59.0672 3008 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:00:59.0735 3008 mshidkmdf - ok
16:00:59.0766 3008 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:00:59.0782 3008 msisadrv - ok
16:00:59.0813 3008 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:00:59.0922 3008 MSiSCSI - ok
16:00:59.0922 3008 msiserver - ok
16:00:59.0969 3008 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:01:00.0047 3008 MSKSSRV - ok
16:01:00.0078 3008 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:01:00.0187 3008 MSPCLOCK - ok
16:01:00.0203 3008 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:01:00.0296 3008 MSPQM - ok
16:01:00.0328 3008 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:01:00.0374 3008 MsRPC - ok
16:01:00.0406 3008 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:01:00.0421 3008 mssmbios - ok
16:01:00.0437 3008 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:01:00.0546 3008 MSTEE - ok
16:01:00.0577 3008 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:01:00.0593 3008 MTConfig - ok
16:01:00.0608 3008 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:01:00.0624 3008 Mup - ok
16:01:00.0655 3008 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:01:00.0749 3008 napagent - ok
16:01:00.0780 3008 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:01:00.0842 3008 NativeWifiP - ok
16:01:00.0889 3008 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
16:01:00.0936 3008 NDIS - ok
16:01:00.0952 3008 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:01:00.0998 3008 NdisCap - ok
16:01:01.0014 3008 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:01:01.0061 3008 NdisTapi - ok
16:01:01.0076 3008 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:01:01.0139 3008 Ndisuio - ok
16:01:01.0154 3008 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:01:01.0248 3008 NdisWan - ok
16:01:01.0264 3008 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:01:01.0342 3008 NDProxy - ok
16:01:01.0342 3008 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:01:01.0404 3008 NetBIOS - ok
16:01:01.0420 3008 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:01:01.0451 3008 NetBT - ok
16:01:01.0482 3008 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:01:01.0482 3008 Netlogon - ok
16:01:01.0529 3008 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:01:01.0591 3008 Netman - ok
16:01:01.0607 3008 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:01:01.0654 3008 netprofm - ok
16:01:01.0685 3008 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:01:01.0716 3008 NetTcpPortSharing - ok
16:01:01.0903 3008 [ 9EC1EDEBBA8CF6A30899EE38AB1352CC ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
16:01:02.0059 3008 NETwNs64 - ok
16:01:02.0090 3008 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:01:02.0106 3008 nfrd960 - ok
16:01:02.0137 3008 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:01:02.0231 3008 NlaSvc - ok
16:01:02.0262 3008 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:01:02.0340 3008 Npfs - ok
16:01:02.0340 3008 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:01:02.0434 3008 nsi - ok
16:01:02.0465 3008 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:01:02.0527 3008 nsiproxy - ok
16:01:02.0574 3008 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:01:02.0652 3008 Ntfs - ok
16:01:02.0668 3008 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:01:02.0714 3008 Null - ok
16:01:02.0730 3008 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:01:02.0746 3008 nvraid - ok
16:01:02.0761 3008 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:01:02.0777 3008 nvstor - ok
16:01:02.0808 3008 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:01:02.0808 3008 nv_agp - ok
16:01:02.0870 3008 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:01:02.0902 3008 odserv - ok
16:01:02.0917 3008 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:01:02.0964 3008 ohci1394 - ok
16:01:03.0026 3008 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:01:03.0042 3008 ose - ok
16:01:03.0073 3008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:01:03.0151 3008 p2pimsvc - ok
16:01:03.0182 3008 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:01:03.0214 3008 p2psvc - ok
16:01:03.0229 3008 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:01:03.0245 3008 Parport - ok
16:01:03.0260 3008 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:01:03.0276 3008 partmgr - ok
16:01:03.0292 3008 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:01:03.0354 3008 PcaSvc - ok
16:01:03.0385 3008 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:01:03.0416 3008 pci - ok
16:01:03.0432 3008 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:01:03.0448 3008 pciide - ok
16:01:03.0463 3008 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:01:03.0494 3008 pcmcia - ok
16:01:03.0510 3008 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:01:03.0526 3008 pcw - ok
16:01:03.0541 3008 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:01:03.0650 3008 PEAUTH - ok
16:01:03.0760 3008 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:01:03.0822 3008 PerfHost - ok
16:01:04.0009 3008 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:01:04.0103 3008 pla - ok
16:01:04.0150 3008 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:01:04.0228 3008 PlugPlay - ok
16:01:04.0243 3008 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:01:04.0290 3008 PNRPAutoReg - ok
16:01:04.0321 3008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:01:04.0352 3008 PNRPsvc - ok
16:01:04.0399 3008 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:01:04.0508 3008 PolicyAgent - ok
16:01:04.0540 3008 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:01:04.0649 3008 Power - ok
16:01:04.0696 3008 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:01:04.0789 3008 PptpMiniport - ok
16:01:04.0836 3008 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:01:04.0883 3008 Processor - ok
16:01:04.0914 3008 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
16:01:05.0008 3008 ProfSvc - ok
16:01:05.0039 3008 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:01:05.0070 3008 ProtectedStorage - ok
16:01:05.0086 3008 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:01:05.0164 3008 Psched - ok
16:01:05.0210 3008 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:01:05.0288 3008 ql2300 - ok
16:01:05.0304 3008 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:01:05.0320 3008 ql40xx - ok
16:01:05.0351 3008 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:01:05.0366 3008 QWAVE - ok
16:01:05.0382 3008 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:01:05.0444 3008 QWAVEdrv - ok
16:01:05.0476 3008 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:01:05.0538 3008 RasAcd - ok
16:01:05.0554 3008 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:01:05.0600 3008 RasAgileVpn - ok
16:01:05.0616 3008 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:01:05.0710 3008 RasAuto - ok
16:01:05.0741 3008 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:01:05.0834 3008 Rasl2tp - ok
16:01:05.0866 3008 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:01:05.0912 3008 RasMan - ok
16:01:05.0928 3008 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:01:06.0022 3008 RasPppoe - ok
16:01:06.0037 3008 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:01:06.0068 3008 RasSstp - ok
16:01:06.0084 3008 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:01:06.0131 3008 rdbss - ok
16:01:06.0146 3008 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:01:06.0178 3008 rdpbus - ok
16:01:06.0193 3008 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:01:06.0271 3008 RDPCDD - ok
16:01:06.0287 3008 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:01:06.0380 3008 RDPENCDD - ok
16:01:06.0412 3008 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:01:06.0458 3008 RDPREFMP - ok
16:01:06.0474 3008 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:01:06.0521 3008 RDPWD - ok
16:01:06.0521 3008 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:01:06.0536 3008 rdyboost - ok
16:01:06.0568 3008 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:01:06.0661 3008 RemoteAccess - ok
16:01:06.0708 3008 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:01:06.0802 3008 RemoteRegistry - ok
16:01:06.0833 3008 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:01:06.0911 3008 RpcEptMapper - ok
16:01:06.0958 3008 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:01:06.0989 3008 RpcLocator - ok
16:01:07.0004 3008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:01:07.0098 3008 RpcSs - ok
16:01:07.0114 3008 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:01:07.0145 3008 rspndr - ok
16:01:07.0160 3008 [ E3AA12FAA3192D1090B9069C3925373B ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
16:01:07.0176 3008 RTL8169 - ok
16:01:07.0192 3008 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:01:07.0223 3008 SamSs - ok
16:01:07.0238 3008 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:01:07.0270 3008 sbp2port - ok
16:01:07.0363 3008 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:01:07.0410 3008 SBSDWSCService - ok
16:01:07.0426 3008 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:01:07.0488 3008 SCardSvr - ok
16:01:07.0488 3008 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:01:07.0566 3008 scfilter - ok
16:01:07.0613 3008 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:01:07.0722 3008 Schedule - ok
16:01:07.0753 3008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:01:07.0800 3008 SCPolicySvc - ok
16:01:07.0847 3008 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:01:07.0894 3008 sdbus - ok
16:01:07.0925 3008 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:01:07.0956 3008 SDRSVC - ok
16:01:07.0987 3008 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:01:08.0081 3008 secdrv - ok
16:01:08.0112 3008 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:01:08.0159 3008 seclogon - ok
16:01:08.0174 3008 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:01:08.0268 3008 SENS - ok
16:01:08.0299 3008 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:01:08.0377 3008 SensrSvc - ok
16:01:08.0393 3008 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:01:08.0440 3008 Serenum - ok
16:01:08.0471 3008 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:01:08.0518 3008 Serial - ok
16:01:08.0549 3008 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:01:08.0596 3008 sermouse - ok
16:01:08.0627 3008 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:01:08.0720 3008 SessionEnv - ok
16:01:08.0720 3008 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:01:08.0752 3008 sffdisk - ok
16:01:08.0767 3008 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:01:08.0783 3008 sffp_mmc - ok
16:01:08.0798 3008 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:01:08.0845 3008 sffp_sd - ok
16:01:08.0876 3008 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:01:08.0908 3008 sfloppy - ok
16:01:08.0939 3008 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:01:09.0017 3008 SharedAccess - ok
16:01:09.0032 3008 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:01:09.0079 3008 ShellHWDetection - ok
16:01:09.0095 3008 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:01:09.0110 3008 SiSRaid2 - ok
16:01:09.0126 3008 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:01:09.0142 3008 SiSRaid4 - ok
16:01:09.0157 3008 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:01:09.0235 3008 Smb - ok
16:01:09.0282 3008 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:01:09.0329 3008 SNMPTRAP - ok
16:01:09.0376 3008 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:01:09.0391 3008 spldr - ok
16:01:09.0422 3008 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
16:01:09.0485 3008 Spooler - ok
16:01:09.0594 3008 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:01:09.0672 3008 sppsvc - ok
16:01:09.0688 3008 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:01:09.0719 3008 sppuinotify - ok
16:01:09.0734 3008 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:01:09.0812 3008 srv - ok
16:01:09.0812 3008 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:01:09.0859 3008 srv2 - ok
16:01:09.0859 3008 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:01:09.0875 3008 srvnet - ok
16:01:09.0890 3008 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:01:09.0953 3008 SSDPSRV - ok
16:01:09.0953 3008 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:01:10.0000 3008 SstpSvc - ok
16:01:10.0015 3008 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:01:10.0031 3008 stexstor - ok
16:01:10.0062 3008 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:01:10.0093 3008 stisvc - ok
16:01:10.0093 3008 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:01:10.0109 3008 swenum - ok
16:01:10.0124 3008 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:01:10.0202 3008 swprv - ok
16:01:10.0249 3008 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:01:10.0327 3008 SysMain - ok
16:01:10.0374 3008 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:01:10.0390 3008 TabletInputService - ok
16:01:10.0405 3008 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:01:10.0499 3008 TapiSrv - ok
16:01:10.0530 3008 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:01:10.0577 3008 TBS - ok
16:01:10.0639 3008 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:01:10.0733 3008 Tcpip - ok
16:01:10.0795 3008 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:01:10.0858 3008 TCPIP6 - ok
16:01:10.0873 3008 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:01:10.0967 3008 tcpipreg - ok
16:01:10.0998 3008 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:01:11.0045 3008 TDPIPE - ok
16:01:11.0060 3008 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:01:11.0107 3008 TDTCP - ok
16:01:11.0123 3008 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:01:11.0170 3008 tdx - ok
16:01:11.0185 3008 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:01:11.0216 3008 TermDD - ok
16:01:11.0248 3008 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:01:11.0357 3008 TermService - ok
16:01:11.0388 3008 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:01:11.0419 3008 Themes - ok
16:01:11.0450 3008 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\Windows\system32\DRIVERS\Thpevm.SYS
16:01:11.0466 3008 Thpevm - ok
16:01:11.0497 3008 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:01:11.0560 3008 THREADORDER - ok
16:01:11.0575 3008 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:01:11.0653 3008 TrkWks - ok
16:01:11.0700 3008 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:01:11.0794 3008 TrustedInstaller - ok
16:01:11.0825 3008 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:01:11.0903 3008 tssecsrv - ok
16:01:11.0934 3008 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:01:11.0965 3008 TsUsbFlt - ok
16:01:11.0981 3008 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:01:12.0012 3008 TsUsbGD - ok
16:01:12.0043 3008 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:01:12.0137 3008 tunnel - ok
16:01:12.0168 3008 [ 9A744CC3D804EC38A6C2C65BC3C6FCD8 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
16:01:12.0184 3008 TVALZ - ok
16:01:12.0199 3008 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:01:12.0215 3008 uagp35 - ok
16:01:12.0230 3008 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:01:12.0324 3008 udfs - ok
16:01:12.0371 3008 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:01:12.0402 3008 UI0Detect - ok
16:01:12.0418 3008 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:01:12.0449 3008 uliagpkx - ok
16:01:12.0464 3008 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:01:12.0511 3008 umbus - ok
16:01:12.0542 3008 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:01:12.0589 3008 UmPass - ok
16:01:12.0636 3008 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:01:12.0730 3008 upnphost - ok
16:01:12.0776 3008 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:01:12.0808 3008 usbccgp - ok
16:01:12.0808 3008 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:01:12.0839 3008 usbcir - ok
16:01:12.0854 3008 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:01:12.0901 3008 usbehci - ok
16:01:12.0948 3008 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:01:12.0995 3008 usbhub - ok
16:01:13.0026 3008 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:01:13.0057 3008 usbohci - ok
16:01:13.0073 3008 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:01:13.0120 3008 usbprint - ok
16:01:13.0135 3008 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:01:13.0198 3008 USBSTOR - ok
16:01:13.0229 3008 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:01:13.0276 3008 usbuhci - ok
16:01:13.0322 3008 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:01:13.0354 3008 usbvideo - ok
16:01:13.0369 3008 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:01:13.0463 3008 UxSms - ok
16:01:13.0494 3008 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:01:13.0525 3008 VaultSvc - ok
16:01:13.0556 3008 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:01:13.0572 3008 vdrvroot - ok
16:01:13.0588 3008 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:01:13.0681 3008 vds - ok
16:01:13.0728 3008 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:01:13.0759 3008 vga - ok
16:01:13.0775 3008 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:01:13.0868 3008 VgaSave - ok
16:01:13.0900 3008 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:01:13.0931 3008 vhdmp - ok
16:01:13.0931 3008 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:01:13.0962 3008 viaide - ok
16:01:13.0978 3008 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:01:13.0993 3008 volmgr - ok
16:01:14.0009 3008 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:01:14.0040 3008 volmgrx - ok
16:01:14.0056 3008 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:01:14.0071 3008 volsnap - ok
16:01:14.0102 3008 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:01:14.0118 3008 vsmraid - ok
16:01:14.0165 3008 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:01:14.0258 3008 VSS - ok
16:01:14.0305 3008 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:01:14.0352 3008 vwifibus - ok
16:01:14.0399 3008 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:01:14.0461 3008 vwififlt - ok
16:01:14.0508 3008 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:01:14.0586 3008 W32Time - ok
16:01:14.0602 3008 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:01:14.0648 3008 WacomPen - ok
16:01:14.0680 3008 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:01:14.0789 3008 WANARP - ok
16:01:14.0804 3008 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:01:14.0867 3008 Wanarpv6 - ok
16:01:14.0914 3008 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:01:14.0992 3008 WatAdminSvc - ok
16:01:15.0023 3008 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:01:15.0116 3008 wbengine - ok
16:01:15.0132 3008 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:01:15.0179 3008 WbioSrvc - ok
16:01:15.0194 3008 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:01:15.0241 3008 wcncsvc - ok
16:01:15.0272 3008 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:01:15.0304 3008 WcsPlugInService - ok
16:01:15.0335 3008 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:01:15.0350 3008 Wd - ok
16:01:15.0382 3008 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:01:15.0428 3008 Wdf01000 - ok
16:01:15.0444 3008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:01:15.0584 3008 WdiServiceHost - ok
16:01:15.0584 3008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:01:15.0631 3008 WdiSystemHost - ok
16:01:15.0647 3008 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:01:15.0709 3008 WebClient - ok
16:01:15.0725 3008 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:01:15.0818 3008 Wecsvc - ok
16:01:15.0850 3008 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:01:15.0896 3008 wercplsupport - ok
16:01:15.0912 3008 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:01:15.0990 3008 WerSvc - ok
16:01:16.0021 3008 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:01:16.0052 3008 WfpLwf - ok
16:01:16.0068 3008 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:01:16.0084 3008 WIMMount - ok
16:01:16.0099 3008 WinDefend - ok
16:01:16.0115 3008 WinHttpAutoProxySvc - ok
16:01:16.0146 3008 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:01:16.0224 3008 Winmgmt - ok
16:01:16.0286 3008 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:01:16.0364 3008 WinRM - ok
16:01:16.0396 3008 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:01:16.0442 3008 Wlansvc - ok
16:01:16.0474 3008 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:01:16.0520 3008 WmiAcpi - ok
16:01:16.0567 3008 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:01:16.0614 3008 wmiApSrv - ok
16:01:16.0661 3008 WMPNetworkSvc - ok
16:01:16.0676 3008 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:01:16.0708 3008 WPCSvc - ok
16:01:16.0723 3008 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:01:16.0770 3008 WPDBusEnum - ok
16:01:16.0770 3008 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:01:16.0832 3008 ws2ifsl - ok
16:01:16.0848 3008 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:01:16.0910 3008 wscsvc - ok
16:01:16.0910 3008 WSearch - ok
16:01:17.0020 3008 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:01:17.0098 3008 wuauserv - ok
16:01:17.0129 3008 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:01:17.0222 3008 WudfPf - ok
16:01:17.0238 3008 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:01:17.0300 3008 WUDFRd - ok
16:01:17.0316 3008 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:01:17.0347 3008 wudfsvc - ok
16:01:17.0363 3008 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:01:17.0410 3008 WwanSvc - ok
16:01:17.0472 3008 [ 74983ADDCA2D9618512C088D856D6615 ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
16:01:17.0503 3008 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
16:01:17.0503 3008 ================ Scan global ===============================
16:01:17.0534 3008 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:01:17.0550 3008 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:01:17.0581 3008 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:01:17.0597 3008 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:01:17.0612 3008 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:01:17.0628 3008 [Global] - ok
16:01:17.0628 3008 ================ Scan MBR ==================================
16:01:17.0628 3008 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:01:18.0018 3008 \Device\Harddisk0\DR0 - ok
16:01:18.0018 3008 ================ Scan VBR ==================================
16:01:18.0018 3008 [ 8DD45F59BCEEA97600CEFAEF9CF17A5F ] \Device\Harddisk0\DR0\Partition1
16:01:18.0034 3008 \Device\Harddisk0\DR0\Partition1 - ok
16:01:18.0065 3008 [ F1B847D95A37B4DC002C626982D2218E ] \Device\Harddisk0\DR0\Partition2
16:01:18.0065 3008 \Device\Harddisk0\DR0\Partition2 - ok
16:01:18.0065 3008 ================ Scan active images ========================
16:01:18.0065 3008 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
16:01:18.0065 3008 C:\Windows\System32\drivers\crashdmp.sys - ok
16:01:18.0080 3008 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
16:01:18.0080 3008 C:\Windows\System32\drivers\Dumpata.sys - ok
16:01:18.0080 3008 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
16:01:18.0080 3008 C:\Windows\System32\drivers\dumpfve.sys - ok
16:01:18.0096 3008 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
16:01:18.0096 3008 C:\Windows\System32\drivers\msahci.sys - ok
16:01:18.0096 3008 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
16:01:18.0096 3008 C:\Windows\System32\drivers\beep.sys - ok
16:01:18.0112 3008 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
16:01:18.0112 3008 C:\Windows\System32\drivers\cdrom.sys - ok
16:01:18.0112 3008 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
16:01:18.0112 3008 C:\Windows\System32\drivers\null.sys - ok
16:01:18.0112 3008 [ 4FF6F92F170550E226B4595766C4D6A6 ] C:\Windows\System32\drivers\ehdrv.sys
16:01:18.0112 3008 C:\Windows\System32\drivers\ehdrv.sys - ok
16:01:18.0127 3008 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
16:01:18.0127 3008 C:\Windows\System32\drivers\vga.sys - ok
16:01:18.0127 3008 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
16:01:18.0127 3008 C:\Windows\System32\drivers\videoprt.sys - ok
16:01:18.0127 3008 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
16:01:18.0127 3008 C:\Windows\System32\drivers\watchdog.sys - ok
16:01:18.0127 3008 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
16:01:18.0127 3008 C:\Windows\System32\drivers\RDPCDD.sys - ok
16:01:18.0127 3008 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
16:01:18.0127 3008 C:\Windows\System32\drivers\RDPENCDD.sys - ok
16:01:18.0143 3008 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
16:01:18.0143 3008 C:\Windows\System32\drivers\RDPREFMP.sys - ok
16:01:18.0143 3008 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
16:01:18.0143 3008 C:\Windows\System32\drivers\msfs.sys - ok
16:01:18.0143 3008 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
16:01:18.0143 3008 C:\Windows\System32\drivers\npfs.sys - ok
16:01:18.0143 3008 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
16:01:18.0143 3008 C:\Windows\System32\drivers\afd.sys - ok
16:01:18.0158 3008 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
16:01:18.0158 3008 C:\Windows\System32\drivers\tdi.sys - ok
16:01:18.0158 3008 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
16:01:18.0158 3008 C:\Windows\System32\drivers\tdx.sys - ok
16:01:18.0158 3008 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
16:01:18.0158 3008 C:\Windows\System32\drivers\netbios.sys - ok
16:01:18.0158 3008 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
16:01:18.0158 3008 C:\Windows\System32\drivers\netbt.sys - ok
16:01:18.0174 3008 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
16:01:18.0174 3008 C:\Windows\System32\drivers\pacer.sys - ok
16:01:18.0174 3008 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
16:01:18.0174 3008 C:\Windows\System32\drivers\vwififlt.sys - ok
16:01:18.0174 3008 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
16:01:18.0174 3008 C:\Windows\System32\drivers\wanarp.sys - ok
16:01:18.0174 3008 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
16:01:18.0174 3008 C:\Windows\System32\drivers\wfplwf.sys - ok
16:01:18.0174 3008 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
16:01:18.0174 3008 C:\Windows\System32\drivers\nsiproxy.sys - ok
16:01:18.0190 3008 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
16:01:18.0190 3008 C:\Windows\System32\drivers\rdbss.sys - ok
16:01:18.0190 3008 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
16:01:18.0190 3008 C:\Windows\System32\drivers\termdd.sys - ok
16:01:18.0190 3008 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
16:01:18.0190 3008 C:\Windows\System32\drivers\dfsc.sys - ok
16:01:18.0190 3008 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
16:01:18.0190 3008 C:\Windows\System32\drivers\discache.sys - ok
16:01:18.0205 3008 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
16:01:18.0205 3008 C:\Windows\System32\drivers\mssmbios.sys - ok
16:01:18.0205 3008 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
16:01:18.0205 3008 C:\Windows\System32\drivers\blbdrive.sys - ok
16:01:18.0205 3008 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
16:01:18.0205 3008 C:\Windows\System32\drivers\tunnel.sys - ok
16:01:18.0205 3008 [ F4F91789C7C7A159CE8215C1F69F2A85 ] C:\Windows\System32\drivers\igdkmd64.sys
16:01:18.0205 3008 C:\Windows\System32\drivers\igdkmd64.sys - ok
16:01:18.0205 3008 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
16:01:18.0205 3008 C:\Windows\System32\drivers\dxgkrnl.sys - ok
16:01:18.0221 3008 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
16:01:18.0221 3008 C:\Windows\System32\drivers\dxgmms1.sys - ok
16:01:18.0221 3008 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
16:01:18.0221 3008 C:\Windows\System32\drivers\HECIx64.sys - ok
16:01:18.0221 3008 [ 74EE782B1D9C241EFE425565854C661C ] C:\Windows\System32\drivers\usbehci.sys
16:01:18.0221 3008 C:\Windows\System32\drivers\usbehci.sys - ok
16:01:18.0221 3008 [ B6D64EE607637301FF8C33139B4950DE ] C:\Windows\System32\drivers\usbport.sys
16:01:18.0221 3008 C:\Windows\System32\drivers\usbport.sys - ok
16:01:18.0236 3008 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
16:01:18.0236 3008 C:\Windows\System32\drivers\hdaudbus.sys - ok
16:01:18.0236 3008 [ E3AA12FAA3192D1090B9069C3925373B ] C:\Windows\System32\drivers\Rtlh64.sys
16:01:18.0236 3008 C:\Windows\System32\drivers\Rtlh64.sys - ok
16:01:18.0236 3008 [ 9EC1EDEBBA8CF6A30899EE38AB1352CC ] C:\Windows\System32\drivers\NETwNs64.sys
16:01:18.0236 3008 C:\Windows\System32\drivers\NETwNs64.sys - ok
16:01:18.0236 3008 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
16:01:18.0236 3008 C:\Windows\System32\drivers\vwifibus.sys - ok
16:01:18.0252 3008 [ 25D602AE635A0443458FBED1A8B6E4E9 ] C:\Windows\System32\drivers\jmcr.sys
16:01:18.0252 3008 C:\Windows\System32\drivers\jmcr.sys - ok
16:01:18.0252 3008 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
16:01:18.0252 3008 C:\Windows\System32\drivers\scsiport.sys - ok
16:01:18.0252 3008 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
16:01:18.0252 3008 C:\Windows\System32\drivers\CmBatt.sys - ok
16:01:18.0252 3008 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
16:01:18.0252 3008 C:\Windows\System32\drivers\i8042prt.sys - ok
16:01:18.0252 3008 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
16:01:18.0252 3008 C:\Windows\System32\drivers\kbdclass.sys - ok
16:01:18.0268 3008 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
16:01:18.0268 3008 C:\Windows\System32\drivers\mouclass.sys - ok
16:01:18.0268 3008 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
16:01:18.0268 3008 C:\Windows\System32\drivers\intelppm.sys - ok
16:01:18.0268 3008 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
16:01:18.0268 3008 C:\Windows\System32\drivers\CompositeBus.sys - ok
16:01:18.0268 3008 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
16:01:18.0268 3008 C:\Windows\System32\drivers\agilevpn.sys - ok
16:01:18.0283 3008 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
16:01:18.0283 3008 C:\Windows\System32\drivers\rasl2tp.sys - ok
16:01:18.0283 3008 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
16:01:18.0283 3008 C:\Windows\System32\drivers\ndistapi.sys - ok
16:01:18.0283 3008 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
16:01:18.0283 3008 C:\Windows\System32\drivers\ndiswan.sys - ok
16:01:18.0283 3008 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
16:01:18.0283 3008 C:\Windows\System32\drivers\raspppoe.sys - ok
16:01:18.0283 3008 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
16:01:18.0299 3008 C:\Windows\System32\drivers\raspptp.sys - ok
16:01:18.0299 3008 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
16:01:18.0299 3008 C:\Windows\System32\drivers\rassstp.sys - ok
16:01:18.0299 3008 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
16:01:18.0299 3008 C:\Windows\System32\drivers\ks.sys - ok
16:01:18.0299 3008 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
16:01:18.0299 3008 C:\Windows\System32\drivers\swenum.sys - ok
16:01:18.0299 3008 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
16:01:18.0299 3008 C:\Windows\System32\drivers\umbus.sys - ok
16:01:18.0314 3008 [ DC96BD9CCB8403251BCF25047573558E ] C:\Windows\System32\drivers\usbhub.sys
16:01:18.0314 3008 C:\Windows\System32\drivers\usbhub.sys - ok
16:01:18.0314 3008 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
16:01:18.0314 3008 C:\Windows\System32\smss.exe - ok
16:01:18.0314 3008 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
16:01:18.0314 3008 C:\Windows\System32\ntdll.dll - ok
16:01:18.0314 3008 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
16:01:18.0314 3008 C:\Windows\System32\drivers\ndproxy.sys - ok
16:01:18.0330 3008 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
16:01:18.0330 3008 C:\Windows\System32\drivers\drmk.sys - ok
16:01:18.0330 3008 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
16:01:18.0330 3008 C:\Windows\System32\drivers\HdAudio.sys - ok
16:01:18.0330 3008 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
16:01:18.0330 3008 C:\Windows\System32\drivers\portcls.sys - ok
16:01:18.0330 3008 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
16:01:18.0330 3008 C:\Windows\System32\drivers\ksthunk.sys - ok
16:01:18.0330 3008 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
16:01:18.0330 3008 C:\Windows\System32\autochk.exe - ok
16:01:18.0346 3008 [ F28D6538F76DC6ECFABF6176DBDD2664 ] C:\Windows\System32\poqexec.exe
16:01:18.0346 3008 C:\Windows\System32\poqexec.exe - ok
16:01:18.0346 3008 [ 63C8D74BED9F80F4DD0AA7A3101EB639 ] C:\Windows\System32\drivers\usbd.sys
16:01:18.0346 3008 C:\Windows\System32\drivers\usbd.sys - ok
16:01:18.0346 3008 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] C:\Windows\System32\drivers\usbccgp.sys
16:01:18.0346 3008 C:\Windows\System32\drivers\usbccgp.sys - ok
16:01:18.0346 3008 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
16:01:18.0346 3008 C:\Windows\System32\drivers\usbvideo.sys - ok
16:01:18.0361 3008 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
16:01:18.0361 3008 C:\Windows\System32\rpcrt4.dll - ok
16:01:18.0361 3008 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
16:01:18.0361 3008 C:\Windows\System32\gdi32.dll - ok
16:01:18.0361 3008 [ E57A6E4941EAA298433623B20F649C8B ] C:\Windows\System32\iertutil.dll
16:01:18.0361 3008 C:\Windows\System32\iertutil.dll - ok
16:01:18.0361 3008 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
16:01:18.0361 3008 C:\Windows\System32\advapi32.dll - ok
16:01:18.0377 3008 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
16:01:18.0377 3008 C:\Windows\System32\Wldap32.dll - ok
16:01:18.0377 3008 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
16:01:18.0377 3008 C:\Windows\System32\difxapi.dll - ok
16:01:18.0377 3008 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
16:01:18.0377 3008 C:\Windows\System32\clbcatq.dll - ok
16:01:18.0377 3008 [ B8509DCFCFD577F568BE4026BFD982C0 ] C:\Windows\System32\imagehlp.dll
16:01:18.0377 3008 C:\Windows\System32\imagehlp.dll - ok
16:01:18.0377 3008 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
16:01:18.0377 3008 C:\Windows\System32\normaliz.dll - ok
16:01:18.0392 3008 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
16:01:18.0392 3008 C:\Windows\System32\user32.dll - ok
16:01:18.0392 3008 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
16:01:18.0392 3008 C:\Windows\System32\ole32.dll - ok
16:01:18.0392 3008 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
16:01:18.0392 3008 C:\Windows\System32\msvcrt.dll - ok
16:01:18.0392 3008 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
16:01:18.0392 3008 C:\Windows\System32\setupapi.dll - ok
16:01:18.0408 3008 [ B1AC85B6ADC005CF3F9EB4E28DFDCCE6 ] C:\Windows\System32\wininet.dll
16:01:18.0408 3008 C:\Windows\System32\wininet.dll - ok
16:01:18.0408 3008 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
16:01:18.0408 3008 C:\Windows\System32\usp10.dll - ok
16:01:18.0408 3008 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
16:01:18.0408 3008 C:\Windows\System32\lpk.dll - ok
16:01:18.0408 3008 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
16:01:18.0408 3008 C:\Windows\System32\psapi.dll - ok
16:01:18.0408 3008 [ 0E35B943F6583380981C69CCB97A56D2 ] C:\Windows\System32\shell32.dll
16:01:18.0408 3008 C:\Windows\System32\shell32.dll - ok
16:01:18.0424 3008 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
16:01:18.0424 3008 C:\Windows\System32\kernel32.dll - ok
16:01:18.0424 3008 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
16:01:18.0424 3008 C:\Windows\System32\comdlg32.dll - ok
16:01:18.0424 3008 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
16:01:18.0424 3008 C:\Windows\System32\nsi.dll - ok
16:01:18.0424 3008 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
16:01:18.0424 3008 C:\Windows\System32\imm32.dll - ok
16:01:18.0439 3008 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
16:01:18.0439 3008 C:\Windows\System32\sechost.dll - ok
16:01:18.0439 3008 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
16:01:18.0439 3008 C:\Windows\System32\shlwapi.dll - ok
16:01:18.0439 3008 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
16:01:18.0439 3008 C:\Windows\System32\ws2_32.dll - ok
16:01:18.0439 3008 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
16:01:18.0439 3008 C:\Windows\System32\oleaut32.dll - ok
16:01:18.0439 3008 [ DA90E416739ACEE896FE0A411BEEFC9C ] C:\Windows\System32\urlmon.dll
16:01:18.0439 3008 C:\Windows\System32\urlmon.dll - ok
16:01:18.0455 3008 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
16:01:18.0455 3008 C:\Windows\System32\msctf.dll - ok
16:01:18.0455 3008 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
16:01:18.0455 3008 C:\Windows\System32\cfgmgr32.dll - ok
16:01:18.0455 3008 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
16:01:18.0455 3008 C:\Windows\System32\KernelBase.dll - ok
16:01:18.0455 3008 [ 3F9F2AFA135F0663946A006DD5FFD897 ] C:\Windows\System32\crypt32.dll
16:01:18.0455 3008 C:\Windows\System32\crypt32.dll - ok
16:01:18.0470 3008 [ EB3F9C2DE1236B5D46B2291D82970E43 ] C:\Windows\System32\wintrust.dll
16:01:18.0470 3008 C:\Windows\System32\wintrust.dll - ok
16:01:18.0470 3008 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
16:01:18.0470 3008 C:\Windows\System32\comctl32.dll - ok
16:01:18.0470 3008 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
16:01:18.0470 3008 C:\Windows\System32\devobj.dll - ok
16:01:18.0470 3008 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
16:01:18.0470 3008 C:\Windows\System32\msasn1.dll - ok
16:01:18.0470 3008 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
16:01:18.0470 3008 C:\Windows\SysWOW64\normaliz.dll - ok
16:01:18.0486 3008 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
16:01:18.0486 3008 C:\Windows\System32\drivers\dxapi.sys - ok
16:01:18.0486 3008 [ 275D3946B0EC22BA13FE299E97ABF606 ] C:\Windows\System32\win32k.sys
16:01:18.0486 3008 C:\Windows\System32\win32k.sys - ok
16:01:18.0486 3008 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
16:01:18.0486 3008 C:\Windows\System32\csrsrv.dll - ok
16:01:18.0486 3008 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
16:01:18.0486 3008 C:\Windows\System32\csrss.exe - ok
16:01:18.0502 3008 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
16:01:18.0502 3008 C:\Windows\System32\basesrv.dll - ok
16:01:18.0502 3008 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
16:01:18.0502 3008 C:\Windows\System32\winsrv.dll - ok
16:01:18.0502 3008 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
16:01:18.0502 3008 C:\Windows\System32\drivers\monitor.sys - ok
16:01:18.0502 3008 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
16:01:18.0502 3008 C:\Windows\System32\tsddd.dll - ok
16:01:18.0502 3008 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
16:01:18.0502 3008 C:\Windows\System32\sxssrv.dll - ok
16:01:18.0517 3008 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
16:01:18.0517 3008 C:\Windows\System32\wininit.exe - ok
16:01:18.0517 3008 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
16:01:18.0517 3008 C:\Windows\System32\cdd.dll - ok
16:01:18.0517 3008 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
16:01:18.0517 3008 C:\Windows\System32\profapi.dll - ok
16:01:18.0517 3008 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
16:01:18.0517 3008 C:\Windows\System32\KBDUS.DLL - ok
16:01:18.0533 3008 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
16:01:18.0533 3008 C:\Windows\System32\RpcRtRemote.dll - ok
16:01:18.0533 3008 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
16:01:18.0533 3008 C:\Windows\System32\WlS0WndH.dll - ok
16:01:18.0533 3008 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
16:01:18.0533 3008 C:\Windows\System32\sxs.dll - ok
16:01:18.0533 3008 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
16:01:18.0533 3008 C:\Windows\System32\cryptbase.dll - ok
16:01:18.0533 3008 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
16:01:18.0533 3008 C:\Windows\System32\apphelp.dll - ok
16:01:18.0548 3008 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
16:01:18.0548 3008 C:\Windows\System32\lsass.exe - ok
16:01:18.0548 3008 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
16:01:18.0548 3008 C:\Windows\System32\lsm.exe - ok
16:01:18.0548 3008 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
16:01:18.0548 3008 C:\Windows\System32\services.exe - ok
16:01:18.0548 3008 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
16:01:18.0548 3008 C:\Windows\System32\lsasrv.dll - ok
16:01:18.0564 3008 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
16:01:18.0564 3008 C:\Windows\System32\sspisrv.dll - ok
16:01:18.0564 3008 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
16:01:18.0564 3008 C:\Windows\System32\sysntfy.dll - ok
16:01:18.0564 3008 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
16:01:18.0564 3008 C:\Windows\System32\wmsgapi.dll - ok
16:01:18.0564 3008 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
16:01:18.0564 3008 C:\Windows\System32\sspicli.dll - ok
16:01:18.0564 3008 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
16:01:18.0564 3008 C:\Windows\System32\samsrv.dll - ok
16:01:18.0580 3008 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
16:01:18.0580 3008 C:\Windows\System32\scext.dll - ok
16:01:18.0580 3008 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
16:01:18.0580 3008 C:\Windows\System32\secur32.dll - ok
16:01:18.0580 3008 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
16:01:18.0580 3008 C:\Windows\System32\scesrv.dll - ok
16:01:18.0580 3008 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
16:01:18.0580 3008 C:\Windows\System32\cryptdll.dll - ok
16:01:18.0595 3008 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
16:01:18.0595 3008 C:\Windows\System32\winlogon.exe - ok
16:01:18.0595 3008 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
16:01:18.0595 3008 C:\Windows\System32\srvcli.dll - ok
16:01:18.0595 3008 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
16:01:18.0595 3008 C:\Windows\System32\wevtapi.dll - ok
16:01:18.0595 3008 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
16:01:18.0595 3008 C:\Windows\System32\winsta.dll - ok
16:01:18.0595 3008 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
16:01:18.0595 3008 C:\Windows\System32\authz.dll - ok
16:01:18.0611 3008 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
16:01:18.0611 3008 C:\Windows\System32\cngaudit.dll - ok
16:01:18.0611 3008 [ 2E8C52A0EC788D90FA35D9507D828771 ] C:\Windows\System32\ncrypt.dll
16:01:18.0611 3008 C:\Windows\System32\ncrypt.dll - ok
16:01:18.0611 3008 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
16:01:18.0611 3008 C:\Windows\System32\aelupsvc.dll - ok
16:01:18.0611 3008 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
16:01:18.0611 3008 C:\Windows\System32\bcrypt.dll - ok
16:01:18.0626 3008 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
16:01:18.0626 3008 C:\Windows\System32\msprivs.dll - ok
16:01:18.0626 3008 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
16:01:18.0626 3008 C:\Windows\System32\netjoin.dll - ok
16:01:18.0626 3008 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
16:01:18.0626 3008 C:\Windows\System32\negoexts.dll - ok
16:01:18.0626 3008 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
16:01:18.0626 3008 C:\Windows\System32\kerberos.dll - ok
16:01:18.0626 3008 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
16:01:18.0626 3008 C:\Windows\System32\alg.exe - ok
16:01:18.0642 3008 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
16:01:18.0642 3008 C:\Windows\System32\cryptsp.dll - ok
16:01:18.0642 3008 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
16:01:18.0642 3008 C:\Windows\System32\mswsock.dll - ok
16:01:18.0642 3008 [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
16:01:18.0642 3008 C:\Windows\System32\appidsvc.dll - ok
16:01:18.0642 3008 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
16:01:18.0642 3008 C:\Windows\System32\msv1_0.dll - ok
16:01:18.0658 3008 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
16:01:18.0658 3008 C:\Windows\System32\wship6.dll - ok
16:01:18.0658 3008 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
16:01:18.0658 3008 C:\Windows\System32\appinfo.dll - ok
16:01:18.0658 3008 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
16:01:18.0658 3008 C:\Windows\System32\netlogon.dll - ok
16:01:18.0658 3008 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
16:01:18.0658 3008 C:\Windows\System32\rascfg.dll - ok
16:01:18.0658 3008 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
16:01:18.0658 3008 C:\Windows\System32\audiosrv.dll - ok
16:01:18.0673 3008 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
16:01:18.0673 3008 C:\Windows\System32\dnsapi.dll - ok
16:01:18.0673 3008 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
16:01:18.0673 3008 C:\Windows\System32\AxInstSv.dll - ok
16:01:18.0673 3008 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
16:01:18.0673 3008 C:\Windows\System32\logoncli.dll - ok
16:01:18.0673 3008 [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
16:01:18.0673 3008 C:\Windows\System32\bdesvc.dll - ok
16:01:18.0689 3008 [ FBD1D2169ACEEE3073861F8CA3A28C49 ] C:\Windows\System32\schannel.dll
16:01:18.0689 3008 C:\Windows\System32\schannel.dll - ok
16:01:18.0689 3008 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
16:01:18.0689 3008 C:\Windows\System32\BFE.DLL - ok
16:01:18.0689 3008 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
16:01:18.0689 3008 C:\Windows\System32\wdigest.dll - ok
16:01:18.0689 3008 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
16:01:18.0689 3008 C:\Windows\System32\rsaenh.dll - ok
16:01:18.0689 3008 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
16:01:18.0689 3008 C:\Windows\System32\TSpkg.dll - ok
16:01:18.0704 3008 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
16:01:18.0704 3008 C:\Windows\System32\pku2u.dll - ok
16:01:18.0704 3008 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
16:01:18.0704 3008 C:\Windows\System32\bcryptprimitives.dll - ok
16:01:18.0704 3008 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
16:01:18.0704 3008 C:\Windows\System32\qmgr.dll - ok
16:01:18.0704 3008 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
16:01:18.0704 3008 C:\Windows\System32\credssp.dll - ok
16:01:18.0704 3008 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
16:01:18.0704 3008 C:\Windows\System32\efslsaext.dll - ok
16:01:18.0720 3008 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
16:01:18.0720 3008 C:\Windows\System32\scecli.dll - ok
16:01:18.0720 3008 [ 8EF0D5C41EC907751B8429162B1239ED ] C:\Windows\System32\browser.dll
16:01:18.0720 3008 C:\Windows\System32\browser.dll - ok
16:01:18.0720 3008 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
16:01:18.0720 3008 C:\Windows\System32\bthserv.dll - ok
16:01:18.0720 3008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
16:01:18.0720 3008 C:\Windows\System32\certprop.dll - ok
16:01:18.0736 3008 [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
16:01:18.0736 3008 C:\Windows\System32\clfs.sys - ok
16:01:18.0736 3008 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
16:01:18.0736 3008 C:\Windows\System32\comres.dll - ok
16:01:18.0736 3008 [ 15597883FBE9B056F276ADA3AD87D9AF ] C:\Windows\System32\cryptsvc.dll
16:01:18.0736 3008 C:\Windows\System32\cryptsvc.dll - ok
16:01:18.0736 3008 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
16:01:18.0736 3008 C:\Windows\System32\oleres.dll - ok
16:01:18.0736 3008 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
16:01:18.0736 3008 C:\Windows\System32\defragsvc.dll - ok
16:01:18.0751 3008 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
16:01:18.0751 3008 C:\Windows\System32\dhcpcore.dll - ok
16:01:18.0751 3008 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
16:01:18.0751 3008 C:\Windows\System32\dot3svc.dll - ok
16:01:18.0751 3008 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
16:01:18.0751 3008 C:\Windows\System32\dps.dll - ok
16:01:18.0751 3008 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
16:01:18.0751 3008 C:\Windows\System32\eapsvc.dll - ok
16:01:18.0767 3008 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
16:01:18.0767 3008 C:\Windows\System32\efssvc.dll - ok
16:01:18.0767 3008 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
16:01:18.0767 3008 C:\Windows\ehome\ehrecvr.exe - ok
16:01:18.0767 3008 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
16:01:18.0767 3008 C:\Windows\ehome\ehsched.exe - ok
16:01:18.0767 3008 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
16:01:18.0767 3008 C:\Windows\System32\wevtsvc.dll - ok
16:01:18.0767 3008 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
16:01:18.0767 3008 C:\Windows\System32\FXSRESM.dll - ok
16:01:18.0782 3008 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
16:01:18.0782 3008 C:\Windows\System32\fdPHost.dll - ok
16:01:18.0782 3008 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
16:01:18.0782 3008 C:\Windows\System32\FDResPub.dll - ok
16:01:18.0782 3008 [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
16:01:18.0782 3008 C:\Windows\System32\drivers\fileinfo.sys - ok
16:01:18.0782 3008 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
16:01:18.0782 3008 C:\Windows\System32\drivers\filetrace.sys - ok
16:01:18.0798 3008 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
16:01:18.0798 3008 C:\Windows\System32\drivers\fltMgr.sys - ok
16:01:18.0798 3008 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
16:01:18.0798 3008 C:\Windows\System32\FntCache.dll - ok
16:01:18.0798 3008 [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
16:01:18.0798 3008 C:\Windows\System32\PresentationHost.exe - ok
16:01:18.0798 3008 [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
16:01:18.0798 3008 C:\Windows\System32\drivers\fsdepends.sys - ok
16:01:18.0798 3008 [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
16:01:18.0798 3008 C:\Windows\System32\drivers\fvevol.sys - ok
16:01:18.0814 3008 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
16:01:18.0814 3008 C:\Windows\System32\gpapi.dll - ok
16:01:18.0814 3008 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
16:01:18.0814 3008 C:\Windows\System32\hidserv.dll - ok
16:01:18.0814 3008 [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
16:01:18.0814 3008 C:\Windows\System32\KMSVC.DLL - ok
16:01:18.0814 3008 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
16:01:18.0814 3008 C:\Windows\System32\ListSvc.dll - ok
16:01:18.0829 3008 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
16:01:18.0829 3008 C:\Windows\System32\provsvc.dll - ok
16:01:18.0829 3008 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
16:01:18.0829 3008 C:\Windows\System32\drivers\http.sys - ok
16:01:18.0829 3008 [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
16:01:18.0829 3008 C:\Windows\System32\drivers\hwpolicy.sys - ok
16:01:18.0829 3008 [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
16:01:18.0829 3008 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
16:01:18.0829 3008 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
16:01:18.0829 3008 C:\Windows\System32\IKEEXT.DLL - ok
16:01:18.0845 3008 [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
16:01:18.0845 3008 C:\Windows\System32\IPBusEnum.dll - ok
16:01:18.0845 3008 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
16:01:18.0845 3008 C:\Windows\System32\iphlpsvc.dll - ok
16:01:18.0845 3008 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
16:01:18.0845 3008 C:\Windows\System32\drivers\irenum.sys - ok
16:01:18.0845 3008 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
16:01:18.0845 3008 C:\Windows\System32\keyiso.dll - ok
16:01:18.0860 3008 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
16:01:18.0860 3008 C:\Windows\System32\srvsvc.dll - ok
16:01:18.0860 3008 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
16:01:18.0860 3008 C:\Windows\System32\wkssvc.dll - ok
16:01:18.0860 3008 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
16:01:18.0860 3008 C:\Windows\System32\drivers\luafv.sys - ok
16:01:18.0860 3008 [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
16:01:18.0860 3008 C:\Windows\System32\lltdres.dll - ok
16:01:18.0876 3008 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
16:01:18.0876 3008 C:\Windows\System32\lmhsvc.dll - ok
16:01:18.0876 3008 [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
16:01:18.0876 3008 C:\Windows\ehome\ehres.dll - ok
16:01:18.0876 3008 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
16:01:18.0876 3008 C:\Windows\System32\mmcss.dll - ok
16:01:18.0876 3008 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
16:01:18.0876 3008 C:\Windows\System32\drivers\mountmgr.sys - ok
16:01:18.0876 3008 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
16:01:18.0876 3008 C:\Windows\System32\FirewallAPI.dll - ok
16:01:18.0892 3008 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
16:01:18.0892 3008 C:\Windows\System32\WebClnt.dll - ok
16:01:18.0892 3008 [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
16:01:18.0892 3008 C:\Windows\System32\drivers\mshidkmdf.sys - ok
16:01:18.0892 3008 [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
16:01:18.0892 3008 C:\Windows\System32\iscsidsc.dll - ok
16:01:18.0892 3008 [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
16:01:18.0892 3008 C:\Windows\System32\msimsg.dll - ok
16:01:18.0907 3008 [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
16:01:18.0907 3008 C:\Windows\System32\drivers\mup.sys - ok
16:01:18.0907 3008 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
16:01:18.0907 3008 C:\Windows\System32\QAGENTRT.DLL - ok
16:01:18.0907 3008 [ 79B47FD40D9A817E932F9D26FAC0A81C ] C:\Windows\System32\drivers\ndis.sys
16:01:18.0907 3008 C:\Windows\System32\drivers\ndis.sys - ok
16:01:18.0907 3008 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
16:01:18.0907 3008 C:\Windows\System32\netman.dll - ok
16:01:18.0907 3008 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
16:01:18.0907 3008 C:\Windows\System32\netprofm.dll - ok
16:01:18.0923 3008 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
16:01:18.0923 3008 C:\Windows\System32\nlasvc.dll - ok
16:01:18.0923 3008 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
16:01:18.0923 3008 C:\Windows\System32\nsisvc.dll - ok
16:01:18.0923 3008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
16:01:18.0923 3008 C:\Windows\System32\pnrpsvc.dll - ok
16:01:18.0923 3008 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
16:01:18.0923 3008 C:\Windows\System32\p2psvc.dll - ok
16:01:18.0938 3008 [ 871EADAC56B0A4C6512BBE32753CCF79 ] C:\Windows\System32\drivers\partmgr.sys
16:01:18.0938 3008 C:\Windows\System32\drivers\partmgr.sys - ok
16:01:18.0938 3008 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
16:01:18.0938 3008 C:\Windows\System32\pcasvc.dll - ok
16:01:18.0938 3008 [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
16:01:18.0938 3008 C:\Windows\System32\pla.dll - ok
16:01:18.0938 3008 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
16:01:18.0938 3008 C:\Windows\System32\umpnpmgr.dll - ok
16:01:18.0938 3008 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
16:01:18.0938 3008 C:\Windows\System32\pnrpauto.dll - ok
16:01:18.0954 3008 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
16:01:18.0954 3008 C:\Windows\System32\polstore.dll - ok
16:01:18.0954 3008 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
16:01:18.0954 3008 C:\Windows\System32\umpo.dll - ok
16:01:18.0954 3008 [ 5C78838B4D166D1A27DB3A8A820C799A ] C:\Windows\System32\profsvc.dll
16:01:18.0954 3008 C:\Windows\System32\profsvc.dll - ok
16:01:18.0954 3008 [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
16:01:18.0954 3008 C:\Windows\System32\psbase.dll - ok
16:01:18.0970 3008 [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
16:01:18.0970 3008 C:\Windows\System32\qwave.dll - ok
16:01:18.0970 3008 [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
16:01:18.0970 3008 C:\Windows\System32\drivers\qwavedrv.sys - ok
16:01:18.0970 3008 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
16:01:18.0970 3008 C:\Windows\System32\rasauto.dll - ok
16:01:18.0970 3008 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
16:01:18.0970 3008 C:\Windows\System32\rasmans.dll - ok
16:01:18.0970 3008 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
16:01:18.0970 3008 C:\Windows\System32\sstpsvc.dll - ok
16:01:18.0985 3008 [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
16:01:18.0985 3008 C:\Windows\System32\mprdim.dll - ok
16:01:18.0985 3008 [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
16:01:18.0985 3008 C:\Windows\System32\regsvc.dll - ok
16:01:18.0985 3008 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
16:01:18.0985 3008 C:\Windows\System32\Locator.exe - ok
16:01:18.0985 3008 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
16:01:18.0985 3008 C:\Windows\System32\RpcEpMap.dll - ok
16:01:19.0001 3008 [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
16:01:19.0001 3008 C:\Windows\System32\SCardSvr.dll - ok
16:01:19.0001 3008 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
16:01:19.0001 3008 C:\Windows\System32\drivers\scfilter.sys - ok
16:01:19.0001 3008 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
16:01:19.0001 3008 C:\Windows\System32\schedsvc.dll - ok
16:01:19.0001 3008 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
16:01:19.0001 3008 C:\Windows\System32\sdrsvc.dll - ok
16:01:19.0001 3008 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
16:01:19.0001 3008 C:\Windows\System32\seclogon.dll - ok
16:01:19.0016 3008 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
16:01:19.0016 3008 C:\Windows\System32\Sens.dll - ok
16:01:19.0016 3008 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
16:01:19.0016 3008 C:\Windows\System32\sensrsvc.dll - ok
16:01:19.0016 3008 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
16:01:19.0016 3008 C:\Windows\System32\SessEnv.dll - ok
16:01:19.0016 3008 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
16:01:19.0016 3008 C:\Windows\System32\ipnathlp.dll - ok
16:01:19.0032 3008 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
16:01:19.0032 3008 C:\Windows\System32\shsvcs.dll - ok
16:01:19.0032 3008 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
16:01:19.0032 3008 C:\Windows\System32\tcpipcfg.dll - ok
16:01:19.0032 3008 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
16:01:19.0032 3008 C:\Windows\System32\snmptrap.exe - ok
16:01:19.0032 3008 [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe
16:01:19.0032 3008 C:\Windows\System32\spoolsv.exe - ok
16:01:19.0032 3008 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
16:01:19.0032 3008 C:\Windows\System32\sppsvc.exe - ok
16:01:19.0048 3008 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
16:01:19.0048 3008 C:\Windows\System32\sppuinotify.dll - ok
16:01:19.0048 3008 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
16:01:19.0048 3008 C:\Windows\System32\ssdpsrv.dll - ok
16:01:19.0048 3008 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
16:01:19.0048 3008 C:\Windows\System32\wiaservc.dll - ok
16:01:19.0048 3008 [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
16:01:19.0048 3008 C:\Windows\System32\swprv.dll - ok
16:01:19.0063 3008 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
16:01:19.0063 3008 C:\Windows\System32\sysmain.dll - ok
16:01:19.0063 3008 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
16:01:19.0063 3008 C:\Windows\System32\TabSvc.dll - ok
16:01:19.0063 3008 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
16:01:19.0063 3008 C:\Windows\System32\tapisrv.dll - ok
16:01:19.0063 3008 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
16:01:19.0063 3008 C:\Windows\System32\tbssvc.dll - ok
16:01:19.0063 3008 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
16:01:19.0063 3008 C:\Windows\System32\termsrv.dll - ok
16:01:19.0079 3008 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
16:01:19.0079 3008 C:\Windows\System32\themeservice.dll - ok
16:01:19.0079 3008 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
16:01:19.0079 3008 C:\Windows\System32\trkwks.dll - ok
16:01:19.0079 3008 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
16:01:19.0079 3008 C:\Windows\servicing\TrustedInstaller.exe - ok
16:01:19.0079 3008 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
16:01:19.0079 3008 C:\Windows\System32\drivers\tssecsrv.sys - ok
16:01:19.0094 3008 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
16:01:19.0094 3008 C:\Windows\System32\UI0Detect.exe - ok
16:01:19.0094 3008 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
16:01:19.0094 3008 C:\Windows\System32\upnphost.dll - ok
16:01:19.0094 3008 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
16:01:19.0094 3008 C:\Windows\System32\dwm.exe - ok
16:01:19.0094 3008 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
16:01:19.0094 3008 C:\Windows\System32\vaultsvc.dll - ok
16:01:19.0094 3008 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
16:01:19.0094 3008 C:\Windows\System32\vds.exe - ok
16:01:19.0110 3008 [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
16:01:19.0110 3008 C:\Windows\System32\drivers\volmgrx.sys - ok
16:01:19.0110 3008 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
16:01:19.0110 3008 C:\Windows\System32\VSSVC.exe - ok
16:01:19.0110 3008 [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
16:01:19.0110 3008 C:\Windows\System32\w32time.dll - ok
16:01:19.0110 3008 [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\Windows\System32\Wat\WatUX.exe
16:01:19.0110 3008 C:\Windows\System32\Wat\WatUX.exe - ok
16:01:19.0126 3008 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
16:01:19.0126 3008 C:\Windows\System32\wbengine.exe - ok
16:01:19.0126 3008 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
16:01:19.0126 3008 C:\Windows\System32\wbiosrvc.dll - ok
16:01:19.0126 3008 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
16:01:19.0126 3008 C:\Windows\System32\wcncsvc.dll - ok
16:01:19.0126 3008 [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
16:01:19.0126 3008 C:\Windows\System32\WcsPlugInService.dll - ok
16:01:19.0126 3008 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
16:01:19.0126 3008 C:\Windows\System32\wdi.dll - ok
16:01:19.0141 3008 [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
16:01:19.0141 3008 C:\Windows\System32\wecsvc.dll - ok
16:01:19.0141 3008 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
16:01:19.0141 3008 C:\Windows\System32\wercplsupport.dll - ok
16:01:19.0141 3008 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
16:01:19.0141 3008 C:\Windows\System32\wersvc.dll - ok
16:01:19.0141 3008 [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
16:01:19.0141 3008 C:\Program Files\Windows Defender\MsMpRes.dll - ok
16:01:19.0157 3008 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
16:01:19.0157 3008 C:\Windows\System32\winhttp.dll - ok
16:01:19.0157 3008 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
16:01:19.0157 3008 C:\Windows\System32\wbem\WMIsvc.dll - ok
16:01:19.0157 3008 [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
16:01:19.0157 3008 C:\Windows\System32\WsmSvc.dll - ok
16:01:19.0157 3008 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
16:01:19.0157 3008 C:\Windows\System32\wlansvc.dll - ok
16:01:19.0157 3008 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
16:01:19.0172 3008 C:\Windows\System32\wbem\WmiApSrv.exe - ok
16:01:19.0172 3008 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
16:01:19.0172 3008 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
16:01:19.0172 3008 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
16:01:19.0172 3008 C:\Windows\System32\wpcsvc.dll - ok
16:01:19.0172 3008 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
16:01:19.0172 3008 C:\Windows\System32\wpdbusenum.dll - ok
16:01:19.0172 3008 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
16:01:19.0172 3008 C:\Windows\System32\drivers\ws2ifsl.sys - ok
16:01:19.0188 3008 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
16:01:19.0188 3008 C:\Windows\System32\wscsvc.dll - ok
16:01:19.0188 3008 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
16:01:19.0188 3008 C:\Windows\System32\SearchIndexer.exe - ok
16:01:19.0188 3008 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
16:01:19.0188 3008 C:\Windows\System32\wuaueng.dll - ok
16:01:19.0188 3008 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
16:01:19.0188 3008 C:\Windows\System32\WUDFSvc.dll - ok
16:01:19.0204 3008 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
16:01:19.0204 3008 C:\Windows\System32\wwansvc.dll - ok
16:01:19.0204 3008 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
16:01:19.0204 3008 C:\Windows\System32\ubpm.dll - ok
16:01:19.0204 3008 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
16:01:19.0204 3008 C:\Windows\System32\SPInf.dll - ok
16:01:19.0204 3008 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
16:01:19.0204 3008 C:\Windows\System32\svchost.exe - ok
16:01:19.0204 3008 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
16:01:19.0204 3008 C:\Windows\System32\devrtl.dll - ok
16:01:19.0219 3008 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
16:01:19.0219 3008 C:\Windows\System32\pcwum.dll - ok
16:01:19.0219 3008 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
16:01:19.0219 3008 C:\Windows\System32\userenv.dll - ok
16:01:19.0219 3008 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
16:01:19.0219 3008 C:\Windows\System32\powrprof.dll - ok
16:01:19.0219 3008 [ 082DAB566F704D258D35BA89F21239CA ] C:\Windows\System32\drivers\eamon.sys
16:01:19.0219 3008 C:\Windows\System32\drivers\eamon.sys - ok
16:01:19.0235 3008 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
16:01:19.0235 3008 C:\Windows\System32\drivers\WUDFPf.sys - ok
16:01:19.0235 3008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
16:01:19.0235 3008 C:\Windows\System32\rpcss.dll - ok
16:01:19.0235 3008 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
16:01:19.0235 3008 C:\Windows\System32\WSHTCPIP.DLL - ok
16:01:19.0235 3008 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
16:01:19.0235 3008 C:\Windows\System32\wshqos.dll - ok
16:01:19.0235 3008 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
16:01:19.0235 3008 C:\Windows\System32\version.dll - ok
16:01:19.0250 3008 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
16:01:19.0250 3008 C:\Windows\System32\LogonUI.exe - ok
16:01:19.0250 3008 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
16:01:19.0250 3008 C:\Windows\System32\authui.dll - ok
16:01:19.0250 3008 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
16:01:19.0250 3008 C:\Windows\System32\cryptui.dll - ok
16:01:19.0250 3008 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
16:01:19.0250 3008 C:\Windows\System32\MMDevAPI.dll - ok
16:01:19.0266 3008 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
16:01:19.0266 3008 C:\Windows\System32\avrt.dll - ok
16:01:19.0266 3008 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
16:01:19.0266 3008 C:\Windows\System32\adtschema.dll - ok
16:01:19.0266 3008 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
16:01:19.0266 3008 C:\Windows\System32\propsys.dll - ok
16:01:19.0266 3008 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
16:01:19.0266 3008 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
16:01:19.0266 3008 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
16:01:19.0266 3008 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
16:01:19.0282 3008 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
16:01:19.0282 3008 C:\Windows\System32\MPSSVC.dll - ok
16:01:19.0282 3008 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
16:01:19.0282 3008 C:\Windows\System32\samlib.dll - ok
16:01:19.0282 3008 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
16:01:19.0282 3008 C:\Windows\System32\shacct.dll - ok
16:01:19.0282 3008 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
16:01:19.0282 3008 C:\Windows\System32\uxtheme.dll - ok
16:01:19.0297 3008 [ 497BFEDDAF3950DD909C3B0C5558A25D ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll
16:01:19.0297 3008 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll - ok
16:01:19.0297 3008 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
16:01:19.0297 3008 C:\Windows\System32\audiodg.exe - ok
16:01:19.0297 3008 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
16:01:19.0297 3008 C:\Windows\System32\dui70.dll - ok
16:01:19.0297 3008 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
16:01:19.0297 3008 C:\Windows\System32\duser.dll - ok
16:01:19.0313 3008 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
16:01:19.0313 3008 C:\Windows\System32\ntmarta.dll - ok
16:01:19.0313 3008 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
16:01:19.0313 3008 C:\Windows\System32\SndVolSSO.dll - ok
16:01:19.0313 3008 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
16:01:19.0313 3008 C:\Windows\System32\gpsvc.dll - ok
16:01:19.0313 3008 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
16:01:19.0313 3008 C:\Windows\System32\hid.dll - ok
16:01:19.0313 3008 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
16:01:19.0313 3008 C:\Windows\System32\dwmapi.dll - ok
16:01:19.0328 3008 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
16:01:19.0328 3008 C:\Windows\System32\xmllite.dll - ok
16:01:19.0328 3008 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
16:01:19.0328 3008 C:\Windows\System32\nlaapi.dll - ok
16:01:19.0328 3008 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
16:01:19.0328 3008 C:\Windows\System32\wdscore.dll - ok
16:01:19.0328 3008 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
16:01:19.0328 3008 C:\Windows\System32\WindowsCodecs.dll - ok
16:01:19.0344 3008 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
16:01:19.0344 3008 C:\Windows\System32\atl.dll - ok
16:01:19.0344 3008 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
16:01:19.0344 3008 C:\Windows\System32\dbghelp.dll - ok
16:01:19.0344 3008 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
16:01:19.0344 3008 C:\Windows\System32\dsrole.dll - ok
16:01:19.0344 3008 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
16:01:19.0344 3008 C:\Windows\System32\slc.dll - ok
16:01:19.0344 3008 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
16:01:19.0344 3008 C:\Windows\System32\es.dll - ok
16:01:19.0360 3008 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
16:01:19.0360 3008 C:\Windows\System32\winbrand.dll - ok
16:01:19.0360 3008 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
16:01:19.0360 3008 C:\Windows\System32\VaultCredProvider.dll - ok
16:01:19.0360 3008 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
16:01:19.0360 3008 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
16:01:19.0360 3008 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
16:01:19.0360 3008 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
16:01:19.0375 3008 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
16:01:19.0375 3008 C:\Windows\System32\BioCredProv.dll - ok
16:01:19.0375 3008 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
16:01:19.0375 3008 C:\Windows\System32\wtsapi32.dll - ok
16:01:19.0375 3008 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
16:01:19.0375 3008 C:\Windows\System32\winbio.dll - ok
16:01:19.0375 3008 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
16:01:19.0375 3008 C:\Windows\System32\credui.dll - ok
16:01:19.0391 3008 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
16:01:19.0391 3008 C:\Windows\System32\ktmw32.dll - ok
16:01:19.0391 3008 [ 764908FE1FA96F93C95B1B67A0FCED29 ] C:\Windows\System32\netapi32.dll
16:01:19.0391 3008 C:\Windows\System32\netapi32.dll - ok
16:01:19.0391 3008 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
16:01:19.0391 3008 C:\Windows\System32\vaultcli.dll - ok
16:01:19.0391 3008 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
16:01:19.0391 3008 C:\Windows\System32\netutils.dll - ok
16:01:19.0391 3008 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
16:01:19.0391 3008 C:\Windows\System32\wkscli.dll - ok
16:01:19.0406 3008 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
16:01:19.0406 3008 C:\Windows\System32\dpx.dll - ok
16:01:19.0406 3008 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
16:01:19.0406 3008 C:\Windows\System32\samcli.dll - ok
16:01:19.0406 3008 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
16:01:19.0406 3008 C:\Windows\System32\certCredProvider.dll - ok
16:01:19.0406 3008 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
16:01:19.0406 3008 C:\Windows\System32\rasplap.dll - ok
16:01:19.0422 3008 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
16:01:19.0422 3008 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
16:01:19.0422 3008 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
16:01:19.0422 3008 C:\Windows\System32\rasapi32.dll - ok
16:01:19.0422 3008 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
16:01:19.0422 3008 C:\Windows\System32\rasman.dll - ok
16:01:19.0422 3008 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
16:01:19.0422 3008 C:\Windows\System32\rtutils.dll - ok
16:01:19.0422 3008 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
16:01:19.0422 3008 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
16:01:19.0438 3008 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
16:01:19.0438 3008 C:\Windows\System32\PSHED.DLL - ok
16:01:19.0438 3008 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
16:01:19.0438 3008 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
16:01:19.0438 3008 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
16:01:19.0438 3008 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
16:01:19.0438 3008 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
16:01:19.0438 3008 C:\Windows\System32\mpr.dll - ok
16:01:19.0453 3008 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
16:01:19.0453 3008 C:\Windows\System32\srclient.dll - ok
16:01:19.0453 3008 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
16:01:19.0453 3008 C:\Windows\System32\spp.dll - ok
16:01:19.0453 3008 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
16:01:19.0453 3008 C:\Windows\System32\vssapi.dll - ok
16:01:19.0453 3008 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
16:01:19.0453 3008 C:\Windows\System32\vsstrace.dll - ok
16:01:19.0469 3008 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
16:01:19.0469 3008 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
16:01:19.0469 3008 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
16:01:19.0469 3008 C:\Windows\System32\sqmapi.dll - ok
16:01:19.0469 3008 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
16:01:19.0469 3008 C:\Windows\System32\sxsstore.dll - ok
16:01:19.0469 3008 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
16:01:19.0469 3008 C:\Windows\System32\uxsms.dll - ok
16:01:19.0469 3008 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
16:01:19.0469 3008 C:\Windows\System32\WUDFPlatform.dll - ok
16:01:19.0484 3008 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
16:01:19.0484 3008 C:\Windows\System32\webio.dll - ok
16:01:19.0484 3008 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
16:01:19.0484 3008 C:\Windows\System32\IPHLPAPI.DLL - ok
16:01:19.0484 3008 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
16:01:19.0484 3008 C:\Windows\System32\SensApi.dll - ok
16:01:19.0484 3008 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
16:01:19.0484 3008 C:\Windows\System32\winnsi.dll - ok
16:01:19.0500 3008 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
16:01:19.0500 3008 C:\Windows\System32\drivers\lltdio.sys - ok
16:01:19.0500 3008 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
16:01:19.0500 3008 C:\Windows\System32\drivers\ndisuio.sys - ok
16:01:19.0500 3008 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
16:01:19.0500 3008 C:\Windows\System32\drivers\nwifi.sys - ok
16:01:19.0500 3008 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
16:01:19.0500 3008 C:\Windows\System32\dhcpcore6.dll - ok
16:01:19.0500 3008 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
16:01:19.0500 3008 C:\Windows\System32\drivers\rspndr.sys - ok
16:01:19.0516 3008 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
16:01:19.0516 3008 C:\Windows\System32\nrpsrv.dll - ok
16:01:19.0516 3008 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
16:01:19.0516 3008 C:\Windows\System32\dnsrslvr.dll - ok
16:01:19.0516 3008 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
16:01:19.0516 3008 C:\Windows\System32\eapphost.dll - ok
16:01:19.0516 3008 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
16:01:19.0516 3008 C:\Windows\System32\FWPUCLNT.DLL - ok
16:01:19.0516 3008 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
16:01:19.0516 3008 C:\Windows\System32\rastls.dll - ok
16:01:19.0531 3008 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
16:01:19.0531 3008 C:\Windows\System32\dhcpcsvc.dll - ok
16:01:19.0531 3008 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
16:01:19.0531 3008 C:\Windows\System32\dnsext.dll - ok
16:01:19.0531 3008 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
16:01:19.0531 3008 C:\Windows\System32\dhcpcsvc6.dll - ok
16:01:19.0531 3008 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
16:01:19.0531 3008 C:\Windows\System32\raschap.dll - ok
16:01:19.0547 3008 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
16:01:19.0547 3008 C:\Windows\System32\umb.dll - ok
16:01:19.0547 3008 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
16:01:19.0547 3008 C:\Windows\System32\wlanmsm.dll - ok
16:01:19.0547 3008 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
16:01:19.0547 3008 C:\Windows\System32\wlansec.dll - ok
16:01:19.0547 3008 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
16:01:19.0547 3008 C:\Windows\System32\eappprxy.dll - ok
16:01:19.0547 3008 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
16:01:19.0547 3008 C:\Windows\System32\onex.dll - ok
16:01:19.0562 3008 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
16:01:19.0562 3008 C:\Windows\System32\eappcfg.dll - ok
16:01:19.0562 3008 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
16:01:19.0562 3008 C:\Windows\System32\l2gpstore.dll - ok
16:01:19.0562 3008 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
16:01:19.0562 3008 C:\Windows\System32\WinSCard.dll - ok
16:01:19.0562 3008 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
16:01:19.0562 3008 C:\Windows\System32\wlanutil.dll - ok
16:01:19.0578 3008 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
16:01:19.0578 3008 C:\Windows\System32\wlgpclnt.dll - ok
16:01:19.0578 3008 [ 5C29199C9F0EDE64F17F268084EC4392 ] C:\Windows\System32\msxml6.dll
16:01:19.0578 3008 C:\Windows\System32\msxml6.dll - ok
16:01:19.0578 3008 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
16:01:19.0578 3008 C:\Windows\System32\taskcomp.dll - ok
16:01:19.0578 3008 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
16:01:19.0578 3008 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
16:01:19.0594 3008 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
16:01:19.0594 3008 C:\Windows\System32\fveapi.dll - ok
16:01:19.0594 3008 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
16:01:19.0594 3008 C:\Windows\System32\fvecerts.dll - ok
16:01:19.0594 3008 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
16:01:19.0594 3008 C:\Windows\System32\tbs.dll - ok
16:01:19.0594 3008 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
16:01:19.0594 3008 C:\Windows\System32\wiarpc.dll - ok
16:01:19.0594 3008 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
16:01:19.0594 3008 C:\Windows\System32\netcfgx.dll - ok
16:01:19.0609 3008 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
16:01:19.0609 3008 C:\Windows\System32\drivers\bowser.sys - ok
16:01:19.0609 3008 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
16:01:19.0609 3008 C:\Windows\System32\drivers\mpsdrv.sys - ok
16:01:19.0609 3008 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
16:01:19.0609 3008 C:\Windows\System32\drivers\mrxsmb.sys - ok
16:01:19.0609 3008 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
16:01:19.0609 3008 C:\Windows\System32\drivers\mrxsmb10.sys - ok
16:01:19.0625 3008 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
16:01:19.0625 3008 C:\Windows\System32\drivers\mrxsmb20.sys - ok
16:01:19.0625 3008 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
16:01:19.0625 3008 C:\Windows\System32\wfapigp.dll - ok
16:01:19.0625 3008 [ 11A52CF7B265631DEEB24C6149309EFF ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:01:19.0625 3008 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
16:01:19.0625 3008 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
16:01:19.0625 3008 C:\Windows\SysWOW64\ntdll.dll - ok
16:01:19.0640 3008 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
16:01:19.0640 3008 C:\Windows\System32\wow64.dll - ok
16:01:19.0640 3008 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
16:01:19.0640 3008 C:\Windows\System32\wow64win.dll - ok
16:01:19.0640 3008 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
16:01:19.0640 3008 C:\Windows\System32\mscms.dll - ok
16:01:19.0640 3008 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
16:01:19.0640 3008 C:\Windows\System32\wow64cpu.dll - ok
16:01:19.0640 3008 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
16:01:19.0640 3008 C:\Windows\SysWOW64\kernel32.dll - ok
16:01:19.0656 3008 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
16:01:19.0656 3008 C:\Windows\SysWOW64\KernelBase.dll - ok
16:01:19.0656 3008 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
16:01:19.0656 3008 C:\Windows\SysWOW64\psapi.dll - ok
16:01:19.0656 3008 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
16:01:19.0656 3008 C:\Windows\SysWOW64\user32.dll - ok
16:01:19.0656 3008 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
16:01:19.0656 3008 C:\Windows\SysWOW64\gdi32.dll - ok
16:01:19.0672 3008 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
16:01:19.0672 3008 C:\Windows\SysWOW64\lpk.dll - ok
16:01:19.0672 3008 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
16:01:19.0672 3008 C:\Windows\SysWOW64\usp10.dll - ok
16:01:19.0672 3008 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
16:01:19.0672 3008 C:\Windows\SysWOW64\advapi32.dll - ok
16:01:19.0672 3008 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
16:01:19.0672 3008 C:\Windows\SysWOW64\msvcrt.dll - ok
16:01:19.0672 3008 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
16:01:19.0672 3008 C:\Windows\SysWOW64\sechost.dll - ok
16:01:19.0687 3008 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
16:01:19.0687 3008 C:\Windows\SysWOW64\rpcrt4.dll - ok
16:01:19.0687 3008 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
16:01:19.0687 3008 C:\Windows\SysWOW64\cryptbase.dll - ok
16:01:19.0687 3008 [ 358FC25391C6733EAF49DB480AFDFD8C ] C:\Windows\SysWOW64\shell32.dll
16:01:19.0687 3008 C:\Windows\SysWOW64\shell32.dll - ok
16:01:19.0687 3008 [ 44B2693080979A0E05085B3FAAA43A09 ] C:\Windows\SysWOW64\sspicli.dll
16:01:19.0687 3008 C:\Windows\SysWOW64\sspicli.dll - ok
16:01:19.0703 3008 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
16:01:19.0703 3008 C:\Windows\SysWOW64\shlwapi.dll - ok
16:01:19.0703 3008 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
16:01:19.0703 3008 C:\Windows\SysWOW64\ole32.dll - ok
16:01:19.0703 3008 [ 454E292861A4EF1D72F43F42BBAF6917 ] C:\Windows\SysWOW64\crypt32.dll
16:01:19.0703 3008 C:\Windows\SysWOW64\crypt32.dll - ok
16:01:19.0703 3008 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
16:01:19.0703 3008 C:\Windows\SysWOW64\oleaut32.dll - ok
16:01:19.0718 3008 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
16:01:19.0718 3008 C:\Windows\SysWOW64\msasn1.dll - ok
16:01:19.0718 3008 [ 2D0D2DA87BEA7144F2A17F19D0D17E4C ] C:\Windows\SysWOW64\wintrust.dll
16:01:19.0718 3008 C:\Windows\SysWOW64\wintrust.dll - ok
16:01:19.0718 3008 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
16:01:19.0718 3008 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
16:01:19.0718 3008 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
16:01:19.0718 3008 C:\Windows\SysWOW64\imm32.dll - ok
16:01:19.0734 3008 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
16:01:19.0734 3008 C:\Windows\SysWOW64\msctf.dll - ok
16:01:19.0734 3008 [ 9737FC97B5C941F083C4E46CBCCE2D4A ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
16:01:19.0734 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe - ok
16:01:19.0734 3008 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
16:01:19.0734 3008 C:\Windows\System32\taskschd.dll - ok
16:01:19.0734 3008 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
16:01:19.0734 3008 C:\Windows\SysWOW64\ws2_32.dll - ok
16:01:19.0750 3008 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
16:01:19.0750 3008 C:\Windows\SysWOW64\nsi.dll - ok
16:01:19.0750 3008 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\SysWOW64\secur32.dll
16:01:19.0750 3008 C:\Windows\SysWOW64\secur32.dll - ok
16:01:19.0750 3008 [ A3C190D644E88DE5872FC7FEC7377E35 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
16:01:19.0750 3008 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll - ok
16:01:19.0750 3008 [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
16:01:19.0750 3008 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
16:01:19.0765 3008 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
16:01:19.0765 3008 C:\Windows\SysWOW64\credssp.dll - ok
16:01:19.0765 3008 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
16:01:19.0765 3008 C:\Windows\SysWOW64\cryptsp.dll - ok
16:01:19.0765 3008 [ 1AFFB765AF1FDCC0C185C38E9DDDDAEE ] C:\Windows\SysWOW64\schannel.dll
16:01:19.0765 3008 C:\Windows\SysWOW64\schannel.dll - ok
16:01:19.0765 3008 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
16:01:19.0765 3008 C:\Windows\System32\dssenh.dll - ok
16:01:19.0765 3008 [ 71C8CBDE6B18F90F19E9C7CB884F87C8 ] C:\Windows\System32\drivers\epfwwfpr.sys
16:01:19.0765 3008 C:\Windows\System32\drivers\epfwwfpr.sys - ok
16:01:19.0781 3008 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
16:01:19.0781 3008 C:\Windows\System32\ncsi.dll - ok
16:01:19.0781 3008 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
16:01:19.0781 3008 C:\Windows\SysWOW64\ntmarta.dll - ok
16:01:19.0781 3008 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
16:01:19.0781 3008 C:\Windows\SysWOW64\Wldap32.dll - ok
16:01:19.0781 3008 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
16:01:19.0781 3008 C:\Windows\System32\aepic.dll - ok
16:01:19.0781 3008 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
16:01:19.0781 3008 C:\Windows\System32\drivers\PEAuth.sys - ok
16:01:19.0796 3008 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
16:01:19.0796 3008 C:\Windows\System32\sfc.dll - ok
16:01:19.0796 3008 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
16:01:19.0796 3008 C:\Windows\System32\sfc_os.dll - ok
16:01:19.0796 3008 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
16:01:19.0796 3008 C:\Windows\System32\drivers\secdrv.sys - ok
16:01:19.0796 3008 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
16:01:19.0796 3008 C:\Windows\System32\drivers\srvnet.sys - ok
16:01:19.0812 3008 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
16:01:19.0812 3008 C:\Windows\System32\ssdpapi.dll - ok
16:01:19.0812 3008 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
16:01:19.0812 3008 C:\Windows\System32\drivers\tcpipreg.sys - ok
16:01:19.0812 3008 [ 74983ADDCA2D9618512C088D856D6615 ] C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
16:01:19.0812 3008 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl - ok
16:01:19.0812 3008 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
16:01:19.0812 3008 C:\Windows\System32\wbemcomn.dll - ok
16:01:19.0828 3008 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
16:01:19.0828 3008 C:\Windows\System32\wiatrace.dll - ok
16:01:19.0828 3008 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
16:01:19.0828 3008 C:\Windows\System32\drivers\srv2.sys - ok
16:01:19.0828 3008 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
16:01:19.0828 3008 C:\Windows\System32\drivers\srv.sys - ok
16:01:19.0828 3008 [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:01:19.0828 3008 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe - ok
16:01:19.0828 3008 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
16:01:19.0828 3008 C:\Windows\System32\hnetcfg.dll - ok
16:01:19.0843 3008 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
16:01:19.0843 3008 C:\Windows\System32\netmsg.dll - ok
16:01:19.0843 3008 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
16:01:19.0843 3008 C:\Windows\System32\wbem\fastprox.dll - ok
16:01:19.0843 3008 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
16:01:19.0843 3008 C:\Windows\System32\wbem\WinMgmtR.dll - ok
16:01:19.0843 3008 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
16:01:19.0843 3008 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
16:01:19.0859 3008 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
16:01:19.0859 3008 C:\Windows\System32\wbem\wbemprox.dll - ok
16:01:19.0859 3008 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
16:01:19.0859 3008 C:\Windows\System32\clusapi.dll - ok
16:01:19.0859 3008 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
16:01:19.0859 3008 C:\Windows\System32\sscore.dll - ok
16:01:19.0859 3008 [ 8CE1A6D16B9077E91E192499EB611C5F ] C:\Windows\SysWOW64\netapi32.dll
16:01:19.0859 3008 C:\Windows\SysWOW64\netapi32.dll - ok
16:01:19.0874 3008 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
16:01:19.0874 3008 C:\Windows\SysWOW64\netutils.dll - ok
16:01:19.0874 3008 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
16:01:19.0874 3008 C:\Windows\SysWOW64\schedcli.dll - ok
16:01:19.0874 3008 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
16:01:19.0874 3008 C:\Windows\SysWOW64\sfc.dll - ok
16:01:19.0874 3008 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
16:01:19.0874 3008 C:\Windows\SysWOW64\sfc_os.dll - ok
16:01:19.0874 3008 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
16:01:19.0874 3008 C:\Windows\SysWOW64\srvcli.dll - ok
16:01:19.0890 3008 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
16:01:19.0890 3008 C:\Windows\SysWOW64\wkscli.dll - ok
16:01:19.0890 3008 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
16:01:19.0890 3008 C:\Windows\System32\ntdsapi.dll - ok
16:01:19.0890 3008 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
16:01:19.0890 3008 C:\Windows\SysWOW64\version.dll - ok
16:01:19.0890 3008 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
16:01:19.0890 3008 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
16:01:19.0906 3008 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
16:01:19.0906 3008 C:\Windows\System32\resutils.dll - ok
16:01:19.0906 3008 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
16:01:19.0906 3008 C:\Windows\System32\wbem\wbemcore.dll - ok
16:01:19.0906 3008 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
16:01:19.0906 3008 C:\Windows\System32\wbem\esscli.dll - ok
16:01:19.0906 3008 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
16:01:19.0906 3008 C:\Windows\SysWOW64\winspool.drv - ok
16:01:19.0921 3008 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
16:01:19.0921 3008 C:\Windows\System32\wbem\wbemsvc.dll - ok
16:01:19.0921 3008 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
16:01:19.0921 3008 C:\Windows\System32\wbem\wmiutils.dll - ok
16:01:19.0921 3008 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
16:01:19.0921 3008 C:\Windows\System32\wbem\repdrvfs.dll - ok
16:01:19.0921 3008 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
16:01:19.0921 3008 C:\Windows\SysWOW64\msimg32.dll - ok
16:01:19.0921 3008 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
16:01:19.0921 3008 C:\Windows\SysWOW64\wer.dll - ok
16:01:19.0937 3008 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
16:01:19.0937 3008 C:\Windows\SysWOW64\Faultrep.dll - ok
16:01:19.0937 3008 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
16:01:19.0937 3008 C:\Windows\System32\rasadhlp.dll - ok
16:01:19.0937 3008 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
16:01:19.0937 3008 C:\Windows\SysWOW64\setupapi.dll - ok
16:01:19.0937 3008 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
16:01:19.0937 3008 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
16:01:19.0952 3008 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
16:01:19.0952 3008 C:\Windows\System32\ncobjapi.dll - ok
16:01:19.0952 3008 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
16:01:19.0952 3008 C:\Windows\System32\wbem\wbemess.dll - ok
16:01:19.0952 3008 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
16:01:19.0952 3008 C:\Windows\SysWOW64\cfgmgr32.dll - ok
16:01:19.0952 3008 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
16:01:19.0952 3008 C:\Windows\SysWOW64\devobj.dll - ok
16:01:19.0968 3008 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
16:01:19.0968 3008 C:\Windows\SysWOW64\clbcatq.dll - ok
16:01:19.0968 3008 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
16:01:19.0968 3008 C:\Windows\SysWOW64\propsys.dll - ok
16:01:19.0968 3008 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
16:01:19.0968 3008 C:\Windows\System32\p2pcollab.dll - ok
16:01:19.0968 3008 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
16:01:19.0968 3008 C:\Windows\System32\wbem\NCProv.dll - ok
16:01:19.0968 3008 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
16:01:19.0968 3008 C:\Windows\SysWOW64\profapi.dll - ok
16:01:19.0984 3008 [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe
16:01:19.0984 3008 C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe - ok
16:01:19.0984 3008 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
16:01:19.0984 3008 C:\Windows\System32\aeevts.dll - ok
16:01:19.0984 3008 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
16:01:19.0984 3008 C:\Windows\System32\fveui.dll - ok
16:01:19.0984 3008 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
16:01:19.0984 3008 C:\Windows\SysWOW64\sxs.dll - ok
16:01:19.0999 3008 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
16:01:19.0999 3008 C:\Windows\SysWOW64\wbemcomn.dll - ok
16:01:19.0999 3008 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
16:01:19.0999 3008 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
16:01:19.0999 3008 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
16:01:19.0999 3008 C:\Windows\System32\wuapi.dll - ok
16:01:19.0999 3008 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
16:01:19.0999 3008 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
16:01:20.0015 3008 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
16:01:20.0015 3008 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
16:01:20.0015 3008 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
16:01:20.0015 3008 C:\Windows\System32\cabinet.dll - ok
16:01:20.0015 3008 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
16:01:20.0015 3008 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
16:01:20.0015 3008 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
16:01:20.0015 3008 C:\Windows\SysWOW64\rsaenh.dll - ok
16:01:20.0015 3008 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
16:01:20.0015 3008 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
16:01:20.0030 3008 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
16:01:20.0030 3008 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
16:01:20.0030 3008 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
16:01:20.0030 3008 C:\Windows\System32\wups.dll - ok
16:01:20.0030 3008 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
16:01:20.0030 3008 C:\Windows\SysWOW64\ntdsapi.dll - ok
16:01:20.0030 3008 [ 88D4EAF9E914DC72D064A9F43F5FC7A1 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll
16:01:20.0030 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll - ok
16:01:20.0046 3008 [ 4102990A12F04EA86A01C46807192861 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll
16:01:20.0046 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll - ok
16:01:20.0046 3008 [ 452B63D9A97BFBCE5A058AFBA0484097 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll
16:01:20.0046 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll - ok
16:01:20.0046 3008 [ B739C70D2EE3F260579995B4D01C3BA2 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll
16:01:20.0046 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll - ok
16:01:20.0046 3008 [ E71D3D0C9DEAE26545CB209C5CE761A1 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll
16:01:20.0046 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll - ok
16:01:20.0062 3008 [ 894CC151147C68748AA2BC484DC6C6C7 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll
16:01:20.0062 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll - ok
16:01:20.0062 3008 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
16:01:20.0062 3008 C:\Windows\SysWOW64\mpr.dll - ok
16:01:20.0062 3008 [ C09993D557634CB156AFFDBE2AF179C5 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll
16:01:20.0062 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll - ok
16:01:20.0062 3008 [ E81EB2EEC6F75903FAC6C002003E722F ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll
16:01:20.0062 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll - ok
16:01:20.0062 3008 [ CC7FA8DCE61B9942692206739682BAB1 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOE.dll
16:01:20.0062 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOE.dll - ok
16:01:20.0077 3008 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
16:01:20.0077 3008 C:\Windows\SysWOW64\apphelp.dll - ok
16:01:20.0077 3008 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
16:01:20.0077 3008 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
16:01:20.0077 3008 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
16:01:20.0077 3008 C:\Windows\SysWOW64\rundll32.exe - ok
16:01:20.0077 3008 [ B2FD31E20B423335FE3273B4BF95813C ] C:\Windows\SysWOW64\imagehlp.dll
16:01:20.0077 3008 C:\Windows\SysWOW64\imagehlp.dll - ok
16:01:20.0093 3008 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
16:01:20.0093 3008 C:\Windows\AppPatch\AcLayers.dll - ok
16:01:20.0093 3008 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
16:01:20.0093 3008 C:\Windows\SysWOW64\userenv.dll - ok
16:01:20.0093 3008 [ 6D7DE520D8AA80A243347BECD401EB54 ] C:\Windows\AppPatch\acwow64.dll
16:01:20.0093 3008 C:\Windows\AppPatch\acwow64.dll - ok
16:01:20.0093 3008 [ E09B2B9E1140BFE5EEE8982C9566E8C3 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll
16:01:20.0093 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll - ok
16:01:20.0108 3008 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
16:01:20.0108 3008 C:\Windows\System32\rundll32.exe - ok
16:01:20.0108 3008 [ 7ECCA1A935D8DCCF15DB24A6AF258978 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOutlook.dll
16:01:20.0108 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOutlook.dll - ok
16:01:20.0108 3008 [ A8E3FCC82994AE2B882C801687D34C5A ] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird\Components\eplgTb.dll
16:01:20.0108 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird\Components\eplgTb.dll - ok
16:01:20.0108 3008 [ 5D37753BE5F69529F41C4F69E30FF538 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\PPESET.dll
16:01:20.0108 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\PPESET.dll - ok
16:01:20.0124 3008 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
16:01:20.0124 3008 C:\Windows\SysWOW64\wscapi.dll - ok
16:01:20.0124 3008 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
16:01:20.0124 3008 C:\Windows\SysWOW64\wscisvif.dll - ok
16:01:20.0124 3008 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
16:01:20.0124 3008 C:\Windows\System32\perftrack.dll - ok
16:01:20.0124 3008 [ D8585EF6124B0A08387F4E57542C86DE ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\drvstore.dll
16:01:20.0124 3008 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\drvstore.dll - ok
16:01:20.0124 3008 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
16:01:20.0124 3008 C:\Windows\System32\Apphlpdm.dll - ok
16:01:20.0140 3008 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
16:01:20.0140 3008 C:\Windows\System32\diagperf.dll - ok
16:01:20.0140 3008 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
16:01:20.0140 3008 C:\Windows\System32\wer.dll - ok
16:01:20.0140 3008 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
16:01:20.0140 3008 C:\Windows\SysWOW64\rasapi32.dll - ok
16:01:20.0140 3008 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
16:01:20.0140 3008 C:\Windows\System32\mprapi.dll - ok
16:01:20.0155 3008 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
16:01:20.0155 3008 C:\Windows\System32\ndiscapCfg.dll - ok
16:01:20.0155 3008 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
16:01:20.0155 3008 C:\Windows\SysWOW64\rasman.dll - ok
16:01:20.0155 3008 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
16:01:20.0155 3008 C:\Windows\SysWOW64\rtutils.dll - ok
16:01:20.0155 3008 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
16:01:20.0155 3008 C:\Windows\System32\mprmsg.dll - ok
16:01:20.0155 3008 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
16:01:20.0155 3008 C:\Windows\System32\PortableDeviceApi.dll - ok
16:01:20.0171 3008 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
16:01:20.0171 3008 C:\Windows\System32\npmproxy.dll - ok
16:01:20.0171 3008 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
16:01:20.0171 3008 C:\Windows\System32\wdiasqmmodule.dll - ok
16:01:20.0171 3008 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
16:01:20.0171 3008 C:\Windows\System32\pnpts.dll - ok
16:01:20.0171 3008 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
16:01:20.0171 3008 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
16:01:20.0186 3008 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
16:01:20.0186 3008 C:\Windows\System32\nci.dll - ok
16:01:20.0186 3008 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
16:01:20.0186 3008 C:\Windows\System32\WinSATAPI.dll - ok
16:01:20.0186 3008 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
16:01:20.0186 3008 C:\Windows\System32\wlaninst.dll - ok
16:01:20.0186 3008 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
16:01:20.0186 3008 C:\Windows\System32\dxgi.dll - ok
16:01:20.0186 3008 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
16:01:20.0186 3008 C:\Windows\System32\wwaninst.dll - ok
16:01:20.0202 3008 [ C99C6E70B3625D0E5600B361007B6CA1 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
16:01:20.0202 3008 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
16:01:20.0202 3008 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
16:01:20.0202 3008 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
16:01:20.0202 3008 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
16:01:20.0202 3008 C:\Windows\System32\UXInit.dll - ok
16:01:20.0202 3008 [ DA962E6301C2B887F545DA88BEB8D5D5 ] C:\Windows\servicing\CbsMsg.dll
16:01:20.0202 3008 C:\Windows\servicing\CbsMsg.dll - ok
16:01:20.0218 3008 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
16:01:20.0218 3008 C:\Windows\System32\imageres.dll - ok
16:01:20.0218 3008 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
16:01:20.0218 3008 C:\Windows\System32\dllhost.exe - ok
16:01:20.0218 3008 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
16:01:20.0218 3008 C:\Windows\System32\IDStore.dll - ok
16:01:20.0218 3008 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
16:01:20.0218 3008 C:\Windows\System32\taskhost.exe - ok
16:01:20.0233 3008 [ 89B89AE23491F5D4E338499A3D568269 ] C:\Windows\System32\localspl.dll
16:01:20.0233 3008 C:\Windows\System32\localspl.dll - ok
16:01:20.0233 3008 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
16:01:20.0233 3008 C:\Windows\System32\PlaySndSrv.dll - ok
16:01:20.0233 3008 [ C5CE5CE799387E82B7698A0EE5544A6D ] C:\Windows\System32\slui.exe
16:01:20.0233 3008 C:\Windows\System32\slui.exe - ok
16:01:20.0233 3008 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
16:01:20.0233 3008 C:\Windows\System32\taskeng.exe - ok
16:01:20.0249 3008 [ 2CA49731C5CCB033288B78A2592DE27F ] C:\Windows\System32\sppcommdlg.dll
16:01:20.0249 3008 C:\Windows\System32\sppcommdlg.dll - ok
16:01:20.0249 3008 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
16:01:20.0249 3008 C:\Windows\System32\radardt.dll - ok
16:01:20.0249 3008 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
16:01:20.0249 3008 C:\Windows\System32\sppc.dll - ok
16:01:20.0249 3008 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
16:01:20.0249 3008 C:\Windows\System32\HotStartUserAgent.dll - ok
16:01:20.0249 3008 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
16:01:20.0249 3008 C:\Windows\System32\spoolss.dll - ok
16:01:20.0264 3008 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
16:01:20.0264 3008 C:\Windows\System32\winmm.dll - ok
16:01:20.0264 3008 [ 6F5BE3F67D7F66FFA861ABBFC6A8C973 ] C:\Windows\System32\sppcext.dll
16:01:20.0264 3008 C:\Windows\System32\sppcext.dll - ok
16:01:20.0264 3008 [ 067FA52BFB59A56110A12312EF9AF243 ] C:\Windows\System32\sppcomapi.dll
16:01:20.0264 3008 C:\Windows\System32\sppcomapi.dll - ok
16:01:20.0264 3008 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
16:01:20.0264 3008 C:\Windows\System32\winspool.drv - ok
16:01:20.0280 3008 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
16:01:20.0280 3008 C:\Windows\System32\MsCtfMonitor.dll - ok
16:01:20.0280 3008 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
16:01:20.0280 3008 C:\Windows\System32\msutb.dll - ok
16:01:20.0280 3008 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
16:01:20.0280 3008 C:\Windows\System32\PrintIsolationProxy.dll - ok
16:01:20.0280 3008 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
16:01:20.0280 3008 C:\Windows\System32\FXSMON.dll - ok
16:01:20.0296 3008 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
16:01:20.0296 3008 C:\Windows\System32\tcpmon.dll - ok
16:01:20.0296 3008 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
16:01:20.0296 3008 C:\Windows\System32\snmpapi.dll - ok
16:01:20.0296 3008 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
16:01:20.0296 3008 C:\Windows\System32\wsnmp32.dll - ok
16:01:20.0296 3008 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
16:01:20.0296 3008 C:\Windows\System32\usbmon.dll - ok
16:01:20.0296 3008 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
16:01:20.0296 3008 C:\Windows\System32\WSDMon.dll - ok
16:01:20.0311 3008 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
16:01:20.0311 3008 C:\Windows\System32\WSDApi.dll - ok
16:01:20.0311 3008 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
16:01:20.0311 3008 C:\Windows\System32\TSChannel.dll - ok
16:01:20.0311 3008 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
16:01:20.0311 3008 C:\Windows\System32\tapi32.dll - ok
16:01:20.0311 3008 [ 6A16BCE3C09496650BE881C467611653 ] C:\Windows\System32\msi.dll
16:01:20.0311 3008 C:\Windows\System32\msi.dll - ok
16:01:20.0327 3008 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
16:01:20.0327 3008 C:\Windows\System32\webservices.dll - ok
16:01:20.0327 3008 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
16:01:20.0327 3008 C:\Windows\System32\fundisc.dll - ok
16:01:20.0327 3008 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
16:01:20.0327 3008 C:\Windows\System32\fdPnp.dll - ok
16:01:20.0327 3008 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
16:01:20.0327 3008 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
16:01:20.0327 3008 [ 2AC11BE0F5D9A01433732AAB8BA21774 ] C:\Windows\System32\win32spl.dll
16:01:20.0327 3008 C:\Windows\System32\win32spl.dll - ok
16:01:20.0342 3008 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:01:20.0342 3008 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
16:01:20.0342 3008 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
16:01:20.0342 3008 C:\Windows\System32\inetpp.dll - ok
16:01:20.0342 3008 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
16:01:20.0342 3008 C:\Windows\System32\slwga.dll - ok
16:01:20.0342 3008 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
16:01:20.0342 3008 C:\Windows\System32\cscapi.dll - ok
16:01:20.0358 3008 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
16:01:20.0358 3008 C:\Windows\System32\drivers\spsys.sys - ok
16:01:20.0358 3008 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
16:01:20.0358 3008 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
16:01:20.0358 3008 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
16:01:20.0358 3008 C:\Windows\System32\sppwinob.dll - ok
16:01:20.0358 3008 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
16:01:20.0358 3008 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
16:01:20.0374 3008 [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\SysWOW64\msi.dll
16:01:20.0374 3008 C:\Windows\SysWOW64\msi.dll - ok
16:01:20.0374 3008 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
16:01:20.0374 3008 C:\Windows\SysWOW64\winnsi.dll - ok
16:01:20.0374 3008 [ 1D94FA7C81D2FFE494AF094619BA706F ] C:\Windows\SysWOW64\wininet.dll
16:01:20.0374 3008 C:\Windows\SysWOW64\wininet.dll - ok
16:01:20.0374 3008 [ CDF5B6AEC538E02D5579E2E791042A1A ] C:\Windows\SysWOW64\iertutil.dll
16:01:20.0374 3008 C:\Windows\SysWOW64\iertutil.dll - ok
16:01:20.0374 3008 [ 79F14B5DF9E17E12193337ED4EE1C491 ] C:\Windows\SysWOW64\urlmon.dll
16:01:20.0374 3008 C:\Windows\SysWOW64\urlmon.dll - ok
16:01:20.0389 3008 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
16:01:20.0389 3008 C:\Windows\SysWOW64\cscapi.dll - ok
16:01:20.0389 3008 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
16:01:20.0389 3008 C:\Windows\SysWOW64\dbghelp.dll - ok
16:01:20.0389 3008 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
16:01:20.0389 3008 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
16:01:20.0389 3008 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
16:01:20.0389 3008 C:\Windows\System32\sppobjs.dll - ok
16:01:20.0405 3008 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
16:01:20.0405 3008 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
16:01:20.0405 3008 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
16:01:20.0405 3008 C:\Windows\SysWOW64\mstask.dll - ok
16:01:20.0405 3008 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
16:01:20.0405 3008 C:\Windows\System32\oleacc.dll - ok
16:01:20.0405 3008 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
16:01:20.0405 3008 C:\Windows\System32\userinit.exe - ok
16:01:20.0420 3008 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
16:01:20.0420 3008 C:\Windows\System32\dwmredir.dll - ok
16:01:20.0420 3008 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
16:01:20.0420 3008 C:\Windows\System32\dwmcore.dll - ok
16:01:20.0420 3008 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
16:01:20.0420 3008 C:\Windows\System32\d3d10_1.dll - ok
16:01:20.0420 3008 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
16:01:20.0420 3008 C:\Windows\System32\d3d10_1core.dll - ok
16:01:20.0436 3008 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
16:01:20.0436 3008 C:\Windows\explorer.exe - ok
16:01:20.0436 3008 [ DD439A3AB75B1E5D693FE89BB509E417 ] C:\Windows\System32\igd10umd64.dll
16:01:20.0436 3008 C:\Windows\System32\igd10umd64.dll - ok
16:01:20.0436 3008 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
16:01:20.0436 3008 C:\Windows\System32\ExplorerFrame.dll - ok
16:01:20.0436 3008 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
16:01:20.0436 3008 C:\Windows\System32\EhStorShell.dll - ok
16:01:20.0436 3008 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
16:01:20.0436 3008 C:\Windows\System32\ntshrui.dll - ok
16:01:20.0452 3008 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
16:01:20.0452 3008 C:\Windows\System32\IconCodecService.dll - ok
16:01:20.0452 3008 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
16:01:20.0452 3008 C:\Windows\System32\uDWM.dll - ok
16:01:20.0452 3008 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
16:01:20.0452 3008 C:\Windows\System32\runonce.exe - ok
16:01:20.0452 3008 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
16:01:20.0452 3008 C:\Windows\SysWOW64\runonce.exe - ok
16:01:20.0467 3008 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
16:01:20.0467 3008 C:\Windows\SysWOW64\uxtheme.dll - ok
16:01:20.0467 3008 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
16:01:20.0467 3008 C:\Windows\SysWOW64\cmd.exe - ok
16:01:20.0467 3008 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
16:01:20.0467 3008 C:\Windows\System32\conhost.exe - ok
16:01:20.0467 3008 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
16:01:20.0467 3008 C:\Windows\SysWOW64\winbrand.dll - ok
16:01:20.0483 3008 [ 490FC0D07F7C0468E232AB8E8E956719 ] C:\Windows\SysWOW64\ieframe.dll
16:01:20.0483 3008 C:\Windows\SysWOW64\ieframe.dll - ok
16:01:20.0483 3008 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
16:01:20.0483 3008 C:\Windows\SysWOW64\oleacc.dll - ok
16:01:20.0483 3008 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
16:01:20.0483 3008 C:\Windows\SysWOW64\shdocvw.dll - ok
16:01:20.0483 3008 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Owner\AppData\Local\Temp\0CB3C208-3AC2-4C20-8266-BD6586F54314.exe
16:01:20.0483 3008 C:\Users\Owner\AppData\Local\Temp\0CB3C208-3AC2-4C20-8266-BD6586F54314.exe - ok
16:01:20.0498 3008 [ C20FF1A17726C357461A7AC5B3BFC3AD ] C:\Windows\SysWOW64\ncrypt.dll
16:01:20.0498 3008 C:\Windows\SysWOW64\ncrypt.dll - ok
16:01:20.0498 3008 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
16:01:20.0498 3008 C:\Windows\SysWOW64\bcrypt.dll - ok
16:01:20.0498 3008 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
16:01:20.0498 3008 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
16:01:20.0498 3008 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
16:01:20.0498 3008 C:\Windows\SysWOW64\gpapi.dll - ok
16:01:20.0514 3008 [ 04D16553664796613FE98D441A0C35D7 ] C:\Windows\SysWOW64\cryptnet.dll
16:01:20.0514 3008 C:\Windows\SysWOW64\cryptnet.dll - ok
16:01:20.0514 3008 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
16:01:20.0514 3008 C:\Windows\SysWOW64\SensApi.dll - ok
16:01:20.0514 3008 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
16:01:20.0514 3008 C:\Windows\SysWOW64\cabinet.dll - ok
16:01:20.0514 3008 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
16:01:20.0514 3008 C:\Windows\SysWOW64\devrtl.dll - ok
16:01:20.0530 3008 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
16:01:20.0530 3008 C:\Windows\SysWOW64\dwmapi.dll - ok
16:01:20.0530 3008 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
16:01:20.0530 3008 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
16:01:20.0530 3008 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
16:01:20.0530 3008 C:\Windows\SysWOW64\EhStorShell.dll - ok
16:01:20.0530 3008 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
16:01:20.0530 3008 C:\Windows\SysWOW64\ntshrui.dll - ok
16:01:20.0545 3008 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
16:01:20.0545 3008 C:\Windows\SysWOW64\slc.dll - ok
16:01:20.0545 3008 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
16:01:20.0545 3008 C:\Windows\SysWOW64\imageres.dll - ok
16:01:20.0545 3008 [ D63F0353F632FB1EDE724173BE6DB5B5 ] C:\Windows\System32\esent.dll
16:01:20.0545 3008 C:\Windows\System32\esent.dll - ok
16:01:20.0545 3008 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
16:01:20.0545 3008 C:\Windows\System32\wmploc.DLL - ok
16:01:20.0561 3008 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
16:01:20.0561 3008 C:\Windows\SysWOW64\winhttp.dll - ok
16:01:20.0561 3008 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
16:01:20.0561 3008 C:\Windows\SysWOW64\webio.dll - ok
16:01:20.0561 3008 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
16:01:20.0561 3008 C:\Windows\System32\themeui.dll - ok
16:01:20.0561 3008 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
16:01:20.0561 3008 C:\Windows\SysWOW64\mswsock.dll - ok
16:01:20.0561 3008 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
16:01:20.0561 3008 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
16:01:20.0576 3008 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
16:01:20.0576 3008 C:\Windows\SysWOW64\wship6.dll - ok
16:01:20.0576 3008 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
16:01:20.0576 3008 C:\Windows\SysWOW64\dnsapi.dll - ok
16:01:20.0576 3008 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
16:01:20.0576 3008 C:\Windows\SysWOW64\rasadhlp.dll - ok
16:01:20.0576 3008 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
16:01:20.0576 3008 C:\Windows\System32\actxprxy.dll - ok
16:01:20.0592 3008 [ 0A5562952091635CBF3AC20F9FB73D09 ] C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
16:01:20.0592 3008 C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe - ok
16:01:20.0592 3008 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
16:01:20.0592 3008 C:\Windows\SysWOW64\wtsapi32.dll - ok
16:01:20.0592 3008 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
16:01:20.0592 3008 C:\Windows\SysWOW64\winmm.dll - ok
16:01:20.0608 3008 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
16:01:20.0608 3008 C:\Windows\AppPatch\AcGenral.dll - ok
16:01:20.0608 3008 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
16:01:20.0608 3008 C:\Windows\SysWOW64\samcli.dll - ok
16:01:20.0608 3008 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
16:01:20.0608 3008 C:\Windows\SysWOW64\msacm32.dll - ok
16:01:20.0608 3008 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
16:01:20.0608 3008 C:\Windows\SysWOW64\linkinfo.dll - ok
16:01:20.0623 3008 [ CC19B60A901A415624F5771F1F0A6060 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
16:01:20.0623 3008 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
16:01:20.0623 3008 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
16:01:20.0623 3008 C:\Windows\System32\ie4uinit.exe - ok
16:01:20.0623 3008 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
16:01:20.0623 3008 C:\Windows\System32\iedkcs32.dll - ok
16:01:20.0623 3008 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
16:01:20.0623 3008 C:\Windows\System32\timedate.cpl - ok
16:01:20.0639 3008 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\04509341.sys
16:01:20.0639 3008 C:\Windows\System32\drivers\04509341.sys - ok
16:01:20.0639 3008 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
16:01:20.0639 3008 C:\Windows\System32\shdocvw.dll - ok
16:01:20.0639 3008 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
16:01:20.0639 3008 C:\Windows\System32\linkinfo.dll - ok
16:01:20.0639 3008 [ FD28E3B46F63337EAF905120F1E00070 ] C:\Windows\System32\accessibilitycpl.dll
16:01:20.0639 3008 C:\Windows\System32\accessibilitycpl.dll - ok
16:01:20.0639 3008 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
16:01:20.0639 3008 C:\Windows\System32\msftedit.dll - ok
16:01:20.0654 3008 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
16:01:20.0654 3008 C:\Windows\SysWOW64\riched20.dll - ok
16:01:20.0654 3008 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
16:01:20.0654 3008 C:\Windows\System32\msls31.dll - ok
16:01:20.0654 3008 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
16:01:20.0654 3008 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
16:01:20.0670 3008 [ B795E6138E29A37508285FC31E92BD78 ] C:\Windows\System32\DisplaySwitch.exe
16:01:20.0670 3008 C:\Windows\System32\DisplaySwitch.exe - ok
16:01:20.0670 3008 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
16:01:20.0670 3008 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
16:01:20.0670 3008 [ 98F1C94E108DF0811CC5EF098ECFB842 ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
16:01:20.0670 3008 C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
16:01:20.0686 3008 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
16:01:20.0686 3008 C:\Windows\SysWOW64\duser.dll - ok
16:01:20.0686 3008 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
16:01:20.0686 3008 C:\Windows\SysWOW64\dui70.dll - ok
16:01:20.0686 3008 [ 810A5F70CEB063CEC85360394BEC2C56 ] C:\Windows\System32\igfxtray.exe
16:01:20.0686 3008 C:\Windows\System32\igfxtray.exe - ok
16:01:20.0686 3008 [ 3E94D32FD23950465BB94F7352E77FFC ] C:\Windows\System32\hccutils.dll
16:01:20.0686 3008 C:\Windows\System32\hccutils.dll - ok
16:01:20.0686 3008 [ FA4C36B574BF387D9582ED2C54A347A8 ] C:\Windows\System32\mblctr.exe
16:01:20.0686 3008 C:\Windows\System32\mblctr.exe - ok
16:01:20.0701 3008 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
16:01:20.0701 3008 C:\Windows\System32\DeviceCenter.dll - ok
16:01:20.0701 3008 [ 70DC94749409DF274776902F5583C710 ] C:\Windows\System32\igfxsrvc.exe
16:01:20.0701 3008 C:\Windows\System32\igfxsrvc.exe - ok
16:01:20.0701 3008 [ 2FE8F6A30802B69A3F501607F346DEEA ] C:\Windows\System32\hkcmd.exe
16:01:20.0701 3008 C:\Windows\System32\hkcmd.exe - ok
16:01:20.0701 3008 [ CA1941B93BA45B7EA4D7D9F451B25C84 ] C:\Windows\System32\igfxpers.exe
16:01:20.0701 3008 C:\Windows\System32\igfxpers.exe - ok
16:01:20.0717 3008 [ 90614633898F8D44BC984EC7B729DD70 ] C:\Windows\System32\ieframe.dll
16:01:20.0717 3008 C:\Windows\System32\ieframe.dll - ok
16:01:20.0717 3008 [ 3788FA5392A6E596CA4A3A7B2732AB03 ] C:\Windows\System32\igfxdev.dll
16:01:20.0717 3008 C:\Windows\System32\igfxdev.dll - ok
16:01:20.0717 3008 [ C8598917640A816C9C5C3E30FE8A8204 ] C:\Windows\System32\igfxsrvc.dll
16:01:20.0717 3008 C:\Windows\System32\igfxsrvc.dll - ok
16:01:20.0717 3008 [ 9E7480BFAD2363972986EA5B3789CCBF ] C:\Windows\System32\igfxrenu.lrc
16:01:20.0717 3008 C:\Windows\System32\igfxrenu.lrc - ok
16:01:20.0717 3008 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
16:01:20.0717 3008 C:\Windows\System32\IccLibDll_x64.dll - ok
16:01:20.0732 3008 [ 50F739538EF014B2E7EC59431749D838 ] C:\Windows\System32\mstsc.exe
16:01:20.0732 3008 C:\Windows\System32\mstsc.exe - ok
16:01:20.0732 3008 [ 52B1F8A8372E7529EF1585AAAD055B52 ] C:\Windows\System32\igfxress.dll
16:01:20.0732 3008 C:\Windows\System32\igfxress.dll - ok
16:01:20.0732 3008 [ 00B55D14B3D1CDE6F68428149C674732 ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
16:01:20.0732 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe - ok
16:01:20.0732 3008 [ 47F0F526AD4982806C54B845B3289DE1 ] C:\Windows\System32\SoundRecorder.exe
16:01:20.0732 3008 C:\Windows\System32\SoundRecorder.exe - ok
16:01:20.0748 3008 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
16:01:20.0748 3008 C:\Windows\System32\thumbcache.dll - ok
16:01:20.0748 3008 [ EA42F79A76F4795E0930FB1E9FFFA5CF ] C:\Program Files\ESET\ESET NOD32 Antivirus\mfc80u.dll
16:01:20.0748 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\mfc80u.dll - ok
16:01:20.0748 3008 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
16:01:20.0748 3008 C:\Windows\System32\networkexplorer.dll - ok
16:01:20.0748 3008 [ 47C1DE0A890613FFCFF1D67648EEDF90 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:01:20.0748 3008 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
16:01:20.0764 3008 [ 22EC0852DBF032A93D8DA697065FA189 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
16:01:20.0764 3008 C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe - ok
16:01:20.0764 3008 [ E434C46386A31D4C0C8A07D244F8D68B ] C:\Program Files (x86)\CyberLink\Shared files\brs.exe
16:01:20.0764 3008 C:\Program Files (x86)\CyberLink\Shared files\brs.exe - ok
16:01:20.0764 3008 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
16:01:20.0764 3008 C:\Windows\System32\SyncCenter.dll - ok
16:01:20.0764 3008 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
16:01:20.0764 3008 C:\Windows\SysWOW64\msvcr71.dll - ok
16:01:20.0779 3008 [ 88A7B682EC1517295E60D3A56D503C6A ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_c6eef3b6608113e0\mfc80ENU.dll
16:01:20.0779 3008 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_c6eef3b6608113e0\mfc80ENU.dll - ok
16:01:20.0779 3008 [ 809A1EC7868924B5E92421F018587AC9 ] C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll
16:01:20.0779 3008 C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll - ok
16:01:20.0779 3008 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
16:01:20.0779 3008 C:\Windows\SysWOW64\comdlg32.dll - ok
16:01:20.0779 3008 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll
16:01:20.0779 3008 C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll - ok
16:01:20.0795 3008 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
16:01:20.0795 3008 C:\Windows\SysWOW64\oledlg.dll - ok
16:01:20.0795 3008 [ 5AA237EAF522154183AB8E95F2099827 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
16:01:20.0795 3008 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
16:01:20.0795 3008 [ 4451A06DA76E044ED77FE37A2B739FA9 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll
16:01:20.0795 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll - ok
16:01:20.0795 3008 [ F121FF27B30D62EB148E928C4769328B ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
16:01:20.0795 3008 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
16:01:20.0810 3008 [ 0BFE25805BA658C32CCDA7B0C470C269 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
16:01:20.0810 3008 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
16:01:20.0810 3008 [ C7301A1D3DB09DE86528D9D916069859 ] C:\Windows\System32\dfrgui.exe
16:01:20.0810 3008 C:\Windows\System32\dfrgui.exe - ok
16:01:20.0810 3008 [ C48BB5B98BB51021E606EE6FAA725147 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll
16:01:20.0810 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll - ok
16:01:20.0810 3008 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
16:01:20.0810 3008 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
16:01:20.0826 3008 [ B35B929DC3274B8F32ECA622CA3ED14F ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll
16:01:20.0826 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll - ok
16:01:20.0826 3008 [ 4467EBBDA3787391D7D717E98F89564F ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll
16:01:20.0826 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll - ok
16:01:20.0826 3008 [ 6E26EE228F60D75C732D209688FB546C ] C:\Windows\System32\wdc.dll
16:01:20.0826 3008 C:\Windows\System32\wdc.dll - ok
16:01:20.0826 3008 [ E2EA7C1B043E0D416C403E43F8C2244D ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll
16:01:20.0826 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll - ok
16:01:20.0826 3008 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
16:01:20.0826 3008 C:\Windows\System32\bitsperf.dll - ok
16:01:20.0842 3008 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
16:01:20.0842 3008 C:\Windows\System32\bitsigd.dll - ok
16:01:20.0842 3008 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
16:01:20.0842 3008 C:\Windows\System32\upnp.dll - ok
16:01:20.0842 3008 [ D527EB77FFE8176034A3CD8C6849532E ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll
16:01:20.0842 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll - ok
16:01:20.0857 3008 [ CE16E9B6E8EF1E457E3606FD47AE2EC8 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll
16:01:20.0857 3008 C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll - ok
16:01:20.0857 3008 [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\Windows\System32\msinfo32.exe
16:01:20.0857 3008 C:\Windows\System32\msinfo32.exe - ok
16:01:20.0857 3008 [ 3DB5A1EACE7F3049ECC49FA64461E254 ] C:\Windows\System32\rstrui.exe
16:01:20.0857 3008 C:\Windows\System32\rstrui.exe - ok
16:01:20.0873 3008 [ 51D186B582C905E49D84B70322F70B21 ] C:\Windows\System32\miguiresource.dll
16:01:20.0873 3008 C:\Windows\System32\miguiresource.dll - ok
16:01:20.0873 3008 [ A440A6EFED28AB4A8741E76BBDCF4B78 ] C:\Windows\System32\migwiz\wet.dll
16:01:20.0873 3008 C:\Windows\System32\migwiz\wet.dll - ok
16:01:20.0873 3008 [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
16:01:20.0873 3008 C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
16:01:20.0873 3008 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
16:01:20.0873 3008 C:\Windows\System32\qmgrprxy.dll - ok
16:01:20.0888 3008 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
16:01:20.0888 3008 C:\Windows\SysWOW64\qmgrprxy.dll - ok
16:01:20.0888 3008 [ 1C09858449980D64577E377EB262C9D7 ] C:\Program Files\Windows Journal\Journal.exe
16:01:20.0888 3008 C:\Program Files\Windows Journal\Journal.exe - ok
16:01:20.0888 3008 [ 852D67A27E454BD389FA7F02A8CBE23F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
16:01:20.0888 3008 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
16:01:20.0904 3008 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
16:01:20.0904 3008 C:\Windows\System32\wdmaud.drv - ok
16:01:20.0904 3008 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
16:01:20.0904 3008 C:\Windows\System32\ksuser.dll - ok
16:01:20.0904 3008 [ AC142966D25A3F543340B8D7B7C7D1DD ] C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL
16:01:20.0904 3008 C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL - ok
16:01:20.0904 3008 [ 06A6FE79BD96C7FEF7322AFE5B45FFFF ] C:\Windows\System32\mycomput.dll
16:01:20.0904 3008 C:\Windows\System32\mycomput.dll - ok
16:01:20.0904 3008 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
16:01:20.0904 3008 C:\Windows\System32\AudioSes.dll - ok
16:01:20.0920 3008 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
16:01:20.0920 3008 C:\Windows\System32\stobject.dll - ok
16:01:20.0920 3008 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
16:01:20.0920 3008 C:\Windows\System32\batmeter.dll - ok
16:01:20.0920 3008 [ 21029085C3A8856E794F30DF261AC408 ] C:\Windows\System32\XPSSHHDR.dll
16:01:20.0920 3008 C:\Windows\System32\XPSSHHDR.dll - ok
16:01:20.0920 3008 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
16:01:20.0920 3008 C:\Windows\System32\odbcint.dll - ok
16:01:20.0935 3008 [ C0DE9F616610BE344F2FF58009845100 ] C:\Windows\System32\xpssvcs.dll
16:01:20.0935 3008 C:\Windows\System32\xpssvcs.dll - ok
16:01:20.0935 3008 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
16:01:20.0935 3008 C:\Windows\System32\msacm32.dll - ok
16:01:20.0935 3008 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
16:01:20.0935 3008 C:\Windows\System32\msacm32.drv - ok
16:01:20.0935 3008 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
16:01:20.0935 3008 C:\Windows\System32\midimap.dll - ok
16:01:20.0951 3008 [ B9CE8CF2FF2D5EAFFDBAA340E7B385A5 ] C:\Windows\System32\iscsicpl.dll
16:01:20.0951 3008 C:\Windows\System32\iscsicpl.dll - ok
16:01:20.0951 3008 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
16:01:20.0951 3008 C:\Windows\System32\AudioEng.dll - ok
16:01:20.0951 3008 [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\Windows\System32\MdSched.exe
16:01:20.0951 3008 C:\Windows\System32\MdSched.exe - ok
16:01:20.0951 3008 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
16:01:20.0951 3008 C:\Windows\System32\AUDIOKSE.dll - ok
16:01:20.0966 3008 [ DE038C40F3033EDA732655FA42DCBD18 ] C:\Windows\System32\filemgmt.dll
16:01:20.0966 3008 C:\Windows\System32\filemgmt.dll - ok
16:01:20.0966 3008 [ E19D102BAF266F34592F7C742FBFA886 ] C:\Windows\System32\msconfig.exe
16:01:20.0966 3008 C:\Windows\System32\msconfig.exe - ok
16:01:20.0966 3008 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
16:01:20.0966 3008 C:\Windows\System32\WMALFXGFXDSP.dll - ok
16:01:20.0966 3008 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
16:01:20.0966 3008 C:\Windows\System32\prnfldr.dll - ok
16:01:20.0966 3008 [ 11F174ED2050121C394C17B4F7B69983 ] C:\Windows\System32\AuthFWGP.dll
16:01:20.0966 3008 C:\Windows\System32\AuthFWGP.dll - ok
16:01:20.0982 3008 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
16:01:20.0982 3008 C:\Windows\System32\mfplat.dll - ok
16:01:20.0982 3008 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
16:01:20.0982 3008 C:\Windows\System32\gameux.dll - ok
16:01:20.0982 3008 [ E7B1B5D5A1D1E4C77AE995D725A1FEE5 ] C:\Windows\System32\sdcpl.dll
16:01:20.0982 3008 C:\Windows\System32\sdcpl.dll - ok
16:01:20.0982 3008 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
16:01:20.0982 3008 C:\Windows\System32\DXP.dll - ok
16:01:20.0998 3008 [ F3B306179F1840C0813DC6771B018358 ] C:\Windows\System32\recdisc.exe
16:01:20.0998 3008 C:\Windows\System32\recdisc.exe - ok
16:01:20.0998 3008 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
16:01:20.0998 3008 C:\Windows\System32\Syncreg.dll - ok
16:01:20.0998 3008 [ E79DF53BAD587E24B3CF965A5746C7B6 ] C:\Windows\System32\msra.exe
16:01:20.0998 3008 C:\Windows\System32\msra.exe - ok
16:01:20.0998 3008 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
16:01:20.0998 3008 C:\Windows\ehome\ehSSO.dll - ok
16:01:20.0998 3008 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
16:01:20.0998 3008 C:\Windows\System32\netshell.dll - ok
16:01:21.0013 3008 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
16:01:21.0013 3008 C:\Windows\SysWOW64\nlaapi.dll - ok
16:01:21.0013 3008 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
16:01:21.0013 3008 C:\Windows\System32\AltTab.dll - ok
16:01:21.0013 3008 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
16:01:21.0013 3008 C:\Windows\System32\WPDShServiceObj.dll - ok
16:01:21.0013 3008 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
16:01:21.0013 3008 C:\Windows\System32\PortableDeviceTypes.dll - ok
16:01:21.0029 3008 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
16:01:21.0029 3008 C:\Windows\System32\msiltcfg.dll - ok
16:01:21.0029 3008 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
16:01:21.0029 3008 C:\Windows\System32\pnidui.dll - ok
16:01:21.0029 3008 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
16:01:21.0029 3008 C:\Windows\System32\QUTIL.DLL - ok
16:01:21.0029 3008 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
16:01:21.0029 3008 C:\Windows\System32\srchadmin.dll - ok
16:01:21.0029 3008 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
16:01:21.0029 3008 C:\Windows\System32\tquery.dll - ok
16:01:21.0044 3008 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
16:01:21.0044 3008 C:\Windows\System32\mssrch.dll - ok
16:01:21.0044 3008 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
16:01:21.0044 3008 C:\Windows\System32\msidle.dll - ok
16:01:21.0044 3008 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
16:01:21.0044 3008 C:\Windows\System32\rasdlg.dll - ok
16:01:21.0044 3008 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
16:01:21.0044 3008 C:\Windows\System32\mssprxy.dll - ok
16:01:21.0060 3008 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
16:01:21.0060 3008 C:\Windows\System32\ActionCenter.dll - ok
16:01:21.0060 3008 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
16:01:21.0060 3008 C:\Windows\System32\dot3api.dll - ok
16:01:21.0060 3008 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
16:01:21.0060 3008 C:\Windows\System32\wlanhlp.dll - ok
16:01:21.0060 3008 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
16:01:21.0060 3008 C:\Windows\System32\wlanapi.dll - ok
16:01:21.0060 3008 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
16:01:21.0060 3008 C:\Windows\System32\UIAnimation.dll - ok
16:01:21.0076 3008 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
16:01:21.0076 3008 C:\Windows\System32\en-US\tquery.dll.mui - ok
16:01:21.0076 3008 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
16:01:21.0076 3008 C:\Windows\System32\WWanAPI.dll - ok
16:01:21.0076 3008 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
16:01:21.0076 3008 C:\Windows\System32\wwapi.dll - ok
16:01:21.0076 3008 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
16:01:21.0076 3008 C:\Windows\System32\QAGENT.DLL - ok
16:01:21.0091 3008 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
16:01:21.0091 3008 C:\Windows\System32\bthprops.cpl - ok
16:01:21.0091 3008 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
16:01:21.0091 3008 C:\Windows\System32\FXSST.dll - ok
16:01:21.0091 3008 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
16:01:21.0091 3008 C:\Windows\System32\FXSAPI.dll - ok
16:01:21.0091 3008 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
16:01:21.0091 3008 C:\Windows\System32\FXSSVC.exe - ok
16:01:21.0091 3008 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
16:01:21.0091 3008 C:\Windows\System32\webcheck.dll - ok
16:01:21.0107 3008 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
16:01:21.0107 3008 C:\Windows\System32\mlang.dll - ok
16:01:21.0107 3008 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
16:01:21.0107 3008 C:\Windows\System32\imapi2.dll - ok
16:01:21.0107 3008 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
16:01:21.0107 3008 C:\Windows\System32\hgcpl.dll - ok
16:01:21.0107 3008 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:01:21.0107 3008 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
16:01:21.0107 3008 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
16:01:21.0107 3008 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
16:01:21.0122 3008 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
16:01:21.0122 3008 C:\Windows\SysWOW64\mscoree.dll - ok
16:01:21.0122 3008 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:01:21.0122 3008 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
16:01:21.0122 3008 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
16:01:21.0122 3008 C:\Windows\System32\msvcr100_clr0400.dll - ok
16:01:21.0122 3008 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
16:01:21.0122 3008 C:\Windows\System32\mscoree.dll - ok
16:01:21.0138 3008 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
16:01:21.0138 3008 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
16:01:21.0138 3008 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
16:01:21.0138 3008 C:\Program Files\Windows Defender\MpSvc.dll - ok
16:01:21.0138 3008 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
16:01:21.0138 3008 C:\Program Files\Windows Defender\MpClient.dll - ok
16:01:21.0138 3008 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
16:01:21.0138 3008 C:\Windows\System32\mspatcha.dll - ok
16:01:21.0154 3008 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
16:01:21.0154 3008 C:\Windows\System32\wups2.dll - ok
16:01:21.0154 3008 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
16:01:21.0154 3008 C:\Program Files\Windows Defender\MpRTP.dll - ok
16:01:21.0154 3008 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
16:01:21.0154 3008 C:\Windows\System32\tdh.dll - ok
16:01:21.0154 3008 [ 4AC844E9D23C3AB7908600DAD5118FBF ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm
16:01:21.0154 3008 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm - ok
16:01:21.0169 3008 [ 30042487E83BF3B518DD9B92A2F52F42 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79FB2C3E-5BDC-4BE2-8485-889D2B00EAD2}\mpengine.dll
16:01:21.0169 3008 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79FB2C3E-5BDC-4BE2-8485-889D2B00EAD2}\mpengine.dll - ok
16:01:21.0169 3008 [ 4C1A82E9362DF1282355FBA3037DF0C4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79FB2C3E-5BDC-4BE2-8485-889D2B00EAD2}\mpasbase.vdm
16:01:21.0169 3008 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79FB2C3E-5BDC-4BE2-8485-889D2B00EAD2}\mpasbase.vdm - ok
16:01:21.0169 3008 [ D76510CFA0FC09023077F22C2F979D86 ] C:\Windows\System32\drivers\USBSTOR.SYS
16:01:21.0169 3008 C:\Windows\System32\drivers\USBSTOR.SYS - ok
16:01:21.0169 3008 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
16:01:21.0169 3008 C:\Windows\System32\drivers\fastfat.sys - ok
16:01:21.0185 3008 [ F3C307DE8D067F535429353A4EE0EF46 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79FB2C3E-5BDC-4BE2-8485-889D2B00EAD2}\mpasdlta.vdm
16:01:21.0185 3008 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79FB2C3E-5BDC-4BE2-8485-889D2B00EAD2}\mpasdlta.vdm - ok
16:01:21.0185 3008 [ 4AC844E9D23C3AB7908600DAD5118FBF ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D35C12D-41B3-40E8-9EA7-BBCB9B9A93C0}\mpasdlta.vdm
16:01:21.0185 3008 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D35C12D-41B3-40E8-9EA7-BBCB9B9A93C0}\mpasdlta.vdm - ok
16:01:21.0185 3008 [ 022B05CEE68D7826A93AEDB4F1EB369E ] C:\Windows\System32\msxml3.dll
16:01:21.0185 3008 C:\Windows\System32\msxml3.dll - ok
16:01:21.0185 3008 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
16:01:21.0185 3008 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
16:01:21.0200 3008 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
16:01:21.0200 3008 C:\Windows\System32\wbem\cimwin32.dll - ok
16:01:21.0200 3008 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
16:01:21.0200 3008 C:\Windows\System32\framedynos.dll - ok
16:01:21.0200 3008 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
16:01:21.0200 3008 C:\Windows\System32\security.dll - ok
16:01:21.0200 3008 [ A5A70AF023570C1D26501B14338C1D6C ] C:\Windows\System32\browcli.dll
16:01:21.0200 3008 C:\Windows\System32\browcli.dll - ok
16:01:21.0200 3008 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
16:01:21.0200 3008 C:\Windows\System32\schedcli.dll - ok
16:01:21.0216 3008 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
16:01:21.0216 3008 C:\Windows\System32\wbem\wmipcima.dll - ok
16:01:21.0216 3008 [ E1CF79243D8262F935366ADFA253A0C1 ] C:\Windows\System32\wmi.dll
16:01:21.0216 3008 C:\Windows\System32\wmi.dll - ok
16:01:21.0216 3008 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
16:01:21.0216 3008 C:\Windows\SysWOW64\actxprxy.dll - ok
16:01:21.0216 3008 [ D570279E5B017CF2EC1908FBCE113E89 ] C:\Windows\System32\wzcdlg.dll
16:01:21.0216 3008 C:\Windows\System32\wzcdlg.dll - ok
16:01:21.0232 3008 [ 6F45174675278B189EC749D17DE21EF7 ] C:\Windows\System32\sdautoplay.dll
16:01:21.0232 3008 C:\Windows\System32\sdautoplay.dll - ok
16:01:21.0232 3008 [ 11C405A2DCF38E098316FD904A4FB662 ] C:\Windows\System32\sdengin2.dll
16:01:21.0232 3008 C:\Windows\System32\sdengin2.dll - ok
16:01:21.0232 3008 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
16:01:21.0232 3008 C:\Program Files\Windows Defender\MsMpLics.dll - ok
16:01:21.0232 3008 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
16:01:21.0232 3008 C:\Windows\System32\wscapi.dll - ok
16:01:21.0232 3008 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
16:01:21.0232 3008 C:\Windows\System32\wscisvif.dll - ok
16:01:21.0247 3008 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
16:01:21.0247 3008 C:\Windows\System32\wscproxystub.dll - ok
16:01:21.0247 3008 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
16:01:21.0247 3008 C:\Windows\System32\drivers\WUDFRd.sys - ok
16:01:21.0247 3008 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
16:01:21.0247 3008 C:\Windows\System32\WUDFHost.exe - ok
16:01:21.0247 3008 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
16:01:21.0247 3008 C:\Windows\System32\WUDFx.dll - ok
16:01:21.0263 3008 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
16:01:21.0263 3008 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
16:01:21.0263 3008 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
16:01:21.0263 3008 C:\Windows\System32\WMVCORE.DLL - ok
16:01:21.0263 3008 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
16:01:21.0263 3008 C:\Windows\System32\WMASF.DLL - ok
16:01:21.0263 3008 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
16:01:21.0263 3008 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
16:01:21.0278 3008 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
16:01:21.0278 3008 C:\Windows\servicing\CbsApi.dll - ok
16:01:21.0278 3008 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
16:01:21.0278 3008 C:\Windows\System32\SearchFolder.dll - ok
16:01:21.0278 3008 [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll
16:01:21.0278 3008 C:\Windows\System32\mssvp.dll - ok
16:01:21.0278 3008 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
16:01:21.0278 3008 C:\Windows\System32\mapi32.dll - ok
16:01:21.0278 3008 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
16:01:21.0278 3008 C:\Windows\System32\StructuredQuery.dll - ok
16:01:21.0294 3008 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
16:01:21.0294 3008 C:\Windows\System32\wuauclt.exe - ok
16:01:21.0294 3008 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
16:01:21.0294 3008 C:\Windows\System32\wucltux.dll - ok
16:01:21.0294 3008 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
16:01:21.0294 3008 C:\Windows\System32\msimg32.dll - ok
16:01:21.0294 3008 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
16:01:21.0294 3008 C:\Windows\System32\advpack.dll - ok
16:01:21.0310 3008 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
16:01:21.0310 3008 C:\Windows\System32\wscinterop.dll - ok
16:01:21.0310 3008 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
16:01:21.0310 3008 C:\Windows\System32\wscui.cpl - ok
16:01:21.0310 3008 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
16:01:21.0310 3008 C:\Windows\System32\werconcpl.dll - ok
16:01:21.0310 3008 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
16:01:21.0310 3008 C:\Windows\System32\hcproviders.dll - ok
16:01:21.0310 3008 [ 2928BBB81F5D3F80C3D65B0701C230DC ] C:\Program Files\Internet Explorer\ieproxy.dll
16:01:21.0310 3008 C:\Program Files\Internet Explorer\ieproxy.dll - ok
16:01:21.0325 3008 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
16:01:21.0325 3008 C:\Windows\System32\wbem\WMIADAP.exe - ok
16:01:21.0325 3008 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
16:01:21.0325 3008 C:\Windows\System32\loadperf.dll - ok
16:01:21.0325 3008 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
16:01:21.0325 3008 C:\Windows\System32\wbem\wmiprov.dll - ok
16:01:21.0325 3008 ============================================================
16:01:21.0325 3008 Scan finished
16:01:21.0325 3008 ============================================================
16:01:21.0341 1728 Detected object count: 0
16:01:21.0341 1728 Actual detected object count: 0
  • 0

#8
ElamsEstates

ElamsEstates

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
ComboFix 13-01-26.02 - Owner 01/26/2013 16:24:38.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3891.2576 [GMT -6:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Recent\BackupKeyRecovery.url
.
.
((((((((((((((((((((((((( Files Created from 2012-12-26 to 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-25 13:39 . 2013-01-25 13:39 365568 ----a-w- C:\fl4s4qib.exe
2013-01-20 10:06 . 2013-01-20 10:07 -------- d-----w- c:\program files (x86)\Google
2013-01-20 10:06 . 2013-01-20 10:07 -------- d-----w- c:\users\Owner\AppData\Local\Google
2013-01-20 10:05 . 2013-01-20 10:06 -------- d-----w- c:\users\Owner\AppData\Local\Deployment
2013-01-19 22:16 . 2013-01-15 08:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{79FB2C3E-5BDC-4BE2-8485-889D2B00EAD2}\mpengine.dll
2013-01-19 22:09 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-01-19 22:09 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-01-19 22:09 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-01-19 22:09 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-01-19 22:09 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-01-19 22:09 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-01-19 22:09 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-01-19 22:08 . 2012-06-02 21:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-01-19 22:08 . 2012-06-02 21:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-03-01 75048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-05-26 174680]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-08 1255736]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/03/07 22:55];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2011-03-01 16:57 146928]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-18 56344]
S4 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S4 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 31521615
*NewlyCreated* - 46924625
*Deregistered* - 31521615
*Deregistered* - 46924625
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-20 10:07 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 10:06]
.
2013-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 10:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-11 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-11 417560]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: bleepingcomputer.com\download
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-31521615.sys
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-26 16:28:58
ComboFix-quarantined-files.txt 2013-01-26 22:28
.
Pre-Run: 371,639,549,952 bytes free
Post-Run: 371,833,339,904 bytes free
.
- - End Of File - - DD0EC68EFCCFC4E184192172FFB48C75
  • 0

#9
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi ElamsEstates,

How is your system now? Any problems?

Let's do standard antivirus scan. This scan could take up to 5h to finish depending on number of files on your system so please be patient.


Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#10
ElamsEstates

ElamsEstates

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
well, from the logs i've reviewed and posted, and scans run, i did not see any signs of a virus???
  • 0

#11
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
I didn't see anything that need our attention right now. Do you see any problem now with your system.

Please post log from VRT scan after it finish.
  • 0

#12
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP